aspnet · ZhaodongTian · Apr 2, 2024
diff --git a/azure-pipeline/azure-pipeline.yml b/azure-pipeline/azure-pipeline.yml
@@ -79,8 +79,6 @@ extends:
             clean: true
             createLogFile: true
             logFileVerbosity: detailed
-         # to delete
-          continueOnError: true
         - task: CopyFiles@2
           displayName: Stage dll's for verification
           inputs:
@@ -97,33 +95,22 @@ extends:
               Microsoft.AspNet.OutputCache..*.nupkg
               !*.symbols.nupkg
             TargetFolder: $(Build.SourcesDirectory)\verify\packages
-         # to delete
-          continueOnError: true
         - task: ms-vseng.MicroBuildShipTasks.7c429315-71ba-4cb3-94bb-f829c95f7915.MicroBuildCodesignVerify@1
           displayName: Verify Signed Binaries
           inputs:
             TargetFolder: $(Build.SourcesDirectory)\verify\dlls
-         # to delete
-          continueOnError: true
         - task: ms-vseng.MicroBuildShipTasks.7c429315-71ba-4cb3-94bb-f829c95f7915.MicroBuildCodesignVerify@1
           displayName: Verify Signed Packages
-         # to delete
-          continueOnError: true
-        - task: CmdLine@2
-          displayName: Map ConnectionString for ApiScan
+        # Following article on https://dev.azure.com/devdiv/DevDiv/_wiki/wikis/DevDiv.wiki/25351/APIScan-step-by-step-guide-to-setting-up-a-Pipeline
+        # No longer need the old format, and following guideline to use (ApiScanClientId)
+        - task: APIScan@2
+          displayName: Run APIScan
           inputs:
-            script: |
-              @echo off
-              REM Per the documentation here - https://docs.microsoft.com/en-us/azure/devops/pipelines/process/variables?view=azure-devops&tabs=classic%2Cbatch#set-variables-in-scripts
-              REM
-              REM We can set/update pipeline variables using the syntax used below. That way we can use a script task to
-              REM pull secrets into the environment for APIScan to use, since the ApiScan task does not have an 'Environment'
-              REM section for mapping secrets in classic pipelines.
-              REM
-              REM Make sure the pipeline secret variable 'AzureServicesAuthConnectionString' is set. It's format is like
-              REM   "runAs=App;AppId={AppId};TenantId={TenantId};AppKey={ClientSecret}"
-              REM The values for that connStr can be found in the Tellurium Key Vault.
-              @echo ##vso[task.setvariable variable=AzureServicesAuthConnectionString]%MappedConnectionString%
-          continueOnError: true
+            softwareFolder: '$(Build.SourcesDirectory)\verify\dlls'
+            softwareName: 'Microsoft.AspNet.OutputCache.*'
+            softwareVersionNum: '*'
+            softwareBuildNum: '$(Build.BuildId)'
+            symbolsFolder: '$(Build.SourcesDirectory)\bin\Release;SRV*http://symweb'
+            verbosityLevel: 'none'
           env:
-            MappedConnectionString: $(AzureServicesAuthConnectionStringSecret)
+            AzureServicesAuthConnectionString: RunAs=App;AppId=$(ApiScanClientId)