Zane/guardian fix (#1482)

zanejohnson-azure · web-flow · commit 22b9edca62fb · 2025-06-13T12:46:27.000-07:00
* guardian fix
diff --git a/.gdn/.gdnsuppress b/.gdn/.gdnsuppress
diff --git a/.pipelines/azure_pipeline_mergedbranches.yaml b/.pipelines/azure_pipeline_mergedbranches.yaml
@@ -39,6 +39,8 @@ extends:
         name: Azure-Pipelines-CI-Test-EO
         image: ci-1es-managed-windows-2022
         os: windows
+      suppression:
+        suppressionFile: $(Build.SourcesDirectory)\guardian\SDL\.gdnsuppress 
     customBuildTags:
     - ES365AIMigrationTooling
     stages:
@@ -58,19 +60,6 @@ extends:
             targetPath: '$(Build.ArtifactStagingDirectory)'
             artifactName: drop
         steps:
-        - bash: |
-            echo "Current directory: $(pwd)"
-            echo "Contents of .gdn directory:"
-            find . -name ".gdnsuppress" -type f
-            ls -la .gdn/ || echo ".gdn directory not found"
-            echo "Build.SourcesDirectory: $(Build.SourcesDirectory)"
-            echo "System.DefaultWorkingDirectory: $(System.DefaultWorkingDirectory)"
-            echo "Copying Guardian suppression file to workspace root..."
-            mkdir -p /mnt/vss/_work/1/.gdn
-            cp .gdn/.gdnsuppress /mnt/vss/_work/1/.gdn/.gdnsuppress
-            echo "Verification - suppression file copied:"
-            ls -la /mnt/vss/_work/1/.gdn/
-          displayName: 'copy over Guardian suppression file'
         - task: ComponentGovernanceComponentDetection@0
         - bash: |
             commit=$(git describe)
diff --git a/guardian/SDL/gdnsuppress b/guardian/SDL/gdnsuppress
@@ -0,0 +1,64 @@
+{
+  "hydrated": true,
+  "properties": {
+    "helpUri": "https://eng.ms/docs/microsoft-security/security/azure-security/cloudai-security-fundamentals-engineering/security-integration/guardian-wiki/microsoft-guardian/general/suppressions"
+  },
+  "version": "1.0.0",
+  "suppressionSets": {
+    "default": {
+      "name": "default",
+      "createdDate": "2025-06-11 21:49:35Z",
+      "lastUpdatedDate": "2025-06-11 21:49:35Z"
+    }
+  },
+  "results": {
+    "d7b5848a2ae854218463e08d9f4a5f1af219efd2318303f0e2809a19c32ce23f": {
+      "signature": "d7b5848a2ae854218463e08d9f4a5f1af219efd2318303f0e2809a19c32ce23f",
+      "alternativeSignatures": [],
+      "target": "scripts/troubleshoot/TroubleshootError.ps1",
+      "line": 935,
+      "memberOf": [
+        "default"
+      ],
+      "tool": "credscan",
+      "ruleId": "CSCAN-GENERAL0060",
+      "createdDate": "2025-06-11 21:49:35Z"
+    },
+    "64ea9fed7769d951c48c06c4e7b75263a9524b1c201368536a7a0e3a414aa4ab": {
+      "signature": "64ea9fed7769d951c48c06c4e7b75263a9524b1c201368536a7a0e3a414aa4ab",
+      "alternativeSignatures": [],
+      "target": "scripts/troubleshoot/TroubleshootError_nonAzureK8s.ps1",
+      "line": 452,
+      "memberOf": [
+        "default"
+      ],
+      "tool": "credscan",
+      "ruleId": "CSCAN-GENERAL0060",
+      "createdDate": "2025-06-11 21:49:35Z"
+    },
+    "8be214bf6f5d10a2ef39860ea5377f78c060e33eccbd4772982e373aec36f16a": {
+      "signature": "8be214bf6f5d10a2ef39860ea5377f78c060e33eccbd4772982e373aec36f16a",
+      "alternativeSignatures": [],
+      "target": "test/testkube/helm-testkube-values.yaml",
+      "line": 506,
+      "memberOf": [
+        "default"
+      ],
+      "tool": "credscan",
+      "ruleId": "CSCAN-GENERAL0060",
+      "createdDate": "2025-06-11 21:49:35Z"
+    },
+    "c0fca0f0214bc1300d3f3754bc97b4da3a2abd024179334879dd93c7b3d208a1": {
+      "signature": "c0fca0f0214bc1300d3f3754bc97b4da3a2abd024179334879dd93c7b3d208a1",
+      "alternativeSignatures": [],
+      "target": "test/testkube/helm-testkube-values.yaml",
+      "line": 687,
+      "memberOf": [
+        "default"
+      ],
+      "tool": "credscan",
+      "ruleId": "CSCAN-GENERAL0060",
+      "createdDate": "2025-06-11 21:49:35Z"
+    }
+  }
+}
