cloud-sdk-pipeline-configuration

Run E2E Tests in parallel. This feature is disabled by default because it is not supported in Blue Ocean. If this feature is enabled, we suggest not using the Blue Ocean interface and rely on the classic UI instead.

Docker image for jnlp agent to be used.

The number of times that integration tests will retry before aborting the build. Note: This will consume more time for the jenkins build.

The number of JVM processes that are spawned to run the tests in parallel in case of using a maven based project structure. For more details visit the surefire documentation.

The list of system credentials to be injected during integration tests. The following example will provide the username and password for the systems with the aliases ERP and SFSF. For this, it will use the Jenkins credentials entries erp-credentials and successfactors-credentials. You have to ensure that corresponding credential entries exist in your Jenkins configuration.

Name of the Docker image that should be used.

On Docker: Name of the container in the local network. On Kubernetes: Name of the container.

Command executed inside the container, which returns exit code 0 when the container is ready to be used.

Environment variables to set in the container.

The image used in the step or stage.

The image used in the step or stage.

It is possible to activate zero downtime deployment in end-to-end tests with the option enableZeroDowntimeDeployment. This will lead to a blue-green-deployment on SCP Cloud Foundry respectively to a rolling update on SCP Neo. By default, this feature is turned off.

Running end-to-end tests can be restricted to the productiveBranch with the option onlyRunInProductiveBranch. This might be useful when the end-to-end tests slow down development, and build failure on the productiveBranch is acceptable. By default, this feature is turned off.

In case you audited an advisory, and it turns out to be a false positive, you can mark it as audited by adding its id to the auditedAdvisories in the stage configuration. A false positive in this case is when you are confident your application is not affected in any way by the underlying bug or vulnerability.

A list of exclusions expressed as an Ant-style pattern relative to the application folder. An example can be found below.

We recommend only using OData services listed in the in SAP API Business Hub. Despite that for using custom business objects you can add those APIs here.

List of destination names that do not refer to ERP systems. Use this parameter to exclude specific destinations from being checked in context of ERP API whitelists.

List of URLs that are not defined as destinations. Use this parameter to exclude specific URLs from being checked in context of ERP API whitelists.

A map containing the thresholds unstable and failing. If the code coverage is lower than what is configured in unstable, the pipeline result is unstable. If it is lower than what is configured in failing, the pipeline will fail.

This setting allows the code coverage to be stricter compared to the default values. By default, the pipeline will fail if the coverage is below 65% line coverage (unstableCoverage), and will be unstable if it is less than 70% (successCoverage). If lower numbers are configured, or this configuration is left out, the default values are applied.

A list of checks which should not be executed. Possible values are: checkDeploymentDescriptors (Check for insecure options, such as ALLOW_MOCKED_AUTH_HEADER in deployment descriptors), checkResilience(Check that application is resilient to faults in the network), checkServices (Check that only official APIs are used), checkFrontendCodeCoverage (Ensures high frontend code coverage), checkBackendCodeCoverage (Ensures high backend code coverage)

Checkmarx Group ID

Name of the project on Checkmarx server.

Files which needs to be skipped during scanning.

Toggle to enable or disable full scan on a certain schedule.

Perform incremental scan with every run. If turned false, complete project is scanned on every submission.

The threshold for medium level threats. If the findings are greater than this value, pipeline execution will result in failure.

The threshold for low level threats. If the findings are greater than this value, pipeline execution will result in failure.

Name or numerical ID of Checkmarx preset to be used when scanning this project. When a name (string) is specified, the pipeline will try to discover the corresponding numerical ID via the Checkmarx API. Please also make sure to specify checkmarxCredentialsId and checkmarxServerUrl in such a case. For determining available presets in your Checkmarx webclient, go to Checkmarx -> Management -> Scan Settings -> Preset Manager. Alternatively, you can determine the numerical ID of your targeted preset by following those guides: Token-based Authentication and Get All Preset Details.

The Credential ID to connect to Checkmarx server. The credentials must be type username with password. This property becomes mandatory if the credentials are not configured in the Jenkins plugin itself.

An URL to Checkmarx server. This property becomes mandatory if the URL to the Checkmarx server is not configured in the Jenkins plugin itself or if the checkmarxCredentialsId is configured.

Possibility to generate PDF reports of the scan.

Name of your product in WhiteSource.

ID to the credentials that will be used.

Overwrites the respective version in the whitesource UI per scan with the staticVersion. Per default for every new version of a pom/package.json a new project will be created in the whitesource UI. To deactivate the creation of new projects and always have a fixed version for each project in the whitesource UI, configure the staticVersion.

