Using Puma Scan in a DevSecOps pipeline
Puma Scan can also be integrated into DevSecOps pipelines, such as Azure DevOps, using the Azure DevOps Standard Edition. Why DevSecOps, you ask? Well, we should be integrating security into everything we do!
While a separate license is required for this product, it is possible to include static scanning directly in the build pipeline, ensuring that code quality is maintained throughout each and every build.
To add the functionality to our pipeline, all we need to do is go to the Visual Studio marketplace in Azure and add the Puma Scan Professional Azure DevOps extension:
Confirm with the dropdown the organization for which you want to install the extension, and select Install:
Once we activate the license, we just need to integrate the extension into our pipeline and our scans will run every...