Azure DevOps Agent for Venafi CodeSign Protect
Updated Jan. 4 2021

With support from the Machine Identity Management Development Fund, Sidechain, who are experts in securing Digital Transformation, will make Venafi CodeSign Protect a closely integrated service in Microsoft Azure DevOps pipelines. An Azure Build Agent will be developed to deliver a consistent code-signing workflow, enabling a new Sign Task inside the build pipeline.
Solution Overview

Increasingly businesses are moving DevOps process – not just applications and operations – to the cloud.  Azure DevOps is now one of the most popular CI/CD platforms enabling developers to move from enterprise Windows build processes to built in the cloud for cloud-native deployments. However, Azure DevOps teams don’t have an easy and fast way to sign code consistently and with the approval and visibility of security teams.

This Machine Identity Management Development Fund project will provide an Azure DevOps Agent for Venafi CodeSign Protect that enables Venafi customers to use Azure DevOps Agent architecture to easily integrate Venafi CodeSign Protect as an Azure DevOps Signing Task.  This will make building and deploying with signed code faster, while working across both cloud and on-premise Azure DevOps deployments.  The agent will be released under Apache 2.0 and hosted from the Sidechain Security GitHub site.