Scan CodeScan Cloud projects in Azure DevOps
Last updated
Was this helpful?
Last updated
Was this helpful?
CodeScan version 4.4+
An Azure DevOps Project for your Salesforce code
In the Azure DevOps app, go to the Marketplace
and then select Browse Marketplace
.
Search for CodeScan
, select the CodeScan Cloud
extension and then click Get it free
.
Select your account and complete the installation.
On your Project
dashboard screen, select Pipeline > Pipelines
and create a new Pipeline.
Once you are in the "Where is your code?" page, click Use the classic editor to create a pipeline without YAML.
Follow the instructions below for your source code location.
Select Azure Repos Git
and your Repository name
.
For your default branch, select the branch
you would like to check pull requests against. Keep this branch name in mind, we will use it later in the setup. Click Continue
.
On the Select a Template
page, select the Salesforce with CodeScan Cloud
template and click Apply
.
In the Agent pool dropdown menu, select Azure Pipelines
.
In the Agent Specification
dropdown menu, select ubuntu-20.04
.
Click the Prepare Analysis on CodeScan Cloud
section and create a new service endpoint.
Add your CodeScan server URL (e.g., https://app.codescan.io/)
You will need a token from your CodeScan Cloud account for this step. Learn how to create security token .
Add a name for your connection.
Make sure to verify the connection before leaving the pop-up.
Select your new Service Endpoint
and the Organization
you would like to connect to from the dropdown menu. If you are not sure, the is available at the top left of your Organization
page.
Select Use standalone scanner
under the Choose a way to run the analysis
.
Under Mode
, select the make sure Manually provide configuration
checkbox.
Click Create Project
.
Enter your desired Project Name
and Project Key
and click Create
. Keep these in mind, we'll need them in a second.
Click on your new empty project and navigate to Administration > Branches and Pull Requests
.
Change your main branch name to the name of the default branch that you selected.
Enter the Project Name
and Project Key
you just created.
Click Save and Queue
and let the analysis complete to see your results in CodeScan Cloud.
To trigger the builds, you will need to create a build policy on the branch you would like to check pull requests against.
Navigate to Repos > Branches
.
Click on the More
menu for the desired branch and click Branch Policies
.
In the Build Validation
section, add a new build policy
.
Select your new pipeline
and select Automatic for the Trigger settings
and choose your policy requirements.
This pipeline will now run when:
Pull requests are created against the branch
Pull requests are updated
Pull requests are merged.
The project branches on CodeScan Cloud will be updated accordingly.
To break the builds based on the Quality Gate once this analysis has run, you can add a PowerShell script to the pipeline.
Add a PowerShell step to your pipeline after the Publish Quality Gate step and add the following script inline, changing the below parameters:
<<project_key>>
to your actual project key.
The pipeline will now fail if the quality gates for the project are not passed.
In your selected organization, navigate to Administration > Projects Management
.
First create a and add it as a variable named CODESCAN_TOKEN
in your pipeline Variables menu.
{codescan_instance_url}:
Your instance's URL, for example, for US region, for EU region or for AUS region.