chore: add DevOps build pipeline for S360 security vulnerability scanning (#461)

ramsessanchez · Copilot · web-flow · commit 5da8933f7852 · 2026-05-15T14:26:10.000-07:00
* chore: add DevOps build pipeline for S360 security vulnerability scanning

Co-authored-by: Copilot &lt;223556219+Copilot@users.noreply.github.com&gt;

* chore: update build pipeline schedule to daily

Co-authored-by: Copilot &lt;223556219+Copilot@users.noreply.github.com&gt;

* chore: enable SDL security scanning in build pipeline

Co-authored-by: Copilot &lt;223556219+Copilot@users.noreply.github.com&gt;

---------

Co-authored-by: Copilot &lt;223556219+Copilot@users.noreply.github.com&gt;
diff --git a/.azurepipelines/build.yml b/.azurepipelines/build.yml
@@ -0,0 +1,59 @@
+trigger: none
+pr: none
+
+schedules:
+  - cron: '0 0 * * *'
+    displayName: Daily builds
+    branches:
+      include:
+        - main
+    always: true
+
+resources:
+  repositories:
+    - repository: 1ESPipelineTemplates
+      type: git
+      name: 1ESPipelineTemplates/1ESPipelineTemplates
+      ref: refs/tags/release
+
+extends:
+  template: v1/1ES.Unofficial.PipelineTemplate.yml@1ESPipelineTemplates
+  parameters:
+    pool:
+      name: Azure-Pipelines-1ESPT-ExDShared
+      os: linux
+    sdl:
+      sourceAnalysisPool:
+        name: Azure-Pipelines-1ESPT-ExDShared
+        image: windows-2022
+        os: windows
+      credscan:
+        enabled: true
+      policheck:
+        enabled: true
+      binskim:
+        enabled: true
+    stages:
+      - stage: Build
+        jobs:
+          - job: Build
+            displayName: Build PHP Beta SDK
+            steps:
+              - checkout: self
+                submodules: recursive
+
+              - script: sudo apt-get update && sudo apt-get install -y php php-xml php-mbstring php-curl unzip
+                displayName: Install PHP
+
+              - script: |
+                  php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
+                  php composer-setup.php --install-dir=/usr/local/bin --filename=composer
+                displayName: Install Composer
+
+              - script: composer install --no-interaction --prefer-dist
+                displayName: Install dependencies
+                workingDirectory: $(Build.SourcesDirectory)
+
+              - script: vendor/bin/phpunit
+                displayName: Run unit tests
+                workingDirectory: $(Build.SourcesDirectory)
