Continuous Integration/Deployment

Internal CI Pipeline Flow

The internal CI pipeline will go through several steps to preserve quality and protect against code regressions.

  1. Validate poms
    1. Checks out the code
    2. Uses the pomfix tool to validate that bundle dependencies are properly declared
  2. Incremental Build (only runs for PR branches)
    1. Runs two parallel builds. One on Linux and one on Windows
      1. Runs a quick build with tests and analysis disabled
      2. Runs a build that runs the tests and analysis for the changed modules
      3. Runs the integration tests
  3. Full Build (only runs for non-pr branches)
    1. Runs two parallel builds. One on Linux and one on Windows
      1. Runs a quick build with tests disabled
      2. Static analysis will run, including ErrorProne (2.12.x+), Checkstyle, and Coveo Formatting Check
      3. Runs the integration tests
  4. Security Analysis
    1. OWASP
      1. Runs incremental scan if it is a pull request
      2. If not a pull request, run the full scan
    2. NodeJsSecurity
      1. Runs Node JS security check on UI packages
  5.  Deploy
    1. The deploy stage will only be executed for deployable branches. These include master and any patch branch matching M.m.x format (i.e. 2.10.x, 2.9.x, etc...). It will also only deploy in the presence of an environment variable JENKINS_ENV = 'prod'. This can be passed in globally from the jenkins master node settings.
    2. In other words, PR and specialty branches will not be deployed
    3. Uses the Maven Deploy Plugin to publish the artifacts to the Codice Nexus
  6. Quality Analysis
    1. Runs three scans in parallel: SonarCloud, Coverity, and Codecov
    2. SonarCloud (Code defect static analysis)
      1. Runs incremental scans for pull request branches
      2. Runs full scan for all other branches
    3. Coverity (Code defect static analysis)
      1. Only run on the master branch
    4. Codecov (Test code coverage)
      1. Always run


PR Quality Gate

BadgeDescription

Comments

Committer ReviewChecks if committers have approved the PR.
CodacyCode quality review

Posts comments with issues.

Internal CI PipelineResult of build
CodecovCode test coveragePosts comments with issues.
CLAContributor License AgreementIf not present, will present a link for the contributor to sign.
Merge ConflictsChecks if there would be any merge conflicts if the PR would be merged.