Azure DevOps

Set up User Variables

Within Threatrix Threat Center

Grab your OrgId and EntityId credentials from your profile

Create and grab your API Key from your profile or admin dashboard at Admin -> Integration -> Service keys. When creating the Service Key, be sure to choose "Super Admin" for the role. Choosing permissions is unecessary.

Within Azure DevOps

Navigate to Pipelines -> Library
Click `+Variable Group` to add a new Variable Group
Create a new Variable
Set "Threatrix" for Variable group name
Add the following Variable Names with values
- THREATRIX_API_KEY: Your API Key from your profile or admin dashboard
- THREATRIX_OID: Your organization ID from your profile
- THREATRIX_EID: Your entity ID from your profile
[OPTIONAL] Select Lock icon for each to convert to Secret variable
From top menu, click "Save".

Variables Permissions

During your next build, you may see the following message requesting permissions to access your newly created Variable Group. Select "Permit" in order to allow the pipeline access to Threatrix variables necessary to perform the scan.

Installing Threat Agent

Threatrix Threat Agent requires that Java 11+ be pre-installed on the host machine.

Download and run the latest ThreatAgent in your pipeline

Add the following step to your azure-pipelines.yml file

- script: |
    curl -LJO https://github.com/threatrix/threat-matrix/releases/download/agent-release-latest/threat-agent-latest.jar
    java -jar threat-agent-latest.jar ./

PreviousAWS CodeBuild NextBitbucket Pipeline

Last updated 3 months ago