tonybaloney / pycharm-security

Finds security holes in your Python projects from PyCharm and GitHub
https://pycharm-security.readthedocs.io/en/latest/?badge=latest
MIT License
334 stars 21 forks source link

Add support for Azure Pipelines #109

Open tonybaloney opened 4 years ago

tonybaloney commented 4 years ago

Figure out how this can be run from within Azure Pipelines.

Ideas:

tonybaloney commented 4 years ago

The Microsoft team answered this https://stackoverflow.com/a/61887463/7402337

I am afraid you have to clone the DockerV2 Task and to customize it to run the Docker commands that you need.

The reason for its complexity is that their implementation forms are different.

We are customizing github action and publishing to Marketplace, the custom github action did not compile and package the source code, but just quoted the original code. In other words, our custom action is more like providing a link to tell the compiler where to download the source code and pass parameters and rewrite the source code. So we don't need to download the source code of github action and customize it.

However, the Azure Pipelines custom task is different. The custom task needs to be compiled to generate a .visx file, which requires the source code and compiles it after rewriting.

Besides, Azure devops provide a Task groups, so that we could encapsulate a sequence of tasks, already defined in a build or a release pipeline, into a single reusable task that can be added to a build or release pipeline, just like any other task. You can choose to extract the parameters from the encapsulated tasks as configuration variables, and abstract the rest of the task information.

Hope this helps.