Really poor documentation....?

[evmimagina]

Almost nothing else to say, it's quite clear to anyone that hits this product and it's repo.

Let me explain why it is very disappointing its poor documentation considering that this a product cost money.

Few examples:

• where would be convenient to set the task to be executed? (first task, last one., somewhere in the middle?)
• Categories and/or tools, which one should be used and under which circunstancies?
• how to configure parameters as environment variables? the wiki page doesn't explain how to do it properly without breaking things, what the GDN_ (optional) prefix is intended for?
• how to use it?? e.g. :

    - task: MicrosoftSecurityDevOps@1
      displayName: Microsoft Security DevOps
      env:
        Terrascan_IacDir: '$(build.artifactstagingdirectory)/$(ENV)'

as per the documentation, this config should be correct? because it fails with the following error:

The target directory is not provided. Defaults to the working directory: /home/vsts/work/1/s. The platform is not provided. Defaults to the current OS: Linux. Starting tools applicability analysis... Tools Applicability Infomation: Found no applicable tools.

Completed tools applicability analysis.

[error]RunCommandNoOptionsException: No applicable tools were detected. Run requires at least one configuration to run. Provide at least one Guardian config or tool with --config or --tool.

[error]MSDO CLI exited with an error exit code: 2

oh, wait! if I do this, it works!

    - task: MicrosoftSecurityDevOps@1
      displayName: Microsoft Security DevOps
      env:
        Terrascan_IacDir: '$(build.artifactstagingdirectory)/$(ENV)'
      inputs:
        command: 'run'
        break: true
        categories: 'IaC,secrets,code'
        tools: 'terrascan'

but still not sure if I should use categories, tools or both.

Do you see my concerns?

I hope you can address the documentation gap ASAP.

Many thanks and best regards,

[ncook-hxgn]

Also, please provide some sample config for each tool as a json file: we had to find out about msdo-linux file the hard way. Today I will probably spend literal hours trying to extend my colleagues' config to just run binskim..

so much potential here.

[michasacuer]

Same issue with Checkov config... Json file from wiki is wrong and parameters does not allign with Checkov, for example Directory should be a TargetDirectory.