Skip to Content

Changes for page Jenkins Shared Library

Last modified by Boris Folgmann on 2025/11/03 09:41
From version 3.4
edited by Achim Mahnke
on 2025/10/27 12:56
Change comment: There is no comment for this version
To version 7.2
edited by Boris Folgmann
on 2025/11/03 09:16
Change comment: There is no comment for this version

Summary

Details

Page properties
Author
... ... @@ -1,1 +1,1 @@
1 -xwiki:XWiki.achimmahnket-systemscom
1 +xwiki:XWiki.borisfolgmannt-systemscom
Content
... ... @@ -6,7 +6,7 @@
6 6  
7 7  == Getting Started ==
8 8  
9 -Since the Shared Library is globally configured on all Jenkins instances managed by DevOps-as-a-Service you just need to place the following very short Jenkinsfile in the root folder of your git repository to automatically build your maven or node project or simply build a container using a Dockerfile.
9 +Since the Shared Library is globally configured on all Jenkins instances managed by DevOps-as-a-Service you just need to place the following very short Jenkinsfile in the root folder of your git repository to automatically build your maven, node or go project or simply build a container using a Dockerfile.
10 10  
11 11  {{code}}
12 12  @Library('sdcloud') _
... ... @@ -128,9 +128,12 @@
128 128  )))|(((
129 129  npm command to execute for building Node.JS projects.
130 130  )))
131 +|= |go|'go'|Golang version to use.
132 +Refers to a symbolic name of a go tool configuration in Jenkins.
131 131  |= |goBuildCommand|(((
132 132  'go build -o app cmd/server/main.go'
133 -)))|go build step. Must be over
135 +)))|go build run. Should be overridden for your project.
136 +|= |goTestCommand|'gotestsum ~-~-format pkgname ~-~-junitfile report.xml ~-~- -failfast -race -coverprofile=coverage.out -tags=test ./...'|Runs gotestsum tool which in turn calls 'go test' for all packages in the project. Should be overridden for your project. The gotestsum tool is available out-of-the-box and produces a report file which is picked up by Jenkins automatically.
134 134  |=(% rowspan="10" %)(((
135 135  Docker build
136 136  )))|(((
... ... @@ -309,9 +309,11 @@
309 309  |(((
310 310  helmRegistry
311 311  )))|(((
312 -Nexus registry of your DOaaS instance
315 +Helm registry of your DOaaS instance, which is usally 'https:~/~/registry-CUSTOMER.devops.t-systems.net/chartrepo/PROJECTKEY'
313 313  )))|(((
314 -Name of registry to which the packaged Helm chart is uploaded.
317 +Helm registry to which the packaged Helm chart is uploaded.
318 +
319 +
315 315  )))
316 316  |(((
317 317  helmRegistryCredentialsId
... ... @@ -350,7 +350,7 @@
350 350  )))|(((
351 351  Id of the Jenkins Credentials for signers private keyfile.
352 352  )))
353 -|=(% colspan="1" rowspan="12" %)(((
358 +|=(% colspan="1" rowspan="8" %)(((
354 354  Static Source Code Analysis
355 355  )))|(((
356 356  checkstyleConfig
... ... @@ -375,29 +375,7 @@
375 375  )))|(((
376 376   Name of a config file to use for yamllint. If not set a best-practice[[ relaxed configuration >>url:https://prd.sdc.t-systems.net/bitbucket/projects/DEVOPSAAS/repos/sdcloud-caas-jenkins-libs/browse/resources/com/tsystems/sdc/jenkinslib/yamllint.yml||shape="rect"]]is used which is different from the original yamllint[[ config>>url:https://yamllint.readthedocs.io/en/stable/configuration.html#default-configuration||shape="rect"]].
377 377  )))
378 -|skipDependencyCheck|false|Set to true to skip the dependency-check.
379 379  |(((
380 -dependencyCheckTool
381 -)))|(((
382 -'dependency-check'
383 -)))|(((
384 -Defines which named dependency-check tool should be used.
385 -)))
386 -|(((
387 -dependencyCheckArgs
388 -)))|(((
389 -'~-~-disableAssembly ~-~-nvdValidForHours 720'
390 -)))|(((
