1
0
mirror of https://github.com/SAP/jenkins-library.git synced 2024-12-12 10:55:20 +02:00
sap-jenkins-library/resources/default_pipeline_environment.yml
Sven Merk 59e9d897bf
feat(hadolint): enable correct handling of multiple scan results (#1145)
* Add missing parameter

* Update hadolintExecute.groovy

* Update hadolintExecute.groovy

* Update hadolintExecute.groovy

* Update hadolintExecute.groovy

* Update hadolintExecute.groovy

* Update hadolintExecute.groovy

* Update hadolintExecute.groovy

* Update hadolintExecute.groovy

* Update hadolintExecute.groovy

* fix code climate issues

* Update default_pipeline_environment.yml

* Update hadolintExecute.groovy

* Update hadolintExecute.groovy

* Update hadolintExecute.groovy

* Update hadolintExecute.groovy

* Update hadolintExecute.groovy

* Update hadolintExecute.groovy

* Update hadolintExecute.groovy

Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
2020-02-04 16:36:09 +01:00

617 lines
19 KiB
YAML

#
# ATTENTION: This file is part of the API, breaking changes here directly affect the consumers of the library.
# Please avoid breaking changes if possible.
#
#Project Setup
general:
collectTelemetryData: true
changeManagement:
type: 'NONE' # SOLMAN, CTS, NONE
transportRequestLabel: 'TransportRequest\s?:'
changeDocumentLabel: 'ChangeDocument\s?:'
clientOpts: ''
credentialsId: 'CM'
git:
from: 'origin/master'
to: 'HEAD'
format: '%b'
solman:
docker:
image: 'ppiper/cm-client'
options: []
envVars: {}
pullImage: true
cts:
docker:
image: 'ppiper/cm-client'
options: []
envVars: {}
pullImage: true
rfc:
docker:
image: 'rfc'
options: []
envVars: {}
pullImage: true
githubApiUrl: 'https://api.github.com'
githubServerUrl: 'https://github.com'
gitSshKeyCredentialsId: '' #needed to allow sshagent to run with local ssh key
jenkinsKubernetes:
securityContext:
# Setting security context globally is currently not working with jaas
# runAsUser: 1000
# fsGroup: 1000
manualConfirmation: true
manualConfirmationMessage: 'Shall we proceed to Promote & Release?'
manualConfirmationTimeout: 720 # 1 month
productiveBranch: 'master'
whitesource:
serviceUrl: 'https://saas.whitesourcesoftware.com/api'
#Steps Specific Configuration
steps:
abapEnvironmentPullGitRepo:
dockerImage: 'ppiper/cf-cli'
dockerWorkspace: '/home/piper'
artifactSetVersion:
timestampTemplate: '%Y%m%d%H%M%S'
tagPrefix: 'build_'
commitVersion: true
gitPushMode: 'SSH'
verbose: false
gitHttpsCredentialsId: 'git'
gitDisableSslVerification: false
dub:
filePath: 'dub.json'
versioningTemplate: '${version}-${timestamp}${commitId?"+"+commitId:""}'
docker:
filePath: 'Dockerfile'
versioningTemplate: '${version}-${timestamp}${commitId?"_"+commitId:""}'
golang:
filePath: 'VERSION'
versioningTemplate: '${version}-${timestamp}${commitId?"+"+commitId:""}'
maven:
filePath: 'pom.xml'
versioningTemplate: '${version}-${timestamp}${commitId?"_"+commitId:""}'
mta:
filePath: 'mta.yaml'
versioningTemplate: '${version}-${timestamp}${commitId?"+"+commitId:""}'
npm:
filePath: 'package.json'
versioningTemplate: '${version}-${timestamp}${commitId?"+"+commitId:""}'
pip:
filePath: 'version.txt'
versioningTemplate: '${version}.${timestamp}${commitId?"."+commitId:""}'
sbt:
filePath: 'sbtDescriptor.json'
versioningTemplate: '${version}-${timestamp}${commitId?"+"+commitId:""}'
batsExecuteTests:
dockerImage: 'node:lts-stretch'
dockerWorkspace: '/home/node'
envVars: {}
outputFormat: 'junit' # tap, junit
testPath: 'src/test'
failOnError: false
