I'm looking at here: https://learn.microsoft.com/en-us/azure/devops/repos/tfvc/add-check-policies?view=vsts
It says to go to Source Control under Project, but there is no Project section, no Source Control anywhere either.
I thought I would be able to enforce Code Analysis from Azure DevOps dashboard, can't find where the settings is neither.
I am the Project Admin, I do have "Edit project-level information" allowed.
Well, seems you are using Git as version control, however the check in policy is against TFVC (Team Foundation Version Control).
For Git you can set the branch policies, please see Improve code quality with branch policies for details.
As far as I know, there isn't the equal way to enable Code Analysis policy for Git. However, you can use the extension Code Analysis or SonarQube to run the Code Analysis in build/release pipeline...
If you insist on using the check in policy, then you can create a project which select TFVC as the Version Control tool...
Related
I am trying out AWS CodePipeline and currently have it hooked up to our Github account where it can checkout the master branch no issues, as this is set in the Source settings.
However, this is obviously quite restrictive, and I'd like to be able to specific a version tag from Github to checkout, but canot see anyway of achieveing this?
Ideally, I want to specify a version number (tag in Github) before the Pipeline runs, so I can use 1 Pipeling to checkout, build, test, deploy the codebase for a specific version tag. Again, I cannot find any information on how to achieve this.
This is not natively supported at the moment.
But you could configure your CodePipeline to create a Full Git Clone instead of just an artifact, and then pass that to a CodeBuild where you can use git to checkout the specific tag as outlined in the AWS documentation.
I have a task to use SonarQube.
My build are done using Google Cloud Build. How can I integrate SonarQube with Google Cloud Build
Thanks for your help
You can use custom builders. At the end, each build step is a container image:
Cloud builders are container images with common languages and tools installed in them. You can configure Cloud Build to run a specific command within the context of these builders.
There GCP documentation provides a guide on how to create a custom build. However, notice that it's inteded to be general and doesn't include any specific functionality that you might require. Nevertheless, is a great starting point for understanding how the custom builders work and create your own.
Aside from this approach, there is a community builder for Sonarqube that you can use as reference or might even suit your needs.
Edit:
In case your question is about code analysis with Sonarqube. The community builder is still relevant as it allows you to run static code analysis for your project from sonarcloud.io.
I have created a build pipeline.
have master, develop and feature/* branches in my Azure repo.
I have created a branch policy to require a build for feature/* branches.
How do I trigger an automatic build on pull request? Or even how do I queue a build manually on the pull request?
I can't see such option on my pull request screen in DevOps.
As far as I know the build policy should appear above Work Items on the right hand side. My policy does not appear there and I have no even a possibility to trigger the build manually.
I am not sure what I am doing wrong? Or what is missing?
The screenshot you provided shows that the PR is for the develop branch. If you want a PR for develop to trigger a build, then set a policy on the develop branch.
Branch policies apply to the target branch, not the source branch.
Jenkins has nice plugin for test results.
Test Results Analyzer Plugin (plugin url).
How to attach the same dashboard (with test results) for GitLab?
Here is my googling result:
Gitlab has "pages" feature but it depends on artifact life and only the last one is shown.
https://docs.gitlab.com/ee/ci/junit_test_reports.html
On the other hand there is an open and long story issue about this requirement for gitlab besides lots of closed ones.
https://gitlab.com/gitlab-org/gitlab-ce/issues/34102
Here the gitlab's info in this comparison page:
https://about.gitlab.com/comparison/gitlab-vs-jenkins.html
"Many languages use frameworks that automatically run tests on your code and create a report: one example is the JUnit format that is common to different tools. GitLab supports browsing artifacts and you can download reports, but we’re still working on a proper way to integrate them directly into the product."
I found a project for a complete solution and fully supported. I just started with this one and for now it is unbelievable. Just upload your reports to it. There are a lot of plug in support.
http://reportportal.io/
I am thinking about writing my own release storage server and before I do this, I'd like to know what people use to see integration instead of create.
So what do you use to store your builds for internal access?
I'm looking for a web app that allows me to upload artifacts and then reference them by various tags so I can group them together by component or release vehicle. I also want access controls per build by readiness or promotion.
I define staging as placing built artifacts on a server for communities of users to access. The artifacts are usually zip files containing either applications or libraries + documentation. The user communities are developers, QA, and service delivery/operations. Basically, the creators, the checkers and external-users.
We release artifacts individually and as groups in a release vehicle (e.g., release 1.1 contains foo 1.0.1 and bar 1.0.7). Depending on the artifact, we may want to restrict access. Operations shouldn't be able to access pre-released builds and we may want to track who downloads a limited availability release.
So, I'm hoping to find a tool that does most of what I want with a good extensible design so I can add in what I don't have.
Any one know of a good tool for managing the builds post-build?
Examples might be:
quickbuild/lunt build
Team forge
build forge
Jira & confluence as a set
sonatype nexus
home grown
SVN repository using branching to promote builds from dev->Qa->GA
Peter,
Since you're not getting many answers, I'll let you know about AnthillPro whose developer, Urbancode, I work for.
Ok, disclaimers out of the way, AnthillPro is designed to serve exactly the broad audience that you're discussing - dev, checkers, and operations. Compared to the tools you list, AnthillPro is something like a BuildForge (a key competitor of ours) or quick build with a tightly integrated artifact repository (like nexus). So the builds are run, and you can view the results of your builds - and the build artifacts - in a nice web ui. Users with correct permissions can run a secondary process like a deployment or test against prior builds - and the artifacts from the selected build.
The goal is to manage the entire build lifecycle from creation, through various testing tools and deployment environments out through release to production. It's not a big nasty suite, instead we integrate with tools like Subversion and Jira to make sure every release has a manifest of source and problem ticket changes.
Your release packages would map well to AnthillPro's built in dependency system. We often see customers create virtual projects that take little or no source code, but instead either relate or package components into a release bundle.
Where AnthillPro may fall short for you is that generally, we would allow operations to see pre-release builds. However, you could add rules that would immediately fail / block an attempted releaes by operations of any build not marked as "pre-release". AnthillPro's system of statuses allows the team to flag a build with custom markers like, "In QA" or "Approved for Release". Combined with rules about running workflows,that should give you the control you need. If some projects are particularly sensitive, you'd just use the role based security to lock those away.
Hope that gives you something to look into.
-- Eric
My options are
build automation systems like AntHill, QuickBuild, TeamForge, BuildForge
file server
source control server
maven repository manager (nexus, archiva)
My goals are
group build by multiple criteria (artifact type, release vehicle, stage/phase)
promote build from dev -> qa -> released
provide access control for dev builds, qa ready builds, production ready builds
I'm going to focus on either source control as file server (using svn) or maven repos manager as file server using nexus. The rational is as follows:
minimize effort
minimize cost
use something I can easily extend when needed to (because I'm certain my requirements will shift).
maven use is growing and will eventually be the dominant build technology here.
Thanks for the information.