Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Codacy is an automated code analysis/quality tool that helps developers to ship better software in a faster manner.
Prerequisite: Make sure you have set up an account in Codacy
or get the API keys from an admin.
On the Edit build pipeline page, select the Pre-Build Stage (or Post-Build Stage).
Click + Add task.
Select Codacy from PRESET PLUGINS.
Enter a relevant name in the Task name
field. It is a mandatory field.
Enter a descriptive message for the task in the Description
field. It is an optional field.
Provide a value for the input variable. Note: The value may be any of the values from the previous build stages, a global variable, or a custom value.
Variable | Format | Description |
---|---|---|
Trigger/Skip Condition
refers to a conditional statement to execute or skip the task. You can select either:
Set trigger conditions
or
Set skip conditions
Pass/Failure Condition
refers to conditions to execute pass or fail of your build. You can select either:
Set pass conditions
or
Set failure conditions
Click Update Pipeline.
Pipeline plugins (a.k.a. preset plugins) are micro tools that allow you to enhance and refine the of your application by adding new features, integrating with external tools, and automating tasks.
Unlike , preset plugins come bundled with specific variables and conditions that help you make the plugins work seamlessly with your CI/CD pipeline.
Some plugins are meant for pre-build/post-build, while some are meant for pre-deployment/post-deployment.
From this section, you can know more about the individual plugins and its purpose.
CodacyEndpoint
String
API endpoint for Codacy
GitProvider
String
Git provider for the scanning
CodacyApiToken
String
API token for Codacy. If it is provided, it will be used, otherwise it will be picked from Global secret (CODACY_API_TOKEN).
Organisation
String
Your Organization for Codacy
RepoName
String
Your Repository name
Branch
String
Your branch name
Configuring Dependency Track for NodeJs
in pre-build or post build task creates a bill of materials from Maven & Gradle projects and environments and uploads it to D-track for Component Analysis to identify and reduce risk in the software supply chain.
Prerequisite: Make sure you have set up an account in dependency track
or get the API keys from an admin.
On the Edit build pipeline page, select the Pre-Build Stage (or Post-Build Stage).
Click + Add task.
Select Dependency track for Maven & Gradle from PRESET PLUGINS.
Enter a relevant name in the Task name
field. It is a mandatory field.
Enter a descriptive message for the task in the Description
field. It is an optional field.
Provide a value for the input variable. Note: The value may be any of the values from the previous build stages, a global variable, or a custom value.
Variable | Format | Description |
---|---|---|
Trigger/Skip Condition
refers to a conditional statement to execute or skip the task. You can select either:
Set trigger conditions
or
Set skip conditions
Click Update Pipeline.
Building container images in CI often results in a growing number of images, not all of which are production-ready. Therefore, it's a best practice to maintain a separate repository exclusively for storing production-builds. However, this would involve copying the container image (production-ready) from your existing repository to the production repository.
This plugin helps you copy a container image to a desired container repository. The pushing of image can be between repositories of the same container registry or between repositories of different container registry. One of the major usecases this plugin serves is multi-cloud deployments.
The plugin can be used at post CI, pre-CD, and post-CD. Moreover, you can also customize the image tag pattern for the copied image.
Go to App Configuration tab of your application.
Select Workflow Editor and click your deployment pipeline.
In this example, we will be adding the plugin in pre-CD stage; therefore, go to Pre-Deployment stage tab of your deployment pipeline and click Add task.
From the list of plugins, choose Copy container image.
Add the image destination in the field given for DESTINATION_INFO variable. The format is registry-name | username/repository-name
.
registry-name is the name you gave to your container registry while adding it in Global Configuration → OCI/Container Registry.
user-name is the your account name registered with you container registry, e.g., DockerHub.
repository-name is the name of the repository within your container registry that hosts the container images of your application.
Click Update Pipeline.
Go to the Build & Deploy tab of your application and click Select Image in the pre-deployment stage.
Choose a CI image that you wish to copy to the destination and click Trigger Stage.
The copying process will initiate, and once it is successful, the tag for the copied image would reflect at all relevant screens:
Destination Repository
CD Pipeline (Image Selection)
You can also filter out specific images (of target repository) from deployment. Refer Filter Condition to know the process.
