Veracode TeamCity Plugin
You can use the Veracode TeamCity Plugin to integrate Veracode security scanning into your build process.
You can use the plugin to perform these tasks:
- Synchronously scan and provide results.
- Stop the build if the Veracode scan results violate the security policy.
- Run a scan in a sandbox.
- Create an application profile if one does not already exist.
Prerequisites
- Before you can install and use the Veracode TeamCity Plugin, you must meet the software requirements listed on the Veracode-Authored Integrations page.
- Before uploading an application, you must package it to include the required debug symbols, as described in the Veracode Packaging Requirements. For a .NET application, use Veracode Static for Visual Studio to prepare a build. To automate building a .NET application, you can precompile it with the Microsoft Build Engine (MSBuild).
- You have generated Veracode API credentials.
- You have one of these account types:
A user account with these roles:
- Creator or Security Lead role to be able to create application profiles, and upload and scan applications.
- Submitter role to create a new scan for an existing application and upload and scan these applications.
- Reviewer role to check scan completion.
An API service account with these API roles:
- Upload API to create application profiles, create sandboxes, and upload and scan applications.
- Upload API - Submit Only to submit scans.
- Results API to check scan completion.