Skip to content

Azure DevOps Pipelines

CodeCharter as a task in an Azure pipeline.

Updated on 2026-06-03

CodeCharter runs in Azure Pipelines as a shell step. Robust, easy to pin, no external dependencies beyond the CLI download.

Minimal setup

azure-pipelines.yml:

trigger:
  branches:
    include: [main]

pr:
  branches:
    include: [main]

pool:
  vmImage: ubuntu-latest

variables:
  CODECHARTER_VERSION: '1.4.0'

steps:
  - task: UseDotNet@2
    inputs:
      version: '9.0.x'

  - bash: |
      curl -sSL -H "Authorization: Bearer $(CODECHARTER_API_KEY)" \
        -o codecharter.tar.gz \
        https://codecharter.tools/api/v1/cli/linux-x64/$(CODECHARTER_VERSION)
      mkdir -p /opt/codecharter && tar -xzf codecharter.tar.gz -C /opt/codecharter
      chmod +x /opt/codecharter/codecharter
      echo "##vso[task.prependpath]/opt/codecharter"
    displayName: 'Install CodeCharter CLI'
    env:
      CODECHARTER_API_KEY: $(CodeCharterApiKey)

  - bash: |
      codecharter analyze . --fail-on error --output sarif --output-file codecharter.sarif
    displayName: 'Run CodeCharter'

  - task: PublishBuildArtifacts@1
    condition: always()
    inputs:
      pathToPublish: codecharter.sarif
      artifactName: codecharter-sarif

API key in a pipeline secret

  1. Generate a key in the portal under API Keys.
  2. In Azure DevOps: Pipelines → Library → Variable groups → New, create the variable CodeCharterApiKey with its value, and click the lock icon to make it a secret.
  3. Reference the variable in the pipeline YAML as shown above.

Viewing SARIF results

Azure DevOps has no native SARIF viewer. Two good options:

Option A — SARIF Viewer extension

There is a SARIF SAST Scans Tab marketplace extension. After installation a "Scans" tab appears next to Tests and Code Coverage and renders SARIF artifacts.

Option B — Markdown report

- bash: |
    codecharter analyze . --output console --output-file codecharter-report.txt
    echo "##vso[task.uploadsummary]$PWD/codecharter-report.txt"
  displayName: 'Publish CodeCharter summary'

uploadsummary appends the text to the build summary. Not a fancy UI, but visible.

Caching

Azure Pipelines has Cache@2:

- task: Cache@2
  inputs:
    key: 'codecharter | "$(Agent.OS)" | .codecharter/**/* | **/*.csproj'
    path: $(Pipeline.Workspace)/.cache/codecharter
  displayName: 'Cache CodeCharter'

- bash: codecharter analyze . --fail-on error
  env:
    CODECHARTER_CACHE_DIR: $(Pipeline.Workspace)/.cache/codecharter

Self-hosted agents

Works without any changes. The agent needs network access to codecharter.tools, or you can mirror the CLI binary into your own artifact feed.