To enable the Veracode Azure DevOps Extension to effectively scan ASP.NET applications, you must perform specific configurations in your Azure DevOps build process.
Before you begin
Before configuring the build, you must precompile your ASP.NET application and generate a PUBXML file according to the instructions in the Compilation Guide.
The Azure DevOps Build configuration task requires that you use Visual Studio as your integrated development environment.
About this task
- Open the ASP.NET application in Visual Studio.
Add the veracode.pubxml file that contains Veracode-specific settings to the
View the veracode.pubxml file to verify your configuration.
- Check in the changes to your repository.
- In TFS or Azure DevOps, open your Azure DevOps project.
- Go to the Build tab and navigate to your build definition.
- Select the Build solution task.
In the MSBuild Arguments field, enter the path of your application PUBXML
In this example, the path is /p:OutputPath=bin /p:DeployOnBuild=true /p:PublishProfile=veracode.pubxml.
- Perform the standard Azure DevOps build configuration steps.