Default for tools is not accurate

[JFolberth]

When passing in the list of tools as ',' delaminated string "template-analyzer" is not recognized. Below is what I have and it fails:

parameters:
- name: config
  type: string
  default: '*.gdconfig'
- name: categories
  type: string
  default: 'all'
- name: languages
  type: string
  default: 'all'
- name: tools
  type: string
  default: 'bandit, binskim, eslint, template-analyzer, terrascan, trivy'
- name: break
  type: boolean
  default: false

steps:
- task: MicrosoftSecurityDevOps@1
  inputs:
    categories: ${{parameters.categories}}
    languages: ${{parameters.languages}}
    tools: ${{parameters.tools}}
    break: ${{parameters.break}}

When I remove the 'tools' argument it works.

[akata72]

I basically have the same issues.

[Ibrahimmaga]

When I just use this with no inputs then it works

• task: MicrosoftSecurityDevOps@1

[istarbuxs]

@JFolberth, @Ibrahimmaga , @akata72 you could try templateanalyzer without the hyphen.

This one worked for me

steps:
- task: MicrosoftSecurityDevOps@1
  displayName: 'Run Microsoft Defender for DevOps'
  inputs:
    categories: 'secrets, artifacts, IaC, containers'
    tools: 'templateanalyzer, terrascan, credscan'

So you are basically right, the list is not accurate, even the tooltip is incorrect.

[JFolberth]

Thanks @istarbuxs

I actually discovered one of my root issues is that Linux agents is not fully supported it. I have a PR out there to get the README updated and additional information added that's waiting approval: https://github.com/microsoft/security-devops-azdevops/pull/26

[sukhans]

Linux bug fixes have been made and released. Linux should work in default scenarios for all tools. If there are additional issues found, please feel free to reach out.