Git Product home page Git Product logo

veracode-tools's Introduction

Veracode Tools Docker Image

Docker image with all Veracode tools pre-installed. This is not an official Veracode project, Veracode support will not be able to provide assistance with issues.

docker pull ctcampbellcom/veracode-tools

For all the commands below you can bind mount your application source/build directory into /workspace, which is the working directory when running commands interactively.

docker run -it -v /source-dir:/workspace ...

Java API Wrapper

docker run -it --rm -v /source-dir:/workspace \
ctcampbellcom/veracode-tools java -jar /veracode/veracode-wrapper.jar

Pipeline Scan CI Tool

docker run -it --rm -v /source-dir:/workspace \
ctcampbellcom/veracode-tools java -jar /veracode/pipeline-scan.jar

Python/HTTPie

Option 1: Bind mount API credentials

Set up a local ~/.veracode/credentials file with API credentials:

[default]
veracode_api_key_id = <YOUR_API_KEY_ID>
veracode_api_key_secret = <YOUR_API_KEY_SECRET>

then bind mount into the container:

docker run -it --rm -v /source-dir:/workspace \
-v ~/.veracode/credentials:/root/.veracode/credentials \
ctcampbellcom/veracode-tools http -A veracode_hmac https://api.veracode.com/appsec/v1/applications

Option 2: Provide environment variables

docker run -it --rm -v /source-dir:/workspace \
--env VERACODE_API_KEY_ID=shf389f3j... --env VERACODE_API_KEY_SECRET=sijfsnfsn... \
ctcampbellcom/veracode-tools http -A veracode_hmac https://api.veracode.com/appsec/v1/applications

SourceClear

You may need to install an appropriate build system for SourceClear. Maven should work without doing any additional installs.

Option 1: Bind mount an agent.yml file

docker run -it --rm -v /source-dir:/workspace \
-v ~/.srcclr/agent.yml:/root/.srcclr/agent.yml \
ctcampbellcom/veracode-tools srcclr scan

Option 2: Provide an environment variable

docker run -it --rm -v /source-dir:/workspace \
--env SRCCLR_API_TOKEN=eyJhbGciOi... \
ctcampbellcom/veracode-tools srcclr scan

veracode-tools's People

Contributors

523 avatar ctcampbell avatar

Forkers

createk-design yashaswini-yashas linw00d93 jmazoveracode vht jphillips-vc krishnamurtyp

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.