VstsExtensions
VstsExtensions copied to clipboard
SARIF Reports as input for BuildQualityChecks
Describe the context
- Extension: BuildQualityChecks
- Environment: Azure DevOps Services (cloud)
-
Agent type: Microsoft-hosted, self-hosted agent, or Container
- Agent version: latest
- Pipeline type: yaml pipeline
Describe the problem and expected behavior
I'd like the BuildQualityChecks to optionally look at some specified CodeAnalysisLogs folder for probably *.sarif reports and use the data therein in comparison against the baseline stored on another branch, likely main
- like with the code coverage and warnings etc - and fail/warn my build accordingly. Please? 😇
Tell you what, if it was aware of the SAST Scans Tab, that'd be amazing.
Task logs
Run your pipeline with the following variables:
// - For BuildQualityChecks: System.Debug
and BQC.LogRawData
set to true
// Send the task log to [email protected] and reference your GitHub issue.