Enable pull requests for GitHub
To use automatic pull requests for Veracode Software Composition Analysis agent-based scanning, you need permission to create pull requests in GitHub.
To complete this task:
-
If prompted, enter your GitHub credentials and log in.
-
On the New personal access token page, click Generate new token.
-
Enter a token description. For example: Allow Veracode Agent-Based Scan to generate pull requests
-
Select the repo checkbox.
-
Click Generate token.
-
After the token generates, click the clipboard icon to copy the token and save it to a safe location.
noteAfter you leave the page, you cannot access this token again.
-
Add your token using one of these methods:
-
Add this code to the
agent.yml
file installed in your~/.srcclr
folder:scmType: GITHUB
scmToken: <token copied in earlier step> -
Set the token as an environment variable in a command script. For example, add this code in Linux bash:
export SRCCLR_SCM_TYPE="GITHUB"
export SRCCLR_SCM_TOKEN="<token copied in earlier step>"
-
-
If you are using an installation of GitHub other than GitHub.com, add your project URL using one of these methods:
-
Add the project URL to the
agent.yml
file installed in your~/.srcclr
folder. For example:scmUrl: https://github.acme.io
-
Set the project URL as an environment variable in a command script. For example, add this code in Linux bash:
export SRCCLR_SCM_URL="https://github.acme.io"
-