Add missing stage in 1ES pipeline, label release jobs correctly #3233
Conversation
wonwuakpa-msft
requested review from
adreed-msft,
dphulkar-msft,
gapra-msft,
seanmcc-msft,
souravgupta-msft,
tanyasethi-msft and
vibhansa-msft
as code owners
There was a problem hiding this comment.
Pull Request Overview
This PR adds missing functionality to the 1ES pipeline to address S360 compliance concerns. It includes the previously missing 'Remove Linux Packages' stage and properly labels release jobs according to pipeline requirements.
- Added missing
remove_packagesparameter andRemovePackagesFromLinuxRepositorystage - Updated job configuration to properly identify release jobs with
templateContext
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
| displayName: 'Remove deb packages from the repository' | ||
| - script: | | ||
| pkg_id_list=$(pmc --msal-cert-path $(pmcCertificate.secureFilePath) --config $(settings.secureFilePath) package rpm list --name azcopy --version ${{parameters.remove_packages}}) |
There was a problem hiding this comment.
The parameter remove_packages is being used directly in shell commands without proper validation or escaping. This could lead to command injection if the parameter contains malicious input. Consider validating the parameter format or using proper shell escaping.
Copilot uses AI. Check for mistakes.
|
Please run the release pipeline stage and validate |
…into wendi/fix-1es-pipeline pull.
wonwuakpa-msft
force-pushed
the
wendi/fix-1es-pipeline
branch
from
7460463 to
e8858ab
Compare
…re-storage-azcopy into wendi/fix-1es-pipeline pull
4 participants
Description
Feature / Bug Fix: (Brief description of the feature or issue being addressed)
Related Links:
Type of Change
How Has This Been Tested?
Thank you for your contribution to AzCopy!