Integration with Visual Studio Team Foundation Server enables Veracode users to upload binaries to Veracode directly from their TFS server. This integration supports TFS 2012 and 2013.
As a prerequisite before integrating Veracode with your Team Foundation Server, you must first prepare your application with the required debug symbols. Veracode recommends that you use the Veracode Visual Studio Extension, which also prepares web projects, if your project contains them. You can also use this XAML build integration to automate the build of your application by creating an MSBuild script.
To integrate with TFS, you can use this procedure, which uses the Veracode build activity files. Alternatively, you can use the API suite provided in the Veracode C# API wrapper to integrate Veracode with TFS.
- Make VeracodeTFSActivity.dll available to Visual Studio
- Connect to the TFS Server using Visual Studio and create a copy of an existing build process template
- Modify the build process template
- Check in the modified build process template
- Check in VeracodeTFSActivity.dll and VeracodeC#API.exe
- Create a build definition
- Test the integration
Make the Veracode DLL Available
- Download the VeracodeTFSActivity.dll from https://tools.veracode.com/integrations/Microsoft/TFS-UploadAndScan/bin/VeracodeTFSActivity.zip.
- Close Visual Studio and copy the VeracodeTFSActivity.dll to the
PublicAssemblies folder in the Visual Studio installation directory. For example,
- For Visual Studio 2012: c:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\PublicAssemblies
- For Visual Studio 2013: c:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\PublicAssemblies
Connect to the TFS Server and Copy Existing Build Process Template
- Restart Visual Studio.
- In the Team menu, select Connect to Team Foundation Server.
- From the Team Explorer menu, click the Home icon and select
- In the Source Control Explorer, go to your BuildProcessTemplates directory and select an existing build process template.
- Right-click on the template and select .
- In the Target field, enter a name of the copy of the build process template and click OK.
The new template appears in the Source Control Explorer window.
Modify the Build Process Template
- In the Source Control Explorer, double-click the new template you just created to open it in the TFS Workflow Designer.
- Open .
- You can add the element in any of the Toolbox tabs or you can create a new custom tab by right-clicking anywhere in the Toolbox and selecting Add Tab.
- Select either an existing tab or your new tab if you created one, right-click and select Choose Items....
- In the System.Activities Components tab, browse to the location where you downloaded the VeracodeTFSActivity.dll file and click OK. The .dll file is now in the Toolbox.
- Drag and drop the UploadAndScan item onto your .xaml workflow.
If you are using a copy of the default build process template, add the Veracode TFS build activity inside the Run On Agent activity, after the activity that compiles the code.
- In the Veracode Credentials section, select the type and values of credentials: Username/Password or ID/Key.
- Specify the path to the binaries directory. By default, the Filepath property
references the BinariesDirectory variable. If the
BinariesDirectory variable is not available, click
Add in the Upload and Scan Parameters window to add it to your
The filepath to the binaries directory can have subdirectories that contain uploadable modules. Therefore, modules available for scanning can be in the specified folder as well as in subdirectories within that folder.
The Error List should indicate that the Username and Password arguments are missing.
- In either the Upload and Scan Parameters or Properties, enter the Visual Basic
expressions that retrieve your Veracode credentials. Such expressions could be calls to methods that read text data from a secure location on your build agent machine(s). For example:
- System.IO.File.ReadAllLines(“path/to/doc.txt”)(0)Note: Because values passed to the activity are hard-coded in the build process template file, which needs to be available to users who want to reference it from their build definitions, you should not enter credentials as literal string expressions.
Check in the Modified Build Process Template
- In Source Control Explorer, right-click the build process template you want to check in and select Check In Pending Changes.
- In Team Explorer, click Check In.
Check in Veracode Files
- In Source Control Explorer, in the CustomAssemblies folder, right-click somewhere in the right table, select Add items to Folder…, select VeracodeTFSActivity.dll and VeracodeC#API.exe and click Finish.
- Select the VeracodeTFSActivity.dll and VeracodeC#API.exe files again, right-click and select Check In Pending Changes.
- In Team Explorer, click Check In.
Create a Build Definition
- In Team Explorer window, select .
- In Build Definition, click Process and under Build process template, click Show details and then New.
- Click Select an existing XAML file.
- Click Browse and locate the build process template that you
- In the Required section, select the items you want to build. Optionally, change Logging Verbosity from Normal to Diagnostic.
- In the Veracode section, provide an application name and a scan name in the respective fields. Your values can reference TFS build environment variables.
- Save the build definition.
Submit a Build Definition
- In Team Explorer, expand All Build Definitions, right-click the build definition you created and select Queue New Build… If necessary, select a different build controller and click Queue.
- To view output text associated with the Veracode TFS Build Activity, open Team Explorer, right-click on the build request you submitted and select View Log.
- Scroll down to the Upload and Scan with Veracode section to check the output.