uploadfile.do
The uploadfile.do call uploads a file to an existing build or creates a build. Veracode recommends that you use the uploadlargefile.do call to avoid timeout errors when uploading a large file.
Before using this API, Veracode strongly recommends that you read API usage and access guidelines. Ensure you access the APIs with the domain for your region.
Before uploading additional files, ensure that:
- An upload or prescan is not in progress.
- The
beginscan.docall is not in progress. - If you recently ran the
beginscan.docall, you did not setauto_scantotrue.
Because the uploadfile.do call creates a build, if one does not already exist or if the most recent build has a published static scan, you do not need to call createbuild.do. If the call creates a build, the build name is the date of the build with the scan type. For example, 03 Mar 2019 Static.
If you want to upload a file that does not have the same name as a previous file, you can use the save_as parameter to change the name, enabling flaw-matching with previously scanned files.
Resource URL
https://analysiscenter.veracode.com/api/5.0/uploadfile.do
Parameters
| Name | Type | Description |
|---|---|---|
app_idRequired | Integer | Application ID. |
fileRequired | String | File to upload. The maximum file size is 2GB. Requirements:
uploadlargefile.do call. NOTE: You must enter the @ symbol before the entire pathname, including the specific filename. |
sandbox_id | Integer | Enter the ID of the target sandbox for the upload file. |
save_as | String | Enter a new, unique filename for the uploaded file. The filename cannot begin or end with slashes or periods. |
HTTPie example
This call supports the HTTP POST method. Examples use the HTTPie command-line tool.
http --auth-type=veracode_hmac POST -f "https://analysiscenter.veracode.com/api/5.0/uploadfile.do" "app_id==<application ID>" "file@c:\myappfiles\myappzip.zip" "save_as==myappfile.zip"
HTTPie results
The uploadfile.do call returns the filelist XML document, which references the filelist.xsd schema file. You can use the XSD schema file to validate the XML data.
<?xml version="1.0" encoding="UTF-8"?>
<filelist xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="https://analysiscenter.veracode.com/schema/2.0/filelist"
xsi:schemaLocation="https://analysiscenter.veracode.com/schema/2.0/filelist
https://analysiscenter.veracode.com/resource/2.0/filelist.xsd" filelist_version="1.1"
account_id="<account ID>" app_id="<application ID>" build_id="<build ID>">
<file file_id="<file ID>" file_name="myappfile.zip" file_status="Uploaded" file_md5="<file md5>/>
<file file_id="<file ID>" file_name="myappfile2.zip" file_status="Uploaded" file_md5="<file md5>"/>
</filelist>
Java example
java -jar vosp-api-wrappers-java-<version>.jar -vid <Veracode API ID> -vkey <Veracode API key> -action uploadfile -appid <application ID> -filepath c:\Users\<username>\<filename>
Java results
The uploadfile.do call returns the filelist XML document, which references the filelist.xsd schema file. You can use the XSD schema file to validate the XML data.
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<filelist xmlns="https://analysiscenter.veracode.com/schema/2.0/filelist"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
account_id=<account ID> app_id=<application ID> build_id=<build ID> filelist_version="1.1"
xsi:schemaLocation="https://analysiscenter.veracode.com/schema/2.0/filelist
https://analysiscenter.veracode.com/resource/2.0/filelist.xsd">
<file file_id=<file ID> file_name="<filename>" file_status="Uploaded"/>
</filelist>