From 3e542c273e0d1400587f5c557d8b70e10cf66eaf Mon Sep 17 00:00:00 2001
From: Jeremiah Lott <jelott@microsoft.com>
Date: Thu, 30 Nov 2023 16:10:41 -0500
Subject: [PATCH] Exclude Hydra repo from CG scan.

---
 pipelines/OneBranch.NonOfficial.yml | 2 ++
 pipelines/OneBranch.Official.yml    | 2 ++
 pipelines/OneBranch.body.yml        | 4 ++++
 3 files changed, 8 insertions(+)

diff --git a/pipelines/OneBranch.NonOfficial.yml b/pipelines/OneBranch.NonOfficial.yml
index da4aab813..2d4aac527 100644
--- a/pipelines/OneBranch.NonOfficial.yml
+++ b/pipelines/OneBranch.NonOfficial.yml
@@ -71,6 +71,8 @@ extends:
         suppressionsFile: $(Build.SourcesDirectory)/.config/CredScanSuppressions.json
       policheck:
         break: true # always break the build on policheck issues. You can disable it by setting to 'false'
+      cg:
+        ignoreDirectories: Hydra
     stages:
       - template: OneBranch.body.yml@self
         parameters:
diff --git a/pipelines/OneBranch.Official.yml b/pipelines/OneBranch.Official.yml
index e3f342090..d05efe803 100644
--- a/pipelines/OneBranch.Official.yml
+++ b/pipelines/OneBranch.Official.yml
@@ -75,6 +75,8 @@ extends:
         suppressionsFile: $(Build.SourcesDirectory)/.config/CredScanSuppressions.json
       policheck:
         break: true # always break the build on policheck issues. You can disable it by setting to 'false'
+      cg:
+        ignoreDirectories: Hydra
     stages:
       - template: OneBranch.body.yml@self
         parameters:
diff --git a/pipelines/OneBranch.body.yml b/pipelines/OneBranch.body.yml
index 230a5aa24..5a8f4356c 100644
--- a/pipelines/OneBranch.body.yml
+++ b/pipelines/OneBranch.body.yml
@@ -184,3 +184,7 @@ stages:
               images:
                 - $(BlobImageRepo)
 
+          - task: ComponentGovernanceComponentDetection@0
+            inputs:
+              ignoreDirectories: s # Hydra is checked out to "s"
+