Veracode Jenkins Plugin Script Parameters

Build and Release Management

This table describes the parameters and their values for using the Jenkins Plugin in a build script. The script is Apache Groovy.

Parameter Type Description
applicationName
Required
String Name of the Veracode application profile.
scanName
Required
String Name of the scan. You can enter the $buildnumber or $projectname variables to dynamically bind the build number or project name to the scan name, instead of using a fixed scan name.
uploadIncludesPattern
Required
String Include filepath patterns of the files you want to upload and scan. Use a comma-separated list of Ant-style include patterns relative to the job workspace directory.
vid
Required
String Veracode API ID. If you bound your credentials, the environment variable bound to the API ID.
vkey
Required
String Veracode API key. If you bound your credentials, the environment variable bound to the API key.
canFailJob Boolean Set to true if you want the entire Jenkins job to fail if the upload and scan with Veracode action fails. If set to false and the upload and scan with Veracode action fails, Jenkins completes the job, logs the failure, but does not notify you about the failure.
copyRemoteFiles Boolean

Note: Veracode does not recommend enabling this option as it can increase the load on your Jenkins controller server.

If set to false (default), the plugin uploads the output files to Veracode from the remote workspace.

If set to true, the plugin copies the output files from the remote machine to a local, temporary directory on the controller server and uploads to Veracode.
createProfile Boolean Create a Veracode application profile, if one does not exist, for the specified application profile name. Set to true to create a profile. Set to false to not create a profile.
createSandbox Boolean For development sandbox scans, create a sandbox for the specified Veracode application. Set to true to create a sandbox. Set to false to not create a sandbox.
criticality String Required if you include the createProfile parameter. Criticality level of the scan: VeryHigh, High, Medium, Low, VeryLow
debug Boolean Set to true to include detailed build information in the Jenkins console logs for debugging. Set to false to not include detailed build information in the logs.
fileNamePattern String Case-sensitive filename pattern that represents the names of uploaded files to save with a different name. The * wildcard matches 0 or more characters. The ? wildcard matches exactly one character. Each wildcard corresponds to a numbered group that you can reference in the replacement pattern.
pHost String Required if you include the useProxy parameter. Hostname of your proxy host.
pPassword String Required if you include the useProxy parameter. Password for the proxy host.
pPort Integer Required if you include the useProxy parameter. Port number for the proxy host.
pUser String Required if you include the useProxy parameter. Username for the proxy host.
replacementPattern String Replacement pattern that references groups captured by the filename pattern. For example, if the filename pattern is --SNAPSHOT.war and the replacement pattern is $1-master-SNAPSHOT.war, an uploaded file named app-branch-SNAPSHOT.war is saved as app-master-SNAPSHOT.war.
sandboxName String For development sandbox scans, the name of the sandbox in which to run the scan. If the sandbox does not exist, include createSandbox to create it with the specified name.
scanExcludesPattern String Case-sensitive, comma-separated list of module name patterns that represent the names of modules to not scan as top-level modules. The * wildcard matches 0 or more characters. The ? wildcard matches exactly one character.
scanIncludesPattern String Case-sensitive, comma-separated list of module name patterns that represent the names of modules to scan as top-level modules. The * wildcard matches 0 or more characters. The ? wildcard matches exactly one character.
teams String Comma-separated list of team names associated with the specified application. Validates against the names of existing teams for this account.
timeout Integer Number of minutes to wait for the scan to complete and pass policy. If the scan does not complete or fails policy, the build fails. Default is 60 minutes.
uploadExcludesPattern String Exclude filepath patterns of the files you do not want to upload and scan. Use a comma-separated list of Ant-style include patterns relative to the job workspace directory.
useProxy Boolean Set to true if using a proxy to access Veracode. If set to true, these parameters are required: pHost, pPassword, pPort, pUser
waitForScan Boolean Set to true to submit the scan and have the Jenkins job wait for the amount of time, in minutes, specified for the timeout parameter. If the scan does not complete and pass policy compliance within the specified time, the build fails.