Configure Your GitLab Repository
To complete this task:
To scan using Veracode Software Composition Analysis (SCA) agent-based scanning, add the following to the
after_scriptstep in your
- curl -sSL https://download.sourceclear.com/ci.sh | sh
Commit the change to start a build for your repository.
Veracode SCA performs an agent-based scan, displaying results to your agent-based scanning environment.
If you want to add Veracode SCA agent-based scanning to other repositories, add the installation and scan code above, along with the
SRCCLR_API_TOKEN environment variable, to any
.gitlab-ci.yml files you want to scan. Then you can perform scans on each new build.