From cf97684ee74f3c38e5571c7e9822c8c41f5b0da6 Mon Sep 17 00:00:00 2001
From: William Godbe <wigodbe@microsoft.com>
Date: Wed, 30 Oct 2019 11:34:24 -0700
Subject: [PATCH 1/3] Enable SDL validation in rel/3.1

---
 .azure/pipelines/ci.yml | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/.azure/pipelines/ci.yml b/.azure/pipelines/ci.yml
index 300305948a..4bd72bd317 100644
--- a/.azure/pipelines/ci.yml
+++ b/.azure/pipelines/ci.yml
@@ -634,3 +634,17 @@ stages:
       enableSymbolValidation: false
       enableSigningValidation: false
       publishInstallersAndChecksums: true
+      # This is to enable SDL runs part of Post-Build Validation Stage
+      SDLValidationParameters:
+        enable: true
+        continueOnError: false
+        params: ' -SourceToolsList @("policheck","credscan")
+        -TsaInstanceURL $(_TsaInstanceURL)
+        -TsaProjectName $(_TsaProjectName)
+        -TsaNotificationEmail $(_TsaNotificationEmail)
+        -TsaCodebaseAdmin $(_TsaCodebaseAdmin)
+        -TsaBugAreaPath $(_TsaBugAreaPath)
+        -TsaIterationPath $(_TsaIterationPath)
+        -TsaRepositoryName "AspNetCore"
+        -TsaCodebaseName "AspNetCore"
+        -TsaPublish $True'

From ffd4e4bf898ad342a9f818e70ed2fffebaa2f33a Mon Sep 17 00:00:00 2001
From: William Godbe <wigodbe@microsoft.com>
Date: Wed, 30 Oct 2019 11:45:13 -0700
Subject: [PATCH 2/3] Add variable group

---
 .azure/pipelines/ci.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/.azure/pipelines/ci.yml b/.azure/pipelines/ci.yml
index 4bd72bd317..acbe5357a3 100644
--- a/.azure/pipelines/ci.yml
+++ b/.azure/pipelines/ci.yml
@@ -65,6 +65,9 @@ variables:
       valule: test
     - name: _PublishArgs
       value: ''
+  # used for post-build phases, internal builds only
+  - ${{ if and(ne(variables['System.TeamProject'], 'public'), notin(variables['Build.Reason'], 'PullRequest')) }}:
+    - group: DotNet-Winforms-SDLValidation-Params
 
 stages:
 - stage: build

From 9f903018d77434b931938d7172b388f0316ebd0a Mon Sep 17 00:00:00 2001
From: William Godbe <wigodbe@microsoft.com>
Date: Wed, 30 Oct 2019 14:07:15 -0700
Subject: [PATCH 3/3] Fix variable group

---
 .azure/pipelines/ci.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.azure/pipelines/ci.yml b/.azure/pipelines/ci.yml
index acbe5357a3..835b8bf0ef 100644
--- a/.azure/pipelines/ci.yml
+++ b/.azure/pipelines/ci.yml
@@ -67,8 +67,8 @@ variables:
       value: ''
   # used for post-build phases, internal builds only
   - ${{ if and(ne(variables['System.TeamProject'], 'public'), notin(variables['Build.Reason'], 'PullRequest')) }}:
-    - group: DotNet-Winforms-SDLValidation-Params
-
+    - group: DotNet-AspNet-SDLValidation-Params
+    
 stages:
 - stage: build
   displayName: Build