mcp-server-azure-devops
Normalizes Aqua-like JSON security reports from pipeline artifacts into a standardized vulnerability report.
Generates a copilot-fix-prompt.md file with fix suggestions based on normalized vulnerability reports, intended for use with GitHub Copilot.
Normalizes Trivy JSON security reports from pipeline artifacts into a standardized vulnerability report.
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@mcp-server-azure-devopsshow me recent pipeline runs"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
mcp-server-azure-devops
Azure DevOps MCP server aligned with your mcp-platform-gateway and @abhinav-dev/mcp-platform-kit pattern.
This server follows the same structure as mcp-server-git:
src/index.ts
src/config/env.ts
src/tools/registerAzureDevOpsTools.ts
src/azuredevops/azureDevOpsClient.tsIt does not use the raw MCP SDK directly. It extends McpServerBase from @abhinav-dev/mcp-platform-kit and registers tools through PlatformToolServer.
Capabilities
List Azure DevOps pipelines
List pipeline runs
Get pipeline run details
List pipeline logs
Read pipeline log text
List pipeline artifacts
Download pipeline artifacts
Collect security reports from artifacts
Normalize Trivy, SARIF, Veracode-like JSON, and Aqua-like JSON reports
Generate
normalized-vulnerability-report.jsonGenerate
copilot-fix-prompt.mdTrigger allowed pipelines with safety controls
Related MCP server: Azure DevOps MCP Server
Install
npm install
npm run buildConfigure
Copy .env.example to .env.
MCP_NAME=azure-devops
MCP_VERSION=1.0.0
MCP_PORT=3005
MCP_SELF_URL=http://localhost:3005
GATEWAY_URL=http://localhost:3000
AZDO_ORG=your-organization
AZDO_PROJECT=your-project
AZDO_PAT=your-personal-access-token
AZDO_API_VERSION=7.1
AZDO_ENABLE_TRIGGER=false
AZDO_ALLOWED_PIPELINES=12,15,20
AZDO_ALLOWED_BRANCHES=refs/heads/main,refs/heads/dev
AZDO_DOWNLOAD_DIR=.azdo-downloads
AZDO_REPORT_DIR=.azdo-reportsRun
npm run devImportant tools
azure_list_pipelines
azure_list_pipeline_runs
azure_get_pipeline_run
azure_list_pipeline_logs
azure_get_pipeline_log_text
azure_list_pipeline_artifacts
azure_download_pipeline_artifact
azure_collect_security_reports
azure_normalize_local_security_reports
azure_trigger_pipelineSecurity report workflow
Recommended Azure Pipeline artifact layout:
security-reports/
trivy/
trivy-fs.json
trivy-image.json
veracode/
veracode-findings.json
aqua/
aqua-report.jsonThen call:
{
"pipelineId": 12,
"runId": 345,
"artifactName": "security-reports"
}using azure_collect_security_reports.
Output:
.azdo-reports/<pipelineId>/<runId>/normalized-vulnerability-report.json
.azdo-reports/<pipelineId>/<runId>/copilot-fix-prompt.mdOpen copilot-fix-prompt.md in VS Code and ask GitHub Copilot to implement the fixes.
Pipeline trigger safety
Pipeline trigger is disabled by default.
Enable only after configuring allowed pipelines and branches:
AZDO_ENABLE_TRIGGER=true
AZDO_ALLOWED_PIPELINES=12,15,20
AZDO_ALLOWED_BRANCHES=refs/heads/main,refs/heads/devThis server cannot be installed
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/abhi-d-git/mcp-server-azure-devops'
If you have feedback or need assistance with the MCP directory API, please join our Discord server