CodeScan with Linux/Unix Agents

To fail a Jenkins job based on the outcome of your Quality gate takes a bit of setting up but is a great way to track the health of your projects from Jenkins. This is achieved with our SFDX plugin.

Requirements

You will need:

• Jenkins

Setup Jenkins

1. In Jenkins, create a credential containing your CodeScan security token (learn how to find security token here).
2. Create a new Pipeline.
3. In the Pipeline script section you will need to paste in the code with the highlighted variables changed, these are:
   • Your credential_name should be the name of the credential you created.
   • my_project should be the project key you would like to assign to your project (learn how to find project key here).
   • my_organization should be your Organization Key (learn how to find organization key here).

node {

    stage('Pull from Git') {

      git 'https://wherever.com/me/my-repo.git'

    }

    withCredentials([string(credentialsId: 'credential_name', variable: 'codescan_token')]) {
    stage('CodeScan') {
      sh '''
        export PATH="$(pwd)/.sfdx-install/bin/:$PATH"
        if [ ! -f .sfdx-install/bin/sfdx ]; then
          mkdir .sfdx-install
          wget -q https://developer.salesforce.com/media/salesforce-cli/sfdx-linux-amd64.tar.xz -O .sfdx-install/sfdx.tar.xz
          tar xJf .sfdx-install/sfdx.tar.xz -C .sfdx-install --strip-components 1
          echo y|sfdx plugins:install sfdx-codescan-plugin
sfdx plugins:update
        fi
        sfdx codescan:run --token=$codescan_token --projectkey=my_project --organization=my_organization
        exit $?
      '''       }
   } }

4. Run the pipeline. If everything is set up correctly and your Quality Gate passes, you will be able to see you pipeline pass.
5. If your Quality Gate fails, you will see the error in the CodeScan stage of the build.