Skip to main content

Adding a Build Step in Azure DevOps Server

  1. Go to the collection with the extension installed (http://<installation_address>/DefaultCollection/project, <installation_address> is the machine address where Azure DevOps Server is installed).

  2. Follow the path Pipelines -> Pipelines.

Figure 10.35: Azure DevOps Server Build and Release
Figure 10.35: Azure DevOps Server Build and Release

  1. Click three dots, and then Edit for the existing build definition, or create a new one by clicking New Pipeline. If you have selected a new pipeline, choose Classic Redactor in the code location. Then click Continue, and in the template selection, choose Empty Job.

  2. Click Add Task.

Figure 10.36: Azure DevOps Server: Add Task
Figure 10.36: Azure DevOps Server: Add Task

  1. Find Run DerScanner SAST and click Add.

Figure 10.37: Azure DevOps Server: Select Task
Figure 10.37: Azure DevOps Server: Select Task

  1. Select the added build step.

  2. Add the DerScanner server connection from the list or create a new one:

    1. To the right of the DerScanner server end point field, click New.

    Figure 10.38: Azure DevOps Server: Edit Task
    Figure 10.38: Azure DevOps Server: Edit Task

    1. In the pop-up window that appears, enter the API address (for example, http://<installation_address>/app/api/v1/ (<installation_address> is the machine address where DerScanner is installed) and a token. The token can be obtained in the User Profile section (when receiving a token, it is recommended to set a long token validity time)).

    Figure 10.39: Azure DevOps Server: Add Connection
    Figure 10.39: Azure DevOps Server: Add Connection

    1. Click OK.

  3. Specify the required parameters. See more information about scan settings in General. To create a report, select the Export settings section and enable Export report when analysis is finished. If necessary, configure the report parameters. See more information about report parameters in Export Report.

  4. Set up additional analysis parameters in the General analysis settings menu: Use extra rules, Incremental analysis, Analyze libraries and nested archives.

  5. Set up Failure Conditions:

  6. In the Task failure conditions section, select Enable failing on condition.

  7. Define Failure Conditions based on values (Score condition, Critical issues number condition, Medium issues number condition, Low issues number condition, Info issues number condition).

Figure 10.40: Azure DevOps Server: Failure Conditions
Figure 10.40: Azure DevOps Server: Failure Conditions

  1. Click Save and queue and then again Save and queue.

Figure 10.41: Azure DevOps Server: Save
Figure 10.41: Azure DevOps Server: Save

  1. Wait until the build is complete and go to the results page (click on the build number, for example #1102).

  2. To download the report, go to the DerScanner code analysis results tab and open the report link in a new browser tab.