repository: 'https://github.com/bats-core/bats-core.git'
stashContent:
- 'tests'
testPackage: 'piper-bats'
checksPublishResults:
aggregation:
active: true
thresholds:
fail:
high: '0'
tasks:
pattern: '**/*.java'
low: ''
normal: 'TODO,REVISE,XXX'
high: 'FIXME'
archive: true
active: false
thresholds:
fail:
high: '0'
pmd:
pattern: '**/target/pmd.xml'
archive: true
active: false
thresholds:
fail:
high: '0'
cpd:
pattern: '**/target/cpd.xml'
archive: true
active: false
thresholds:
fail:
high: '0'
findbugs:
pattern: '**/target/findbugsXml.xml, **/target/findbugs.xml'
archive: true
active: false
thresholds:
fail:
high: '0'
checkstyle:
pattern: '**/target/checkstyle-result.xml'
archive: true
active: false
thresholds:
fail:
high: '0'
eslint:
pattern: '**/eslint.xml'
archive: true
active: false
thresholds:
fail:
high: '0'
pylint:
pattern: '**/pylint.log'
archive: true
active: false
thresholds:
fail:
high: '0'
archive: false
cloudFoundryDeploy:
cloudFoundry:
apiEndpoint: 'https://api.cf.eu10.hana.ondemand.com'
apiParameters: ''
loginParameters: ''
deployTool: 'cf_native'
deployType: 'standard'
keepOldInstance: false
cfNativeDeployParameters: ''
mtaDeployParameters: '-f'
mtaExtensionDescriptor: ''
mtaPath: ''
smokeTestScript: 'blueGreenCheckScript.sh'
smokeTestStatusCode: 200
stashContent:
- 'deployDescriptor'
- 'pipelineConfigAndTests'
cf_native:
dockerImage: 'ppiper/cf-cli'
dockerWorkspace: '/home/piper'
mtaDeployPlugin:
dockerImage: 'ppiper/cf-cli'
dockerWorkspace: '/home/piper'
containerExecuteStructureTests:
containerCommand: '/busybox/tail -f /dev/null'
containerShell: '/busybox/sh'
dockerImage: 'ppiper/container-structure-test'
dockerOptions: "-u 0 --entrypoint=''"
failOnError: true
stashContent:
- 'tests'
testReportFilePath: 'cst-report.json'
cloudFoundryCreateService:
cloudFoundry:
apiEndpoint: 'https://api.cf.eu10.hana.ondemand.com'
serviceManifest: 'service-manifest.yml'
dockerImage: 'ppiper/cf-cli'
dockerWorkspace: '/home/piper'
stashContent:
- 'deployDescriptor'
cloudFoundryCreateServiceKey:
dockerImage: 'ppiper/cf-cli'
dockerWorkspace: '/home/piper'
detectExecuteScan:
detect:
projectVersion: '1'
scanners:
- signature
scanPaths:
- '.'
scanProperties:
- '--blackduck.signature.scanner.memory=4096'
- '--blackduck.timeout=6000'
- '--blackduck.trust.cert=true'
- '--detect.policy.check.fail.on.severities=BLOCKER,CRITICAL,MAJOR'
- '--detect.report.timeout=4800'
- '--logging.level.com.synopsys.integration=DEBUG'
stashContent:
- 'buildDescriptor'
- 'checkmarx'
# buildTool specific settings
golang:
dockerImage: 'golang:1.12-stretch'
dockerWorkspace: ''
dockerExecute:
dockerPullImage: true
sidecarPullImage: true
stashContent: []
dockerExecuteOnKubernetes:
dockerPullImage: true
stashContent: []
stashIncludes:
workspace: '**/*'
stashExcludes:
workspace: 'nohup.out'
dubExecute:
dockerImage: 'dlang2/dmd-ubuntu:latest'
githubPublishRelease:
addClosedIssues: false
addDeltaToLastRelease: false
customFilterExtension: ''
excludeLabels:
- 'duplicate'
- 'invalid'
- 'question'
- 'wontfix'
gaugeExecuteTests:
buildTool: 'maven'
dockerEnvVars:
HUB: 'TRUE'
HUB_URL: 'http://localhost:4444/wd/hub'
failOnError: false
installCommand: 'curl -SsL https://downloads.gauge.org/stable | sh -s -- --location=$HOME/bin/gauge'
stashContent:
- 'buildDescriptor'
- 'tests'
maven:
dockerImage: 'maven:3.5-jdk-8'
dockerName: 'maven'
dockerWorkspace: ''
languageRunner: 'java'
runCommand: 'mvn test-compile gauge:execute'
testOptions: '-DspecsDir=specs'
