Merge pull request #8257 from maddieclayton/suppressions

MiYanni · web-flow · commit ee5b52358945 · 2019-01-08T13:19:48.000-08:00
Add suppressions file for Policheck
diff --git a/tools/CheckPoliCheck.ps1 b/tools/CheckPoliCheck.ps1
@@ -10,8 +10,18 @@ param(
 
 & "$CIToolsPath\tools\PoliCheck\PoliCheck5.8.1\PoliCheck.exe" /F:"$PSScriptRoot\..\artifacts" /T:"9" /O:"$PSScriptRoot\..\artifacts\PoliCheck-Scan.xml"
 
-$poliCheckReport = Get-Content $PSScriptRoot\..\artifacts\PoliCheck-Scan.xml
-if ($poliCheckReport -like "*Severity=`"1`"*")
-{
-    throw "PoliCheck failed with a Severity 1 issue, please check the report at in artifacts/PoliCheck-Scan.html"
+[xml]$poliCheckReport = Get-Content $PSScriptRoot\..\artifacts\PoliCheck-Scan.xml
+
+$hits = $poliCheckReport.PLCKRR.Result.Object | Where-Object { $_.Severity -eq 1 }
+
+$suppressions = Get-Content -Raw $PSScriptRoot/PolicheckSuppressions.json | ConvertFrom-Json
+
+$hits | ForEach-Object {
+    $relativePath = ($_.URL -split "artifacts")[1]
+    $fileName = "artifacts" + $relativePath
+    $TermId = $_.TermId
+    if ($suppressions.$fileName -ne $TermId)
+    {
+        throw "PoliCheck failed with a Severity 1 issue, please check the report at in artifacts/PoliCheck-Scan.html"
+    }
 }
diff --git a/tools/PolicheckSuppressions.json b/tools/PolicheckSuppressions.json
@@ -0,0 +1,3 @@
+{
+    "artifact\\ExampleFile1.dll": "TermId"
+}

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+{`
	`2`	`+ "artifact\\ExampleFile1.dll": "TermId"`
	`3`	`+}`