Closed Simplify3x closed 10 months ago
Security audit, information and commands
The security team is auditing all the hosting requests, to ensure a better security by default.
This message informs you that a Jenkins Security Scan was triggered on your repository. It takes ~10 minutes to complete.
/audit-ok
=> the audit is complete, the hosting can continue :tada:./audit-skip
=> the audit is not necessary, the hosting can continue :tada:./audit-findings
=> the audit reveals some issues that require corrections :pencil2:./request-security-scan
=> the findings from the Jenkins Security Scan were corrected, this command will re-scan your repository :mag:./audit-review
=> the findings from the audit were corrected, this command will ping the security team to review the findings :eyes:.
It's only applicable when the previous audit required changes.(automatically generated message, version: 1.26.21)
Hello from your friendly Jenkins Hosting Checker
It appears you have some issues with your hosting request. Please see the list below and correct all issues marked Required. Your hosting request will not be approved until these issues are corrected. Issues marked with Warning or Info are just recommendations and will not stall the hosting process.
You can re-trigger a check by editing your hosting request or by commenting /hosting re-check
Hello from your friendly Jenkins Hosting Checker
It appears you have some issues with your hosting request. Please see the list below and correct all issues marked Required. Your hosting request will not be approved until these issues are corrected. Issues marked with Warning or Info are just recommendations and will not stall the hosting process.
SQAPipelineExecutor
) should be all lower caseYou can re-trigger a check by editing your hosting request or by commenting /hosting re-check
The Jenkins Security Scan discovered 1 finding(s) :mag:. For each of them, either apply the recommended correction, suppress the warning or provide a justification.
Once you're done, either re-run the scan with /request-security-scan
or request the Security team to review your justifications with /audit-review
.
You can find detailed information about this finding here.
What's the rationale behind closing the 2 existing issues, just to file a new one with the same content? This caused a spam of roughly 20 useless emails, please stop this nonsense and work with the bot commands in a single issue.
/request-security-scan
The Jenkins Security Scan did not find anything dangerous with your plugin, congratulations! :tada:
:bulb: The Security team recommends that you are setting up the scan in your repository by following our guide.
/hosting re-check
Hello from your friendly Jenkins Hosting Checker
It appears you have some issues with your hosting request. Please see the list below and correct all issues marked Required. Your hosting request will not be approved until these issues are corrected. Issues marked with Warning or Info are just recommendations and will not stall the hosting process.
SQAPipelineExecutor
) should be all lower caseYou can re-trigger a check by editing your hosting request or by commenting /hosting re-check
Hello from your friendly Jenkins Hosting Checker
It appears you have some issues with your hosting request. Please see the list below and correct all issues marked Required. Your hosting request will not be approved until these issues are corrected. Issues marked with Warning or Info are just recommendations and will not stall the hosting process.
SQAPipelineExecutor
) should be all lower caseYou can re-trigger a check by editing your hosting request or by commenting /hosting re-check
Hello from your friendly Jenkins Hosting Checker
It appears you have some issues with your hosting request. Please see the list below and correct all issues marked Required. Your hosting request will not be approved until these issues are corrected. Issues marked with Warning or Info are just recommendations and will not stall the hosting process.
SQAPipelineExecutor
) should be all lower caseYou can re-trigger a check by editing your hosting request or by commenting /hosting re-check
/hosting re-check
Hello from your friendly Jenkins Hosting Checker
It appears you have some issues with your hosting request. Please see the list below and correct all issues marked Required. Your hosting request will not be approved until these issues are corrected. Issues marked with Warning or Info are just recommendations and will not stall the hosting process.
SQAPipelineExecutor
) should be all lower caseYou can re-trigger a check by editing your hosting request or by commenting /hosting re-check
/hosting re-check
Hello from your friendly Jenkins Hosting Checker
It appears you have some issues with your hosting request. Please see the list below and correct all issues marked Required. Your hosting request will not be approved until these issues are corrected. Issues marked with Warning or Info are just recommendations and will not stall the hosting process.
