# Azure DevOps Pipelines The Meterian Scanner [Azure DevOps,](https://dev.azure.com) available in the Azure DevOps Extensions Marketplace, adds an extra level of protection to your pipelines. The native integration of Meterian in Azure DevOps can be completed in a few simple steps: * Install the [Meterian Security Plus](https://marketplace.visualstudio.com/items?itemName=meterian.meterian) extension from the Marketplace * Set the Meterian API Token, either: * in a variables group * as part of a pipeline {% hint style="warning" %} In order to work, the Meterian scanner requires a working version of Docker in the image used to run the pipeline. {% endhint %} The only pre-requisite is a Meterian API Token which can be obtained from\ your paid subscription account's [Meterian Dashboard](https://meterian.io/dashboard#tokens). If you are using a free account and would like to upgrade, contact . **Setting the Meterian API Token in variables group** Select Library from the Pipelines menu and create a new Variable group. Then add `METERIAN_API_TOKEN` (click on the lock icon to make it as secret variable). ![](https://3502151236-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-M-naNCUtT6Gw1tfDjRR%2F-MPiwuWpL7ArEwzcpSZO%2F-MPj3m_Zx943rfc9SAIL%2Fimage.png?alt=media\&token=ed571847-c9fe-4fb8-81ef-08b30c4e5fe6) **Specify the variable group in the pipeline (Option A)** ``` # Starter pipeline # Start with a minimal pipeline that you can customize to build and deploy your code. # Add steps that build, run tests, deploy, and mode: # https://aka.ms/yaml trigger: - main pool: vmImage: 'ubuntu-latest' variables: - group: meterian-team-variables ``` **Setting the Meterian API Token as a pipeline variable (Option B)** * From the Pipeline editor, click on Variable in the top right corner ![](https://3502151236-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-M-naNCUtT6Gw1tfDjRR%2F-MPiwuWpL7ArEwzcpSZO%2F-MPj4g88ltC1Ma_BC524%2Fimage.png?alt=media\&token=67175112-df27-4509-bc23-711a54f2585d) **Add Meterian task to the pipeline** * In the Review section (or whenever editing the Pipeline) Click on "Show Assistant" and select "Meterian Scanner" from the list * The Meterian task must be under "steps" * Save the Pipeline ![](https://3502151236-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-M-naNCUtT6Gw1tfDjRR%2F-MPiwuWpL7ArEwzcpSZO%2F-MPj5WK7d_m4PBdnIGFV%2Fimage.png?alt=media\&token=dd9c5ddf-d05e-422a-a3d8-019142fee376) ``` trigger: - main pool: vmImage: 'ubuntu-latest' variables: - group: meterian-team-variables steps: - task: Meterian Scanner@0 ``` #### Specifying options It is possible to specify the Meterian CLI options and also to specify a custom working directory, neither of them is required. ``` steps: - task: Meterian Scanner@0 inputs: client_options: "--min-security=90" working_directory: "$(Build.SourcesDirectory)/path/to/directory" ``` A working example of pipeline can be found [here](https://dev.azure.com/meterianrocksolid/java-sample-project-with-options/_git/java-sample-project-with-options?path=%2Fazure-pipelines.yml). You can also find [here](https://docs.meterian.io/ci-server-integrations/azure-devops) a non-native integration for Azure DevOps Pipelines **Dedicated instance setup** Should you need to perform a scan that targets your [dedicated instance](https://docs.meterian.io/dedicated-instance), you can override the defaults by adding the following environment variables to your pipeline's Meterian task:
NameDescription
METERIAN_ENVSet this variable to target the right subdomain of the site where your instance runs
METERIAN_PROTOSet this variable to target the right HTTP protocol of the site where your instance runs
METERIAN_DOMAINSet this variable to target the right domain of the site where your instance runs
Here is an example pipeline that performs a scan connecting to a dedicated instance located at : ``` steps: - task: Meterian Scanner@0 env: METERIAN_ENV: "mycompany" METERIAN_DOMAIN: "meterian.uk" ``` --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.meterian.io/online-integrations/azure-devops-pipelines.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.