Configuring a TeamCity Project for Veracode Scans

Build Systems

After installing the Veracode TeamCity Plugin, you can configure TeamCity jobs to upload binaries to Veracode for scanning. When you perform a Veracode scan, you use your same TeamCity build process, adding an additional build step for the Veracode parameters.

To configure a job to scan with Veracode:
  1. Open the project to which you want to apply the Veracode settings.
  2. Click Edit Configuration Settings in the top-right corner.
  3. In Build Steps, click Add build step.
  4. In the Runner Type dropdown menu, select Upload and Scan with Veracode.
  5. In the Application Name field, enter the name of the application you want Veracode to scan.
  6. Optionally, select Create New if this application does not already exist in the Veracode Platform and you want TeamCity to create one.
  7. If applicable, enter the name of the team associated with the scan. To enter more than one team, use a comma-separated list.
  8. From the Business Criticality menu, select the level of criticality of this application.
  9. In the Sandbox Name field, enter the name of the sandbox in which you want to run the scan as a sandbox scan.
  10. Select the Create Sandbox checkbox if the sandbox does not already exist in the Veracode Platform, but is a new sandbox you want TeamCity to create.
  11. In the Scan Name field, enter a name for the static scan you want to submit to the Veracode Platform for this application.
  12. In the Upload field, you can include and exclude filepath patterns of the files you want to upload and scan. Use a comma-separated list of ant-style include patterns relative to the job workspace project name (that you entered in the Project Name field).
  13. In the Scan field, you can include and exclude filename patterns of the uploaded files you want to scan as top-level modules. Use a comma-separated list of ant-style include patterns with only the filenames of the files you have uploaded, not the filepaths.
  14. Optionally, you can rename the files you are uploading by entering the filename pattern of the uploaded files that you want to rename. You must also enter the replacement filename pattern that represents the groups captured by the filename pattern.
  15. Select the Wait for scan to complete checkbox if you want the TeamCity build to wait for the Veracode scan to complete. Enter the timeout period (in minutes) that you want TeamCity to wait. A Veracode policy scan fails, regardless of whether it completes or not, if it does not meet the requirements of the associated policy.
  16. In the Veracode Credentials section, enter your Veracode API ID and API key credentials. If you entered these credentials on the Veracode administration page, you can select the Use global Veracode user credentials checkbox. The credentials you enter here override the global credentials.
  17. Click Save.
  18. Review all the build steps and click Run.

You can click the blue ? icons in the field names to see more information.