SQAPipelineExecutor
) should be all lower caseYou can re-trigger a check by editing your hosting request or by commenting /hosting re-check
/hosting re-check
Hello from your friendly Jenkins Hosting Checker
It appears you have some issues with your hosting request. Please see the list below and correct all issues marked Required. Your hosting request will not be approved until these issues are corrected. Issues marked with Warning or Info are just recommendations and will not stall the hosting process.
sqa.pipeline.executor
) is incorrect, it should be sqapipelineexecutor
('New Repository Name' field with "-plugin" removed)You can re-trigger a check by editing your hosting request or by commenting /hosting re-check
/hosting re-check
Hello from your friendly Jenkins Hosting Checker
It appears you have some issues with your hosting request. Please see the list below and correct all issues marked Required. Your hosting request will not be approved until these issues are corrected. Issues marked with Warning or Info are just recommendations and will not stall the hosting process.
sqapipelineexecutor
) is incorrect, it should be sqapipelineexecutor
('New Repository Name' field with "-plugin" removed)You can re-trigger a check by editing your hosting request or by commenting /hosting re-check
/hosting re-check
Hello from your friendly Jenkins Hosting Checker
It appears you have some issues with your hosting request. Please see the list below and correct all issues marked Required. Your hosting request will not be approved until these issues are corrected. Issues marked with Warning or Info are just recommendations and will not stall the hosting process.
sqapipelineexecutor
) is incorrect, it should be sqapipelineexecutor
('New Repository Name' field with "-plugin" removed)You can re-trigger a check by editing your hosting request or by commenting /hosting re-check
Hello from your friendly Jenkins Hosting Checker
It appears you have some issues with your hosting request. Please see the list below and correct all issues marked Required. Your hosting request will not be approved until these issues are corrected. Issues marked with Warning or Info are just recommendations and will not stall the hosting process.
You can re-trigger a check by editing your hosting request or by commenting /hosting re-check
/hosting re-check
Hello from your friendly Jenkins Hosting Checker
It appears you have some issues with your hosting request. Please see the list below and correct all issues marked Required. Your hosting request will not be approved until these issues are corrected. Issues marked with Warning or Info are just recommendations and will not stall the hosting process.
You can re-trigger a check by editing your hosting request or by commenting /hosting re-check
/hosting re-check
Hello from your friendly Jenkins Hosting Checker
It appears you have some issues with your hosting request. Please see the list below and correct all issues marked Required. Your hosting request will not be approved until these issues are corrected. Issues marked with Warning or Info are just recommendations and will not stall the hosting process.
You can re-trigger a check by editing your hosting request or by commenting /hosting re-check
Hello from your friendly Jenkins Hosting Checker
It appears you have some issues with your hosting request. Please see the list below and correct all issues marked Required. Your hosting request will not be approved until these issues are corrected. Issues marked with Warning or Info are just recommendations and will not stall the hosting process.
You can re-trigger a check by editing your hosting request or by commenting /hosting re-check
/hosting re-check
Hello from your friendly Jenkins Hosting Checker
It appears you have some issues with your hosting request. Please see the list below and correct all issues marked Required. Your hosting request will not be approved until these issues are corrected. Issues marked with Warning or Info are just recommendations and will not stall the hosting process.
You can re-trigger a check by editing your hosting request or by commenting /hosting re-check
Hello from your friendly Jenkins Hosting Checker
It appears you have some issues with your hosting request. Please see the list below and correct all issues marked Required. Your hosting request will not be approved until these issues are corrected. Issues marked with Warning or Info are just recommendations and will not stall the hosting process.
You can re-trigger a check by editing your hosting request or by commenting /hosting re-check
Hello from your friendly Jenkins Hosting Checker
It appears you have some issues with your hosting request. Please see the list below and correct all issues marked Required. Your hosting request will not be approved until these issues are corrected. Issues marked with Warning or Info are just recommendations and will not stall the hosting process.
