Merge pull request #213 from omerb97/main

Adding Defender CLI

Author: omerb97

.github/workflows/self-hosted-validation-v1.yml

@@ -0,0 +1,29 @@
+name: MSDO v1 self-hosted validation
+on: push
+
+permissions:
+  id-token: write
+  security-events: write
+
+jobs:
+  msdo-scan:
+    name: MSDO v1 - Security Scan
+
+    runs-on: self-hosted
+
+    steps:
+
+      # Checkout your code repository to scan
+    - uses: actions/checkout@v6
+
+    # Run MSDO v1
+    - name: Run MSDO
+      uses: ./
+      id: msdo
+
+      # Upload results to the Security tab
+    - name: Upload results to Security tab
+      uses: github/codeql-action/upload-sarif@v3
+      if: always()
+      with:
+        sarif_file: ${{ steps.msdo.outputs.sarifFile }}

.github/workflows/self-hosted-validation-v2.yml

@@ -0,0 +1,35 @@
+name: Defender CLI v2 self-hosted validation
+on:
+  push:
+    branches: [main, 'release/**']
+  workflow_dispatch:
+
+permissions:
+  id-token: write
+  security-events: write
+
+jobs:
+  defender-image-scan:
+    name: Image Scan (mdc policy)
+
+    runs-on: self-hosted
+
+    steps:
+
+    - uses: actions/checkout@v6
+
+    - name: Run Defender CLI - Image Scan
+      uses: ./v2/
+      id: defender
+      with:
+        command: 'image'
+        imageName: 'ubuntu:latest'
+        policy: 'mdc'
+        break: 'false'
+        pr-summary: 'true'
+
+    - name: Upload results to Security tab
+      uses: github/codeql-action/upload-sarif@v3
+      if: always()
+      with:
+        sarif_file: ${{ steps.defender.outputs.sarifFile }}

.gitignore

@@ -329,3 +329,9 @@ ASALocalRun/
 
 # MFractors (Xamarin productivity tool) working folder 
 .mfractor/
+
+# GitHub Actions Runner
+actions-runner/
+
+# Copilot instructions
+.github/copilot-instructions.md

action.yml

@@ -30,6 +30,6 @@ outputs:
     description: A file path to a SARIF results file.
 runs:
   using: 'node24'
-  main: 'lib/main.js'
-  pre: 'lib/pre.js'
-  post: 'lib/post.js'
+  main: 'lib/v1/main.js'
+  pre: 'lib/v1/pre.js'
+  post: 'lib/v1/post.js'