Just to quote as an example one can submit a remote-run with some tool like TeamCity (similar to Jenkins) where it will apply delta/patch on what user is trying to commit & produces result whether changes is good from set-of configured checks for that project.
With Github & Jenkins, can such validation be achieved with any plugins out there?, which will avoid breaking a build?
I know with pull-request & status check one can achieve similar end-result. But without commit/push to remote repo of Git - is there a way Jenkins can handle this validation & produce initial result ??
It isn't possible to have GitHub perform checks on data it doesn't have, so if you don't push the data to the remote server, GitHub won't know anything about it and therefore will do nothing.
Jenkins does have a REST API that you could use to do this, provided you equipped each developer with appropriate credentials. However, this is not a common situation and wouldn't be a recommended configuration.
You'd be better off with a script in the repository that users could install as a hook or invoke from a hook that would perform the testing you want. If your CI jobs run a script in your repository, then sharing code between them should be easy.
Note that you shouldn't mandate pre-commit hooks, since they can interfere with advanced users (who may make intentionally incomplete temporary commits) and they can be disabled by users. Any sort of required checks should be done as part of CI, where policy can be enforced appropriately.
Related
I am using the scriptrunner plugin for Jira.
Is it possible to add a condition to a transition using scriptrunner?
Currently, my condition is in a script which I have manually added to the workflow.
But I was wondering if there is a way to do it automatically?
I was looking through documentation on: https://docs.atlassian.com/
I came across this method:
replaceConditionInTransition which is a method of WorkFlowManager.
But I'm unsure on how to use this.
Any help would be appreciated.
Conditions as any another scripts can be added from file system. You can store scripts in any VCS (bitbucket, github, gitlab, etc) and automatically deploy them to Jira server file system through any CI/CD system (teamcity, jenkins, bamboo, gitlab, etc).
So, as result process will be looks like. 1. commit changes in you script to vcs 2. wait a bit for auto deploy (e.g. triggered by commit) 3. done. As additional you can write any script/service/etc for commit these changes automatically if needed.
Also look at script roots it's helpful way which allows reuse any of script fragments through helpers classes.
It's rather conceptual answer basically because implementation is depends on environment, but I hope that you get at least one more point of view to solve this task.
I think that using the Java API to modify Jira workflows is pretty tough. You could dig around in the workflow editor to see how conditions are added there. Remember that you have to do this in a draft workflow and then publish it, which takes some time in large projects
I like the idea of replacing a script file as easier, if it can be done when no issues are transitioning
Is there a way to implement a commit message policy on BitBucket Cloud?
From my understanding, the webhooks only work as commit notifications and can not intervene with the commits (to deny the commit if the commit message does not follow the set regex). For pre-commit hooks you would need BitBucket Server, right?
If that's the case, what about checking commit messages on a Jenkins build to fail the build if it contains a certain message that does not match the regex? Is that a viable option?
Another option, is there a local git config file where I could set the rules locally (even if they could be bypassed)?
I think you're confusing pre-commit hooks (which determine whether or not a commit can be made) with pre-receive hooks (which determine whether or not a specific remote will accept pushes). Bitbucket Cloud does not currently support custom pre-receive hooks, but Bitbucket Server does. Pre-commit hooks would need to be installed on every system where users make commits; those are not currently replicated, so you'd need everyone to manage them manually.
It sounds like Jenkins tests would be your best bet - check the commit message for the desired regex, and fail the test if the regex isn't there. That won't prevent people from making bad commits in the first place, but it will keep those bad commits out of the final product.
I've set up an automatic "pull request check" via jenkins/github/sonarqube integration.
The workflow is as follows:
Github pull request created by user → Github Webhook triggers, and calls Jenkins API to execute sonarqube scanner → reports to sonarqube server → sonarqube server calls github API(create commit statuses : ref https://developer.github.com/v3/repos/statuses/) and posts a comment about the PR.
The issue is that it marks the PR as check failed just because it didn't pass its code health checks. The build passed, but the code is "dirty" - and that causes the PR to be marked as unacceptable. I'd like to find a way to prevent code quality checks from appearing as an actual status of the commit, and only allow commenting.
Additional images to provide some context:
SonarQube uses a techuser account token to post its analysis summary as a comment on the PR thread. (Sorry for the black boxes, corporate stuff..)
This functionality is everything we need, nothing more.
However... the plugin does one more thing, which is marking the commit as a failure. Note that we're already using something else to check for actual build failures. Although it didn't fail, sonarqube marking the commit as failure because of code quality makes the whole commit display as a failure. I'd like to prevent sonarqube from setting branch check statuses, while letting it comment on the issue. I couldn't find an option for anything like that neither in jenkins plugin configuration nor sonarqube admin page nor sonarqube scanner script documentation.
Thanks in advance.
What you want to achieve is currently not possible when using the SonarQube GitHub plugin, since this behaviour is hardcoded in the plugin and there is no configuration option to customize this.
In upcoming versions of SonarQube and SonarCloud, pull request will have a built-in support and the behaviour will be the following:
The status will be red if there is at least an open issue on the PR analyzed by SonarQube/SonarCloud
Teams will have the ability to mark those issues as "Confirmed" in SonarQube/SonarCloud (to acknowledge that they accept this technical debt), in which case the status will be automatically turned to green in GitHub
Currently in order to enable or disable a job, a user must have Job Configure permissions in the Matrix-based security configuration.We would like to be able to manage the enable / disable job permission independently from the job configure permission.
There are some nightly jobs that we want every user to be able to enable and disable the project without touching/breaking the configuration.
Thanks
Provide a script for the users that will do this using the credentials of 'root' user and set only the execute bit on the script so that no one can read/copy it.
At least 3 ways to make a script:
HTTP POST request:
1.
curl -X POST http(s)://<your_jenkins_url>/jenkins/job/<nightly-build_job_name>/disable
2.
Use python JenkinsAPI.
Documentation is very good, easy to understand much like the API.
3.
The third one can be a script which will use jenkins-cli: accepted answer describes this well .
The Job Configure permission is bounded to the disable/enable function in each job, that's true.
One alternative to disable/enable jobs without the corresponding permission is to create new jobs which do this internally. For example, a job that needs job names as parameters, and disables them.
You could use curl + credentials of a Jenkins user with the Job Configure permission.
You could use plugins. For example, this script using the Job DSL Plugin:
job("jobname"){
using("jobname")
disabled(true)
}
For other options, check out this question.
You may try to install this plugin to get the enable/disable button for the individual project-
I checked in my Jenkins and I could see this:
But when I checked under plugins section I don't see this extra column plugin installed. Probably this is the default behavior in latest versions of Jenkins.
I am new to iOS development. We are using SVN for code repository.
I wanted to know whether there is a way to set some rules on code check in? i.e. suppose we have a code guideline and we want everyone in the team to adher to it religiously. We can set some rules via which automatically it can be found out whether the person has followed the guidelines or not.
Something like TFS check in policies?
You can use on server side the so called "hooks".
Most important is the pre-commit-hook
You can found them on the server inside the repository in the directory hooks
You can place any executable there and it will be called during commit. There is a svncommand called svnlook which you can use to look directly into the transaction to be committed.
In each repository there is one example for each hook SVN provides. These templates showing a sample implementation with some meanigful bash script.
more infos about hooks