Submit an Application to Veracode from Bamboo
The Veracode Bamboo Integration enables you to submit applications from your Bamboo environment to Veracode using the Veracode Java API wrapper.
This procedure demonstrates using the Veracode Java API wrapper to submit an application. After you successfully create and run your plan in Bamboo, you can submit your application to Veracode for scanning.
Before you begin:
You meet the prerequisites.
To complete this task:
Open Bamboo and navigate to the plan you created for your application.
From the plan configuration, select a job and click the Tasks tab.
From the Tasks page, click Add task.
In the Task description field, explain that this command uploads the application to Veracode.
From the Executable dropdown menu, select Java.
In the Argument field, enter an argument with these parameters:
vid
: Veracode API ID.vkey
: Veracode API key.action
: Name of the action to perform. Enteruploadandscan
.appname
: Name of the application.createprofile
: Specify the API to create an application profile if one does not exist for the indicated application name.createsandbox
: Optional. Create a sandbox for this application.sandboxname
: Optional. Name of the sandbox in which you want the scan to build.filepath
: Filepath of the files you want to upload to the Veracode Platform for scanning. By default, Veracode uploads all the subdirectories and files of this filepath.version
: Name or version of the build you want to scan.
Example command with parameters added to the Argument field:
-jar C:\{JavaWrapper_HomeFolder}\vosp-api-wrapper-java{version}.jar -vid ${bamboo.vid} -vkey ${bamboo.vkey} -action uploadandscan
-appname {Your_Application_Name} -createprofile true -createsandbox true -sandboxname ${bamboo.shortPlanName} -filepath
${bamboo.build.working.directory}/*.{FileExtensionForCompiledApplication} -version ${bamboo.buildNumber}Review the configuration, then click Save.