Azure Integration

Overview

This guide provides step-by-step instructions for integrating the Binadox Structure-As-Code Analyzer with your Azure DevOps repository. This integration enables automated code analysis within your Azure Pipelines, enhancing your development workflow and code quality.

Once integrated, pricing will be automatically calculated after each push to the repository and added as a comment to the commit. Ensure that your account has the necessary permissions to write comments. If permissions are not granted, comments will appear every 24 hours. While this step is optional, it’s highly recommended for immediate feedback.

Prerequisites

• A Binadox account
• An Azure DevOps account
• An Azure Repos Git repository

Integration Steps

1. Generate a Secret Token in Binadox

Log in to your Binadox account. Navigate to System Configuration > API. Click the Create API button.

Enter a descriptive name for your API token in the Name field. Click Save.

Copy and securely store the generated API key. You’ll need this in step 3.

2. Create Azure DevOps Organization

Sign in to the Microsoft Azure portal.

Navigate to All services > Azure DevOps organizations.

Click My Azure DevOps Organizations > Create new organization.

Click the Continue button. 

Fill the following fields of the form:

• Organization name
• Country/region
• CAPTCHA

Click the Continue button. 

3. Create New Project

To create a new project, fill in the required details:

• Project name
• Description (optional)
• Visibility (public or private)

Click Create project. 

4. Create a Pipeline in Azure DevOps

In your new Azure DevOps project, go to Pipelines > Create Pipeline.

Select Azure Repos Git as your code repository.

Select your repository from the list.

Azure Pipelines will analyse your repository and recommend a pipeline template. Choose the appropriate template for your project.

5. Set Up Pipeline Variables

In the pipeline editor, click on Variables.

Click New variable.

Add the following variables:

• BINADOX_SERVER_URL: https://prod.binadox.com/api/1/organizations/pricing/callback/analyze_iaac
• BINADOX_PROJECT_NAME: Your project name (e.g., “Binadox”)
• BINADOX_SECRET_TOKEN: The API key generated in step 1 (Keep this value secret)

Click OK button.

Note:

Always keep your BINADOX_SECRET_TOKEN secure. Never expose it in your code or public repositories.

After adding 3 variables, click the Save button. 

5. Add the Binadox Script to the Pipeline

In the pipeline YAML file azure-pipelines.yml, add the following script:

pool:
  vmImage: ubuntu-latest
steps:
- bash: |
    echo "Sending Data to Binadox"
    if [ -n "$(System.PullRequest.PullRequestId)" ]; then
      export EVENT_NAME=pull_request;
    else
      export EVENT_NAME=push;
    fi
    echo $EVENT_NAME
    RESULT=$(curl -sw '%{http_code}' -X POST "$(BINADOX_SERVER_URL)" -H 'Content-Type:application/json' -H "Authorization:ApiToken $(BINADOX_SECRET_TOKEN)" -d "{
      \"project\":\""$(BINADOX_PROJECT_NAME)"\", 
        \"azure_data\":{
          \"eventName\":\"$(EVENT_NAME)\",
          \"branch\":\""$(Build.SourceBranchName)"\",
          \"commit\":\""$(Build.SourceVersion)"\",
          \"workspace\":\""$(Pipeline.Workspace)"\",
          \"repository\":\""$(Build.Repository.Name)"\"
        }
    }")
    echo $RESULT
    if [[ "$RESULT" == 200 ]]; then 
      echo "Binadox Structure-As-Code Analyzer Request sent";
      exit 0;
    else 
      echo "Binadox Structure-As-Code Analyzer Request failed";
      exit 1;
    fi
  displayName: 'binadox-analyze'

Click Save and run.

Commit the changes to your repository.

Support and Resources

• For further assistance, please contact Binadox support.
• Consult the Azure Pipelines documentation for more information on pipeline configuration.
• Visit the Help Center for additional details on the Structure-As-Code Analyzer.

By following this guide, you’ve successfully integrated the Binadox Structure-As-Code Analyzer with your Azure DevOps pipeline, enabling automated code analysis to enhance your development workflow and code quality.