Azure DevOps
Integrating Meterian with Azure pipeline is easily done by updating the configuration file azure-pipelines.yml with this small snippet:
- script: |docker run --rm \--volume ${PWD}:/workspace --env METERIAN_API_TOKEN=$METERIAN_API_TOKEN \meterian/cli [Meterian CLI Options]displayName: 'Run Meterian'
Then, either when creating the pipeline or just by opening the Edit panel, set the METERIAN_API_TOKEN environment variable. Please note that checking the 'Keep this value secret' option will prevent the script from working as it will not be able to read it.
To retrieve a Meterian API Token visit the Meterian Dashboard; in your account select the tab "Tokens" and create a new one, or use an existing one.
API tokens are available only on paid account. To upgrade your subscription, please contact us.
Meterian will be launched against the project source code every time a new change is committed and pushed in your repository.
Learn more about the Meterian Client here.
When the script specified in the configuration file is executed, the latest version of the Meterian client gets downloaded in the home folder of the machine and the Meterian client is launched against the source code.
At the end of the scan the pipeline task will pass or fail depending on the scan results.