Skip to Content

Changes for page Jenkins Shared Library

Last modified by Boris Folgmann on 2025/11/03 09:41
From version 5.1
edited by Boris Folgmann
on 2025/11/03 08:46
Change comment: There is no comment for this version
To version 8.1
edited by Boris Folgmann
on 2025/11/03 09:17
Change comment: Uploaded new attachment "1762161476370-318.png", version {1}

Summary

Details

Page properties
Content
... ... @@ -6,7 +6,7 @@
6 6  
7 7  == Getting Started ==
8 8  
9 -Since the Shared Library is globally configured on all Jenkins instances managed by DevOps-as-a-Service you just need to place the following very short Jenkinsfile in the root folder of your git repository to automatically build your maven or node project or simply build a container using a Dockerfile.
9 +Since the Shared Library is globally configured on all Jenkins instances managed by DevOps-as-a-Service you just need to place the following very short Jenkinsfile in the root folder of your git repository to automatically build your maven, node or go project or simply build a container using a Dockerfile.
10 10  
11 11  {{code}}
12 12  @Library('sdcloud') _
... ... @@ -128,6 +128,8 @@
128 128  )))|(((
129 129  npm command to execute for building Node.JS projects.
130 130  )))
131 +|= |go|'go'|Golang version to use.
132 +Refers to a symbolic name of a go tool configuration in Jenkins.
131 131  |= |goBuildCommand|(((
132 132  'go build -o app cmd/server/main.go'
133 133  )))|go build run. Should be overridden for your project.
... ... @@ -310,9 +310,11 @@
310 310  |(((
311 311  helmRegistry
312 312  )))|(((
313 -Nexus registry of your DOaaS instance
315 +Helm registry of your DOaaS instance, which is usally 'https:~/~/registry-CUSTOMER.devops.t-systems.net/chartrepo/PROJECTKEY'
314 314  )))|(((
315 -Name of registry to which the packaged Helm chart is uploaded.
317 +Helm registry to which the packaged Helm chart is uploaded.
318 +
319 +
316 316  )))
317 317  |(((
318 318  helmRegistryCredentialsId
... ... @@ -351,7 +351,7 @@
351 351  )))|(((
352 352  Id of the Jenkins Credentials for signers private keyfile.
353 353  )))
354 -|=(% colspan="1" rowspan="12" %)(((
358 +|=(% colspan="1" rowspan="8" %)(((
355 355  Static Source Code Analysis
356 356  )))|(((
357 357  checkstyleConfig
... ... @@ -376,29 +376,7 @@
376 376  )))|(((
377 377   Name of a config file to use for yamllint. If not set a best-practice[[ relaxed configuration >>url:https://prd.sdc.t-systems.net/bitbucket/projects/DEVOPSAAS/repos/sdcloud-caas-jenkins-libs/browse/resources/com/tsystems/sdc/jenkinslib/yamllint.yml||shape="rect"]]is used which is different from the original yamllint[[ config>>url:https://yamllint.readthedocs.io/en/stable/configuration.html#default-configuration||shape="rect"]].
378 378  )))
379 -|skipDependencyCheck|false|Set to true to skip the dependency-check.
380 380  |(((
381 -dependencyCheckTool
382 -)))|(((
383 -'dependency-check'
384 -)))|(((
385 -Defines which named dependency-check tool should be used.
386 -)))
387 -|(((
388 -dependencyCheckArgs
389 -)))|(((
390 -'~-~-disableAssembly ~-~-nvdValidForHours 720'
391 -)))|(((
392 -Addtional arguments which are be passed to dependency-check. See [[Dependency>>url:https://jeremylong.github.io/DependencyCheck/dependency-check-cli/arguments.html||shape="rect"]][[ Check CLI Arguments>>url:https://jeremylong.github.io/DependencyCheck/dependency-check-cli/arguments.html||shape="rect"]] for more information.
393 -)))
394 -|(((
395 -dependencyCheckNvdApiKeyCredentialsId
396 -)))|(((
397 -'dependency-check-nvdapikey'
398 -)))|(((
