veracode package
Packages project code as an artifact (archive file) that you can upload to Veracode for Static Analysis or SCA upload and scan. SCA agent-based scanning is not supported. To automate packaging, see About auto-packaging.
Usage
./veracode package --source <string> --trust [environment variables] [flags]
Flags
| Flag | Description |
|---|---|
-d, --debug | Display verbose output. |
-h, --help | Show help for this command. |
-o, --output | Output directory to place the output artifact file on your local system. Default is the local working directory. |
-s, --source | Location of the source to package based on the target --type. If the target is directory, enter the path to a local directory. If the target is repo, enter the URL to a Git version control system. If you enter a repository URL, the package command clones the repository to a temporary directory on the local file system, then packages the code in the clone. After packaging the source, Veracode deletes the clone. |
-a, --trust | Acknowledge that the source project is a trusted source. Required the first time you package a project. |
-t, --type | Target type you want to package. Values are repo or directory. Default is directory. |
Environment variables
All environment variables are optional.
| Environment variable | Description |
|---|---|
SRCCLR_IOS_SCHEME | For iOS projects, defines a custom scheme. A scheme is a collection of settings that define how the xcodebuild process builds, runs, and configures an application. By default, the auto-packager creates a scheme for a project based on the project name. To set this environment variable, run: export SRCCLR_IOS_SCHEME=<custom scheme> |
SRCCLR_IOS_DESTINATION | For iOS projects, defines the destination platform, such as iOS, tvOS, watchOS, or visionOS, for the application. The default is generic/platform=iOS. To set this environment variable, run: export SRCCLR_IOS_DESTINATION=<custom destination> |
SRCCLR_IOS_CONFIGURATION | For iOS projects, defines the build configuration that the xcodebuild process uses to build the project. Values are Debug or Release. The default is Debug.To set this environment variable, run: export SRCCLR_IOS_CONFIGURATION=<value> |
Examples
To package a local directory and place the output in a different directory, run:
./veracode package --source path/to/project --output path/to/output/dir
To package source for a GitHub repository that you trust and place the output in the current directory, run:
./veracode package --source https://github.com/veracode/verademo --type repo --trust
To perform the same action with a custom scheme, run:
SRCCLR_IOS_SCHEME=MyTestProj ./veracode package --source https://example.com/My-iOS-App-repo --type repo --trust