Create Veracode SCA Agents
For information on creating agents with the SCA Agent REST API, see Using the Veracode SCA Agent REST API.
Before you begin:
To create an organization-level agent, you must have the Security Lead role.
To create a workspace agent, you must have the Security Lead, Workspace Administrator, Workspace Editor, or Submitter role.
To complete this task:
In the Veracode Platform, navigate to the Agents page at either the workspace or organization level.
Click Actions > Create.
Choose your desktop operating system or CI.
For CI projects, follow the instructions for your CI integration.
For desktop operating systems.
a. Choose the tab showing your preferred method of installation for your OS type (curl, apt-get, yum, homebrew).
b. Open a terminal window and follow the instructions to install the agent.
c. Copy the command to activate the agent and paste it in your terminal.
d. Copy the activation token and paste it in your terminal. After entering your activation token, the
Createaction creates the
agent.ymlconfiguration file and adds it to the
~/.srcclrfolder. If this file already exists. you are prompted to enter a profile name. This profile name allows you to choose which token to use when scanning.
- For workspace agents, Veracode recommends using the name of the workspace associated with the token.
- For organization-level agents, Veracode recommends that, if you plan on creating more than agent one to use with different teams or workspaces, you indicate that in the profile name.
f. Verify the agent by running one of these commands to see if you can scan a specific package manager:
srcclr test --ant
srcclr test --bower
srcclr test --cocoapods
srcclr test --composer
srcclr test --glide
- Go Get:
srcclr test --go
srcclr test --godep
srcclr test --govendor
srcclr test --gradle
srcclr test --ivy
srcclr test --maven
srcclr test --npm
srcclr test --pip
- Ruby Gems:
srcclr test --gem
srcclr test --sbt
srcclr test --trash
srcclr test --yarn
srcclr test --nuget