Versions Compared

Old Version 49

changes.mady.by.user Michelle Friedman

Saved on

compared with

New Version Current

changes.mady.by.user Lena Kleyner

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Table of Contents

Note

IMPORTANT: This Integration will reach its End Of Life starting September 1, 2022.

After this date, this Integration will no longer be supported by Mend. Please make sure to migrate to the new integration before September 1, 2022 to maintain full support of your product.

For details about this integration, see Azure DevOps Pipelines Integration.

Overview

This Mend extension integrates with your Azure DevOps Server (TFS) to automatically detect all open source components, including dependencies in your products.

Prerequisites

...

Azure DevOps Server or TFS version 2015 or later

...

NodeJS, version 6.x.x or later

...

This page is available at: https://

...

docs.

...

mend.

...

io/

...

Downloading/Installing the Mend Extension

  • Download the Mend for Azure DevOps Server extension from the Visual Studio Marketplace here.

Creating and Configuring a Mend Connection 

  1. Open your Project and click Project settings. The Project Settings screen is displayed.

  2. From the left menu, click Service connections. The Service Connections screen is displayed.

  3. Click New service connection. The New service connection dialog box is displayed.

  4. From the list of services, click Mend.

  5. Click Next. The New Mend service connection dialog box is displayed.

  6. Enter the following:

    • Server Url - Use the 'Mend Server URL' which can be retrieved from your 'Profile' page on the 'Server URLs' panel. Ensure to add an '/agent' path to this URL.
      For example: "https://saas.Mendsoftware.com/agent".

    • User Key - The unique identifier of the user. It can be generated from the profile page in your Mend account.

    • API Token - Your Mend organization's unique API Key, which can be found on the Integrate page in the Mend application.

    • Service connection name - The desired display name of the Mend endpoint.

  7. Click Save.

Creating and Configuring the Mend Build Step

  1. Open your Project.

  2. From the left menu, click Pipelines, and open your desired Pipeline. The Pipeline's summary is displayed.

  3. Click Edit. The Pipeline's definition is displayed.

  4. Add the Mend task, and enter the appropriate configuration fields (see the table below).
    The Mend task should be added after the task which pulls the source code into the agent's working directory (Get SourcesRestore Packages, etc.), but before the compilation, package and publish steps.

  5. Click Run to run the Pipeline.

...

Parameter

...

Description

...

Work directory

...

The path of the root directory containing the desired files to scan.

...

Extension list

...

List of file extensions to scan.

...

Check policies

...

Whether to evaluate the policy conditions. Will allow to fail the build in case of policy failure.

...

Product name

...

Name to uniquely identify the product to update. Will generate a new product in case the name does not match an existing one.

...

Product token

...

Unique identifier of the product to update. Can be retrieved from the 'Integrate' page in the Mend application.

...

Product version

...

Version of the product to update.

...

Requester email

...

Email of the Mend user that requests to update Mend.

...

Project name

...

Name of the project to create or update.

...

Project token

...

Unique identifier of the project to update. Can be retrieved from the 'Integrate' page in the Mend application.

...

Force check all Dependencies

...

Setting to true will force check the policies for all dependencies introduced to the Mend projects.

Setting to false, or not using it at all, will check only the new dependencies introduced to the Mend projects.

NOTE: Used only if 'Check Policies' is set to true.

...

Force update

...

Force update even if there is a policy failure.

...

Fail on error

...

Whether to fail the build on a general error (e.g. network error). 
Setting to false means that the plugin will fail the build only for policy violations.

...

Proxy url

...

The proxy server from which you want to redirect the messages. (e.g - "proxy":"http://10.0.0.1:8080" )

...

Proxy username

...

Proxy username

...

Proxy password

...

Proxy password

...

Connection timeout

...

Default value - 60 minutes

...

Connection Retries

...

Connection retries when unable to connect to Mend service (the default value is one retry)

...

Connection Retries Interval

...

Wait time between connection retries. (The default value is 3000 milliseconds)

Supported File Extensions

The following file extensions are supported; any other extension specified in the Extension list or Exclude list fields will be ignored by the plugin.

Binaries/Packages

a, aar, air, apk, deb, dll, dmg, drpm, ear, egg, exe, gem, gzip, jar, msi, pkg.tar.xz, rpm, swc, swf, tar.bz2, tar.gz, tgz, udeb, war, whl

Source Files

c, cc, clj, cljs, cljx, cp, cpp, cs, csharp, cxx, go, goc, h, hh, hpp, hxx, java, js, m, mm, pch, php, py, rb, swiftbundle/unified_agent/page/azure_devops_server__tfs__integration.html