trigger:
- master

pool:
  vmImage: 'windows-latest'

steps:
- script: echo Hello, world!
  displayName: 'Run a one-line script'

- script: |
    echo Add other tasks to build, test, and deploy your project.
    echo See https://aka.ms/yaml
  displayName: 'Run a multi-line script'

- task: CredScan@2
  inputs:
    toolMajorVersion: 'V2'


- task: Semmle@0
  env: 
    SYSTEM_ACCESSTOKEN: $(PATToken)
  inputs:
    sourceCodeDirectory: '$(Build.SourcesDirectory)'
    language: 'python'
    includeNodeModules: true
    querySuite: 'Recommended'
    timeout: '1800'
    ram: '16384'
    addProjectDirToScanningExclusionList: true

- task: ComponentGovernanceComponentDetection@0
  inputs:
    scanType: 'Register'
    verbosity: 'Verbose'
    alertWarningLevel: 'High'

- task: PublishSecurityAnalysisLogs@2
  inputs:
    ArtifactName: 'CodeAnalysisLogs'
    ArtifactType: 'Container'
    AllTools: true
    ToolLogsNotFoundAction: 'Standard'