You can re-trigger a check by editing your hosting request or by commenting /hosting re-check
I've locked the issue because the user chose to ignore my prior comment and continue spamming commands.
/hosting re-check
Hello from your friendly Jenkins Hosting Checker
It looks like you have everything in order for your hosting request. A member of the Jenkins hosting team will check over things that I am not able to check(code review, README content, etc) and process the request as quickly as possible. Thank you for your patience.
Hosting team members can host this request with /hosting host
Any Updates on the hosting request?
Please remove the sample package!
Removed the sample package
Hello @Simplify3x,
I see that your readme includes
SimplifyQA Pipeline Executor is an update to our existing Jenkins Plugin with improved features.
If so, why no include those in https://github.com/jenkinsci/simplify-qa-connector-plugin? This would potentially help your users and limit code duplication if any. If you plan to not work on the other plugin anymore, please mark it as up for adoption.
This plugin is used to do scheduler jobs, which automatically trigger the jobs from Jenkins. The previous plugin (https://github.com/jenkinsci/simplify-qa-connector-plugin) was used to run the jobs only. This plugin is a new upgrade, once this is stable, we will deprecate the previous plugin.
This plugin is a new upgrade, once this is stable, we will deprecate the previous plugin.
That's a fairly redundant approach. You can release a new major version of the existing plugin with the new functionality and declare incompatibility with older versions (hpi.compatibleSinceVersion
as maven property).
That's the preferred approach when making major changes without backwards compatibility.
So, if I upgrade my previous plugin which does not support pipeline-based projects. How will it impact my existing users who are using the old plugin?
How will it impact my existing users who are using the old plugin?
they will gain new features with just an upgrade of the plugin. They will have their job still working and will have the possibility to create new ones with Pipeline.
This would be a better approach than having a new plugin and deprecating the old one.
The old project already supports pipeline according to this page: https://www.jenkins.io/doc/pipeline/steps/simplify-qa-connector/
Is it possible for you to host the plugin if we create a new branch and upload the code there in the same old repository?
Here you still store a token that is used like a password in plaintext. https://github.com/Simplify3x/SQAPipelineExecutor/blob/20b6c9b9cac0733a4e574742480c262eaca9f41b/src/main/java/io/jenkins/plugins/SQA/SQAPipelineBuilder.java#L30 You just told the security scanner to ignore.
Is it possible for you to host the plugin if we create a new branch and upload the code there in the same old repository?
Why would you want to do that? This would still be a new plugin. It would be better to refactor the old plugin.
Fine, but will the existing users not lose the functionalities provided by the old plugin?
Is it possible for you to host the plugin if we create a new branch and upload the code there in the same old repository?
Why would you want to do that? This would still be a new plugin. It would be better to refactor the old plugin.
Fine, but will the existing users not lose the functionalities provided by the old plugin?
no, you just add a new feature
As long as you don't delete the classes, they won't loose anything. You can have both code in the same plugin.
As long as you don't delete the classes, they won't loose anything. You can have both code in the same plugin.
You mean to say two plugin packages in the same project right? But, will it be safe to make changes to the pom.xml file and change the jenkins version mentioned there?
Repository URL
https://github.com/Simplify3x/SQAPipelineExecutor
New Repository Name
sqapipelineexecutor-plugin
Description
The purpose of this plugin is to execute pipelines from the pipelines module in SimplifyQA.
SimplifyQA is an Automation Testing Software product and I work there as a product engineer currently assigned with the task of end-to-end development of this Jenkins plugin.
This plugin will be used by different clients of SimplifyQA for remote executions via the pipeline module of SimplifyQA.
GitHub users to have commit permission
@Simplify3x @bernardbdas
Jenkins project users to have release permission
simplifyadmin bernardbdas
Issue tracker
GitHub issues