Skip to Content

Changes for page Jenkins Shared Library

Last modified by Achim Mahnke on 2025/10/01 10:24
From version 2.1
edited by Boris Folgmann
on 2025/04/29 12:01
Change comment: Added sonarQualityGate
To version 3.2
edited by Achim Mahnke
on 2025/10/01 10:24
Change comment: There is no comment for this version

Summary

Details

Page properties
Author
... ... @@ -1,1 +1,1 @@
1 -xwiki:XWiki.borisfolgmannt-systemscom
1 +xwiki:XWiki.achimmahnket-systemscom
Content
... ... @@ -26,8 +26,9 @@
26 26  1. Checking out the source code from git.
27 27  1. If a pom.xml is found your favorite JDK is selected, by default jdk11. Then a maven build is done.
28 28  1. If there's no pom.xml but a package.json is found a nodejs build is done.
29 +1. If there is no pom.xml or package.json but a go.mod file, a go test tool run is done.
29 29  1. Then the following stages are executed in parallel
30 -11. Analysis: For maven projects the Java source code is checked by checkstyle, pmd and spotbugs. Furthermore the job output will be checked for any warnings generated by maven, javac or javadoc. If Python modules (.py files) exist in the git repository they will be analyzed using pylint and flake8. If pylint or flake8 are not available on the Jenkins agent the steps will be skipped. Python files that are generated or downloaded into the workspace will not be checked. The results will be displayed on the classical Jenkins build page after the build.
31 +11. Analysis: For maven projects the Java source code is checked by checkstyle, pmd and spotbugs. Furthermore the job output will be checked for any warnings generated by maven, javac or javadoc. If Python modules (.py files) exist in the git repository they will be analyzed using pylint and flake8. If pylint or flake8 are not available on the Jenkins agent the steps will be skipped. Python files that are generated or downloaded into the workspace will not be checked. The results will be displayed on the classical Jenkins build page after the build. If a go.mod f
31 31  11. Security: If it's not a feature or bugfix branch a dependency check is done which checks if e.g. libraries are used which have known vulnerabilities. The results will be displayed in Jenkins after the build.
32 32  11. Docker: this will also work for projects which are neither maven or nodejs. A Dockerfile is enough to trigger this part of the pipeline.
33 33  111. If a Dockerfile is found a docker image is built.
... ... @@ -346,7 +346,7 @@
346 346  )))|(((
347 347  Id of the Jenkins Credentials for signers private keyfile.
348 348  )))
349 -|=(% rowspan="11" %)(((
350 +|=(% colspan="1" rowspan="12" %)(((
350 350  Static Source Code Analysis
351 351  )))|(((
352 352  checkstyleConfig
... ... @@ -396,15 +396,13 @@
396 396  |(((
397 397  sonarQube
398 398  )))|(((
399 -true for the defaultBranch
400 +true for the defaultBranch and for pull-requests, if a SonarQube version is detected which supports scanning multiple branches
400 400  
401 -false for all other branches and pull-requests
402 +false for all other branches
402 402  )))|(((
403 -Boolean which determines if SonarQube should be used if an installation is found.
404 +Set this to true to force a SonarQube scan for the current branch. Usually this makes only sense if you explicitly want to scan feature and bugfix branches.
404 404  
405 -The default is the best choice for the free community edition of SonarQube, which supports just one branch.
406 -
407 -If you have the Developer or Enterprise edition consider setting sonarQube to true to cover all branches. For more information see [[SonarQube>>SonarQube.WebHome]].
406 +If not set or set to false, the default branch will be scanned automatically as well as pull-requests, if a SonarQube version is detected which supports scanning multiple branches. This is currently the case for SonarQube Developer and Enterprise editions. The free SonarQube Community edition supports just one branch.
408 408  )))
409 409  |(((
410 410  sonarScanMavenOpts
... ... @@ -443,7 +443,7 @@
443 443  {{/code}}
444 444  )))
445 445  )))
446 -|= |sonarQualityGate| |Sets the desired quality gate to use for the scan result in SonarQube.
445 +|sonarQualityGate| |Sets the desired quality gate to use for the scan result in SonarQube.
447 447  If not specified, the quality gate is not changed.
448 448  As a default, SonarQube will use the quality gate "Sonar way" for new scan results.
449 449  |=(% rowspan="7" %)(((
© 2018-2025 T-Systems International GmbH