Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

add ADO pipeline yaml #10

Merged
merged 1 commit into from
Oct 13, 2024
Merged

add ADO pipeline yaml #10

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
56 changes: 56 additions & 0 deletions .pipelines/cg-pipeline.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,56 @@
trigger: none

extends:
template: v2/OneBranch.Official.CrossPlat.yml@templates # https://aka.ms/obpipelines/templates
parameters:
cloudvault: # https://aka.ms/obpipelines/cloudvault
enabled: false # set to true to enable cloudvault
runmode: stage # linux can run CloudVault upload as a separate stage
dependsOn: linux_build
artifacts:
- drop_linux_stage_linux_job

globalSdl: # https://aka.ms/obpipelines/sdl
# tsa:
# enabled: true # SDL results of non-official builds aren't uploaded to TSA by default.
# credscan:
# suppressionsFile: $(Build.SourcesDirectory)\.config\CredScanSuppressions.json
policheck:
break: true # always break the build on policheck issues. You can disable it by setting to 'false'
# suppression:
# suppressionFile: $(Build.SourcesDirectory)\.gdn\global.gdnsuppress

stages:
- stage: linux_stage
jobs:
- job: linux_job
pool:
type: docker
os: linux
variables: # More settings at https://aka.ms/obpipelines/yaml/jobs
ob_outputDirectory: '$(Build.SourcesDirectory)/out' # this directory is uploaded to pipeline artifacts, reddog and cloudvault. More info at https://aka.ms/obpipelines/artifacts

steps: # These steps will be run in unrestricted container's network
- task: onebranch.pipeline.imagebuildinfo@1
displayName: Build the victim image
inputs:
repositoryName: microsoft/defender-for-cloud/attacksimulation/victim
dockerFileRelPath: Images/victim/Dockerfile
dockerFileContextPath: Images/victim
registry: ghcr.io
saveImageToPath: victim.tar
buildkit: 0
enable_network: true
build_tag: latest

- task: onebranch.pipeline.imagebuildinfo@1
displayName: Build the attacker image
inputs:
repositoryName: microsoft/defender-for-cloud/attacksimulation/attacker
dockerFileRelPath: Images/attacker/Dockerfile
dockerFileContextPath: Images/attacker
registry: ghcr.io
saveImageToPath: attacker.tar
buildkit: 0
enable_network: true
build_tag: latest
Loading