Updated documentation with Azure central pipeline use case (#4148)

* added to azure pipeline docs with central pipeline use case * updated changelog * azure pipeline docs section headers and additional wording * updated docs toc * vmimage to vmImage for spell linter
oxsecurity · Oct 17, 2024 · 23b8285 · 23b8285
1 parent 77c8987
commit 23b8285
Show file tree

Hide file tree

Showing 2 changed files with 56 additions and 1 deletion.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -23,6 +23,7 @@ Note: Can be used with `oxsecurity/megalinter@beta` in your GitHub Action mega-l
   - Fix AzureCommentReporter not adding comments to PR on 2024-10-15
 
 - Doc
+  - Updated documentation with Azure central pipeline use case on 2024-10-16
 
 - Flavors
 

diff --git a/README.md b/README.md
@@ -80,6 +80,10 @@ Before going below, see [**Online Documentation Web Site which has a much easier
     - [Manual Setup](#manual-setup)
     - [Using R2Devops](#using-r2devops)
   - [Azure Pipelines](#azure-pipelines)
+    - [Single Repository](#single-repository)
+    - [Central Repository](#central-repository)
+    - [Pull Request Comments](#pull-request-comments)
+    - [Detailed Tutorial](#detailed-tutorial)
   - [Bitbucket Pipelines](#bitbucket-pipelines)
   - [Jenkins](#jenkins)
   - [Concourse](#concourse)
@@ -576,7 +580,11 @@ description: Manual instructions to setup MegaLinter as an Azure Pipelines job
 
 Use the following Azure Pipelines [YAML template](https://docs.microsoft.com/en-us/azure/devops/pipelines/yaml-schema)
 
-Add the following job in your `azure-pipelines.yaml` file
+You can configure a [build validation](https://learn.microsoft.com/en-us/azure/devops/repos/git/branch-policies?view=azure-devops&tabs=browser#build-validation) branch policy against a single repository or across all repositories. If you configure across all repositories then your pipeline is stored in a central repository.
+
+#### Single Repository
+
+Add the following to an `azure-pipelines.yaml` file within your code repository:
 
 ```yaml
   # Run MegaLinter to detect linting and security issues
@@ -609,8 +617,54 @@ Add the following job in your `azure-pipelines.yaml` file
           artifactName: MegaLinterReport
 ```
 
+#### Central Repository
+
+Add the following to an `azure-pipelines.yaml` file within a separate repository e.g. 'MegaLinter' repository:
+
+```yaml
+# Run MegaLinter to detect linting and security issues
+
+trigger: none
+
+pool:
+  vmImage: ubuntu-latest
+
+variables:
+  repoName: $[ split(variables['System.PullRequest.SourceRepositoryURI'], '/')[6] ]
+
+steps:
+  # Checkout triggering repo
+  - checkout: git://$(System.TeamProject)/$(repoName)@$(System.PullRequest.SourceBranch)
+    displayName: Checkout Triggering Repository
+
+  # Pull MegaLinter docker image
+  - script: docker pull oxsecurity/megalinter:v8
+    displayName: Pull MegaLinter
+
+  # Run MegaLinter
+  - script: |
+      docker run -v $(System.DefaultWorkingDirectory):/tmp/lint \
+        --env-file <(env | grep -e SYSTEM_ -e BUILD_ -e TF_ -e AGENT_) \
+        -e SYSTEM_ACCESSTOKEN=$(System.AccessToken) \
+        -e GIT_AUTHORIZATION_BEARER=$(System.AccessToken) \
+        oxsecurity/megalinter:v8
+    displayName: Run MegaLinter
+
+  # Upload MegaLinter reports
+  - task: PublishPipelineArtifact@1
+    condition: succeededOrFailed()
+    displayName: MegaLinter Report
+    inputs:
+      targetPath: $(System.DefaultWorkingDirectory)/megalinter-reports/
+      artifactName: MegaLinterReport
+```
+
+#### Pull Request Comments
+
 To benefit from Pull Request comments, please follow [configuration instructions](https://github.com/oxsecurity/megalinter/tree/main/docs/reporters/AzureCommentReporter.md)
 
+#### Detailed Tutorial
+
 You can also follow this [detailed tutorial](https://github.com/DonKoning/megaLinter) by [DonKoning](https://github.com/DonKoning)
 
 <!-- install-azure-section-end -->