Continuous Integration/Deployment
Internal CI Pipeline Flow
The internal CI pipeline will go through several steps to preserve quality and protect against code regressions.
- Validate poms
- Checks out the code
- Uses the pomfix tool to validate that bundle dependencies are properly declared
- Incremental Build (only runs for PR branches)
- Runs two parallel builds. One on Linux and one on Windows
- Runs a quick build with tests and analysis disabled
- Runs a build that runs the tests and analysis for the changed modules
- Runs the integration tests
- Runs two parallel builds. One on Linux and one on Windows
- Full Build (only runs for non-pr branches)
- Runs two parallel builds. One on Linux and one on Windows
- Runs a quick build with tests disabled
- Static analysis will run, including ErrorProne (2.12.x+), Checkstyle, and Coveo Formatting Check
- Runs the integration tests
- Runs two parallel builds. One on Linux and one on Windows
- Security Analysis
- OWASP
- Runs incremental scan if it is a pull request
- If not a pull request, run the full scan
- NodeJsSecurity
- Runs Node JS security check on UI packages
- OWASP
- Deploy
- The deploy stage will only be executed for deployable branches. These include master and any patch branch matching M.m.x format (i.e. 2.10.x, 2.9.x, etc...). It will also only deploy in the presence of an environment variable JENKINS_ENV = 'prod'. This can be passed in globally from the jenkins master node settings.
- In other words, PR and specialty branches will not be deployed
- Uses the Maven Deploy Plugin to publish the artifacts to the Codice Nexus
- Quality Analysis
- Runs three scans in parallel: SonarCloud, Coverity, and Codecov
- SonarCloud (Code defect static analysis)
- Runs incremental scans for pull request branches
- Runs full scan for all other branches
- Coverity (Code defect static analysis)
- Only run on the master branch
- Codecov (Test code coverage)
- Always run
PR Quality Gate
Badge | Description | Comments |
---|---|---|
Committer Review | Checks if committers have approved the PR. | |
Codacy | Code quality review | Posts comments with issues. |
Internal CI Pipeline | Result of build | |
Codecov | Code test coverage | Posts comments with issues. |
CLA | Contributor License Agreement | If not present, will present a link for the contributor to sign. |
Merge Conflicts | Checks if there would be any merge conflicts if the PR would be merged. |