Merge pull request #311 from SkillsFundingAgency/DASD-9787-set-app-bu…

…ild-yml-builds-to-fail-build-if-package-scanning-step-finds-vulnerabilities

Parameterized continueOnError and set it to false

azure-pipelines-templates/build/step/app-build.yml

@@ -7,6 +7,7 @@ parameters:
   TargetProjects: 'src/**/*.csproj'
   UnitTestProjects: '**/*UnitTests.csproj'
   AcceptanceTestProjects: '**/*.AcceptanceTests.csproj'
+  ContinueOnVulnerablePackageScanError: false
 
 steps:
 - task: SonarCloudPrepare@1
@@ -50,16 +51,18 @@ steps:
         }
       }
     }
+
     if($ErrorFound){
-      Write-Host "##vso[task.logissue type=warning]Package issues discovered, review output above"
-      Write-Output "##vso[task.setvariable variable=VulnerablePackagesDetected;isreadonly=true]true"
-      $(exit 1)
-    } else {
+        Write-Host "##vso[task.logissue type=warning]Package issues discovered, review output above"
+        Write-Output "##vso[task.setvariable variable=VulnerablePackagesDetected;isreadonly=true]true"
+        $(exit 1)
+    } 
+    else {
         Write-Output "##vso[task.setvariable variable=VulnerablePackagesDetected;isreadonly=true]false"
-      $(exit 0)
+        $(exit 0)
     }
   displayName: Package Scanning
-  continueOnError: true
+  continueOnError: ${{ parameters.ContinueOnVulnerablePackageScanError }}
 
 - task: DownloadSecureFile@1
   name: DownloadDasGitHubAppPrivateKey