I add all needed information about GitLab account in Sentry, but issues from Sentry didn't appear in Gitlab (repository is private and just for test without real code). Please help me to solve problem.
Sentry doesn't auto-publish issues to issue trackers like GitLab (as it would easily flood most issue trackers). Instead, once you've enabled the integration, your Sentry's issue view will have a "Create issue in GitLab" button.
Note that GitLab 11.8 (Feb. 2019) not offers Error tracking with Sentry
Keeping an eye on errors generated by your application helps maintain a good user experience by detecting problems before users report them and speeding up resolution when they occur.
GitLab 11.8 makes it more convenient and efficient to monitor errors by integrating with popular open source error tracker Sentry, and displaying the most recent errors right within your GitLab project.
Sentry has recently improved their GitLab integration, enabling detection of suspicious commits, release and commit tracking, and more. With the combination of both integrations you’ll have a simple path to Sentry from GitLab, as well as a clean way to get to GitLab from Sentry, so that you can always address errors contextually, staying within your existing workflow.
See documentation and issue 55178.
And, with GitLab 14.4 (October 2021):
Integrated error tracking inside GitLab without a Sentry instance
Prior to GitLab 14.4, you could integrate with Sentry Error Tracking by supplying an endpoint for a Sentry backend (either self-deployed or in their cloud service). With Gitlab 14.4, you now have access to a Sentry-compatible backend built into your GitLab instance. This allows you to quickly instrument your apps so your errors show up directly in GitLab without the need for a separate Sentry instance.
See Documentation and Issue.
See GitLab 15.5 (October 2022):
Error Tracking Open Beta
In GitLab 15.5, we are re-enabling GitLab integrated error tracking for GitLab.com in Open Beta. We’ve reworked the architecture so it uses our new Observability backend, leveraging the ClickHouse database as a unified data store. This improvement will enable scaling and a more performant system for the user.
In addition, this sets the groundwork to have errors in the same database as other observability data such as metrics, traces, and logs. We want to allow users to see errors on the same dashboard as other observability data, and enable them to be embedded into issues and incidents.
See Documentation and Issue.
Related
I’ve got a project that I run the whitesource bolt plugin on. It all works well, and the report is delivering benefit.
I’ve checked the GitHub plugin and that seems to have a lot more features. Such has fail the build when X level is found
My question
Is there a way to configure the plugin so that it fails the build of a high or medium vulnerability is found using azure devops?
When I launch WSO2 API Manager, I get the following notice:
There are 177 updates available for the product 'wso2am-3.2.0'.[WARNING] There
are 13 critical security updates for the product 'wso2am-3.2.0'. WSO2 strongly
recommends to apply these updates in production as soon as possible.
WSO2 doesn't bundle security updates, so I head to the GitHub issues. The problem is that if I go to the security tag, I don't see anything relevant to the 3.2.0 release: https://github.com/wso2/product-apim/issues?q=label%3Asecurity+is%3Aclosed
There is one "critical for 3.2.0": https://github.com/wso2/product-apim/issues?q=label%3ASeverity%2FCritical+label%3AAffected%2F3.2.0
There are two more using this deprecated tag: https://github.com/wso2/product-apim/issues?q=label%3ASeverity%2FCritical+label%3A3.2.0
So, it seems like what you have to do is look at the 4.0 milestones and cherry-pick those fixes and backport them.
Is there a tag I am missing? Is someone bundling these?
Thanks!
You can find the security advisors in here https://docs.wso2.com/display/Security/2020+Advisories
I am using SAP Cloud SDK (Java flavour) to create an extension application of SuccessFactors.
I sadly discovered that the Jenkins pipeline does not allow me to use any other service than the ones listed here: SCN Blog (scroll to the Appendix).
This does not make so much sense to me, as now the SDK can be used - and it is sponsored to be used by SAP - also with SaaS in its ecosystem, SuccessFactors being one of them.
Any hint? Can this check be somehow "bypassed"?
Thanks,
Roberto.
Please note that the blog post is quite old, have you verified your assumption that it does not work with SuccessFactors API?
Nonetheless, we recently introduced a configuration option which allows you to disable certain checks, cf https://github.com/SAP/cloud-s4-sdk-pipeline/blob/master/configuration.md#s4sdkqualitychecks
checkServices is what you would want to disable in your scenario.
As stated by Florian in the comment and following the Project Piper documentation, parameters "checkServices" and "customODataServices" can be used to customize the behavior of the pipeline when running upon a non-Business Hub API.
"checkServices: false" will completely deactivated the check, whereas "customODataServices: [ yourApiName ]" will skip the check just for the specified services.
What's the dealio on importing data from a legacy issue tracker system into Gitlab CE?
Do tools exist for this? Schemas? Suggestions?
Please notice that this is really a legacy issue tracker system. It predates bugzilla, and runs on an old IIS server and SQL Server 2000).
(Say whatever you want about this setup, but it's nothing we haven't already heard.)
You should be using the REST APIs to create your migrations.
Generally recommendation questions are off topic, so if I mention
there is a redmine issue importer and there are issue tracker issues on the gitlab ce issue tracker requesting this. This sounds like a good kind of thing to make as a community contribution if it's a popular tool.
But if it's not, and you're the only person in the world using your tracker, you probably will want to study the python based redmine issue importer it may server as an example for you to write your own REST-api based tool that reads your db and creates the Gitlab Issue Tracker issues. You don't want and don't need to know the Gitlab side's PostGres schema. It will change over time anyways.
I'm getting started with sonarqube (Version 3.7.2) and have installed
the Security Rules [securityrules] plug-in (version 0.3.2).
After deploying the plugin it seemed to activate OK (see Evidence for Successful Plugin Activation, below). I re-analyzed my project and then went to the dashboard, but i could not see
the 'security defects' icon which (according to this document: http://docs.codehaus.org/display/SONAR/Security+Rules+Plugin) is supposed to appear.
I was planning on using that 'view' to drill into a view of only security related issues.
My question is:
is there any other way to do this filtering (besides the security defects widget?)
is there any reason why that widget would not show up.
I understand the securityrules plugin is deprecated for later versions of sonar, but i'm using an older version which should be compatible.
Evidence for Successful Plugin Activation
after restart the plugin appears in the list of 'Installed Plugins' In the Update Center.
In 'sonar.log' i see this statement:
2014.12.17 07:35:57 INFO o.s.s.p.PluginDeployer Deploy plugin Security Rules / 0.3.2
thanks in advance !
-chris
You can create a quality profile which contains only rules of the security plugin. Then you execute the analysis with that profile.
The answer turns out to be very simple. After activating the plug-in I needed to configure the dashboard for the project i am analyzing so the security widget is added. This page describes the mechanics: http://docs.sonarqube.org/display/SONAR/Customizing+Dashboards