Create msdevopssec.yml

davisdre · Dec 24, 2024 · a4f5bf8 · a4f5bf8
1 parent face7a1
commit a4f5bf8
Showing 1 changed file with 41 additions and 0 deletions.
diff --git a/.github/workflows/msdevopssec.yml b/.github/workflows/msdevopssec.yml
@@ -0,0 +1,41 @@
+name: MSDO Sample Workflow
+on:
+  push:
+    branches:
+      - Dev
+
+permissions:
+  id-token: write # This is required for federation to Defender for DevOps
+  security-events: write # This is required to upload SARIF files
+
+jobs:
+  sample:
+    name: MSDO on ${{ matrix.os }}
+    runs-on: ${{ matrix.os }}
+
+    strategy:
+      matrix:
+        os: [windows-latest, ubuntu-latest]
+
+    steps:
+
+      # Checkout your code repository to scan
+    - uses: actions/checkout@v3
+
+      # Run analyzers
+    - name: Run Microsoft Security DevOps Analysis
+      uses: microsoft/security-devops-action@v1
+      id: msdo
+
+      # Upload alerts to the Security tab
+    - name: Upload alerts to Security tab
+      uses: github/codeql-action/upload-sarif@v2
+      with:
+        sarif_file: ${{ steps.msdo.outputs.sarifFile }}
+
+      # Upload alerts file as a workflow artifact
+    - name: Upload alerts file as a workflow artifact
+      uses: actions/upload-artifact@v3
+      with:  
+        name: alerts
+        path: ${{ steps.msdo.outputs.sarifFile }}