The following plugin provides functionality available through Pipeline-compatible steps. Read more about how to integrate steps into your Pipeline in the Steps section of the Pipeline Syntax page.
For a list of other such plugins, see the Pipeline Steps Reference page.
veracodeDynamicAnalysisReview
: Review Veracode Dynamic Analysis ResultswaitForResultsDuration
(optional)
The number of hours to wait for the Veracode Dynamic Analysis results to be available. If the results are not available after the specified wait time, the Jenkins build fails.
int
failBuildForPolicyViolation
(optional)
boolean
debug
(optional)
boolean
useProxy
(optional)
boolean
pHost
(optional)
String
pPort
(optional)
String
pUser
(optional)
String
pPassword
(optional)
String
vid
(optional)
For added security, Veracode highly recommends to use the Credentials Binding plugin to store Veracode API credentials. Jenkins binds the credentials to environment variables that appear in scripts instead of the actual credentials.
Enter the environment variable reference to bind your Veracode API ID. If you are using an environment variable, delete the quotes around the value for vid in the pipeline script.
String
vkey
(optional)
For added security, Veracode highly recommends to use the Credentials Binding plugin to store Veracode API credentials. Jenkins binds the credentials to environment variables that appear in scripts instead of the actual credentials.
Enter the environment variable reference to bind your Veracode API key. If you are using an environment variable, delete the quotes around the value for vkey in the pipeline script.
String
veracodeDynamicAnalysisResubmit
: Resubmit Veracode Dynamic AnalysisanalysisName
(optional)
Enter a name for the Dynamic Analysis. This name must match the Dynamic Analysis name configured on the Veracode Platform, or the Dynamic Analysis scan fails.
String
maximumDuration
(optional)
The number of hours that the Dynamic Analysis can run. The default duration is three days (72 hours) and the maximum duration is 25 days (600 hours).
int
failBuildAsScanFailed
(optional)
Enable to fail the Jenkins build if the Dynamic Analysis post-build actions fails.
boolean
vid
(optional)
For added security, Veracode highly recommends to use the Credentials Binding plugin to store Veracode API credentials. Jenkins binds the credentials to environment variables that appear in scripts instead of the actual credentials.
Enter the environment variable reference to bind your Veracode API ID. If you are using an environment variable, delete the quotes around the value for vid in the pipeline script.
String
vkey
(optional)
For added security, Veracode highly recommends to use the Credentials Binding plugin to store Veracode API credentials. Jenkins binds the credentials to environment variables that appear in scripts instead of the actual credentials.
Enter the environment variable reference to bind your Veracode API key. If you are using an environment variable, delete the quotes around the value for vkey in the pipeline script.
String
debug
(optional)
boolean
useProxy
(optional)
boolean
pHost
(optional)
String
pPort
(optional)
String
pUser
(optional)
String
pPassword
(optional)
String
veracodeDynamicRescan
: Dynamic Rescan with Veracode PipelineapplicationName
(optional)
Enter the name of the application.
You can either use the name of an application that already exists in the Veracode Platform, or enter $projectname to use the Jenkins project name as the application name.
String
dvrEnabled
(optional)
Selecting this checkbox enables Dynamic Vulnerability Rescan.
boolean
canFailJob
(optional)
boolean
debug
(optional)
boolean
useProxy
(optional)
boolean
pHost
(optional)
String
pPort
(optional)
int
pUser
(optional)
String
pPassword
(optional)
String
vid
(optional)
String
vkey
(optional)
String
veracode
: Upload and Scan with Veracode PipelineapplicationName
(optional)
Enter the name of the application. This can be an application that already exists on the Veracode Platform, or a new one that Jenkins creates.
String
criticality
(optional)
String
sandboxName
(optional)
Enter the name of the sandbox. This can be a sandbox that already exists on the Veracode Platform, or a new one that Jenkins creates.
If you leave this field empty, no sandbox is used.
String
scanName
(optional)
Enter a name for the static scan you want to submit to the Veracode Platform for this application. Scan name is equivalent to Version or Build in the Veracode API.
String
waitForScan
(optional)
boolean
timeout
(optional)
int
deleteIncompleteScan
(optional)
Select this option to automatically delete the current scan if Jenkins encounters any errors when uploading files or starting the scan. With the scan deleted automatically, you can create subsequent scans without having to manually delete an incomplete scan.
boolean
createProfile
(optional)
Selecting this checkbox creates a new application if a matching application is not found on the Veracode Platform.
