0

I want to use Roslyn analyser in our Azure pipelines. And got to know from below link that roslyn analyzer comes along with a plugin called Microsoft Security Code analysis extension.

https://learn.microsoft.com/en-us/azure/security/develop/security-code-analysis-overview

https://learn.microsoft.com/en-us/azure/security/develop/security-code-analysis-onboard

Can you please guide me how to install the extension in Azure pipeline?

Also is there any documentation regarding how to install Fxcop Analyzer in Azure pipelines?

amrityam
  • 1
  • 1

2 Answers2

0

The Microsoft Security Code Analysis can’t be installed directly in extension marketplace, you can link to https://secdevtools.azurewebsites.net/ and click Contact Us for general Availability Information to send a sign up email to Secure Development Tools group. enter image description here

After the approval, you can get the extension in Organization Settings -> Extensions -> Shared. And more detail install information, you can check the documentation.

About the Fxcop Analyzer, you can install the Code Analysis Task for VSTS(from the Marketplace) and use this task on your pipeline and you can get more detailed information in Github.

Frank Wang-MSFT
  • 1,367
  • 6
  • 6
0

Microsoft Security Code Analysis is a toolset (An additional subscription need to purchase at your Azure DevOps organization level), which provides different tools in the Azure DeOps pipeline to use. FxCopAnalyzer is one of the tool in it's offering under this subscription.

MS Code Analysis Onboarding and installation

https://learn.microsoft.com/en-us/azure/security/develop/security-code-analysis-onboard

FxCopAnalyzer configuration

https://learn.microsoft.com/en-us/azure/security/develop/security-code-analysis-customize#roslyn-analyzers-task

Surendra Reddy
  • 219
  • 3
  • 10