Allows for calling and viewing results of Veracode pipeline scans on Visual Studio.
Requires a Veracode Static Analysis license.
You can send questions and feedback in the Q&A section.
Instructions:
- Java installed
- A Veracode SAST subscription
Instructions:
- After installing the extensions, you should have, under Tools->Options... a Veracode - Pipeline Scan option.
- The Global Options contain your authentication configuration and the Scan Fail Criteria.
- Project Options lets you setup project-specific configuration, mainly the build command and file to scan.
- To allow for scanning, set Enabled to true.
- To start a scan, call Tools->Veracode - Start Pipeline Scan.
- The results will show up once the scan is completed.
- In case of error, the popup window (non-blocking) will contain the error found.
- For more detailed error output, you can enable debug mode under Project Settings.
| |