tfsec

Screenshot showing the tfsec extension in the Azure Devops UI

Installation

Install the tfsec task in your Azure DevOps organization (hit the Get it free button above).
Add the task to your azure-pipelines.yml in a project where you'd like to run tfsec:

- task: tfsec@1

Configuration

You can supply several inputs to customise the task.

Enable debug mode

Add debug logs to the task output.

- task: tfsec@1
  inputs:
    debug: true

Specify tfsec version

Run a specific version of tfsec.

- task: tfsec@1
  inputs:
    version: v1.26.0

Specify custom command line options

- task: tfsec@1
  inputs:
    args: --workspace my-workspace --config-file ./tfsec.yml

Specify the directory to scan

- task: tfsec@1
  inputs:
    dir: ./terraform

Skip publishing test results

Avoid results showing the in 'Tests' tab of the Pipelines UI.

- task: tfsec@1
  inputs:
    publishTestResults: false

Informational only

If you'd like to see the tfsec results in your build, but avoid causing it to fail when issues are discovered, you can add the --soft-fail flag to your command line arguments using:

- task: tfsec@1
  inputs:
    args: --soft-fail

tfsec

Aqua Security

tfsec

Installation

Configuration

Enable debug mode

Specify tfsec version

Specify custom command line options

Specify the directory to scan

Skip publishing test results

Informational only