Configuring Dependency Track for Python
in pre-build or post build task creates a bill of materials from Python projects and environments and uploads it to D-track for Component Analysis to identify and reduce risk in the software supply chain.
Prerequisite: Make sure you have set up an account in dependency track
or get the API keys from an admin.
On the Edit build pipeline page, select the Pre-Build Stage (or Post-Build Stage).
Click + Add task.
Select Dependency track for Python from PRESET PLUGINS.
Enter a relevant name in the Task name
field. It is a mandatory field.
Enter a descriptive message for the task in the Description
field. It is an optional field.
Provide a value for the input variable. Note: The value may be any of the values from the previous build stages, a global variable, or a custom value.
Variable | Format | Description |
---|---|---|
Trigger/Skip Condition
refers to a conditional statement to execute or skip the task. You can select either:
Set trigger conditions
or
Set skip conditions
Click Update Pipeline.
Configuring Dependency Track for NodeJs
in pre-build or post build task creates a bill of materials from NodeJs projects and environments and uploads it to D-track for Component Analysis to identify and reduce risk in the software supply chain.
Prerequisite: Make sure you have set up an account in dependency track
or get the API keys from an admin.
On the Edit build pipeline page, select the Pre-Build Stage (or Post-Build Stage).
Click + Add task.
Select Dependency track for NodeJs from PRESET PLUGINS.
Enter a relevant name in the Task name
field. It is a mandatory field.
Enter a descriptive message for the task in the Description
field. It is an optional field.
Provide a value for the input variable. Note: The value may be any of the values from the previous build stages, a global variable, or a custom value.
Variable | Format | Description |
---|---|---|
Trigger/Skip Condition
refers to a conditional statement to execute or skip the task. You can select either:
Set trigger conditions
or
Set skip conditions
Click Update Pipeline.
BuildToolType
String
Type of build tool your project is using. E.g., Maven, or Gradle
DTrackEndpoint
String
API endpoint of your dependency track account
DTrackProjectName
String
Name of your dependency track project
DTrackProjectVersion
String
Version of dependency track project
DTrackApiKey
String
API key of your dependency track account
CheckoutPath
String
Checkout path of Git material
ProjectManifestType
String
Type of your Python project manifest which is used to build cycloneDx Software Bill of Materials (SBOM). E.g., PIP, Poetry etc.
RelativePathToPoetryLock
String
Path to your poetry.lock file inside your project
RelativePathToPipfile
String
Path to your Pipfile.lock file inside your project
RelativePathToRequirementTxt
String
Path to your requirements.txt file inside your project
DTrackEndpoint
String
API endpoint of your dependency track account
DTrackProjectName
String
Name of your dependency track project
DTrackProjectVersion
String
Version of dependency track project
DTrackApiKey
String
API key of your dependency track account
CheckoutPath
String
Checkout path of Git material
DTrackEndpoint
String
API endpoint of your dependency track account
DTrackProjectName
String
Name of your dependency track project
DTrackProjectVersion
String
Version of dependency track project
DTrackApiKey
String
API key of your dependency track account
CheckoutPath
String
Checkout path of Git material
Configuring Sonarqube
in pre-build or post build task enhances your workflow with Continuous Code Quality & Code Security.
Prerequisite: Make sure you have set up an account in Sonarqube
or get the API keys from an admin.
On the Edit build pipeline page, select the Pre-Build Stage (or Post-Build Stage).
Click + Add task.
Select Sonarqube from PRESET PLUGINS.
Enter a relevant name in the Task name
field. It is a mandatory field.
Enter a descriptive message for the task in the Description
field. It is an optional field.
Provide a value for the input variable. Note: The value may be any of the values from the previous build stages, a global variable, or a custom value.
Trigger/Skip Condition
refers to a conditional statement to execute or skip the task. You can select either:
Set trigger conditions
or
Set skip conditions
Click Update Pipeline.
Semgrep is a fast, open source, static analysis engine for finding bugs, detecting dependency vulnerabilities, and enforcing code standards.
Prerequisite: Make sure you have set up an account in Semgrep
or get the API keys from an admin.
On the Edit build pipeline page, select the Pre-Build Stage (or Post-Build Stage).
Click + Add task.
Select Semgrep from PRESET PLUGINS.
Enter a relevant name in the Task name
field. It is a mandatory field.
Enter a descriptive message for the task in the Description
field. It is an optional field.
