Skip to main content

Add the Azure DevOps Extension to an Azure DevOps pipeline

You can configure the Veracode Azure DevOps Extension to add the Veracode Upload and Scan task and the Veracode Flaw Importer task to a release pipeline in Azure DevOps.

To complete this task:

  1. In your Azure DevOps, select the Release tab.

  2. Create a new release and enter the definition name.

  3. On the Definition page, select the Environment tab and configure the Veracode Upload and Scan or Veracode Flaw Importer tasks. If you want to view a summary report of scan results, you must add the Veracode Upload and Scan task.


    The build object is not available in the release pipeline. Therefore, if you intend to use the Veracode Upload and Scan task in the release pipeline, you must enter the scan name manually. If you do not enter it manually, the scan name variable does not convert to text and the build name appears as $(build.buildNumber).

  4. Save the definition and select Release > Create Release.

  5. On the Release tab, select the release you just created.

  6. For the Veracode Upload and Scan task, in the Environments section, select the environment that contains the task.

  7. From the Actions menu, select Deploy to start the build in the release pipeline.

After the scan is complete, in your build definition, you can select the Veracode Scan Summary tab to view the scan results.