The integration of Azure DevOps with Corgea empowers users to seamlessly scan projects and initiate pull requests for code fixes directly from the Corgea platform.
1

Generate an Azure DevOps Personal Access Token

Access your Azure DevOps account and generate a personal access token (PAT) with both read and write permissions.
Create Personal Access Token
Token Permissions
2

Integrate the Token with Corgea

Proceed to the Integrations page on Corgea. Click the ”+” button within the Azure DevOps section and ensure the token is securely saved.
Add Token to Corgea
3

Identify Azure DevOps Projects in Corgea

After configuration, navigate to the Projects page. Your Azure DevOps project will be displayed with a Windows icon. Click the ”+” in the action column to initiate the first scan, or select the project name and click “New Scan” to commence a new scan.
Search Projects
4

Submit a Pull Request to Azure DevOps

From any issue page associated with Azure DevOps projects in Corgea, you can submit a pull request to address an issue.
Issue Pull Request

Optional: Webhook Configuration

To enable scans for each pull request, configure a webhook. Ensure you possess the requisite permissions to set up webhooks for your project.
1

Select “Project settings” located at the bottom left of the Azure DevOps interface.
Project Settings
2

Click on “Service Hooks”. Multiple clicks may be necessary if it does not load immediately.
Service Hooks
3

Click the ”+” button and choose “Web Hooks”.
Web Hooks
4

Select “Pull request created” as the trigger event, configure any optional settings, and click “Next”.
Trigger Event
5

In the Settings section, input the URL as https://www.corgea.app/azure_webhook/ or https://your_instance.corgea.app/azure_webhook/ for private deployments.
Webhook URL
6

Open a new browser tab, navigate to the Corgea integrations page, and locate your Azure integration. Copy the X-CORGEA-UUID value.
X-CORGEA-UUID
7

Return to the Azure DevOps Webhook configuration page and populate the headers section with:
  • X-CORGEA-UUID: (UUID value you copied)
  • X-WEB-TOKEN: (the same PAT configured in Corgea)
Headers Configuration
8

Click “Finish” to save the configuration. Disregard the “Test” button as it may attempt to trigger scans for files you do not have access to.
9

Validate the setup by creating a new pull request. A successful configuration will display a successful event in the webhook history and trigger a new scan on the Corgea Scans page at https://www.corgea.app/scans/.
Webhook History
Corgea Scans