You can add a post-build action to your Jenkins freestyle project to get scan results from a Dynamic Analysis of your application.
Before you begin:
- You meet the prerequisites.
- You have installed the Jenkins Plugin.
- You have linked an existing Dynamic Analysis to an application profile with a Veracode policy. If the Dynamic Analysis is linked to multiple URLs, you cannot view the analysis results in Jenkins. Therefore, you can either unlink URLs until there is only one linked to the Dynamic Analysis, or you can view the results in the Veracode Platform.
To complete this task:
In your Jenkins freestyle project, go to the Post-build Actions section.
From the Add post-build action dropdown menu, select Review Veracode Dynamic Analysis Results.
Enter the number of hours to wait for analysis results to be available.
Select whether to fail the Jenkins build if the analysis violates a Veracode policy.
Select whether to use global Veracode API credentials. If you select to use global credentials, continue to step 7.note
If you select to use global credentials, but have not configured them using the API service account credentials, the build fails.
In the Veracode Credentials section, enter your Veracode API credentials.
Select Apply to save your changes.
Go back to the main page of your freestyle project.
Select Build Now and wait for the build and analysis to complete successfully.
Under Build History, select a build number.
Select Veracode Dynamic Analysis to review the results of the analysis.
In the results, you can select the View Executive Summary link to view additional information in the Veracode Platform.