search

CodeNarc / CodeNarc

CodeNarc source
Apache License 2.0
304 stars 132 forks source link

How can I validate a Jenkinsfile using codenarc? #240

Open avijitsarkar123 opened 6 years ago

avijitsarkar123 commented 6 years ago

How can I validate a jenkins pipeline Jenkinsfile using codenarc, I tried AbstractRule but its not working as its not able to parse the SourceFile, looks like its expecting a groovy script or a class...

chrismair commented 6 years ago

CodeNarc uses the Groovy AST, so the source code being analyzed must be valid Groovy code (script or class), though the filename does not matter.

avijitsarkar123 commented 6 years ago

I am trying to validate the below Jenkinsfile, it has a parallel() block with closures, do you think we can use CodeNarc to validate this file? If yes any pointer to an exiting rule I can model it on...

branches {
   releaseBranch = 'master'
   snapshotBranch = 'development'
}

def version

integration {

   release {
      version =  maven {
         skip = false
         stageName = 'Create maven build snapshot'
         mavenHome = '/opt/runtime/apache-maven-3.3.9'
         goals = 'clean package'
         pom = './pom.xml'
      }

      parallel(
          "Stage Sonar Analysis" : {
             sonar {
                skip = false
                stageName = 'Sonar Analysis'
                withMaven = true
                mavenHome = '/opt/runtime/apache-maven-3.3.9'
                mvnArgs = ['sonar:sonar']
                pom = './pom.xml'
             }
          },
          "Stage CLM Scan" : {
             clmScan {
                skip = false
                stageName = 'CLM Scan'
                withMaven = false
                applicationId = 'tes-apps'
                targetPath = './target/refapp-boot-referenceid.jar'
            }
          })

      eratocode {
         skip = false
      }

      stageC {
         stageName = 'Sample Stage C'
         action = 'CREATE'
      }
   }
}
chrismair commented 6 years ago

I guess that depends on what you mean by "validate". Most CodeNarc rules are based on parsing/processing the Groovy Abstract Syntax Tree (AST). That is useful for processing the "nodes" in that AST, including methods, classes, fields and variables. Looking at the CodeNarc rule index should give you a sense of the kinds of things you can check.

What kinds of things do you want to validate?

Implementing your own Groovy DSL might be another way to process that Groovy code. There are plenty of examples of that if you Google it, including https://dzone.com/articles/groovy-dsl-scratch-2-hours. CodeNarc uses one to process the ruleset file (see GroovyDslRuleSet).