Configure the Extension for Azure DevOps and Visual Studio Team Foundation Server for a Release Pipeline

Build Systems

About this task

To configure a release pipeline in Azure DevOps or TFS:


  1. Go to the Release tab and create a new release.
  2. Enter the definition name.
  3. In the definition page, go to the Environment tab and configure the Veracode Upload and Scan or Veracode Flaw Importer tasks.
    Note: The build object is not available in the release pipeline. Therefore, if you intend to use the Veracode Upload and Scan task in the release pipeline, you must enter the scan name manually. If you do not manually enter it, the scan name variable does not convert to text and the build name appears as $(build.buildNumber).

    To view a summary report, add the Veracode Upload and Scan task.

  4. Save the definition and click Release > Create Release.

    Note: Before you build your application, if you intend to use the Veracode Azure DevOps flaw import feature, you must configure additional build variables.

  5. In the Release tab, select the release you just created.

  6. In the Environments section, select the environment that contains the Upload and Scan task.
  7. From the Actions menu, click Deploy to start the build in the release pipeline.
    After the build completes, the results of your scan are available in the Veracode Summary tab of your release summary.

    Note: If you do not include the Veracode Upload and Scan task in your release definition, the Veracode Summary tab is hidden from the release summary for Azure DevOps and TFS 2018 Update 1 or later. For earlier versions of TFS, the Veracode summary displays a status message explaining why there are no results.