veracode/api-wrapper-java
The Veracode API wrapper enables you to integrate the Veracode APIs into your pipelines and projects
1M+
The Veracode Java API wrapper enables you to integrate the Veracode APIs into your development pipeline and projects. The Java API wrapper combines sets of API calls into easy-to-use functions making it easier to automate projects. Veracode provides APIs that mirror the major steps on the Veracode Platform for automating scanning, reviewing and mitigating scan results, and performing administrative tasks. For information about all API calls and how to create an API service account for accessing the Veracode APIs, visit the Veracode Help Center.
There are two variants:
veracode/api-wrapper-java
latest
tag is applied to this variant.veracode/api-wrapper-java:cmd
The command variant is for when you just want to run the tool from the command line and is useful when run via shell aliases.The images are built on the AdoptOpenJDK 11 JRE Docker Official Images. The Veracode Java API Wrapper jar is installed in /opt/veracode/
. By default containers run as a non-privileged, local user.
In a GitLab pipeline with API credentials provided as environment variables:
scan-my-java-app:
image: veracode/api-wrapper-java:latest
script:
- java -jar /opt/veracode/api-wrapper.jar
-vid ${VERACODE_API_KEY_ID}
-vkey ${VERACODE_API_KEY_SECRET}
-action UploadAndScan
-createprofile true
-appname ${CI_PROJECT_NAME}
-version ${CI_BUILD_TAG}
-filepath /path/to/built/app.jar
scan-my-python-app:
image: veracode/api-wrapper-java:latest
script:
- zip myapp.zip ./src/
- java -jar /opt/veracode/api-wrapper.jar
-vid ${VERACODE_API_KEY_ID}
-vkey ${VERACODE_API_KEY_SECRET}
-action UploadAndScan
-createprofile true
-appname ${CI_PROJECT_NAME}
-version ${CI_BUILD_TAG}
-filepath myapp.zip
For a local shell with current host OS directory mounted inside the container:
docker run -it --rm -v $PWD:/home/luser veracode/api-wrapper-java
By default containers run as a non-privileged, local user in /home/luser
. If needed, you can override these defaults. You can get a root shell with the --user
argument and change the working directory with the --workdir
argument:
docker run -it --rm --user root veracode/api-wrapper-java
docker run -it --rm --workdir /my/app/path veracode/api-wrapper-java
docker run -it --rm --user root --workdir /my/app/path veracode/api-wrapper-java
Running the Veracode Java API Wrappers with a Veracode Credentials file mounted into the container:
docker run -it --rm \
-v ~/.veracode/credentials:/home/luser/.veracode/credentials \
-v /host/os/path/to/myapp/:/myapp/ \
veracode/api-wrapper-java:cmd \
-action UploadAndScan \
-createprofile true \
-appname "My App" \
-version "v0.1" \
-filepath /myapp/myapp.jar
Running the wrappers with API credentials provided as environment variables:
docker run -it --rm \
--env VERACODE_API_KEY_ID=c2db7664... \
--env VERACODE_API_KEY_SECRET=24f62c81... \
-v /host/os/path/to/myapp/:/myapp/ \
veracode/api-wrapper-java:cmd \
-action UploadAndScan \
-createprofile true \
-appname "My App" \
-version "v0.1" \
-filepath /myapp/myapp.jar
To see all available options and other help:
docker run -it --rm veracode/api-wrapper-java:cmd -help
The command variant is particularly useful when run via a shell alias:
alias 'veracode-api'='docker run -it --rm -v $PWD:/home/luser -v ~/.veracode/credentials:/home/luser/.veracode/credentials veracode/api-wrapper-java:cmd'
Then the container can be run as if it were a locally installed executable:
veracode-api -help
veracode-api -action GetAppList
veracode-api -action UploadAndScan -createprofile true -appname "My App" -version "v0.1" -filepath /myapp/myapp.jar
docker pull veracode/api-wrapper-java