Does not work with Veracode Greenlight

[cassamajor]

Are additional steps required to have this repository compatible with Veracode Greenlight?

I cloned the project locally and attempted to scan the "app" directory, which resulted in the following error:

"Problem Occurred. Unable to locate the server configuration. Configure the local server and deploy the application."

Version Information

• Veracode Greenlight (1.8.2.202112220533-RELEASE)
• IntelliJ IDEA (2021.3)

[julz0815]

Hi @Fauxsys,

I believe the error you are facing is due to the fact you scan the full "app" folder and this folder contains /src/main//WEB-INF/views/*.jsp files that cannot be scanned with GL this “easy” way. For those web views you would need a local server configuration that is simulating a real webserver and run those jsp files in order to scan them.
As well, even if possible, GL is not meant to scan the full app folder, but rather scan single files.

You will find some documentation around this topic on the Veracode Help Center here: Help Center. Unfortunately this is for Eclipse and not IntelliJ, but it should work very similar for IntelliJ.

As well the supported IDE’s and Languages here Help Center show JSP files with the remark of Tomcat and Websphere.

I believe this is expected behaviour.

[cassamajor]

@julz0815 -- thank you for the feedback! Is it possible to have a similar setup described in the Help Center article by mapping local directories to the antfie/verademo Docker container?

[julz0815]

@Fauxsys did you have had a look at these docker containers: Dockerhub. The first 3 on the page are official Veracode provided dockers containers. There is also a description how to use it.
You also may want to look at this repo Github, that holds a very good GitHub-Veracode manual