Donate scorecard-azure-pipelines-task
#4519
Assignees
Comments
|
@JamieMagee — thanks again for your work here! I'm in favor of the donation, presuming we can have your support in continuing to maintain the repository. FYI @GeauxJD @ossf/scorecard-admins |
1 task
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Azure DevOps has an integrated CI/CD system called Azure Pipelines, similar to GitHub Actions. As with GitHub Actions, you can create your own custom Azure Pipelines tasks. I created
scorecard-azure-pipelines-taskas a custom Azure Pipelines task to enable users to easily run Scorecard against their Azure DevOps repositories, now that #4177 is largely complete. This will enable a similar experience to the existingossf/scorecard-actionon GitHub Actions.Azure DevOps also has support for uploading SARIF files to create alerts, and I think publishing a Scorecard Azure Pipelines task will allow users to more easily integrate Scorecard feedback into normal development workflow.
This was discussed at the APAC Scorecard project meeting on February 6th, 2025, and the suggestion seemed to be generally supported, provided I agree to continue maintaining the task -- which I do.
What are the next steps?
The text was updated successfully, but these errors were encountered: