-
-
Notifications
You must be signed in to change notification settings - Fork 29
Expand file tree
/
Copy pathazure-pipelines-flow-FullScan.yml
More file actions
28 lines (23 loc) · 1.07 KB
/
azure-pipelines-flow-FullScan.yml
File metadata and controls
28 lines (23 loc) · 1.07 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
pool:
vmImage: 'ubuntu-latest'
# Use the Salesforce-Provided docker image with SF CLI preinstalled
# https://developer.salesforce.com/docs/atlas.en-us.sfdx_setup.meta/sfdx_setup/sfdx_setup_docker.htm
container: salesforce/cli:latest-slim
steps:
- checkout: self
# Ensure lightning-flow-scanner is installed (pipe "Y" to confirm installation)
- script: |
echo Y | sf plugins install lightning-flow-scanner
displayName: 'Ensure lightning-flow-scanner is installed'
# Capture SARIF from stdout → file
- script: |
sf flow:scan --sarif > $(Build.ArtifactStagingDirectory)/results.sarif
displayName: Run Flow Scanner (stdout to SARIF)
# Upload SARIF as artifact pipeline (per documentation https://marketplace.visualstudio.com/items?itemName=sariftools.scans)
- task: PublishBuildArtifacts@1
# Flow scanner may report failure when it detects violations. Ignore that and publish artifacts anyway
condition: succeededOrFailed()
inputs:
PathtoPublish: '$(Build.ArtifactStagingDirectory)/results.sarif'
ArtifactName: 'CodeAnalysisLogs'
publishLocation: 'Container'