I have an Azure build pipeline that runs a Checkmarx scan on a regular basis. Once this runs, the build log is populated with the amount of 'high', 'medium', 'low' severity results are found during the scan. I'd like to access this log to be able to act upon the 'high' severity results found (specifically, I'll be creating an Azure DevOps task).
Is there a way to read the Build log during the actual build? I've found that there is a 'Get Build Log' Azure endpoint but that seems odd to call an endpoint from a build to read its own logs.
Additionally, my first idea was to simply export the Checkmarx results within the Checkmarx step but that doesn't seem to be an option.
Is there a way to read the Build log during the actual build?
You could use the REST API Builds - Get Build Logs:
GET https://dev.azure.com/{organization}/{project}/_apis/build/builds/{buildId}/logs?api-version=5.1
Then we could grab the url from the response body to download the last log and parse the log find out the 'high' severity results.
There is a similar thread about this issue, you could check it for some more info.
Hope this helps.
Related
I needed a small help. Whenever I run the pipeline, the data being displayed in testtab is incorrect and it displays the data which I ran on my local desktop rather than the job ran on Agent.
You can run tests in test tabs using different options. You can use any to solve your problem:
Automatically inferred test result: for some popular test runners' pipeline automatically infer the test output.
This is done with the help of describing the error logs generated during build operation.
Publish Test result task: Publishes test result to azure pipeline you choose the runner for tests execution available in
any formats.
Test execution tasks: Built -in test execution tasks such as visual studio test that automatically publish tests results to the pipeline
Azure Devops also provide other way to surface the test information You can use this.
Test analytics provide rich insights into test result over a period of time, identify problematic area in your test.
The dashboard provide track of your work's progress add widgets that surface test related information.
Requirement quality
Test result trend
Deployment status
Reference: https://learn.microsoft.com/en-us/azure/devops/pipelines/test/review-continuous-test-results-after-build?view=azure-devops
I have an pipeline which will have few task mentioned in the image. I'm creating a bug work item when a particular task failed which is working fine using logic app.
Now my problem is I don't want to add every time new task for bug creation after each deployment task mentioned in the image.
Is there any way I can create only one bug work item based on failure in any of the task in the pipeline. may be in the last or somewhere..?
Not sure why you had to go the Logic app route as there is an option to do this with Azure Pipelines itself out of the box.
Navigate to {your pipeline} > Options as shown below:
If the build pipeline fails, you can automatically create a work item to track getting the problem fixed. You can specify the work item type. You can also select if you want to assign the work item to the requestor. For example, if this is a CI build, and a team member checks in some code that breaks the build, then the work item is assigned to that person.
Additional Fields: You can also set the value of other work item fields. For example:
Field Value
------- -------
System.Title Build $(Build.BuildNumber) failed
System.Reason Build failure
Check Build Options for more details.
UPDATE:
Doing this for Release Pipelines is not supported as an out of the box feature as of today. However, there are extensions available in the Visual Studio marketplace that can be used as alternatives until it is supported.
Here are two such extensions:
Create Bug on Release failure
Create Work Item
Another idea with PowerShell tasks is discussed here.
Working on porting a Jenkins plugin to Azure Dev Ops Pipelines plugin (as per https://learn.microsoft.com/en-us/azure/devops/extend/develop/add-build-task?view=azure-devopsv ) and I've seen in the docs info about how the logging commands can be used to add annotations to the GitHub checks on the PR that's being build. (https://learn.microsoft.com/en-us/azure/devops/pipelines/scripts/logging-commands)
This is great since I don't have to call GitHub APIs myself and create new GitHub App.
But in my tests it doesn't look like Azure Dev Ops Pipelines post the build log on the PR Check. Only annotations are posted. Can we also post the full log of a section that failed on GitHub PR?
If not as plan B, can we get the output of the failed build somehow so that I can manually use GItHub APIs and post it?
I am using Azure DevOps build pipeline, to run my selenium web automation tests (run by maven, inside docker container)
Now, even If one of my test scenarios fail, pipeline job is still considered as successful, how can I specify to look for certain log to fail it?
The 'pipeline job/task/phase' I am using to run my test is 'docker compose'
My second question is, is there possibility to filter pipeline output logs? Currently it is flooded with output from few services run in container:
The only thing I found is, possibility to search through logs, but no filtering, regards.
If your objective is to fail the build when one of more of your test has failed, I advise you to add one more step to your build process : Publish Test Results task
This is a necessary step for test running with another task than the default Visual Studio Test task, which consist in publishing your test result file to Azure DevOps, and enable your build to be aware of your tests results (and then let you decide what to do if one or more tests fail)
In your case, you will also probably have to find a way to extract test results file from your containers, as your test results might probably be produced and stored inside of your containers (and unavailable to the Publish Test Result task)
For your second question, I am not aware of any way to filter the output logs directly from the web interface, sorry :(
We ran into this with our cypress tests (you should ditch selenium for cypress, its sweet) and solved it by grabbing the exit code manually. We also found that AzureDevops will hang if there's a background process running, even if there's an error, so be sure to look out for that as well if you start up your web server like we do.
- bash: |
yarn test-ci:e2e 2> /dev/null
if [ $? -eq 0 ]
then
yarn stop
exit 0
else
yarn stop
exit 1
fi
displayName: 'Run Cypress Tests'
For anyone looking for a way to filter logs, if there are multiple services running, you can create new azure build pipeline task (Docker) that runs docker command:
docker logs -f NAME_OF_THE_SERVICE
This way you will only see logs from desired service.
How do you access current, and related, build information from within a Jenkins workflow groovy script?
I can see things like currentBuild.result and currentBuild.previousBuild being documented, but I can't see how I can access, for example:
The URL of the current build job.
The URL of build jobs that this workflow triggered.
The console output of a particular failed build job, etc.
Thanks for any pointers.
currentBuild.rawBuild will give you the non cached hudson.model.Run object, see hudson.model.Run
from there, to access i.e. the build log:
def buildLog = currentBuild.rawBuild.log
currentBuild.rawBuild is also of type hudson.model.AbstractBuild which can give you other details like changeset, actions