Closed mohitdangwal1 closed 3 months ago
Hello, @mohitdangwal1. When you say a classic pipeline
, are you referring to a classic Release pipeline?
If so, MSDO doesn't run in that environment; it would only work in YAML pipelines.
If not, can you give us some more information about what your environment is like, including the YAML you're using to run MSDO?
I meant classic build pipeline in ADO, not release pipeline. Let me try the same in yaml as well to see if it makes any difference.
I ran the below yaml step in a macos-13 image from the build pipeline and it is failing. See output below:
- job: DefenderForDevOps
displayName: 'Defender For DevOps'
pool:
vmImage: 'macOS-13'
steps:
- task: MicrosoftSecurityDevOps@1
displayName: 'Security DevOps'
inputs:
break: true
publish: true
Output:
2024-04-11T11:07:42.2118000Z ##[section]Starting: Security DevOps 2024-04-11T11:07:42.2123930Z ============================================================================== 2024-04-11T11:07:42.2124120Z Task : Microsoft Security DevOps 2024-04-11T11:07:42.2124220Z Description : Run the Microsoft Security DevOps CLI for static analysis. 2024-04-11T11:07:42.2124370Z Version : 1.11.1 2024-04-11T11:07:42.2124480Z Author : Microsoft Corporation 2024-04-11T11:07:42.2124600Z Help : Runs the Microsoft Security DevOps CLI for security analysis. Effective September 20th 2023, the Secret Scanning option (CredScan) within Microsoft Security DevOps (MSDO) Extension for Azure DevOps is deprecated. MSDO Secret Scanning is replaced by the Configure GitHub Advanced Security for Azure DevOps features offering. 2024-04-11T11:07:42.2125560Z ============================================================================== 2024-04-11T11:07:42.3440080Z ------------------------------------------------------------------------------ 2024-04-11T11:07:42.3442290Z Installing Microsoft Security DevOps Cli version: Latest 2024-04-11T11:07:43.3879020Z Installed Microsoft.Security.Devops.Cli version 0.202.0 2024-04-11T11:07:43.3880540Z ------------------------------------------------------------------------------ 2024-04-11T11:07:43.3897510Z Exception occurred while initializing MSDO: 2024-04-11T11:07:43.3924120Z ##[error]Error: Unable to locate executable file: '/Users/runner/work/_msdo/versions/Microsoft.Security.Devops.Cli.0.202.0/tools/guardian'. Please verify either the file path exists or the file can be found within a directory specified by the PATH environment variable. Also check the file mode to verify the file is executable. 2024-04-11T11:07:43.3980190Z ##[section]Finishing: Security DevOps
Mohit, unfortunately I see you're using a macOS hosted agent. macOS is not officially-supported for MSDO. If you are able to reproduce this with either Linux or Windows, please reopen this and we will have a look.
I am trying to run the task(ms-securitydevops.microsoft-security-devops-azdevops.build-task-microsoft-security-devops.MicrosoftSecurityDevOps@1) in a classic pipeline in Azure DevOps pipeline and it is failing each time with error shown below in debug mode.
I am running this on Azure DevOps Hosted Agent macos-13.
I have no other significant tasks in the pipeline to interfere with this task but it still fails.
Is this task supported for Mac?