Configure a task as a YAML build pipeline

Complete the following steps to configure a task as a YAML build pipeline in your Azure DevOps extension. This task must run in the server pool (pool: server).

  1. Enter Edit mode for the YAML build pipeline where you wish to add the task.

  2. To create a server job, under the jobs list, add a new job that runs on the server pool. For example:

    jobs:
    - job: verify_application
      pool: server
      steps:
  3. To add the task, click under the steps list, and then click on the Show assistant and search for "Contrast Assess".

  4. Click on the Contrast Assess - Application Vulnerability Detection task.

  5. Select a Service Connection from the Contrast Service Connection menu. You can also click on the Manage option to go to the Service connections settings in your Project Settings.

  6. Select one of your applications from the Application menu.

  7. Click Add. This adds the task to the steps list.

Inputs for this task are as follows:

Key

Description

Example Value

ContrastService

(Required) The service connection to be used to connect to the contrast

'Contrast Connection'

Application

(Required) The application that will be used to evaluate the vulnerabilities conditions

'a123745f-5857-45e4-a278-ddb5012e1996'

StatusFilter

(Optional)(Allowed Status) The vulnerability statuses that are included in the evaluation task. Delimited by ,

'Reported'

AppVersionFilter

(Optional)(Build Number) The build number to filter the vulnerabilities results

'0.0.1'

CriticalLimit

(Required) The maximum amount of vulnerabilities for the critical severity

'0'

HighLimit

(Required) The maximum amount of vulnerabilities for the high severity

'0'

MediumLimit

(Required) The maximum amount of vulnerabilities for the medium severity

'0'

LowLimit

(Required) The maximum amount of vulnerabilities for the low severity

'0'

NoteLimit

(Required) The maximum amount of vulnerabilities for the note severity

'0'

If you would like to prevent the execution of a job if the task fails, you must set the job to depend on the agentless job that includes the Contrast task. Add the dependsOn: property to the job you would like to prevent from executing.

In the following example, the agentless job that has the Contrast task is called verify_application.

- job: artifact
  dependsOn: verify_application
  pool:
    name: Azure Pipelines
    vmImage: 'ubuntu-latest'
  steps: