I am using GitLab with SonarQube executed by Jenkins. I want prevent merge requests from being accepted if SonarQube has reported any issues.
Any ideas for Gitlab CE or EE?
Gitlab CI offers two ways to prevent merge requests, if build fails or if there is unresolved discussion.
To start please configure a Jenkins plugin following this tutorial.
Now that you have the gitlab-jenkins-ci integration and gitlab trigerrs the jenkins build you have to enable Only allow merge requests to be merged if the build succeeds in the project settings in gitlab and either install SonarQube build breaker plugin or use the rest api.
The method not involving build breaking would be to use gitlab SonarQube plugin however currently it does not support making comments on merge requests so you'd have to either modify the plugin or make a workaround using the gitlab api.
Related
my ideal case is to build a secure CI/CD pipeline using cloud build applying SAST and other security test in order to prevent the developer to deploy code that has a smell or have any vulnerabilities
I currently using Github as my version control platform and hosting my app on google cloud
and with the help of google cloud build i did build a CI/CD pipeline to deploy my app each time we have an update , the current flow is whenever create a pull request in one of the main branches that reflects our environments prod/staging/dev a check status is triggered which is cloud build CI/CD.
the pipeline currently just build, scan and then push the image also starting the managed insatnce group update but its now my focus for this question, i am trying to follow the secure methodologies for DevSecOps by applying some security tests in the early stages like SAST,SCA and image scanning
so the issue is that google does not have the full ecosystem currently and no clear path for DevSecOps using cloud build as the Ci tool for such as what third party tools to integrate with in order to fill the gaps? this was the only clear path i did found until now https://cloud.google.com/blog/products/devops-sre/devsecops-and-cicd-using-google-cloud-built-in-services a blog to follow but not answering all the questions
what i have achieved until now is applying an IDE SAST tool like sonarlint also i found snyk
Although i mainly focused on the free tools as a start in order to test because as i said no clear integrations with cloud build is out there except for snyk.io i did found an integration with cloud build but its even not a native support yet
the reason for using cloud build not github actions that i don't want to store any service account key outside our project because it will be a general behavior in my company and its a more safer to keep our keys inside , so i need some ideas what tools i can integrate with cloud build in order to achieve that and how to apply it and is there a way to use github actions and cloud build at the same time while orchestrating the pull request check status order ? for example check the source code before start building the docker image
We are using mix of Jenkins & TeamCity pipelines for our Angular projects.
We want to break the build if specific version of node is not used by a project, or specific version(range of version) a library is not used. We want to have precise controls on the versions being used by developers. How to implement such build breaker in the CI/CD pipelines?
We don't have a clue if this is possible. This problem arrived after log4j issue, our teams want to have compliance on versions being used
I’ve got a project that I run the whitesource bolt plugin on. It all works well, and the report is delivering benefit.
I’ve checked the GitHub plugin and that seems to have a lot more features. Such has fail the build when X level is found
My question
Is there a way to configure the plugin so that it fails the build of a high or medium vulnerability is found using azure devops?
I add all needed information about GitLab account in Sentry, but issues from Sentry didn't appear in Gitlab (repository is private and just for test without real code). Please help me to solve problem.
Sentry doesn't auto-publish issues to issue trackers like GitLab (as it would easily flood most issue trackers). Instead, once you've enabled the integration, your Sentry's issue view will have a "Create issue in GitLab" button.
Note that GitLab 11.8 (Feb. 2019) not offers Error tracking with Sentry
Keeping an eye on errors generated by your application helps maintain a good user experience by detecting problems before users report them and speeding up resolution when they occur.
GitLab 11.8 makes it more convenient and efficient to monitor errors by integrating with popular open source error tracker Sentry, and displaying the most recent errors right within your GitLab project.
Sentry has recently improved their GitLab integration, enabling detection of suspicious commits, release and commit tracking, and more. With the combination of both integrations you’ll have a simple path to Sentry from GitLab, as well as a clean way to get to GitLab from Sentry, so that you can always address errors contextually, staying within your existing workflow.
See documentation and issue 55178.
And, with GitLab 14.4 (October 2021):
Integrated error tracking inside GitLab without a Sentry instance
Prior to GitLab 14.4, you could integrate with Sentry Error Tracking by supplying an endpoint for a Sentry backend (either self-deployed or in their cloud service). With Gitlab 14.4, you now have access to a Sentry-compatible backend built into your GitLab instance. This allows you to quickly instrument your apps so your errors show up directly in GitLab without the need for a separate Sentry instance.
See Documentation and Issue.
See GitLab 15.5 (October 2022):
Error Tracking Open Beta
In GitLab 15.5, we are re-enabling GitLab integrated error tracking for GitLab.com in Open Beta. We’ve reworked the architecture so it uses our new Observability backend, leveraging the ClickHouse database as a unified data store. This improvement will enable scaling and a more performant system for the user.
In addition, this sets the groundwork to have errors in the same database as other observability data such as metrics, traces, and logs. We want to allow users to see errors on the same dashboard as other observability data, and enable them to be embedded into issues and incidents.
See Documentation and Issue.
Hello I have a requirement is it posible to connect somehow gitlab with openproject?
I have seen this https://www.openproject.org/news/57-openproject-github-integration-plugin-released
but not sure if it will help somehow with gitlab
In the past, you could connect most git repositories to a project, so you could also connect those on GitLab. However, the git proper integration seems to be broken for some time now.
The GitHub integration plugin you mentioned will not work with GitLab though, as their web hook APIs will probably differ.
You probably should elaborate your question and put it on one of the OpenProject boards.