Skip to main content

Upload and scan an application from Bamboo

The Veracode Bamboo Integration enables you to submit applications from your Bamboo environment to Veracode using the Veracode Java API wrapper. In a new or existing job, you add a task that calls the Java API wrapper to upload and scan your application.

Before you begin:

Ensure you have met the prerequisites.

To complete this task:

  1. Open Bamboo and navigate to the plan you created for your application.

  2. Select a job.

  3. Select the Tasks tab.

  4. On the Tasks page, select Add task.

  5. For the task type, select Builder > Command. If you want to use the Java API wrapper Docker image, create a Docker task.

  6. In the Task description field, explain that this task uploads the application to Veracode.

  7. From the Executable dropdown menu, select Java. For a Docker task, from the Command dropdown menu, select Build a Docker image.

  8. In the Argument field, enter a command with the following parameters. For the Docker settings, use the example scripts.

    • vid: Veracode API ID.
    • vkey: Veracode API key.
    • action: name of the action to perform. Enter uploadandscan.
    • appname: name of an existing application profile you want to use for your application.
    • createprofile: optional. Create a new application profile for your application.
    • createsandbox: optional. Create a sandbox for this application.
    • sandboxname: optional. Name of the sandbox in which you want the scan to build.
    • filepath: filepath of the files you want to upload to Veracode for scanning. By default, Veracode uploads all the subdirectories and files of this filepath.
    • version: name or version of the build you want to scan.

    Example command for the Argument field in a Command task:

    -jar C:\{JavaWrapper_HomeFolder}\vosp-api-wrapper-java{version}.jar -vid ${bamboo.vid} -vkey ${bamboo.vkey} -action uploadandscan
    -appname {Your_Application_Name} -createprofile true -createsandbox true -sandboxname ${bamboo.shortPlanName} -filepath
    ${}/*.{FileExtensionForCompiledApplication} -version ${bamboo.buildNumber}
  9. Review the configuration, then select Save.