If the checkbox is not selected and a matching application is not found on the Veracode Platform, the Jenkins build will fail.
boolean
teams
(optional)
Enter the name of the teams to which you want to assign this application.
String
createSandbox
(optional)
Selecting this checkbox creates a new sandbox if a sandbox name is provided and a matching sandbox is not found on the Veracode Platform.
If the checkbox is not selected, a sandbox name is provided, and a matching sandbox is not found on the Veracode Platform, the Jenkins build will fail.
boolean
timeoutFailsJob
(optional)
boolean
canFailJob
(optional)
boolean
debug
(optional)
boolean
uploadIncludesPattern
(optional)
Enter the filepaths of the files to upload for scanning, represented as a comma-separated list of ant-style include patterns relative to the job's workspace root directory.
Patterns are case-sensitive. Patterns that include commas because they denote filepaths that contain commas need to replace the commas with a wildcard character.
If no filepaths are provided, all files in the job's workspace root directory are included.
See http://ant.apache.org/manual/dirtasks.html for more info.
String
uploadExcludesPattern
(optional)
Enter the filepaths of the files to exclude from the upload for scanning, represented as a comma-separated list of ant-style exclude patterns relative to the job's workspace root directory.
Patterns are case-sensitive. Patterns that include commas because they denote filepaths that contain commas need to have the commas replaced with a wildcard character.
If no filepaths are provided, no files (except default excludes) in the job's workspace root directory are excluded.
See http://ant.apache.org/manual/dirtasks.html for more info.
String
scanIncludesPattern
(optional)
Enter the filenames of the uploaded files to scan as top level modules, represented as a comma-separated list of ant-style include patterns such that '*' matches 0 or more characters and '?' matches exactly 1 character.
Patterns are case-sensitive. Patterns that include commas because they denote filenames that contain commas need to replace the commas with a wildcard character.
Because the matching is performed based only on filename, it is incorrect to use patterns that include path separators ('\' or '/').
If no filenames are provided, all uploaded files are included as top level modules.
String
scanExcludesPattern
(optional)
Enter the filenames of the uploaded files to not scan as top level modules, represented as a comma-separated list of ant-style exclude patterns such that '*' matches 0 or more characters and '?' matches exactly 1 character.
Patterns are case-sensitive. Patterns that include commas because they denote filenames that contain commas need to replace the commas with a wildcard character.
Because the matching is performed based only on filename, it is incorrect to use patterns that include path separators ('\' or '/').
If no filepaths are provided, no files (except default excludes) in the job's workspace root directory are excluded.
String
fileNamePattern
(optional)
Enter the filename pattern that represents the names of the uploaded files that should be saved with a different name. The '*' wildcard matches 0 or more characters. The '?' wildcard matches exactly 1 character. Each wildcard corresponds to a numbered group that can be referenced in the replacement pattern.
Pattern is case-sensitive.
Because the matching is performed based only on filename, it is incorrect to use patterns that include path separators ('\' or '/').
No uploaded files are saved with a different name when either the filename pattern or the replacement pattern is omitted.
String
replacementPattern
(optional)
Enter the replacement pattern that represents the groups captured by the filename pattern. For example, if the filename pattern is '*-*-SNAPSHOT.war' and the replacement pattern '$1-SNAPSHOT.war', an uploaded file named 'app-branch-SNAPSHOT.war' would be saved as 'app-SNAPSHOT.war'.
In order to specify a replacement pattern that includes a reference to a captured group followed by a number, place the captured group's index inside curly braces. For example, if the filename pattern is '*-*-SNAPSHOT.war' and the replacement pattern '${1}5-SNAPSHOT.war', an uploaded file named 'app-branch-SNAPSHOT.war' would be saved as 'app5-SNAPSHOT.war'.
New filenames for uploaded files must be valid. Path separators ('\' or '/') should not be included.
No uploaded files are saved with a different name when either the filename pattern or the replacement pattern is omitted.
String
copyRemoteFiles
(optional)
This option is only applicable when the build is done by a remote machine in a remote workspace.
boolean
useProxy
(optional)
boolean
pHost
(optional)
String
pPort
(optional)
String
pUser
(optional)
String
pPassword
(optional)
String
vid
(optional)
String
vkey
(optional)
String
Please submit your feedback about this page through this quick form.
Alternatively, if you don't wish to complete the quick form, you can simply indicate if you found this page helpful?
See existing feedback here.