Bytecode Azure DevOps Tasks
Introduction
Bytecode Azure DevOps Tasks is a collection of tasks that integrate with the Bytecode API to enhance your CI/CD pipelines.
Features
- ByteCode API Login: Authenticate with the Bytecode API to start using its features within your pipelines.
- ByteCode API Create Project: Create a new project that will be used to store your analysis results.
- ByteCode API Submit Analysis: Submit your code for analysis to the Bytecode API directly from your pipeline.
- ByteCode API Process Analysis: Process the analysis and retrieve results within your pipeline.
Requirements
Before you start, make sure you have:
- An account with Bytecode API. To create an account, go to Bytecode.ai
- The necessary API tokens and permissions.
Usage
Here's how you can use each task in your Azure DevOps pipeline:
ByteCode usage example
This example shows how to use the ByteCode tasks to submit your code for analysis and retrieve the results.
trigger:
- main
pool:
vmImage: "ubuntu-latest"
variables:
- name: BYTECODE_EMAIL
value: "your-email@example.com"
- name: BYTECODE_PASSWORD
value: "your-secure-password"
jobs:
- job: ByteCodeAnalysis
steps:
- task: ByteCodeLogin@1
inputs:
email: $(BYTECODE_EMAIL)
password: $(BYTECODE_PASSWORD)
env:
BYTECODE_EMAIL: $(BYTECODE_EMAIL)
BYTECODE_PASSWORD: $(BYTECODE_PASSWORD)
displayName: "ByteCode API Login"
- task: ByteCodeCreateProject@1
displayName: "Create ByteCode Project"
- task: ByteCodeSubmitAnalysis@1
displayName: "Submit Analysis to ByteCode API"
- task: ByteCodeProcessAnalysis@1
displayName: "Process Analysis Results in ByteCode API"
- script: |
if [ $(numberHighVulns) -gt 0 ]; then
echo "Failed: Detected $(numberHighVulns) high vulnerabilities."
exit 1
else
echo "No high vulnerabilities detected."
fi
displayName: "Check High Vulnerabilities"
| |