Product
Pricing
Resources
Docs
Product
Pricing
Resources
Docs

Azure Pipelines

To add Uleska testing into your Azure Pipelines we suggest you update your pipeline yaml file to include the Uleska CLI.  The Uleska CLI can be inserted multiple times into your pipeline, to reflect the various stages where security testing can be applied (e.g. SAST testing just after the build, DAST testing in staging, container testing in container build, etc).

For ease of use, it makes sense to add common CLI arguments into a file or your yaml variables.  The variables you use will depend on your setup and how you are testing.  See the Uleska CLI documentation for more details.

For example, adding the Uleska Platform hostname, and Application Name, will help with consistency.  Depending on your privacy or security setup, you can add the auth token as a variable, or include it as a secret variable.

AzureVariables

To then include the Uleska CLI, create a new stage in your Azure Pipeline that will include two tasks.  The first task simply instructs the Azure environment to use Python3, and the second task invokes the Uleska CLI.

An example Uleska testing task set is show here:

AzurePipelineUleska

To break this down:

  • The first task is a standard Azure Pipelines task to enforce the usage of Python3.
  • The second task then uses pip to download two librarys; the 'requests' library, which is a common python HTTP library used by the Uleska CLI, and 'uleska-automate', which is the Uleska CLI.
  • When invoking the Uleska CLI, the arguments you pass to it will depend on your use case.  In this example we are passing the Uleska host and our application name (through variables), specifying the testing run for the 'v1' version/pipeline, passing our auth token, and specifying we wish to view the results for the latest scan on this 'v1' version/pipeline.

As we are not passing the '--print_json' flag, this invocation of the Uleska CLI will print the latest results to standard output, which in Azure will then be visible in the job run output for inspection, similar to the following.

AzureRun