Cannot use action on self-hosted Runner

[agsonsmith]

We have a fleet of self-hosted Runners running as containers. We have a minimal windows image (windows server core ltsc 2022) and only install what we need. We have tried to use the security-devops-action Action and encounter the following issue:

• The MSDO CLI appears to install correctly
• The MS Security Code Analysis Policy Names appears to install correctly
• The MS Security Code Analysis Policy GitHub appears to install correctly
• The MS Security DevOps AntiMalware CLI win-x64 appears to install correctly
• The MS Guardian Terrascan Redist appears to install correctly

When running AntiMalware 1.7.0 we encounter the following error:

The tool path for AntiMalware could not be found. ArgumentNullException: Value cannot be null

When we run the exact same workflow on a GitHub-hosted Runner - it works perfectly.

What software are we missing on the self-hosted Runner in order for the action to work?

[dotpaul]

Hi @agsonsmith, it runs Windows Defender. Specifically it's looking for the path in "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender", and failing that, "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft Antimalware"