Binding Your Username and Password

Veracode Integrations Security and Troubleshooting

To use the credentials saved in the Jenkins credentials store, you must bind the credentials to the environment variables. These credentials are bound as Jenkins secret variables. The Credentials Binding plugin performs the password masking if you are using version 1.4 or later of the plugin. The Veracode Jenkins Plugin masks your username and password from the logs.

Note: When binding your Jenkins credentials, you can use the ID and key credentials instead of having to use a separate Veracode Platform API user account to access the APIs. See Generating API ID and Key Credentials and Configure a Jenkins Job for Veracode Analysis.
To bind your username and password:
  1. In the Build Environment tab, select the Use secret texts or files checkbox.
  2. In the Bindings section that appears, click Add and select Username and password (separated).
  3. Enter your Veracode username and password in the Username Variable and Password Variable fields. These fields are the variables your username and password bind to at runtime.

  4. In the Credentials row, select Specific credentials and click Add to add the credentials to the Jenkins credentials store.
  5. In the Add Credentials popup, enter your Veracode username or Veracode API ID in the Username field, and your Veracode password or Veracode API key in Password field. When creating credentials, you can use an API ID as a name, for example, VID, that can be referenced in a pipeline script.
  6. Click Add to add these credentials to the Jenkins credentials store.

Your Veracode credentials are now available in the dropdown menu in the Credentials section. In this example, a key named VID is used.