npm:
dockerImage: 'node:lts-stretch'
dockerName: 'npm'
dockerWorkspace: '/home/node'
languageRunner: 'js'
runCommand: 'gauge run'
testOptions: 'specs'
bundler:
dockerImage: 'ruby:2.5.3-stretch'
dockerName: 'bundler'
dockerWorkspace: ''
languageRunner: 'ruby'
runCommand: 'bundle install && bundle exec gauge run'
testOptions: 'specs'
hadolintExecute:
configurationFile: '.hadolint.yaml'
configurationUrl: ''
dockerFile: './Dockerfile'
dockerImage: 'hadolint/hadolint:latest-debian'
qualityGates:
- threshold: 1
type: 'TOTAL_ERROR'
unstable: false
reportFile: 'hadolint.xml'
reportName: 'HaDoLint'
stashContent:
- 'buildDescriptor'
handlePipelineStepErrors:
echoDetails: true
failOnError: true
libraryDocumentationUrl: 'https://sap.github.io/jenkins-library/'
libraryRepositoryUrl: 'https://github.com/SAP/jenkins-library/'
mandatorySteps: []
stepTimeouts: {}
healthExecuteCheck:
healthEndpoint: ''
influxWriteData:
influxServer: ''
kanikoExecute:
containerBuildOptions: '--skip-tls-verify-pull'
containerCommand: '/busybox/tail -f /dev/null'
containerPreparationCommand: 'rm /kaniko/.docker/config.json'
containerShell: '/busybox/sh'
customTlsCertificateLinks: []
dockerfile: Dockerfile
dockerImage: 'gcr.io/kaniko-project/executor:debug'
dockerOptions: "-u 0 --entrypoint=''"
karmaExecuteTests:
containerPortMappings:
'node:lts-stretch':
- containerPort: 9876
hostPort: 9876
dockerEnvVars:
NO_PROXY: 'localhost,selenium,$NO_PROXY'
no_proxy: 'localhost,selenium,$no_proxy'
dockerImage: 'node:lts-stretch'
dockerName: 'karma'
dockerWorkspace: '/home/node'
installCommand: 'npm install --quiet'
modules:
- '.'
runCommand: 'npm run karma'
sidecarEnvVars:
NO_PROXY: 'localhost,karma,$NO_PROXY'
no_proxy: 'localhost,karma,$no_proxy'
stashContent:
- buildDescriptor
- tests
mailSendNotification:
notificationAttachment: true
notifyCulprits: true
numLogLinesInBody: 100
wrapInNode: false
mavenExecute:
dockerImage: 'maven:3.5-jdk-7'
logSuccessfulMavenTransfers: false
mtaBuild:
buildTarget: 'NEO'
mtaBuildTool: classic
platform: 'cf'
mtaJarLocation: '/opt/sap/mta/lib/mta.jar'
classic:
dockerImage: 'ppiper/mta-archive-builder'
cloudMbt:
dockerImage: 'devxci/mbtci:1.0.4'
neoDeploy:
dockerImage: 'ppiper/neo-cli'
deployMode: 'mta'
warAction: 'deploy'
extensions: []
neo:
size: 'lite'
credentialsId: 'CI_CREDENTIALS_ID'
newmanExecute:
dockerImage: 'node:lts-stretch'
failOnError: true
newmanCollection: '**/*.postman_collection.json'
newmanEnvironment: ''
newmanGlobals: ''
newmanInstallCommand: 'npm install newman newman-reporter-html --global --quiet'
newmanRunCommand: "run '${config.newmanCollection}' --environment '${config.newmanEnvironment}' --globals '${config.newmanGlobals}' --reporters junit,html --reporter-junit-export 'target/newman/TEST-${collectionDisplayName}.xml' --reporter-html-export 'target/newman/TEST-${collectionDisplayName}.html'"
stashContent:
- 'tests'
npmExecute:
dockerImage: 'node:lts-stretch'
whitesourceExecuteScan:
createProductFromPipeline: true
emailAddressesOfInitialProductAdmins: []
buildDescriptorExcludeList: []
parallelLimit: 15
licensingVulnerabilities: true
securityVulnerabilities: true
cvssSeverityLimit: -1
reporting: true
vulnerabilityReportFileName: 'piper_whitesource_vulnerability_report'
vulnerabilityReportTitle: 'WhiteSource Security Vulnerability Report'
projectNames: []
jreDownloadUrl: 'https://github.com/SAP/SapMachine/releases/download/sapmachine-11.0.2/sapmachine-jre-11.0.2_linux-x64_bin.tar.gz'
