Integrating with Bamboo

Build Systems

You can use Veracode APIs to integrate with your Maven build server to seamlessly integrate Veracode into the existing build processes that you use in your Software Development Life Cycle (SDLC).

To integrate with Bamboo to be able to run Maven projects, you use the API suite provided in the Veracode Java wrapper. The Java wrapper takes input from the command line, external tools, or existing build server integration workflows and returns a response from the Veracode Platform. You install the wrapper on the build server and it initiates communication between the build server and the Veracode Platform.

Prerequisites

Before integrating Veracode with Bamboo you must already have completed the following:

Configuring Bamboo for Java

To configure Bamboo for Java applications:
  1. Run BambooConsole.bat to start the Bamboo environment using the default URL localhost:8085.
  2. Go to localhost:8085 and configure the Bamboo environment according to the guidance provided in https://confluence.atlassian.com/display/BAMBOO/Running+the+Setup+Wizard.
  3. Open your Bamboo dashboard and select Create Plan.
  4. Click Create a new plan.
  5. Enter values in the following fields:
    • Project Name
    • Project Key
    • Plan Name
    • Plan Key
    • Plan Description
    • Source repository URL, if applicable.
    • Trigger Type: Manual

  6. Click Configure tasks.
  7. Click Add task.
  8. From the Task types, select Maven 2.x.
  9. In the Maven 2.x Configuration page, enter values in the following fields:
    • Task Description
    • Executable (you may have to create a new label for your Maven executable)
    • Goal (for example, Set up clean test package)
    • Build JDK: JDK 1.7.
  10. Click Save.
  11. Select Yes to enable the plan, and click Create.
  12. Ensure your plan is enabled, and click Run plan to complete the configuration. You receive an error until you have a Maven project to run.

Configuring Bamboo for .NET

To configure Bamboo for .NET applications:
  1. Run BambooConsole.bat to start the Bamboo environment using the default URL localhost:8085.
  2. Go to localhost:8085 and configure the Bamboo environment according to the guidance provided in https://confluence.atlassian.com/display/BAMBOO/Running+the+Setup+Wizard.
  3. On your Bamboo Administration page, install MSBuild, ASPNetCompiler, and any other dependencies that your .NET application requires.
  4. Open your Bamboo dashboard and select Create Plan.
  5. Click Create a new plan.
  6. Enter values in the following fields:
    • Project name
    • Project key
    • Plan name
    • Plan key
    • Plan description
    • Repository host
    • Display name
    • Repository URL, if applicable
    • Trigger type: Select Manual
  7. Click Configure tasks.
  8. In the Tasks tab, click Add task.
  9. In the Task types window, select MSBuild.
  10. In the MSBuild configuration page, enter values in the following fields:
    • In the Task description field, describe the build task.
    • In the Executable dropdown menu, select the latest version of MSBuild.
    • In the Project File field, enter the project solution filename.

  11. Click Save.
  12. In the Tasks tab, click Add task.
  13. In the Task types window, select Command.
  14. In the Command configuration page, enter the following information:
    • In the Task description field, describe the precompilation task.
    • In the Executable dropdown menu, select ASPNetCompiler.
    • In the Argument field, enter the following argument, replacing the example text with names specific to your application:

      a <WebgoatNet.zip> ${bamboo.build.working.directory}\PrecompiledWeb\WebGoat.NET\bin\

  15. Click Save.
  16. In the Tasks tab, click Add task.
  17. In the Task types window, select Command.
  18. In the Command configuration page, enter the following information:
    • In the Task description, describe the task of zipping files for upload to Veracode.
    • In the Executable dropdown menu, select 7ZIP.
    • In the Argument field, enter the following argument:

      -p "WebGoat" -v "WebGoat.NET/" -fixednames -f -c -d "PrecompiledWeb/WebGoat.NET"

  19. Click Save.
  20. Select Yes to enable the plan, and click Create.
  21. Ensure your plan is enabled, and click Run plan to complete the configuration.

Building a Maven Project with Bamboo

To run a Maven project using Bamboo:
  1. Navigate to the directory“//..//Bamboo-home/xml-data/build-dir/VWD1-SIM-Job1/”.
  2. Copy your Maven project into this directory and ensure the Maven build script pom.xml is in the root directory. Note that this URI is derived after running the Bamboo plan earlier in the configuration.
  3. Run the Bamboo plan again. The pom.xml runs, building the project.