Provide a value for the input variable. Note: The value may be any of the values from the previous build stages, a global variable, or a custom value.
Variable | Format | Description |
---|
Trigger/Skip Condition
refers to a conditional statement to execute or skip the task. You can select either:
Set trigger conditions
or
Set skip conditions
Click Update Pipeline.
Configuring Sonarqube-v1.1.0
in pre-build or post build task enhances your workflow with Continuous Code Quality & Code Security.
Prerequisite: Make sure you have set up an account in Sonarqube
or get the API keys from an admin.
On the Edit build pipeline page, select the Pre-Build Stage (or Post-Build Stage).
Click + Add task.
Select Sonarqube v1.1.0 from PRESET PLUGINS.
Enter a relevant name in the Task name
field. It is a mandatory field.
Enter a descriptive message for the task in the Description
field. It is an optional field.
Provide a value for the input variable. Note: The value may be any of the values from the previous build stages, a global variable, or a custom value.
Trigger/Skip Condition
refers to a conditional statement to execute or skip the task. You can select either:
Set trigger conditions
or
Set skip conditions
Pass/Fail Condition
refers to a conditional statement to pass or fail the Pre-Build Stage (or Post-Build Stage). You can select either:
Set pass conditions
or
Set failure conditions
Click Update Pipeline.
Variable | Format | Description |
---|
Variable | Format | Description |
---|
SonarqubeProjectKey | String | Project key of SonarQube account |
SonarqubeApiKey | String | API key of SonarQube account |
SonarqubeEndpoint | String | API endpoint of SonarQube account |
CheckoutPath | String | Checkout path of Git material |
UsePropertiesFileFromProject | Boolean | Enter either |
CheckForSonarAnalysisReport | Boolean | Enter either |
AbortPipelineOnPolicyCheckFailed | Boolean | Enter either |
SemgrepAppToken | String | App token of Semgrep. If it is provided, this token will be used, otherwise it will be picked from Global Secret. |
PrefixAppNameInSemgrepBranchName | Bool | Enter either |
UseCommitAsSemgrepBranchName | Bool | Enter either |
SemgrepAppName | String | App name for Semgrep. If it is provided, and |
ExtraCommandArguments | String | Extra command arguments for Semgrep CI command. E.g., Input: --json --dry-run. |
SonarqubeProjectPrefixName | String | This is the SonarQube project prefix name. If not provided, the prefix name is automatically generated. |
SonarqubeBranchName | String | Branch name to be used to send the scanned result on sonarqube project. |
SonarqubeProjectKey | String | Project key of SonarQube account |
CheckForSonarAnalysisReport | Bool | Boolean value - true or false. Set true to poll for generated report from sonarqube. |
AbortPipelineOnPolicyCheckFailed | Bool | Boolean value - true or false. Set true to abort on report check failed. |
UsePropertiesFileFromProject | Bool | Boolean value - true or false. Set true to use source code sonar-properties file. |
SonarqubeEndpoint | String | API endpoint of SonarQube account. |
CheckoutPath | String | Checkout path of Git material. |
SonarqubeApiKey | String | API key of SonarQube account |
SonarContainerImage | String | Container Image that will be used for sonar scanning purpose. |
K6 is an open-source tool and cloud service that makes load testing easy for developers and QA engineers.
Prerequisite: Make sure you have set up an account in k6.io
or get the API keys from an admin.
On the Edit build pipeline page, select the Pre-Build Stage (or Post-Build Stage).
Click + Add task.
Select K6 Load Testing from PRESET PLUGINS.
Enter a relevant name in the Task name
field. It is a mandatory field.
Enter a descriptive message for the task in the Description
field. It is an optional field.
Provide a value for the input variable. Note: The value may be any of the values from the previous build stages, a global variable, or a custom value.
Variable | Format | Description |
---|---|---|
Trigger/Skip Condition
refers to a conditional statement to execute or skip the task. You can select either:
Set trigger conditions
or
Set skip conditions
Click Update Pipeline.
RelativePathToScript
String
Checkout path + script path along with script name
PrometheusUsername
String
Username of Prometheus account
PrometheusApiKey
String
API key of Prometheus account
PrometheusRemoteWriteEndpoint
String
Remote write endpoint of Prometheus account
OutputType
String
Log
or Prometheus