Configure Azure DevOps story integration
Perform the following procedure to configure your Azure DevOps integration options.
始める前に
Role required: Scan Engine Admin (sn_se.scan_engine_admin).
- In the Azure project you want to integrate with the Scan Engine, from the project settings, find and make note of the following information:
- Organization name
- Project name
- Work item type
- To connect with Azure, you will need to generate an API token:
- Select Personal access tokens from the Azure settings menu.
- Select New Token.
- Refer to your Azure documentation for complete details.
手順
Azure DevOps integration script best practices
The following best practices are guidelines for creating Azure DevOps integration scripts.
- Unlike ServiceNow integrations, the Azure integration executes the field mapping script one time per finding. Source and Destination instances do not apply with this integration.
- The Organization name and Project name fields determine which Azure project you will send your payload to.
- When building a script, use data from the finding by extracting fields from the grFinding variable.
- You can create a description and title to show in your Azure project. These will become core elements in your task. You may use other fields in the Azure project, but you will need an understanding of the Azure API to know the available fields.
- Some general fields you can use are:
- /fields/System.Title
- /fields/System.Description
- /fields/Microsoft.VSTS.Common.Risk
- /fields/Microsoft.VSTS.Scheduling.StoryPoints
These can be set by using this format:
- payload[‘/fields/System.Title’] = a value
- payload[‘/fields/Microsoft.VSTS.Scheduling.StoryPoints’] = a value
The following are predefined variables available for Azure DevOps Integrations:
| payload | The field mapping to populate your Azure project. |
| grFinding | The glide record of the finding that sends the request. |
| workItemType | The work item type selected for Azure integration. |