I use perforce and jenkins and would like to use only VSTS Release functionality. Is this possible? Is it a must that code must be stored in VSTS
Yes, it is possible. The release could have no artifacts and you can queue Jenkins job by using Jenkins Queue Job task. Also there is Jenkins Download Artifacts task in Utility category.
Related
We are using OpenShift. I have a confusion between buildconfig file vs jenkinsfile. Do we need both of them or one is sufficient. I have seen examples where in jenkinsfile docker build is defined using buildconfig file. In some cases buildconfig file is using jenkinsfile as the build strategy. Can some one please clarify on this
BuildConfig is the base type for all builds, there are different build strategies that can be used in a build config, by running oc explain buildconfig.spec.strategy you can see them all. If you want to do a docker build you use the dockerStrategy, if you want to build from source code using source2image you specify the sourceStrategy.
Sometimes you have more complex needs than simply running a build with an output image, let's say you want to run the build, wait for that image to be deployed to some environment and then run some automated GUI tests. In this case you need a pipeline. If you want to trigger and configure this pipeline from the OpenShift Web Console you would use the jenkinsPipelineStrategy in your BuildConfig. In the OpenShift 3.x web console such BuildConfigs are presented as Pipelines and not Builds even though they are all really BuildConfigs.
Any BuildConfig with the jenkinsPipelineStrategy will be executed by the Jenkins Build Server running inside the project. That Jenkins instance could also have other pipelines that are not mapped or visible in the OpenShift Web Console, there does not need to be a BuildConfig for every Jenkinsfile if you don't see the benefit of them appearing in the OpenShift Web Console.
The difference of running builds inside a Jenkinsfile and a BuildConfig with some non-jenkinsfile-strategy is that the build is actually executed inside the jenkins build agent rather than a normal OpenShift build pod.
At our company we utilize a combination of jenkinsFile pipelines and BuildConfigs with the sourceStrategy. Instead of running builds in our Jenkinsfile pipelines directly inside the Jenkins build agent we let the pipeline call the OpenShift API and tell it to execute the BuildConfig with sourceStrategy. So basically we still use s2i for building the images but the Jenkinsfile as our CI/CD pipeline engine. You can find some examples of this at https://github.com/openshift/jenkins-client-plugin.
I am starting with HP Fortify SCA and I want to know how connect it to a source code repository. I read and look for how to integrate it but I didn't find anything about it.
You could try using Jenkins (https://jenkins-ci.org/) to download your code from a repository and then call HP Fortify from Jenkins. You could even use Jenkins to trigger automatic analysis with HP Fortify whenever it detects a new version or once a day/week/month.
Fortify does not natively make a direct connection to the repo. The code has to be local to the scan so that it can be cleaned, translated, and compiled.
Jenkins could probably do it like #Syslog said, but personally I wouldn't until you are very familiar with how Fortify runs against your codebase. If you are just getting started with Fortify, run it manually for a few months until you learn its (many, many ) quirks.
I'm trying to implement a continuous deployment system and I seem to not be able to find a good answer for our problem.
We use Jenkins to run a maven build to generate our artifacts and deploy them to Nexus. I see a few projects that bundle up everything into a single war or tar file, extract one file per request from Nexus by name and deploy it to an application server, but this requires them to know beforehand what versions they have available.
My project has quite a few jars/wars/binaries among other artifacts, which don't get deployed using an application server. What we want to do is be able to do is pull any snapshot or release revision of the software out of nexus and either generate an install package or deliver it directly to a remote server.
Clarification: I want QA or development to be able to select a version from Jenkins; where Jenkins will poll Nexus for the available versions, then perform an automated deploy to a server from Nexus.
Is there an easy nexus/maven way to get software out to a testing system?
So, is there a way to poll nexus to determine what revisions are available through ant/ivy, Jenkins, maven, gradle? I'll write in something else if it helps.
I see that a similar question was asked here: How do I choose an artifact from Nexus in a Hudson / Jenkins job?, but it is as of yet unanswered 9 months later.
Nexus gives you a standard HTTP browsing capability. You could browse the repository through HTTP and see what is available.
I still don't understand your Use Case though. If you know which versions of the project you want then what is the problem?
