Set up CodeAnt Quality Gates in your Azure DevOps CI Pipeline.
azure-pipelines.yml
. It will trigger on every push to your repository and run quality gate checks to detect secrets and other security issues:
Important:
- In Project � Pipelines � Library, add a secret variable named
ACCESS_TOKEN
with your personal access token or repo token.- Azure DevOps automatically provides
$(Build.Repository.Name)
(your repo slug),$(Build.SourceVersion)
(the commit SHA), and other build variables.
quality_gates.sh
) from the CodeAnt API endpoint.
-o start
operation.
-o results
operation with:
quality_gates.sh
script accepts the following parameters:
Parameter | Description | Required | Example |
---|---|---|---|
-a, --access-token | Azure DevOps Personal Access Token | Yes | $(ACCESS_TOKEN) |
-r, --repo | Repository in format org/project/repository | Yes | ${ORG}/${PROJECT}/${REPO} |
-c, --commit-id | Commit SHA to scan | Yes | $(Build.SourceVersion) |
-s, --service | VCS provider | Yes | azuredevops |
-o, --operation | Operation to perform (start or results ) | Yes | start or results |
-t, --timeout | Timeout in seconds for polling (default: 300) | No | 300 |
-p, --poll-interval | Poll interval in seconds (default: 15) | No | 15 |
-u, --base-url | Base URL for VCS service (optional) | No | https://dev.azure.com |
ACCESS_TOKEN
in a Variable Group for reuse across pipelinesVariable | Description | Example |
---|---|---|
$(Build.Repository.Name) | Repository name | MyRepo |
$(Build.SourceVersion) | Current commit SHA | abc123def456 |
$(Build.SourceBranchName) | Current branch name | main |
$(System.TeamProject) | Project name | MyProject |
$(System.CollectionUri) | Collection URI | https://dev.azure.com/myorg/ |
$(System.PullRequest.PullRequestId) | Pull request ID (if applicable) | 123 |
-t 600
(10 minutes)ACCESS_TOKEN
variable is correctly configured in Pipeline Variables or Variable Groupsorganization/project/repository
set -e
at the beginning of your script to fail on any errorCodeAnt-Variables
ACCESS_TOKEN
with your personal access token