Skip to content

Open Source

New display of Pipeline’s "snippet generator"

Those of you updating the Pipeline Groovy plugin to 2.3 or later will notice a change to the appearance of the configuration form. The Snippet Generator tool is no longer a checkbox enabled inside the configuration page. Rather, there is a link Pipeline Syntax which opens a separate page with several options. (The link appears in the project’s sidebar; Jenkins 2 users will not see the sidebar from the configuration screen, so as of 2.4 there is also a link beneath the Pipeline definition.) Snippet Generator continues to be available for learning the available Pipeline steps and creating sample calls given various configuration options. The new page also...
Categories: Open Source

GSoC Project Intro: Improving Job Creation/Configuration

About me My name is Samat Davletshin and I am from HSE University from Moscow, Russia. I interned at Intel and Yandex, and cofounded a startup project where I personally developed front-end and back-end of the website. I am excited to participate in GSoC with Jenkins this summer as a chanсe to make a positive change for thousands of users as well as to learn from great mentors. Abstract Although powerful, Jenkins new job creation and configuration process may be non obvious and time consuming. This can be improved by making UI more intuitive, concise, and functional. I plan to achieve this by creating a simpler new job creation, configuration...
Categories: Open Source

Introducing Blue Ocean: a new user experience for Jenkins

In recent years developers have become rapidly attracted to tools that are not only functional but are designed to fit into their workflow seamlessly and are a joy to use. This shift represents a higher standard of design and user experience that Jenkins needs to rise to meet. We are excited to share and invite the community to join us on a project we’ve been thinking about over the last few months called Blue Ocean. Blue Ocean is a project that rethinks the user experience of Jenkins, modelling and presenting the process of software delivery by surfacing information that’s important to development teams with as few clicks as...
Categories: Open Source

SonarLint 2.0 Is Now Available

Sonar - Wed, 05/25/2016 - 15:25

SonarLint is a pretty recent product that we released for the first time a few months ago for Eclipse, IntelliJ and Visual Studio. We have recently released the version 2.0 which brings the ability to connect SonarLint with a SonarQube server and was greatly expected by the community. I think the addition of this new feature is a good chance to recap SonarLint features. But before I do this, let me remind you of the SonarLint’s mission: to help developers spot as many coding issues as possible in their IDE, while they code. It has to be instant, integrated to the IDE, and valuable.

Since SonarLint 1.0, you can install the product from the market place for all 3 IDEs we currently support: Eclipse Marketplace, Jetbrains Plugin Repository or Visual Studio Gallery. Et voilà… You can continue your coding as usual and you will start seeing SonarLint issues reported as you type. If you open a file, it will get decorated immediately with issues.

You also benefit from a nice panel containing a list of issues that have been detected. Each issue comes with a short message and if that is not enough you can open a more detailed description of the problem, with code snippets and references to well known coding standards.

As I am sure you guessed already, all of this does not require any configuration. And this is actually the reason why version 2.0 was so expected: people who have defined their quality profile in SonarQube want to be able to use the same profile in SonarLint. This is the main feature provided by SonarLint 2.0.

In order to have SonarLint use the same quality profile as SonarQube you have to bind your project in your IDE to the remote project in SonarQube. This is done in two steps:

  • Configure a connection to your SonarQube server (URL + credentials)
  • Bind your project with the remote one

Et voilà… again… SonarLint will fetch configuration from the SonarQube server and use it when inspecting code.

That’s it for today!

Categories: Open Source

Refactoring a Jenkins plugin for compatibility with Pipeline jobs

This is a guest post by Chris Price. Chris is a software engineer at Puppet, and has been spending some time lately on automating performance testing using the latest Jenkins features. In this blog post, I’m going to attempt to provide some step-by-step notes on how to refactor an existing Jenkins plugin to make it compatible with the new Jenkins Pipeline jobs. Before we get to the fun stuff, though, a little background. How’d I end up here? Recently, I started working on a project to automate some performance tests for my company’s products. We use the awesome Gatling load testing tool for these tests, but we’ve largely been...
Categories: Open Source

GSoC Project Intro: External Workspace Manager Plugin

About myself My name is Alexandru Somai. I’m following a major in Software Engineering at the Babes-Bolyai University of Cluj-Napoca, Romania. I have more than two years hands-on experience working in Software Development. I enjoy writing code in Java, Groovy and JavaScript. The technologies and frameworks that I’m most familiar with are: Spring Framework, Spring Security, Hibernate, JMS, Web Services, JUnit, TestNG, Mockito. As build tools and continuous integration, I’m using Maven and Jenkins. I’m a passionate software developer who is always learning, always looking for new challenges. I want to start contributing to the open source community and Google Summer of Code is a starting point for me. Project...
Categories: Open Source

SonarQube 5.5 in Screenshots

Sonar - Thu, 05/19/2016 - 14:37

The team is proud to announce the release of 5.5, which features simplified concepts for easier triage and management of issues:

  • New SonarQube Quality Model
  • New Measures project page
  • Increased vertical scalability, performance, and stability

New SonarQube Quality Model

With 5.5 we’ve boiled quality down to its essentials to make it easier to understand and work with. Now there are Reliability Issues, Vulnerability Issues and Maintainability Issues. Or, in plainer talk: bugs, vulnerabilities, and code smells. By drawing bugs and vulnerabilities out of the mass of issues, any operational risks in your projects are highlighted for expedited handling.

