Enable pull requests for GitHub
To use automatic pull requests for Veracode Software Composition Analysis agent-based scanning, you need permission to create pull requests in GitHub.
To complete this task:
If prompted, enter your GitHub credentials and log in.
On the New personal access token page, click Generate new token.
Enter a token description. For example: Allow Veracode Agent-Based Scan to generate pull requests
Select the repo checkbox.
Click Generate token.
After the token generates, click the clipboard icon
to copy the token and save it to a safe location.
noteAfter you leave the page, you cannot access this token again.
Add your token using one of these methods:
Add this code to the
agent.yml
file installed in your~/.srcclr
folder:scmType: GITHUB
scmToken: <token copied in earlier step>Set the token as an environment variable in a command script. For example, add this code in Linux bash:
export SRCCLR_SCM_TYPE="GITHUB"
export SRCCLR_SCM_TOKEN="<token copied in earlier step>"
If you are using an installation of GitHub other than GitHub.com, add your project URL using one of these methods:
Add the project URL to the
agent.yml
file installed in your~/.srcclr
folder. For example:scmUrl: https://github.acme.io
Set the project URL as an environment variable in a command script. For example, add this code in Linux bash:
export SRCCLR_SCM_URL="https://github.acme.io"