391 -Addtional arguments which are be passed to dependency-check. See [[Dependency>>url:https://jeremylong.github.io/DependencyCheck/dependency-check-cli/arguments.html||shape="rect"]][[ Check CLI Arguments>>url:https://jeremylong.github.io/DependencyCheck/dependency-check-cli/arguments.html||shape="rect"]] for more information.
392 -)))
393 -|(((
394 -dependencyCheckNvdApiKeyCredentialsId
395 -)))|(((
396 -'dependency-check-nvdapikey'
397 -)))|(((
398 -If you have your own NVD API Key, set it as a credential of type text in Jenkins. Then specify the credential id using this argument. It will be automatically passed to dependency-check. There will be no error if no credential is found. Just the NVD download will be slower. Please note, on DevOps-as-a-Service a shared NVD API Key is automatically supplied for the default credential id.
399 -)))
400 -|(((
401 401  sonarQube
402 402  )))|(((
403 403  true for the defaultBranch and for pull-requests, if a SonarQube version is detected which supports scanning multiple branches
... ... @@ -448,6 +448,23 @@
448 448  |sonarQualityGate| |Sets the desired quality gate to use for the scan result in SonarQube.
449 449  If not specified, the quality gate is not changed.
450 450  As a default, SonarQube will use the quality gate "Sonar way" for new scan results.
434 +|=(% colspan="1" rowspan="5" %)Dependency Check|skipDependencyCheck|false|Set to true to skip the dependency-check.
435 +|dependencyCheckTool|'dependency-check'|Defines which named dependency-check tool should be used.
436 +|dependencyCheckMvnArgs|'-DassemblyAnalyzerEnabled=false'|Additional arguments which are be passed to dependency-check for maven projects.(((
437 +See [[Dependency Check Maven Configuration>>https://jeremylong.github.io/DependencyCheck/dependency-check-maven/configuration.html]] for more information.
438 +)))
439 +|dependencyCheckArgs|'~-~-disableAssembly'|Addtional arguments which are be passed to dependency-check. See [[Dependency>>url:https://jeremylong.github.io/DependencyCheck/dependency-check-cli/arguments.html||shape="rect"]][[ Check CLI Arguments>>url:https://jeremylong.github.io/DependencyCheck/dependency-check-cli/arguments.html||shape="rect"]] for more information.
440 +|dependencyCheckNvdApiKeyCredentialsId|'dependency-check-nvdapikey'|If you have your own NVD API Key, set it as a credential of type text in Jenkins. Then specify the credential id using this argument. It will be automatically passed to dependency-check. There will be no error if no credential is found. Just the NVD download will be slower. Please note, on DevOps-as-a-Service a shared NVD API Key is automatically supplied for the default credential id.
441 +|=(% colspan="1" rowspan="2" %)Dependency Track|depTrackCredentialsId|'PROJECTKEY-deptrack-projectcreator'|(((
442 +Id of the Jenkins Credential which has to be used to authenticate to Dependency Track for publishing the SBOM.
443 +)))
444 +|depTrackClassifier|'application'|The component type (e.g. application, library, firmware, ...) that should be set in the SBOM file.
445 +Will be later shown as classifier for the project in Dependency Track.
446 +See [[CycloneDX Metadata Component Type>>https://cyclonedx.org/docs/1.6/json/#metadata_component_type]] for supported values.
447 +|=(% colspan="1" rowspan="2" %)Trivy|trivySeverity|'High'|String which sets the minimum severity of Trivy findings that has to be reached to mark the Trivy Results stage as unstable.
448 +Possible values are: "None", "Unknown", "Negligible", "Low", "Medium", "High", "Critical".
449 +|trivyBuildResult|'SUCCESS'|String which sets the overall build result when the result of the Trivy scan reaches trivyServerity.
450 +Possible values are: "SUCCESS", "UNSTABLE" or "FAILURE"
451 451  |=(% rowspan="7" %)(((
452 452  Deployment
453 453  )))|(((
© 2018-2026 T-Systems International GmbH