Azure DevOps YAML properties for Upload and Scan

This table describes the properties and their values for adding the Veracode Upload and Scan task to an Azure DevOps build pipeline using YAML.

Property	Type	Description
ConnectionDetailsSelection Required	String	One of these methods for connecting to Veracode: Service Connection to use an existing service connection that includes your Veracode API credentials. Include AnalysisService to specify a service connection name. Credentials to enter your Veracode API credentials. Include apiId to enter your API ID and apiKey to enter your API key.
veracodeAppProfile Required	String	Name of the application profile. The name is case-sensitive.
version Required	String	Name of the scan. You can enter the $buildnumber or $projectname variables to dynamically bind the build number or project name to the scan name, instead of using a fixed scan name.
filepath Required	String	Filepath to either an application artifact or a folder containing multiple artifacts to upload to Veracode.You can also upload multiple artifacts using one or more ZIP archives. To prepare the artifacts: Add the artifacts to one or more ZIP archives. Ensure the ZIP archives are in the same upload file path location. Prepare the ZIP archives for uploading to Veracode using a separate build step or build steps in your pipeline. For a .NET application, if you have additional published projects from a solution, include them in the archive to upload and analyze. Add any JavaScript files to a separate ZIP archive according to the packaging instructions in the packaging requirements. Include only the file types for languages and platforms that Veracode can scan in a ZIP archive to improve uploading and scan speed. Microsoft provides this Archive Files task: https://docs.microsoft.com/en-us/azure/devops/pipelines/tasks/utility/archive-files?view=azure-devops.
AnalysisService	String	If you set ConnectionDetailsSelection to Endpoint, the name of the service connection for accessing Veracode. If a service connection does not exist, you can create a new service connection.
apiId	String	If you set ConnectionDetailsSelection to Credentials, your Veracode API ID.
apiKey	String	If you set ConnectionDetailsSelection to Credentials, your Veracode API key.
sandboxName	String	For development sandbox scans, the name of the sandbox in which to run the scan. If the sandbox does not exist, include createSandBox to create it with the specified name.
createSandBox	Boolean	For development sandbox scans, create a sandbox for the specified Veracode application. Set to true to create a sandbox. Set to false to not create a sandbox.
optargs	String	Any optional parameters from the uploadandscan API to include in the scan. For example: '-criticality high -include *.dll -exclude *.exe -createsandbox true -sandboxname mysandbox -deleteIncompleteScan 1' Proxy example: '-pport 8282 -phost abc.proxy.com -puser proxyuser -ppassword proxypassword' NOTE: Do not enclose any of the values in single or double quotations.
createProfile	Boolean	Create a Veracode application profile, if one does not exist, for the specified application profile name. Set to true to create a profile. Set to false to not create a profile.
failBuildIfUploadAndScanBuildStepFails	Boolean	Fail the build if the Veracode Upload and Scan build step fails to start. Set to true to fail the build. Set to false to allow the build to continue.
importResults	Boolean	Import scan results into Azure DevOps after the scan completes. Set to true to import results. Set to false to not import results. You can view the results on the Veracode Scan Summary tab.
failBuildOnPolicyFail	Boolean	Fail the build if the scan results indicate that the application has failed your security policy. Set to true to fail the build. Set to false to not fail the build.
maximumWaitTime	Integer	Build agent wait time, in minutes, to fail the build if no scan results are available. The value range is 30 to 1440 (24 hours) and the default is 360 (6 hours). If you enter a value outside this range, the build fails.