DevOps Classroom Series – 04/Oct/2020

Imporving Code Quality

  • Static Code Analysis:
    • It is process of examining the source code with set of coding rules which are considered as best practices
  • In this series we will be looking into sonarqube as a static code analysis
  • Basic Architecture of SonarQube Preview
  • Integration Workflow Preview
  • To work with sonarqube, we will be install sonarqube server and from the machine where we want to perform code analysis sonarqube scanners are used Preview
  • Refer Here for sonarqube integration with jenkins guide
  • Installing SonarQube
  • Configuring Jenkins and Sonarqube
    • Install Necessary plugins to add sonar scanner to jenkins Preview
    • Now Navigate to Sonarqube and generate the token for user Preview
    • Here Generate a new token if you don’t have one
    • Navigate to Jenkins, Manage Jenkins => Configur System and find the sonarqube section Preview
    • Now lets add scanner to jenkins. Manage Jenkins => Global Tool configuration => Add SonarQubeScanner Preview
    • Quality Gate is used to enforce policy in the organization for static code analysis. Preview
    • Developers on their local machines can run sonar qube scans by using commands such as
    mvn sonar:sonar \
    -Dsonar.host.url=http://54.185.79.220:9000 \
    -Dsonar.login=1fa1d4e75ab6fba87a377977494791cc68b1c4f6 
    
    • Refer Here for declarative steps documentation from official sources
    • Refer Here for change set with scripted pipeline

How to manage releases of builds/packages in CD

  • We need a repository for storing the build artifacts
    • war files
    • Jar files
    • test result xmls
    • executables
    • dlls
  • We have two popular repositories for storing build artifacts
    • Nexus
    • Artifactory (JFrog)
  • In this series we will be using JFrog. JFrog can be used as a artifact repository for various languages like
    • java
    • .net
    • python
    • docker
    • k8s
    • deb
    • npm
    • ivy
    • groovy
  • Now we need to understand how to use artifactory server (JFrog)
  • Jfrog Artifactory enterprise supports almost all the package managment starting from c to kubernetes.
  • Jfrog also offers opensource products, which are free for
    • generic repository
    • maven repository
    • ivy repository
    • gradle repository
  • Refer Here for Open source products of Jfrog
  • Refer Here for artifactory docs
  • For Using Artifactory oss with Jenkins Refer Here
  • Installing Artifactory Refer Here
  • Enterprise Usecase Preview
  • Refer Here for configuring Artifactory with Jenkins
  • Install Artifactory Plugin Preview
  • Now Manage Jenkins and Navigate to System and find jfrog and configure artifactory server as shown below and save settings Preview
  • For configuring jenkins with artifactory using scripted pipelines Refer Here and with declartive pipelines Refer Here
  • For Maven Artifactory specific settings Refer Here
  • Refer Here Sample with maven
  • Refer Here for complete jfrog project examples
  • Refer Here for jenkins specific examples

Next Steps

  • How to realize CI/CD Pipeline using Azure DevOps (VSTS)
    • YAML files
  • Ensure you have practiced all of Jenkins b4 the Azure DevOps

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

About learningthoughtsadmin