veracode/api-wrapper-java

By veracode

Updated 5 months ago

The Veracode API wrapper enables you to integrate the Veracode APIs into your pipelines and projects

Image
7

1M+

Veracode Java API Wrapper

The Veracode Java API wrapper enables you to integrate the Veracode APIs into your development pipeline and projects. The Java API wrapper combines sets of API calls into easy-to-use functions making it easier to automate projects. Veracode provides APIs that mirror the major steps on the Veracode Platform for automating scanning, reviewing and mitigating scan results, and performing administrative tasks. For information about all API calls and how to create an API service account for accessing the Veracode APIs, visit the Veracode Help Center.

Image Details

There are two variants:

  • veracode/api-wrapper-java
    The environment variant for when you want a shell. This is probably what you want for pipelines or other situations where you need a shell. The latest tag is applied to this variant.
  • veracode/api-wrapper-java:cmd The command variant is for when you just want to run the tool from the command line and is useful when run via shell aliases.

The images are built on the AdoptOpenJDK 11 JRE Docker Official Images. The Veracode Java API Wrapper jar is installed in /opt/veracode/. By default containers run as a non-privileged, local user.

Running as an Environment

In a GitLab pipeline with API credentials provided as environment variables:

scan-my-java-app:
  image: veracode/api-wrapper-java:latest
  script:
    - java -jar /opt/veracode/api-wrapper.jar 
        -vid ${VERACODE_API_KEY_ID}
        -vkey ${VERACODE_API_KEY_SECRET} 
        -action UploadAndScan
        -createprofile true
        -appname ${CI_PROJECT_NAME}
        -version ${CI_BUILD_TAG}
        -filepath /path/to/built/app.jar

scan-my-python-app:
  image: veracode/api-wrapper-java:latest
  script:
    - zip myapp.zip ./src/
    - java -jar /opt/veracode/api-wrapper.jar
        -vid ${VERACODE_API_KEY_ID}
        -vkey ${VERACODE_API_KEY_SECRET}
        -action UploadAndScan
        -createprofile true
        -appname ${CI_PROJECT_NAME}
        -version ${CI_BUILD_TAG}
        -filepath myapp.zip

For a local shell with current host OS directory mounted inside the container:

docker run -it --rm -v $PWD:/home/luser veracode/api-wrapper-java

By default containers run as a non-privileged, local user in /home/luser. If needed, you can override these defaults. You can get a root shell with the --user argument and change the working directory with the --workdir argument:

docker run -it --rm --user root veracode/api-wrapper-java
docker run -it --rm --workdir /my/app/path veracode/api-wrapper-java
docker run -it --rm --user root --workdir /my/app/path veracode/api-wrapper-java

Running as a Command

Running the Veracode Java API Wrappers with a Veracode Credentials file mounted into the container:

docker run -it --rm \
    -v ~/.veracode/credentials:/home/luser/.veracode/credentials \
    -v /host/os/path/to/myapp/:/myapp/ \
    veracode/api-wrapper-java:cmd \
        -action UploadAndScan \
        -createprofile true \
        -appname "My App" \
        -version "v0.1" \
        -filepath /myapp/myapp.jar

Running the wrappers with API credentials provided as environment variables:

docker run -it --rm \
    --env VERACODE_API_KEY_ID=c2db7664... \
    --env VERACODE_API_KEY_SECRET=24f62c81... \
    -v /host/os/path/to/myapp/:/myapp/ \
    veracode/api-wrapper-java:cmd \
        -action UploadAndScan \
        -createprofile true \
        -appname "My App" \
        -version "v0.1" \
        -filepath /myapp/myapp.jar

To see all available options and other help:

docker run -it --rm veracode/api-wrapper-java:cmd -help
Aliases

The command variant is particularly useful when run via a shell alias:

alias 'veracode-api'='docker run -it --rm -v $PWD:/home/luser -v ~/.veracode/credentials:/home/luser/.veracode/credentials veracode/api-wrapper-java:cmd'

Then the container can be run as if it were a locally installed executable:

veracode-api -help
veracode-api -action GetAppList
veracode-api -action UploadAndScan -createprofile true -appname "My App" -version "v0.1" -filepath /myapp/myapp.jar

Docker Pull Command

docker pull veracode/api-wrapper-java