agentFileName: 'wss-unified-agent.jar'
agentDownloadUrl: 'https://github.com/whitesource/unified-agent-distribution/releases/latest/download/${config.agentFileName}'
agentParameters: ''
configFilePath: './wss-unified-agent.config'
mta:
stashContent:
- 'buildDescriptor'
- 'opensourceConfiguration'
maven:
buildDescriptorFile: './pom.xml'
dockerImage: 'maven:3.5-jdk-8'
dockerWorkspace: '/home/java'
stashContent:
- 'buildDescriptor'
- 'opensourceConfiguration'
npm:
buildDescriptorFile: './package.json'
dockerImage: 'node:lts-stretch'
dockerWorkspace: '/home/node'
stashContent:
- 'buildDescriptor'
- 'opensourceConfiguration'
pip:
buildDescriptorFile: './setup.py'
dockerImage: 'python:3.7.2-stretch'
dockerWorkspace: '/home/python'
stashContent:
- 'buildDescriptor'
- 'opensourceConfiguration'
golang:
buildDescriptorFile: './Gopkg.toml'
dockerImage: 'golang:1.12-stretch'
dockerWorkspace: '/home/dep'
stashContent:
- 'buildDescriptor'
- 'opensourceConfiguration'
- 'checkmarx'
additionalInstallCommand: >-
curl --fail https://raw.githubusercontent.com/golang/dep/master/install.sh | sh
&& mkdir -p \$GOPATH/src/${config.whitesource.projectName.substring(0, config.whitesource.projectName.lastIndexOf('/'))}
&& ln -s \$(pwd) \$GOPATH/src/${config.whitesource.projectName}
&& cd \$GOPATH/src/${config.whitesource.projectName} && dep ensure
dub:
buildDescriptorFile: './dub.json'
dockerImage: 'buildpack-deps:stretch-curl'
dockerWorkspace: '/home/dub'
stashContent:
- 'buildDescriptor'
- 'checkmarx'
sbt:
buildDescriptorFile: './build.sbt'
dockerImage: 'hseeberger/scala-sbt:8u181_2.12.8_1.2.8'
dockerWorkspace: '/home/scala'
stashContent:
- 'buildDescriptor'
- 'opensourceConfiguration'
verbose: false
timeout: 0
pipelineExecute:
branch: 'master'
path: 'Jenkinsfile'
credentialsId: ''
pipelineRestartSteps:
sendMail: true
timeoutInSeconds: 900
pipelineStashFilesAfterBuild:
stashIncludes:
buildResult: '**/target/*.jar, **/*.mtar'
checkmarx: '**/*.js, **/*.scala, **/*.py, **/*.go, **/*.d, **/*.di, **/*.xml, **/*.html'
classFiles: '**/target/classes/**/*.class, **/target/test-classes/**/*.class'
sonar: '**/jacoco*.exec, **/sonar-project.properties'
stashExcludes:
buildResult: ''
checkmarx: '**/*.mockserver.js, node_modules/**/*.js'
classFiles: ''
sonar: ''
noDefaultExludes: []
pipelineStashFilesBeforeBuild:
stashIncludes:
buildDescriptor: '**/pom.xml, **/.mvn/**, **/assembly.xml, **/.swagger-codegen-ignore, **/package.json, **/requirements.txt, **/setup.py, **/mta*.y*ml, **/.npmrc, **/Dockerfile, .hadolint.yaml, **/VERSION, **/version.txt, **/Gopkg.*, **/dub.json, **/dub.sdl, **/build.sbt, **/sbtDescriptor.json, **/project/*, **/ui5.yaml, **/ui5.yml'
deployDescriptor: '**/manifest*.y*ml, **/*.mtaext.y*ml, **/*.mtaext, **/xs-app.json, helm/**, *.y*ml'
git: '.git/**'
opensourceConfiguration: '**/srcclr.yml, **/vulas-custom.properties, **/.nsprc, **/.retireignore, **/.retireignore.json, **/.snyk, **/wss-unified-agent.config, **/vendor/**/*'
pipelineConfigAndTests: '.pipeline/**'
securityDescriptor: '**/xs-security.json'
tests: '**/pom.xml, **/*.json, **/*.xml, **/src/**, **/node_modules/**, **/specs/**, **/env/**, **/*.js, **/tests/**, **/*.html, **/*.css, **/*.properties'
stashExcludes:
buildDescriptor: '**/node_modules/**/package.json'
deployDescriptor: ''
git: ''
opensourceConfiguration: ''
pipelineConfigAndTests: ''
securityDescriptor: ''
tests: ''
noDefaultExludes:
- 'git'
piperPublishWarnings:
parserId: piper
parserName: Piper
