Extension to integrate Contrast in your deployment flow.
This extension is now unpublished from Marketplace. You can choose to uninstall it.
Contrast Integration
Features
Service connection
Release gate
Service connection
Here you can specify your Contrast URL and credentials so our tasks and gates are able to retrieve information from Contrast.
Release Gate
Adding a new gate
Enter Edit mode for the release pipeline you wish to add the gate to.
Choose the stage and deployment conditions to which you'll be adding the gate, either pre or post conditions. You may later add more gates of the same type to the same stage or deployment conditions.
Go to the Gates section and enable them if you haven't already.
Click on + Add text and select Verify application vulnerabilities. Now you are ready to configure the gate.
Gate Configuration
You should have created a Contrast service connection first, if you don't have yet you can click on the New button next to the Service Connection
dropdown. Fill all the fields with the correct data and click on Ok. Click on the refresh list next to the dropdown button and select your newly created
connection.
Proceed to load the applications list either by clicking over the field or the refresh button next to it and select the application
to which this artifact belongs.
You may choose to be more specific with the severity counters by selecting which vulnerability status
or build numbers will be used for filtering when retrieving the data for the gate evaluation.
Now set the maximum amount of vulnerabilities per severity. Do mind that whenever your pipeline reaches this gate if one or all the validations fail your pipeline
will keep requesting for samples until it is valid or the evaluation timeout is reached.