Threatrix Documentation
Threatrix
  • Getting Started
  • Developer Quick Start
  • SecureShip
    • Artifactory Scanning
    • ThreatAgent Scanning
  • Threat Center
    • Creating Account
      • OAuth Login
    • Entity Dashboard
    • User Profile
  • AICertify
    • Reviewing Results
  • codecertify
    • Quick Start
    • Project Summary Tab
    • Components Tab
      • Custom Components
        • Adding
        • Editing
        • Important Notes
      • Header Panel
      • Module Tree Panel
      • Results Panel
        • Card View
        • Risk Graph View
      • Audit History
    • Assets Tab
      • Custom Asset Matches
        • Adding Asset Match
  • securecore
    • Project Dashboard
    • ThreatScan
    • Scan Results
  • Threat Agent
    • Threat Agent Overview
    • Threat Agent - Installation & Scanning
    • Scan Summary Reports
    • Resolving Errors
    • Scanning Container Images
  • Integrations
    • Dependency Managers
      • RENV
    • Build Integrations
      • AWS CodeBuild
      • Azure DevOps
      • Bitbucket Pipeline
      • CircleCI
      • GitHub Action
      • GitLab Pipeline
      • Jenkins Pipeline
    • SCM Integrations
      • GitLab
      • Bitbucket
    • Issue Management
      • Jira
    • Notifications
  • Policy Management
    • Policy Overview
    • Creating Policies
    • Policy Conditions
    • Policy Actions
    • Policy Scopes
  • Administration
    • User Management
    • Organization Settings
      • Organization Knowledge Base
      • Integration
        • Slack Integration
        • Jira Integration
        • Service Keys
    • RBAC
    • Entity Management
    • Okta
      • Okta Org2Org Integration
  • GraphQL API
    • API Overview
  • Resources
    • Dependency Managers
      • PIP
    • Dictionary
    • Licenses
    • Security & Privacy
    • Binary File Support
  • Hybrid / On Premise
    • Getting Started
    • Installation
    • Upgrade
    • Setup
    • Cloud Data Disclosure
    • Troubleshooting
Powered by GitBook
On this page
  • Set up User Variables
  • Variables Permissions
  • Installing Threat Agent

Was this helpful?

  1. Integrations
  2. Build Integrations

Azure DevOps

PreviousAWS CodeBuildNextBitbucket Pipeline

Last updated 11 months ago

Was this helpful?

Set up User Variables

Within Threatrix Threat Center

  • Grab your OrgId and EntityId credentials from your profile

  • Create and grab your API Key from your profile or admin dashboard at Admin -> Integration -> Service keys. When creating the Service Key, be sure to choose "Super Admin" for the role. Choosing permissions is unecessary.

Within Azure DevOps

  • Navigate to Pipelines -> Library

  • Click `+Variable Group` to add a new Variable Group

  • Create a new Variable

  • Set "Threatrix" for Variable group name

  • Add the following Variable Names with values

    • THREATRIX_API_KEY: Your API Key from your profile or admin dashboard

    • THREATRIX_OID: Your organization ID from your profile

    • THREATRIX_EID: Your entity ID from your profile

  • [OPTIONAL] Select Lock icon for each to convert to Secret variable

  • From top menu, click "Save".

Variables Permissions

During your next build, you may see the following message requesting permissions to access your newly created Variable Group. Select "Permit" in order to allow the pipeline access to Threatrix variables necessary to perform the scan.

Installing Threat Agent

Threatrix Threat Agent requires that Java 11+ be pre-installed on the host machine.

Download and run the latest ThreatAgent in your pipeline

Add the following step to your azure-pipelines.yml file

- script: |
    curl -LJO https://github.com/threatrix/threat-matrix/releases/download/agent-release-latest/threat-agent-latest.jar
    java -jar threat-agent-latest.jar ./