Build and release system we use is TFS, soon migrating toe Azure Devops. I am trying to introduce an automation framework for contract tests with Karate. Can Karate be integrated with the build jobs in TFS as part of the CI pipeline?
Yes. Azure AD has a maven extension.
Following YML for reference
steps:
- task: Maven#3
displayName: 'API Automated test against $(Environment)'
inputs:
mavenPomFile: Tests/APITest/pom.xml
goals: 'clean test -DargLine="-Dkarate.env=$(Environment)"'
testResultsFiles: '**/APITest.*.xml'
Karate is a java API test-automation tool that can be implemented using Maven or Gradle.
It can be used to run on any CI/CD pipeline using any repository management.
Team Foundation Server is both repository management and CD/CD pipeline tools.
Please refer the below Azure configuration for Maven or Gradle,
https://learn.microsoft.com/en-us/azure/devops/pipelines/tasks/build/gradle?view=azure-devops
https://learn.microsoft.com/en-us/azure/devops/pipelines/tasks/build/maven?view=azure-devops
Let us know if there are any configuration issue you are facing while downloading the karate library from azure.
Related
I don't know where could I fit the jenkins tool in the following devops pipeline:
code -> integrate -> test -> release -> deploy -> operate
Maybe it can be in every steps ?
Jenkins is a build factory. In other words, its primary use is to run tasks that dedicated to build, integrate and deliver applications. It's a typical DEVOPS tool.
Jenkins can be used to build pipelines (sequences of tasks) or to be called from a pipeline (to execute one of the pipeline's tasks).
The great thing about Jenkins is that it integrates nicely with other devops tools:
SCM: SVN, Github, Gitlab
Build: maven, gradle
Test: Cucumber reports
Quality: SonarQube
Deployment: Octopus Deploy, XL Deploy, Run Deck...
You name it!
However, Jenkins is generally not used to "code" and "operated" applications.
A typical pipeline would be:
Try Pull Request => Build Release Candidate => Deploy RC on Integration => Deploy on Production
This is a over simplified pipeline, just to give an idea of the scope of this tool. A production grade piepline should include security checks, and integrate nicely with human validation when needed.
Jenkins is use for the Build, Test, and Deploy stages of the continuous delivery pipeline.
You can have "n" number of stages in a pipeline that can be configured using Jenkins.
Stages as follows (example) :-
code -> integrate -> test -> release -> deploy -> operate
Currently in the business sector Jenkins is used as follows:
If you are a software developer you need Jenkins for two reasons:
To build your project and check that it completes all the requirements concerning the pmd rules, checkstyles, findbugs, etc.
To deploy a new environment so to evaluate yourself. You need to see that the changes you made are the proper one and as you wanted them to be.
If you are a tester or a test automation engineer you want it two three reasons:
To build your code and check for findbugs, pmds and qaplugs generally
To test the software product, of the client or of your company's product
To create dynamic environments so to test the changes of the developers (mostly as a regression testing and not as an individual)
If you are a business related, project manager or supervisor you can do the next two actions:
Execute the tests so that you can see yourself if the product is working properly
Check the reports that Jenkins can give you every after test execution
Jenkins is an opensource automation server. Earlier it used to be a CI server only but after Jenkins 2.0, Pipeline as Code has made it popular for CI/CD both. It can manage all application lifecycle phases.
I have a project on local TFS server. This project has a PowerShell script which creates the build.
I need to create a correct JOB in Jenkins, which will start when any change happens in the project (TFS). This job will automatically start PS script on project directory.
Please, help me with this task.
Based on your description, you just need to integrate Jenkins with TFS and set CI/CD to trigger the build/release in Jenkins.
To run PowerShell in Jenkins you can refer this article: Running Powershell scripts using Jenkins
For the Jenkins integration and CI/CD, you can reference below articles:
TFS and Jenkins Integration
Visual Studio Team Services Integration with Jenkins
Tutorial: Integrate your Jenkins CI jobs with VSTS CD to Azure
Currently we are using SonarQube as a source code analyser. But now in our organisation they are planning to use HP Fortify SCA for source code analysis. We have integrated SonarQube with Jenkins but i don't know how to integrate HP Fortify with Jenkins. Googled for it but I'm not getting good solution. Can anyone please help me on this.
