Closed jmyers82 closed 1 year ago
It looks like your env variables are not set up correctly according to the docs here: https://github.com/microsoft/security-devops-action/wiki#terrascan-options
Please refer to that wiki page for the format (GDN_TERRASCAN_INPUTNAME) and list of supported arguments.
Issue
When using the MicrosoftSecurityDevops@1 task in an ADO pipeline, I am not seeing in the logs where the env parameters being passed are being used? I am passing a IacDir / SkipRules and both are being ignored as far as I can tell.
Configuration
Agent: Windows Latest Terraform: 1.1.7
Error
See attached file for raw log of output. Notice that the Target Directory is not being set and that it is still throwing errors for the rule that should be skipped. iacscan.txt
Expected results
I am expecting the scan to ONLY scan the directory that I pass in, instead it is scanning everything in the root system.defaultworkingdirectory and ignore the rule listed in the skiprules parameter.