Import Flaws in a TFS Build Pipeline

Build and Release Management

You can add the Veracode Flaw Importer task to your Team Foundation Server (TFS) build pipelines for importing flaws as work items.

  1. Click the Variables tab.
  2. If you are using TFS 2017 or higher, set the enabletfs variable to true.
  3. If you are using TFS 2015, configure these variables:
    enabletfs
    Enter true.
    isTfs2015
    Enter true.
    username
    Enter your Windows username.
    password
    Enter your Windows password.
    domain
    Enter the Windows domain.
  4. Optionally, to add debugging to your pipeline, add a new variable and enter these values in the New variable window:
    • Name: system.debug
    • Value: true
  5. Click Save & queue to save your configurations and add the build to your queue.
After the flaw import task has completed successfully, the work items related to flaws in a given application appear in Azure DevOps or TFS. In Azure DevOps, you can search on the Work or Queries pages, for example, to find the work items you created.