Edit

Copado SFDX Integration

Our Integration with Copado SFDX pipelines is currently a modification of their extension from their DevOps exchange. These modifications to the function script and Static Code Analysis Violation object add the following functionality:

  • User stories are scanned after Commit. This adds a quality gate result to the User Story and creates a branch on the CodeScan project.

  • The Production branch scans are updated on Promotion. When a change is made in your main branch, CodeScan will scan it to give you a view of the state of your production and accurate delta scans for your User Stories.

  • All User Story results are added to the Static Analysis Results object for review on the Copado platform.

  • A single project will exist in CodeScan for each Copado Pipeline.

Note: Copado cannot be integrated with On-Premises/Self-Hosted CodeScan.

CodeScan Project Setup

First create a GitHub, BitBucket, or GitLab project in CodeScan. This will serve as the project for your Copado Pipeline and will run the analysis in CodeScan for all Production deployments automatically. Make sure to create the project on the main/master branch of your repository.

See below for our articles on creating these projects:

Copado Extensions Setup

As mentioned, this is an extension of Copado's SFDX integration with CodeScan.

If you haven't already, please follow the instructions on their SFDX Pipelines documentation or use the PDF attached here.

1MB
Copado Labs - CodeScan Integration.pdf
PDF
Open

After installing the CodeScan Integration as Copado intended, you can make some improvements.

CodeScan Object Modifications

First, you will need to add two fields to the copado__Static_Code_Analysis_Violation__c object in setup.

  1. Field Name: CSExtKey API Name: CSExtKey__c Type: text Length: 255 ExternalId: true

  2. Field Name: CSProject API Name: CSProject__c Type: text Length: 255 ExternalId: false

Function Modifications

Then, navigate to the functions tab and find the Run CodeScan QIF function.

Under the script tab, click the lower edit button and replace the script with the following:

Expand to view script

If the main branch of your repository is not main, please change the CS_MAIN_BRANCH variable on line 15. This should match the branch name as it is shown in CodeScan.

Click save.

The configuration tab should show the callback type is ApexClass and the ApexClass is EvaluateCodeScanResult.

Navigate to the Parameters tab and click Edit.

Click Add New Parameter and add the following parameters:

Name: DataJson Value: {$Context.copado__JobExecution__r.copado__DataJson__c}

Name: BASE_BRANCH Value: {$Context.copado__JobExecution__r.copado__Pipeline__r.copado__Main_Branch__c}

Name: COPADO_PROJECT Value: {$Context.copado__JobExecution__r.copado__UserStoryCommit__r.copado__User_Story__r.copado__Project__r.Name}

Name: DEST_BRANCH Value: {$Destination.Branch}

Name: PARENT_ID Value: {$Context.copado__JobExecution__r.copado__ParentRecord_Id__c}

Click Save.

Quality Gate Rule

The Quality Gate rule should show After Commit as a Trigger. This is the default setup as described in the Copado documentation.

User Story Page

We recommend adding the Static Code Analysis results related list to the User Story page to make them easier to access.

Violations will be stored as Static Code Analysis Violations.

Using the "Run CodeScan" button or running functions directly from the User Story page

These approaches are not recommended due to the fact that it will not update the Test record Pass/Fail for the User Story as it is not executing in Copado's Quality Integration Framework like the function above.

The supported use case above will scan every time code is committed in the User Story. This means you will always have:

  • The most up-to-date scan of your committed code in CodeScan

  • The most up-to-date result of your committed code in Copado (Pass/Fail)

PreviousCopadoNextCopado MDAPI Integration

Last updated

Was this helpful?