Back to Search Results

Azure Pipelines

By: Snyk

Learn More

"Ready-to-use tasks for Azure Pipelines can be inserted quickly and directly from the Azure interface, enabling you to customize and automate your pipelines with no extra coding. Among the tasks included is the Snyk task. You can include the Snyk task in your pipeline to test for security vulnerabilities and open source license issues as part of your routine work. In this way you can test and monitor your application dependencies and container images for security vulnerabilities. When the testing is done you can review and work with results directly from the Azure Pipelines output, as well as from the Snyk interface."

Features
  • Linux, macOS, and Windows agents—hosted by Microsoft
  • Powerful workflows with native container support
  • Flexible deployments to Kubernetes, serverless, or VMs
Benefits
  • Once included in your pipeline, the task runs each time the pipeline runs, and the results appear in the Azure Pipelines output
  • If the Snyk task fails the build, an error message appears in the results indicating that the build failed due to snyk test.
Prerequisites
  • Ensure you have a pipeline within the repository for the code you want to test
  • If you created a pipeline with the Azure Repos wizard, this file is called azure-pipelines.yml.
  • If you created a pipeline with the Azure Repos wizard, this file is called azure-pipelines.yml.
  • If this repository has multiple service connections, ask your Snyk admin which to use for your pipeline.
  • Want to add your Dockerfile for additional base image data to use when testing your container? Ensure the image has been built.
How it Works
  • Add the Snyk Security Scan task when you create your pipeline or while editing an existing one.
  • From Azure, access the pipeline that you want to scan for vulnerabilities.
  • Open it for editing and check that the Build step is included just before the point at which you want to insert the Snyk task.
  • Open the assistant, search for the Snyk Security Scan task, and click on the Snyk Security Scan.
  • Complete the fields in the configuration.
  • Find full details about the parameters on Snyk Security Scan task parameters and values.
  • Place your cursor inside the pipeline, ensuring you place it before a deployment step, such as npm publish or docker push.
  • From the configuration panel, click Add.
Demo Video

Version:
N/A

Integration Categories:
Continuous Integration

Support:
support@snyk.io

Snyk Products:
Snyk Code

Website

Contact