Uploading Binaries from Within IntelliJ

IDEs

Before you can upload binaries to the Veracode Platform using Veracode Static for IntelliJ, you must have the Upload and Scan API role or Submitter role. To obtain detailed findings information in your scan results, be sure the builder you use to package your code generates debug symbol information.

To upload binaries from within IntelliJ:
  1. In IntelliJ, select Veracode > Upload and Scan.
  2. If prompted, enter your Veracode API ID and key. Optionally, select the checkbox to store your credentials so that you only have to enter them once.


  3. In the Upload and Scan window, from the Application dropdown menu, select the application for which you want to upload binaries.
  4. Click Add Application to add applications that are not currently in the list, and provide all the information about the application, including policy control and organization information.


  5. After adding the application (if applicable), go to the Upload and Scan window. Then, for Scan Type, select Policy Scan or Sandbox Scan.
    • If you select Sandbox Scan, you must choose the sandbox from which you want to scan, or follow the prompts to create a sandbox if one does not already exist for this application.
    • If you do not change the scan type, click Create Scan.
  6. In the Create Scan window, enter the name for the new scan and, optionally, the lifecycle stage.
  7. Click Create.
  8. In the Workspace Files table, use the browse icon to select the files you want to upload from your current projects.
  9. Click Add to select any files not associated with a current project.
  10. Select Upload.
    Note: You cannot upload binaries if Veracode is currently scanning an application. Wait until the scan results are available and, then, you can add more files. You can run sandbox scans and policy scans concurrently, but you can only run one static scan at a time per application profile or sandbox from the Veracode Platform or APIs.
    Veracode expects the name of the uploaded file to be the same between scans of the same application. However, because filenames can change between builds of the same code, you can change the filename before uploading to keep the name consistent. If Veracode indicates that the filenames are not the same, click the New Filename column to rename the file, so that it matches the previous name for the same file.


  11. When prompted to confirm, click Yes to continue the upload.
  12. Click Yes to go directly to the Veracode prescan process after the upload. If you do not want the full scan to continue automatically, click No and, when ready, click Begin Prescan at the top of the Upload Files table.
Files you have previously uploaded to the selected scan already appear in the Uploaded Files section. To delete previously uploaded files, select the specific files and click Delete. You cannot delete files that Veracode is currently scanning until the scan results are available. The status of a scan always appears in the top bar of the window. When the prescan is finished, click View Prescan Results at the top of the Upload Files table.

Veracode contacts you when your scan is complete and results are available.