Fortify Jenkins Plugin
Use the Fortify Jenkins Plugin in your continuous integration builds to identify security issues in your source code with Micro Focus Fortify Static Code Analyzer. After the Fortify Static Code Analyzer analysis is complete, you can upload the results to a Micro Focus Fortify Software Security Center server. The Fortify Jenkins Plugin also enables you to view the analysis result details within Jenkins. It provides metrics for each build and an overview of the results, without requiring you to log into Fortify Software Security Center.
With the Fortify Jenkins Plugin, you can integrate Fortify Static Code Analyzer with the following build tools:
Gradle
Maven
MSBuild
Visual Studio (devenv)
You can also scan your source code directly without a build tool.
Source.
HPE Fortify does provide a Jenkins Plugin.
There is also a community member who has created a Jenkins plugin that his organization uses to integrate Jenkins and Cloudscan (https://marketplace.saas.hpe.com/fortify/content/fortify-cloudscan-jenkins-plugin).
Here is a good discussion on how one customer is integrating Jenkins and CloudScan in their company (the plugin's author).https://www.protect724.hpe.com/thread/22952
I would suggest to use maven for this. There is a plugin available for fortify for maven
Fortify integration with maven - install
You can use this plugin in your application pom.xml and execute the maven command from jenkins.
Integration of HP Fortify with Jenkins :
Step 1) Install Jenkins plugin on cloud server or you can direct access the cloud Jenkins server(if it is already installed on server).
step 2) Create a folder in Jenkins and configure the properties(making changes in configuration file on left side).
step 3) once configuration part is done .Post that you have to provide the cloud server link where fortify is installed(scar/ssc) and credentials.
Test the connection using "Test" button.
OR
If you have GitHub link, you can directly add the link in Jenkins and used them.
step 4) Now connection is established between Jenkins and fortify-SSC.
Jenkins : It is integration tools ,that provide continuous integration and continuous development(CI /CD).
GitHub: GitHub is raw code repository , where all the code is saved.
Let me know if you have any question while integrating Jenkins with fortify.Thank you
from the last week i am working with jenkins, and its going good but at the end of R&D I have lost of confusion, these are questions which confusingto me.
How to do Continuous Integration with jenkins of Website?
hoe to view Testing analysis reports produced by sonarqube server to my local system?
what happens where all my developers will do commit and push at the same time on repository?
How to deploy my web application on targeted server using jenkins?
How to I use sonarqube to test my website ?
If you are building a .net website, install msbuild plugin in jenkins. Create a jenkins job, add a step checkout your website (git/svn - install required repo plugin). Schedule to run nightly or hourly depending on your needs.
Type in url for your sonarqube server and then you can view the reports.
This is not an issue if your developers are comitting simultaneously. Usually a CI tool such as Jenkins will take care of that.
This is called continuous deployment or continuous delivery. Something like Octopus Deploy can help you if you are deploying .net applications. You can use the tool octo.exe and pass the API key as parameter to deploy to a specific environment.
SonarQube is used as a quality gate for code analysis. It is not a test framework. Try to investigate on how to use selenium framework for automation testing.
I hope that I have answered your questions.
We work on .NET project, using TFS for:
source control
builds: gated check-ins that produce MSI files
deployments to Labs
We want to create a proper Continuous Delivery pipeline, that is a Dashboard with pipelines for each check-in with traffic lights.
Pipeline should show all the stages like TFS build > Deploy to Lab > Smoke test > Integration Tests > Acceptance Tests > Deploy to PreProd > ...
So it has to be tightly integrated with TFS.
We are assessing 2 options:
use TFS-based tool\plugin\dashboard if there are any that can show pipelines?
use CI tool for example Jenkins, TeamCity, Bamboo to build this pipeline - ideally with support to fetch built code from TFS drop folder, not just the source code
What would you recommend?
If you are using TFS why don't you leverage the built in Release Management tooling? You can create a release pipeline that is automted and even include approvals I necessary.
http://nakedalm.com/building-release-pipeline-release-management-visual-studio-2013/
If you want to integrate the lab tools for collecting test results as part of your pipeline this works as well.
http://nakedalm.com/execute-tests-release-management-visual-studio-2013/
This works pretty well and the new features anounced at Connect() will make it even better.