You’ll see the change wherever there are issues and technichal debt, including the Rules and Issues domains:

We’ve also updated the default Quality Gate to match the importance of these newly isolated concepts:

New Measures project page

Also new in this version is a project-level Measures interface, which replaces the old metric drilldown. Click a metric from the project home page and you land at the new per-file metric value listing:

The Tree view offers a compact, per-directory aggregation, and the Treemap gives the familiar, colorful overview:

The metric domain page also offers a listing of metrics and project-level values, with a graphical presentation:

Increased vertical scalability, performance, and stability

The Compute Engine has been moved into a separate process, and the number of worker threads made configurable (SONARQUBE_HOME/conf/, so users will no longer have to deal with a sluggish interface when analysis reports are being processed, and the memory requirements for processing can be handled separately from those for the web application:

That’s All, Folks!

Time now to download the new version and try it out. But don’t forget to read the installation or upgrade guide first! Even if you’ve read it before, it may be worth taking another look at the upgrade guide; we changed it recently.

Categories: Open Source

Partnering with Microsoft to run Jenkins infrastructure on Azure

I am pleased to announce that we have partnered with Microsoft to migrate and power the Jenkins project’s infrastructure with Microsoft Azure. The partnership comes at an important time, after the recent launch of Jenkins 2.0, Jenkins users are more readily adopting Pipeline as Code and many other plugins at an increasing rate, elevating the importance of Jenkins infrastructure to the overall success of the project. That strong and continued growth has brought new demands to our infrastructure’s design and implementation, requiring the next step in its evolution. This partnership helps us grow with the rest of the project by unifying our existing infrastructure under one comprehensive, modern and scalable...
Categories: Open Source

The State of Jenkins Area Meetups (JAM)

Recently, the Jenkins project announced the release of Jenkins 2.0, a first major release after 10 years and 655 weekly releases. This has been a major milestone for Jenkins and its growing community of developers, testers, designers and other users in the software delivery process. With its rising popularity and wide adoption, the Jenkins community continues to grow and evolve into the millions. Jenkins community meetup activity has risen to an all time high since the first Jenkins meetup which was established on August 23 2010, in San Francisco. Over the last six months the number of Jenkins Area Meetup (JAM) Groups has grown from 5 to 30, with coverage in...
Categories: Open Source

SF JAM Report: Scaling Jenkins for Continuous Delivery with Azure

A few weeks ago, my colleague Brian Dawson and I were invited to present on Scaling Jenkins for Continuous Delivery with Microsoft Azure in Microsoft’s Reactor space. Azure is Microsoft’s public cloud offering and one of the many tools available to Jenkins users for adding elastic compute capacity, among other things, to their build/test/deploy infrastructure. While our presentations are applicable to practically any cloud-based Jenkins environment, Thiago Almeida and Oguz Pastirmaci from Microsoft were also on-hand and presented some interesting Azure-specific offerings like Azure Container Service with Jenkins. While we do not have video from the meetup, Brian and I did record a session with Thiago and Oguz for Channel9 which covers much of the same...
Categories: Open Source

What’s New in SonarEcosystem – April 2016

Sonar - Wed, 05/11/2016 - 10:52

SonarQube JavaScript 2.12 Released: symbolic execution and full support of @reactjs JSX

— SonarQube (@SonarQube) April 21, 2016

SonarQube C/C++ 3.11 Released: with new path-sensitive data-flow analysis engine for C. See

— SonarQube (@SonarQube) April 13, 2016

SonarQube Java 3.13 Released: 7 new rules and numerous improvements, see #java

— SonarQube (@SonarQube) April 13, 2016

New @SonarQube JavaScript rule just caught a bug in @Ionicframework

— Elena Vilchik (@vilchik_elena) April 11, 2016

Categories: Open Source

Security updates for Jenkins core

We just released security updates to Jenkins that fix a number of low and medium severity issues. For an overview of what was fixed, see the security advisory. One of the fixes may well break some of your use cases in Jenkins, at least until plugins have been adapted: SECURITY-170. This change removes parameters that are not defined on a job from the build environment. So, right now, a job could even be unparameterized, and plugins were able to pass parameters anyway. Since build parameters are added to the environment variables of scripts run during a build, parameters such as PATH...
Categories: Open Source