399 -If you have your own NVD API Key, set it as a credential of type text in Jenkins. Then specify the credential id using this argument. It will be automatically passed to dependency-check. There will be no error if no credential is found. Just the NVD download will be slower. Please note, on DevOps-as-a-Service a shared NVD API Key is automatically supplied for the default credential id.
400 -)))
401 -|(((
402 402  sonarQube
403 403  )))|(((
404 404  true for the defaultBranch and for pull-requests, if a SonarQube version is detected which supports scanning multiple branches
... ... @@ -449,6 +449,13 @@
449 449  |sonarQualityGate| |Sets the desired quality gate to use for the scan result in SonarQube.
450 450  If not specified, the quality gate is not changed.
451 451  As a default, SonarQube will use the quality gate "Sonar way" for new scan results.
434 +|=(% colspan="1" rowspan="5" %)Dependency Check|skipDependencyCheck|false|Set to true to skip the dependency-check.
435 +|dependencyCheckTool|'dependency-check'|Defines which named dependency-check tool should be used.
436 +|dependencyCheckMvnArgs|'-DassemblyAnalyzerEnabled=false'|Additional arguments which are be passed to dependency-check for maven projects.(((
437 +See [[Dependency Check Maven Configuration>>https://jeremylong.github.io/DependencyCheck/dependency-check-maven/configuration.html]] for more information.
438 +)))
439 +|dependencyCheckArgs|'~-~-disableAssembly'|Addtional arguments which are be passed to dependency-check. See [[Dependency>>url:https://jeremylong.github.io/DependencyCheck/dependency-check-cli/arguments.html||shape="rect"]][[ Check CLI Arguments>>url:https://jeremylong.github.io/DependencyCheck/dependency-check-cli/arguments.html||shape="rect"]] for more information.
440 +|dependencyCheckNvdApiKeyCredentialsId|'dependency-check-nvdapikey'|If you have your own NVD API Key, set it as a credential of type text in Jenkins. Then specify the credential id using this argument. It will be automatically passed to dependency-check. There will be no error if no credential is found. Just the NVD download will be slower. Please note, on DevOps-as-a-Service a shared NVD API Key is automatically supplied for the default credential id.
452 452  |=(% colspan="1" rowspan="2" %)Dependency Track|depTrackCredentialsId|'PROJECTKEY-deptrack-projectcreator'|(((
453 453  Id of the Jenkins Credential which has to be used to authenticate to Dependency Track for publishing the SBOM.
454 454  )))
... ... @@ -455,6 +455,10 @@
455 455  |depTrackClassifier|'application'|The component type (e.g. application, library, firmware, ...) that should be set in the SBOM file.
456 456  Will be later shown as classifier for the project in Dependency Track.
457 457  See [[CycloneDX Metadata Component Type>>https://cyclonedx.org/docs/1.6/json/#metadata_component_type]] for supported values.
447 +|=(% colspan="1" rowspan="2" %)Trivy|trivySeverity|'High'|String which sets the minimum severity of Trivy findings that has to be reached to mark the Trivy Results stage as unstable.
448 +Possible values are: "None", "Unknown", "Negligible", "Low", "Medium", "High", "Critical".
449 +|trivyBuildResult|'SUCCESS'|String which sets the overall build result when the result of the Trivy scan reaches trivyServerity.
450 +Possible values are: "SUCCESS", "UNSTABLE" or "FAILURE"
458 458  |=(% rowspan="7" %)(((
459 459  Deployment
460 460  )))|(((
1762161476370-318.png
Author
... ... @@ -1,0 +1,1 @@
1 +xwiki:XWiki.borisfolgmannt-systemscom
Size
... ... @@ -1,0 +1,1 @@
1 +79.4 KB
Content
© 2018-2026 T-Systems International GmbH