Skip to main content

Azure pipelines

Prelude#

GitGuardian CI/CD integration with Azure Pipelines is performed through our CLI application gg-shield. gg-shield is a wrapper around GitGuardian API for secrets detection that requires an API key to work.

⚠ Azure Pipelines does not support commit ranges outside of GitHub Pull Requests, therefore on push events in a regular branch only your latest commit will be scanned. This limitation doesn't apply to GitHub Pull Requests where all the commits in the pull request will be scanned.

Preview#

Azure Pipelines output

Installation#

  1. Create an API key within the API section of your GitGuardian workspace.

  2. Add this API key to the gitguardianApiKey secret variable in your pipeline settings.

  3. Add a new job using gg-shield to your Azure pipeline

jobs:- job: GitGuardianShield  pool:    vmImage: 'ubuntu-latest'  container: gitguardian/ggshield:latest  steps:  - script: ggshield scan ci    env:      GITGUARDIAN_API_KEY: $(gitguardianApiKey)