The Publish Security Analysis Logs build task enables customer to preserve secure static analysis log files from the build. The customer can choose between publishing artifacts to the Azure DevOps server, which are stored in Azure DevOps as a zip file, and publishing (copying) the files to a file share that is accessible from a private build agent.
| 1. | You are using the Azure DevOps Build system. |
|---|---|
| 2. | The Microsoft Security Code Analysis Extension installed in your account. |
| 3. | At least one SecDevTools secure static analysis tool runs in the given build definition. |
| 1. | Open your team project from your Azure DevOps Account. |
|---|---|
| 2. | Navigate to the Build tab under Build and Release |
| 3. | Select the Build Definition into which you wish to add the build task.
|
| 4. | Click + to navigate to the Add Tasks pane. |
| 5. | Find the Publish Security Analysis Log Files build task either from the list or using the search box and then click
Add.
|
| 6. | The Publish Security Analysis Logs build task should now be a part of the Build Definition. Add it after the publishing steps for
your build artifacts.
|
| 1. | Click the Publish Security Analysis Logs task to see the different options available.
|
|---|---|
| 2. | Choose Artifact name (any String Identifier) |
| 3. | Choose Artifact Type - you can publish logs to the Azure DevOps server or to a file share thatr is accessible to the build agent. |
| 4. | Tools - You can choose to preserve logs for individual/specific tools, or select "All Tools" to preserve all logs. |
The Private Preview for this extension is now closed. Please visit the Microsoft Security Code Analysis Home Page for information about the public MSCA extension and how to get it. You can also contact us via email at Microsoft Security Code Analysis