The easiest would be to write an installer pom.xml that has in it a ${} placeholder for the version you want for the artifacts then invoke mvn with mvn package -Dproduct.version=1.0.0
If you use a container, PAX has plugins that allow you to specific artifacts like mvn:myGroup/myArtifact/myVersion and it will auto pull from Maven.
Nexus isn't doing any magic. It's all well known paths on a URL of groups/artifactId/versions
I have a job in Hudson server A which builds an artifact and deploys it to Nexus. I have another job in a completely separate Hudson server B which needs to download the artifact and deploy it. This job is normally run manually, and the person running it needs to indicate which version of the artifact to deploy - they may not always want to deploy the latest version (e.g. to roll back to a previous known good version).
Currently, I achieve this by using a parameterized build, and require the user to pass in the artifact version number; the job then uses the Execute shell build step to run wget on a URL constructed using the parameter. This is error prone.
Ideally I'd like a plugin that lets the user browse the artifact versions in the Nexus repository and pick and choose the one to deploy, but I'm open to other suggestions. A plugin that also handles the download would be nice, but I can live without it as long as I can still get a string that I can use in shell commands.
I've looked through the available Hudson & Jenkins plugins around Maven style artifact repositories, but they all seem more concerned with pushing artifacts into repos rather than getting them back down.
I'm using Hudson's "Copy Artifact" in other jobs, to get artifacts from other Hudson jobs on the same server, but this doesn't work across different Hudson servers, which is why I've turned to Nexus (which we're already using anyway).
Does anyone have any suggestions?
I recommend using rundeck to execute your deployments.
There is a rundeck plugin for Nexus that enables rundeck to display a pull down menu of available versions in Nexus.
There is a rundeck plugin for Jenkins that can be used to invoke deployments using rundeck and kick-off post deployment jobs (like integration testing) inn Jenkins.
I am new in Hudson.
I would like to execute a 'sourcecodeanalyzer' command in Hudson as Post-build Actions to generate an html report. Please let me know is this at all possible, if yes let me know the Hudson configuration steps to execute the command.
Your earliest response in this regard will be extremely helpful.
Thanks in advance.
Yes, it is almost certainly possible.
You will need to configure the Hudson project to have either a post-build action or a build step that runs your source code analyzer.
You've not stated in your question precisely which analyzer - it may be that Hudson already has a plug-in installed for it, in which case it may be listed on the Config page for the project at the bottom under Post-build Actions.
If not, next check to see if there's a plug-in available for the analyzer that hasn't been installed. From the main Hudson page select Manage Hudson, then Manage Plugins, and choose the Available tab. If there is a plug-in available it's definitely a good idea to use it as they are generally very well integrated with Hudson itself.
As a last resort you'll have to configure a build step to run the analyzer. Configure the project, then choose "Add build step". The drop-down that appears depends on your environment (Windows or Linux) but should include the ability to run a shell command or batch file. You can configure your analyzer there.
(If you're building Windows Visual Studio applications, a more flexible way that I've used is to use the MSBuild plug-in for builds, and have an MSBuild script that builds the application and then runs analysis tools. This can automate pretty much everything: mine builds the application, builds an acceptance test database, runs the acceptance tests and copies the result HTML to a page linked from the project.)
You could create a new job with a "Execute Shell" build step. Type in the command you wish to run in the text box. Then all you have to do is trigger this job by selecting:
"Build after other projects are built"
And select the trigger job from the list.
Hope this helps!
As a follow up to Jeremy's post. If you don't see the ability to add post build steps, you might work with maven jobs. In that case you need the Hudson M2 Extra Steps Plugin. This will give you pre and post build steps.
I use the 'Post build task' plugin to delete some resources after a build. You could call any shell script or command lines. If you want you could make the call depends on some logging output.
there is one best way to solve this:
Upgrade to Fortify SCA 2.6.x (as of writing, latest version is 2.6.5).
Download the Fortify Maven Plugin version 2.6 from https://customerportal.fortify.com and install it into your Hudson server's Maven repository.
Update your project's pom to carry out the Fortify scan. There is an example provided with the Maven plugin.
Currently , I am experiment with sonar plug in. It looks great check the details here
http://sonar.codehaus.org/a-new-hudson-plugin-for-a-closer-integration-with-sonar/
http://wiki.hudson-ci.org/display/HUDSON/Sonar+plugin