Install the Veracode SCA agent with PowerShell
If you are running a scan in a Windows environment and do not want to use Chocolatey to install the agent, you can use PowerShell.
To complete this task:
-
In the Veracode Platform, select Scans & Analysis > Software Composition Analysis.
-
Select Agent-Based Scan.
-
Select a workspace.
-
Select Agents > Actions > Create > Windows.
-
Select PowerShell.
-
Select Create Agent & Generate Token.
-
Set the
$Env:SRCCLR_API_TOKEN
environment variable to the authentication token you just generated. -
If your Veracode account is in the Commercial Region, skip this step. If your Veracode account is in the European or United States Federal Region, set the
$Env:SRCCLR_REGION
environment variable to one of the following:- European Region:
ER
- United States Federal Region:
FED
- European Region:
-
In your PowerShell terminal, set execution policy to
AllSigned
. You may need to run this command to set the execution policy because PowerShell does not permit scripts to run by default:Set-ExecutionPolicy AllSigned -Scope Process -Force
-
Run this command to download the script:
$ProgressPreference = "silentlyContinue"; iex ((New-Object System.Net.WebClient).DownloadString('https://sca-downloads.veracode.com/ci.ps1'))
-
Scan repositories with one of these commands.
-
To start scanning public repositories:
srcclr scan --url https://github.com/veracode/example-ruby
-
To clone and scan local repositories:
srcclr scan FILE_PATH
-