- Select the job you want to scan.
- Click Configure.
- Click the Build Environment tab.
- Select Use secret text(s) or file(s).
- Under Bindings, select .
- For Variable, enter SRCCLR_API_TOKEN.
- Select SRCCLR_API_TOKEN.
In the build section, select
.Note: You can include the shell as a pre- or post-build step.
Add the following command to the shell command box:
curl -sSL https://download.sourceclear.com/ci.sh | sh
- Save your build.
The next time your job runs, Veracode SCA performs an agent-based scan.