Venafi CodeSign Protect Plugin for Azure DevOps
Updated Nov. 16 2021

Easily integrate secure code signing into your Azure DevOps build processes without added burden on your dev team. Sidechain’s Microsoft Azure Pipelines agent for Venafi CodeSign Protect is a complete, turnkey solution for automating and orchestrating code signing.
Business Outcomes
  • Eliminate the complexity and burden of custom integrations into your build pipelines

  • Extend the value of existing Venafi investments into the cloud

  • Modernize and accelerate your software development lifecycle (SDLC) 

Integration Features
  • Invoke Venafi code signing as an automated task directly in your Azure DevOps pipeline.

  • Build agent is preconfigured with latest releases of Venafi CodeSign Protect and signing software (jarsigner and Sign Tool)

Solution Overview

Increasingly businesses are moving DevOps–not just applications and operations–to the cloud. Azure DevOps is now one of the most popular CI/CD platforms enabling developers to move from enterprise Windows build processes to "built in the cloud" for cloud-native deployments. However, Azure DevOps teams don't have an easy and fast way to sign code consistently and with the approval and visibility of security teams.

The Microsoft Azure Pipelines Agent for Venafi CodeSign Protect gives Venafi customers a turnkey solution to integrate secure enterprise code signing capabilities directly into the DevOps pipeline. Deployable as a one-step code signing task, this agent works across both Azure DevOps Services and on-premises with Azure DevOps Server. 

This Machine Identity Management Development Fund project is built based on industry best practices by Sidechain, data security experts for digital transformation.