Skip to main content

Enable pull requests for GitHub

To use automatic pull requests for Veracode Software Composition Analysis agent-based scanning, you need permission to create pull requests in GitHub.

To complete this task:

  1. Go to https://github.com/settings/tokens.

  2. If prompted, enter your GitHub credentials and log in.

  3. On the New personal access token page, select Generate new token.

  4. Enter a token description. For example: Allow Veracode Agent-Based Scan to generate pull requests

  5. Select repo.

  6. Select Generate token.

  7. After the token generates, to copy the token and save it to a safe location, select clipboard copy token.

    Important

    After you leave the page, you cannot access this token again.

  8. Add your token using one of these methods:

    • Add this code to the agent.yml file installed in your ~/.srcclr folder:

      scmType: GITHUB
      scmToken: <token copied in earlier step>

    • Set the token as an environment variable in a command script. For example, add this code in Linux bash:

      export SRCCLR_SCM_TYPE="GITHUB"
      export SRCCLR_SCM_TOKEN="<token copied in earlier step>"

  9. If you are using an installation of GitHub other than GitHub.com, add your project URL using one of these methods:

    • Add the project URL to the agent.yml file installed in your ~/.srcclr folder. For example:

      scmUrl: https://github.acme.io

    • Set the project URL as an environment variable in a command script. For example, add this code in Linux bash:

      export SRCCLR_SCM_URL="https://github.acme.io"
Last updated on