parserPattern: '\[(INFO|WARNING|ERROR)\] (.*) \(([^) ]*)\/([^) ]*)\)'
parserScript: 'return builder.guessSeverity(matcher.group(1)).setMessage(matcher.group(2)).setModuleName(matcher.group(3)).setType(matcher.group(4)).buildOptional()'
recordIssuesSettings:
blameDisabled: true
enabledForFailure: true
seleniumExecuteTests:
buildTool: 'npm'
containerPortMappings:
'selenium/standalone-chrome':
- containerPort: 4444
hostPort: 4444
failOnError: true
sidecarImage: 'selenium/standalone-chrome'
sidecarName: 'selenium'
sidecarVolumeBind:
'/dev/shm': '/dev/shm'
stashContent:
- 'tests'
maven:
dockerImage: 'maven:3.5-jdk-8'
dockerName: 'maven'
dockerWorkspace: ''
npm:
dockerImage: 'node:lts-stretch'
dockerName: 'npm'
dockerWorkspace: '/home/node'
bundler:
dockerImage: 'ruby:2.5.3-stretch'
dockerName: 'bundler'
dockerWorkspace: ''
slackSendNotification:
color: "${buildStatus == 'SUCCESS'?'#008000':'#E60000'}"
defaultMessage: "${buildStatus}: Job ${env.JOB_NAME} <${env.BUILD_URL}|#${env.BUILD_NUMBER}>"
snykExecute:
buildDescriptorFile: './package.json'
dockerImage: 'node:lts-stretch'
exclude: []
monitor: true
scanType: 'npm'
stashContent:
- 'buildDescriptor'
- 'opensourceConfiguration'
toJson: false
toHtml: false
sonarExecuteScan:
dockerImage: 'node:lts-stretch'
instance: 'SonarCloud'
options: []
pullRequestProvider: 'GitHub'
sonarScannerDownloadUrl: 'https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-4.2.0.1873-linux.zip'
spinnakerTriggerPipeline:
certFileCredentialsId: 'spinnaker-client-certificate'
keyFileCredentialsId: 'spinnaker-client-key'
timeout: 60
testsPublishResults:
failOnError: false
junit:
pattern: '**/TEST-*.xml'
updateResults: false
allowEmptyResults: true
archive: false
active: false
jacoco:
pattern: '**/target/*.exec'
allowEmptyResults: true
archive: false
active: false
cobertura:
pattern: '**/target/coverage/**/cobertura-coverage.xml'
onlyStableBuilds: true
allowEmptyResults: true
archive: false
active: false
jmeter:
pattern: '**/*.jtl'
errorFailedThreshold: 20
errorUnstableThreshold: 10
errorUnstableResponseTimeThreshold: ''
relativeFailedThresholdPositive: 0
relativeFailedThresholdNegative: 0
relativeUnstableThresholdPositive: 0
relativeUnstableThresholdNegative: 0
modeOfThreshold: false
modeThroughput: false
nthBuildNumber: 0
configType: 'PRT'
failBuildIfNoResultFile: false
compareBuildPrevious: true
allowEmptyResults: true
archive: false
active: false
checkChangeInDevelopment:
failIfStatusIsNotInDevelopment: true
tmsUpload:
namedUser: 'Piper-Pipeline'
stashContent:
- 'buildResult'
transportRequestCreate:
developmentSystemId: null
verbose: false
transportRequestUploadFile:
acceptUnixStyleLineEndings: true
codePage: 'UTF-8'
failOnWarning: true
verbose: false
transportRequestRelease:
verbose: false
uiVeri5ExecuteTests:
failOnError: false
dockerEnvVars: {}
installCommand: 'npm install @ui5/uiveri5 --global --quiet'
seleniumPort: 4444
stashContent:
- 'buildDescriptor'
- 'tests'
testOptions: ''
runCommand: "uiveri5 --seleniumAddress='http://${config.seleniumHost}:${config.seleniumPort}/wd/hub'"
#defaults for stage wrapper
piperStageWrapper:
projectExtensionsDirectory: '.pipeline/extensions/'
globalExtensionsDirectory: ''
stageLocking: true
nodeLabel: ''
stashContent:
- 'pipelineConfigAndTests'
xsDeploy:
credentialsId: 'XS'
deployIdLogPattern: '^.*"xs bg-deploy -i (.*) -a .*".*$'
loginOpts: ''
deployOpts: ''
docker:
dockerImage: ''
dockerPullImage: false
mode: 'DEPLOY'
action: 'NONE'
xsSessionFile: '.xsconfig'