Unique identifier of the Secret Text on Jenkins server that stores WhiteSource userKey of a user. This is required only if the administrator of the WhiteSource service has enabled additional access level control. More details can be found here.

ID to the credentials that will be used.

Additional configuration for the SourceClear agent. The key-value pairs will be added to srcclr.yml.

Define whether the scan should also happen in non productive branches, i.e. if your SonarQube instance supports that.

The image used in the step or stage.

The project settings.xml to be used for maven builds. You can specify a relative path to your project root or a URL starting with http or https.

The image used in the step or stage.

Defines the user name which appears in version control for the versioning update (in case versioningType: cloud).

Defines if the automatically generated version (versioningType: cloud) should include the commit id hash.

Defines the prefix which is used for the git tag which is written during the versioning run (only versioningType: cloud).

Defines if the Unix timestamp number should be used as build number instead of the standard date format.

Defines the type of versioning (cloud: fully automatic, cloud_noTag: automatic but no tag created, library: manual)

The image used in the step or stage.

The default npm registry url to be used as the remote mirror. Bypasses the local download cache if specified.

The image used in the step or stage.

The image used in the step or stage.

Expected return code for smoke test success.

In case of a blue-green deployment the old instance will be stopped and will remain in the Cloud Foundry space by default. If this option is set to false, the old instance will be deleted.

A map specifying the Cloud Foundry specific parameters.

The image used in the step or stage.

The map for neo.

You can enable Gatling tests by turning the flag to true.

Options such as proxy.

The directory where the test plans reside. Should reside in a subdirectory under performance-tests directory if both JMeter and Gatling are enabled.

The image used in the step or stage.

Marks build as FAILURE if the value exceeds the threshold.

Marks build as UNSTABLE if the value exceeds the threshold.

Jenkins 'Secret text' credentials ID containing token to authenticate to Fortify SSC.

The image used in the step or stage.

Sends the verbose output to the Jenkins log.

Jenkins 'Secret text' credentials ID containing token to authenticate to GitHub.

Fortify SSC Url to be used for accessing the APIs

The project used for reporting results in SSC

The default project versioning model used in case 'projectVersion' parameter is empty for creating the version based on the build descriptor version to report results in SSC, can be one of 'major', 'major-minor', 'semantic', 'full'

Scan type used for the step which can be 'maven', 'pip'

Whether Fortify project and project version shall be implicitly auto created in case they cannot be found in the backend

Whether results shall be uploaded or not

The amount of memory granted to the translate/scan executions

A list of source directories to scan. Wildcards can be used, e.g., 'src/main/java//*'. The default value for buildTool: 'maven' is ['/.xml', '**/.html', '/*.jsp', '/.js', '/src/main/resources//', '/src/main/java//'], for buildTool: 'pip' it is ['./**/'].

A list of directories/files to be excluded from the scan. Wildcards can be used, e.g., '**/Test.java'.

Name of your product in WhiteSource.

ID to the credentials that will be used.

Overwrites the project version in the WhiteSource UI per scan with the given version. Per default, the version from the main build descriptor file is used and transformed according to the versioningModel parameter, i.e. "1" for the default model of "major".

Unique identifier of the Secret Text on Jenkins server that stores WhiteSource userKey of a user. This is required only if the administrator of the WhiteSource service has enabled additional access level control. More details can be found here.

The image used in the step or stage.

The target platform to which the mtar can be deployed.

Choose which tool is used to build your mta project. The default option is cloudMbt which is not backwards compatible with the classic tool. For more information on migrating from classic to cloudMbt, please refer to https://sap.github.io/cloud-mta-build-tool/migration/.

The name of the application which is being built. If the parameter has been provided and no mta.yaml exists, the mta.yaml will be automatically generated using this parameter and the information (name and version) from package.json before the actual build starts.

Url to the npm registry that should be used for installing npm dependencies.

Docker options to be set when starting the container (List or String).

The path to the extension descriptor file.

Path or url to the mvn settings file that should be used as global settings file.

Path or url to the mvn settings file that should be used as project settings file.

The location of the SAP Multitarget Application Archive Builder jar file, including file name and extension. If it is not provided, the SAP Multitarget Application Archive Builder is expected on PATH.

If set to true, a confidential debug report is being generated with each build.

The project key is used to refer your project.

This property refers to a SonarQube instance, which needs to be defined in the Jenkins.

A list of additional options (in the form of '-Dxy=z') to be passed to the sonar scanner tool.

The image used in the step or stage.

Defines the name of the node to which the *.mtar file should be uploaded.

Credentials to be used for the file and node uploads to the Transport Management Service.

Can be used as the description of a transport request. Will overwrite the default.