This Azure Extension enables you to automatically upload your app versions to Oversecured for security scanning. An extension user must have an active Integration.
access_token: Required. Your Oversecured API keyintegration_id: Required. The integration ID from Oversecuredbranch_name: Optional. The branch name,mainis defaultapp_path: Required. The path to the app file you wish to upload
- Store your Oversecured API key as a secret in your Azure repository. Navigate to your Azure repository, go to the
Pipelinestab, pick the pipeline, selectEditand thenVariables, and click the+(New variable) button. Name the secretOVERSECURED_API_KEY, paste your key and pickKeep this value secret. - Add the Oversecured step to your Azure workflow.
Android example:
pool:
vmImage: ubuntu-latest
steps:
- task: JavaToolInstaller@0
inputs:
versionSpec: '17'
jdkArchitectureOption: 'x64'
jdkSourceOption: 'PreInstalled'
- task: Gradle@2
inputs:
workingDirectory: ''
gradleWrapperFile: 'gradlew'
gradleOptions: '-Xmx3072m'
publishJUnitResults: false
testResultsFiles: '**/TEST-*.xml'
tasks: 'assembleDebug'
- task: oversecured-azure-extension@1
displayName: Oversecured scanner
inputs:
access_token: $(OVERSECURED_API_KEY)
integration_id: $(OVERSECURED_INTEGRATION_ID)
branch_name: $(OVERSECURED_BRANCH_NAME)
app_path: ./app/build/outputs/apk/debug/app-debug.apkiOS example:
pool:
vmImage: macos-latest
steps:
- script: |
gem install cocoapods --pre
displayName: Install CocoaPods
- script: |
pod install
displayName: Pods Install
- script: |
zip -q -r OversecuredZipped.zip .
displayName: Zip Sources
- task: oversecured-azure-extension@1
displayName: Oversecured
inputs:
access_token: $(OVERSECURED_API_KEY)
integration_id: $(OVERSECURED_INTEGRATION_ID)
branch_name: $(OVERSECURED_BRANCH_NAME)
app_path: OversecuredZipped.zipSubmit a request using the contact form.
The scripts and documentation in this project are released under the MIT License.