Azure DevOps PR Scan Pipeline

This pipeline installs Python dependencies via your Azure Artifacts feed and runs pip-audit for vulnerability scanning. It does not promote packages to any view; packages will remain cached in the feed's @Local view.

Setup Steps

Azure Artifacts Feed
- Project: CTDP-SLT
- Feed: CDP-TST
- Ensure PyPI is configured as an upstream source so installs through the feed cache into @Local.
Pipeline Configuration
- Add this azure-pipelines.yml to your repo.
- Enable Allow scripts to access the OAuth token in pipeline settings.
Permissions
- The pipeline needs read access to the feed. Typically, the project Build Service identity already has this.
Usage
- On PR, the pipeline will:
  - Install dependencies from your feed.
  - Run pip-audit to check for vulnerabilities.

Variables

FEED_SIMPLE_URL is set to the project-scoped feed's PyPI simple endpoint: https://pkgs.dev.azure.com/<ORG>/CTDP-SLT/_packaging/CDP-TST/pypi/simple/

Name		Name	Last commit message	Last commit date
Latest commit History 246 Commits
requirements		requirements
.gitignore		.gitignore
README.md		README.md
accepted_vulns.json		accepted_vulns.json
azure-pipelines-delete.yml		azure-pipelines-delete.yml
azure-pipelines-push.yml		azure-pipelines-push.yml
azure-pipelines-upload.yml		azure-pipelines-upload.yml
init.sh		init.sh
requirements_vulnerable.txt		requirements_vulnerable.txt

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Azure DevOps PR Scan Pipeline

Setup Steps

Variables

About

Uh oh!

Releases

Packages

Uh oh!

Uh oh!

Contributors

Uh oh!

Languages

Folders and files

Latest commit

History

Repository files navigation

Azure DevOps PR Scan Pipeline

Setup Steps

Variables

About

Resources

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Uh oh!

Uh oh!

Contributors

Uh oh!

Languages

Packages