Adding a Scan Task to Your Azure DevOps Agent Job

After the Azure DevOps extension has been installed, you need to add a Code Insight scan task to your Azure DevOps agent job so that the scan is automatically performed as part of your build process.

To add a scan task to your DevOps agent job, do the following:

Create a build pipeline for your Azure DevOps project.
Locate the Code Insight Scan task under the Builds section in the task catalog.
Add the Code Insight Scan task at any point after the build task in the pipeline build definition.

Define the scan task properties on the Code Insight Scan window. The following describes the task properties. An asterisk indicates that a value is required.

Field	Description
Display name	The name of the scan task for display purposes.
Code Insight Server	The URL for the core server (for example, `http://codeInsightServer.myorg.org:8888/codeinsight/`). Ensure that the URL is publicly accessible and that the port is available.
Authorization Token	The JSON Web Token (JWT) used to authorize user access to the Code Insight functionality. Generate this token using the Code Insight Web UI and then copy and paste it in this field. For more information, see Providing an Authorization Token.
Code Insight Project Name	The name of the project that was created in the Code Insight user interface (for example, `ScanProject_AzureDevOps`).
Alias	A name that you define for the scan-agent plugin. The alias is used to represent the “container” (scan root) under which all the files scanned in this instance will be listed in the API output and in the file tree in the `Analysis Workbench`. This name must be unique within the project.
Folder(s) to Scan	The directory containing the code to scan. Typically, you would use one of the following: $(Build.ArtifactStagingDirectory)—The directory where the build output is staged during the build process $(Build.SourcesDirectory)—The directory where the source code files are downloaded $(Build.BinariesDirectory)—The output directory for the compiled binaries For details about these directory variables, refer to this site: https://learn.microsoft.com/en-us/azure/devops/pipelines/build/variables?view=azure-devops&tabs=yaml
Host	(Optional) A user-defined name for the instance where the scan-agent plugin is configured to run scans. This property along with the `alias` property will remain unchanged for each subsequent rescan. Although optional in general, this value is required if you are running the scan in a dynamic host environment. See Note About Rescans Performed by v2.0 and Later Plugins.

Save and queue the build definition.

The scan will be performed in the build environment as part of the build process, and the results will be sent to the project you configured on the Code Insight server. The resulting inventory items can be viewed and managed in the Code Insight user interface.