Automate SBOM management via MS Azure DevOps extension

PreviousAutomate SBOM management via GitHub action NextCreate and manage lifecycle rules to automate EOS and EOL information across all products

Last updated 2 months ago

Was this helpful?

Save time and effort manually maintaining SBOMs

Once configured, Helm will automatically add or update SBOMs for the appropriate product versions based on your event trigger when new or updated SBOMs are added to your connected Azure repository.

Efficiency: Automates the labor-intensive process of maintaining SBOMs, allowing your team to focus on development.

Accuracy and consistency: Ensures that every change in your codebase is reflected in your SBOMs.

Seamless integration: Fits naturally into your existing Azure DevOps workflows, enhancing your DevOps practices without disruption.

Compliance and transparency: Facilitates adherence to regulatory requirements and enhances transparency with stakeholders by providing detailed and up-to-date SBOMs.

Getting started:

To get started, you'll need Helm API access and the API credentials, as well as our Helm API URL (api-base-url). These credentials are your client ID and client secret. These are your Helm email and API key, respectively. to get access to the Helm API.

, then click the Get it free button to install it to your organization.

In your Azure DevOps project, navigate to Azure Pipelines and select your existing pipeline or create a new one.

Add the Medcrypt Helm Upload SBOM task to the new or existing task.

Configure the Medcrypt Helm Upload SBOM task with the necessary parameters, including your Helm API credentials and the path to your SBOM file.

Run the task. The task log will provide trace info and diagnostics during the run.

By integrating this extension into your Azure DevOps environment, you can enhance your software supply chain security and maintain accurate SBOMs with minimal effort.

Save time and effort manually maintaining SBOMs

Once configured, Helm will automatically add or update SBOMs for the appropriate product versions based on your event trigger when new or updated SBOMs are added to your connected Azure repository.

Efficiency: Automates the labor-intensive process of maintaining SBOMs, allowing your team to focus on development.

Accuracy and consistency: Ensures that every change in your codebase is reflected in your SBOMs.

Seamless integration: Fits naturally into your existing Azure DevOps workflows, enhancing your DevOps practices without disruption.

Compliance and transparency: Facilitates adherence to regulatory requirements and enhances transparency with stakeholders by providing detailed and up-to-date SBOMs.

Getting started:

, then click the Get it free button to install it to your organization.

In your Azure DevOps project, navigate to Azure Pipelines and select your existing pipeline or create a new one.

Add the Medcrypt Helm Upload SBOM task to the new or existing task.

Configure the Medcrypt Helm Upload SBOM task with the necessary parameters, including your Helm API credentials and the path to your SBOM file.

Run the task. The task log will provide trace info and diagnostics during the run.

By integrating this extension into your Azure DevOps environment, you can enhance your software supply chain security and maintain accurate SBOMs with minimal effort.