Configure your Codeship Basic repository
To complete this task:
-
In Codeship, go to the project you want to scan.
-
Select Project Settings > Testing.
-
In the test pipelines commands, enter the following code after your build commands:
curl -sSL https://sca-downloads.veracode.com/ci.sh | sh
-
Commit these changes to trigger a build for your repository.
Results:
Veracode SCA performs a scan and displays results to your agent-based scanning environment.
Next steps:
If you want to add Veracode SCA agent-based scanning to other repositories, add the installation and scan code above to any test pipelines you want. After you add the SRCCLR_API_TOKEN
environment variable, you can perform scans on each new build.