Jenkins 2.0 Online JAM Wrap-up

Last week we hosted our first ever Online JAM with the debut topic of: Jenkins 2.0. Alyssa, our Events officer, and I pulled together a series of sessions focusing on some of the most notable aspects of Jenkins 2 with: A Jenkins 2.0 keynote from project founder Kohsuke Kawaguchi An overview of "Pipeline as Code" from Patrick Wolf A deep-dive into Pipeline and related plugins like Multibranch, etc from Jesse Glick and Kishore Bhatia An overview of new user experience changes in 2.0 from Keith Zantow A quick lightning talk about documentation by yours truly Wrapping up the sessions, was Kohsuke again, talking about the road beyond Jenkins 2.0 and what big projects he sees on the...
Categories: Open Source

SonarSource City Tour, We Are Coming Near You

Sonar - Wed, 04/27/2016 - 14:51

Since we love touring and meeting our community of users, we’re setting out on the road once again, this time to more cities than ever! Over the next 6 months you’ll be able to see us and ask any questions you have, in more than 10 cities in Europe and the US.

This year, we are very excited to return to the City Tour to share with you all the news around the SonarQube platform, and show you our latest product: SonarLint, which allows developers to track quality of their code in real time as they type it. Very powerful!

Here is what will be covered at each stop of the tour:

  • The Leak Approach: a new paradigm to manage Code Quality
  • SonarQube 5.x series in demo
  • SonarQube integration to Microsoft ALM
  • SonarLint, the missing piece of the puzzle
  • Customer feedback
  • Sonar Analyzers and well-established standards
  • Roadmap for the platform
  • Roadmap for Sonar Analyzers

It will also be a great opportunity to meet other SonarQube users to share tips and tricks and discuss your experiences with the platform.

Is there something you would like to know or ask us but haven’t had the opportunity to do so? Now’s your chance! Sign up for the free event in your preferred city, and we’ll see you soon!

Registrations are open on our website, so pick the city you want, fill the form and you’ll be all set.

Join the conversation by using #SSCT2016 in all your tweets about the events.

See you soon !

Categories: Open Source

Jenkins 2.0 is here!

Over the past 10 years, Jenkins has really grown to a de-facto standard tool that millions of people use to handle automation in software development and beyond. It is quite remarkable for a project that originally started as a hobby project under a different name. I’m very proud. Around this time last year, we’ve celebrated 10 years, 1000 plugins, and 100K installations. That was a good time to retrospect, and we started thinking about the next 10 years of Jenkins and what’s necessary to meet that challenge. This project has long been on a weekly "train" release model, so it was useful to step back and think about...
Categories: Open Source

Possible Jenkins Project Infrastructure Compromise

Last week, the infrastructure team identified the potential compromise of a key infrastructure machine. This compromise could have taken advantage of, what could be categorized as, an attempt to target contributors with elevated access. Unfortunately, when facing the uncertainty of a potential compromise, the safest option is to treat it as if it were an actual incident, and react accordingly. The machine in question had access to binaries published to our primary and secondary mirrors, and to contributor account information. Since this machine is not the source of truth for Jenkins binaries, we verified that the files distributed to Jenkins users: plugins, packages, etc, were not tampered with. We...
Categories: Open Source

Pipeline 2.x plugins

Those of you who routinely apply all plugin updates may already have noticed that the version numbers of the plugins in the Pipeline suite have switched to a 2.x scheme. Besides aligning better with the upcoming Jenkins 2.0 core release, the plugins are now being released with independent lifecycles. “Pipeline 1.15” (the last in the 1.x line) included simultaneous releases of a dozen or so plugins with the 1.15 version number (and 1.15+ dependencies on each other). All these plugins were built out of a single workflow-plugin repository. While that was convenient in the early days for prototyping wide-ranging changes, it...
Categories: Open Source

Making your own DSL with plugins, written in Pipeline script

In this post I will show how you can make your own DSL extensions and distribute them as a plugin, using Pipeline Script. A quick refresher Pipeline has a well kept secret: the ability to add your own DSL elements. Pipeline is itself a DSL, but you can extend it. There are 2 main reasons I can think you may want to do this: You want to reduce boilerplate by encapsulating common snippets/things you do in one DSL statement. You want to provide a DSL that provides a prescriptive way that your builds work - uniform across your organisations Jenkinsfiles. A DSL could look as simple as acmeBuild { ...
Categories: Open Source

The Need For Jenkins Pipeline

This is a cross-post of an article authored by Viktor Farcic on the CloudBees blog. Viktor is also the author of The DevOps 2.0 Toolkit, which explores Jenkins, the Pipeline plugin, and the ecosystem around it in much more detail. Over the years, Jenkins has become the undisputed ruler among continuous integration (CI), delivery and deployment (CD) tools. It, in a way, defined the CI/CD processes we use today. As a result of its leadership, many other products have tried to overthrow it from its position. Among others, we got Bamboo and Team City attempting to get a piece of the market. At the same time, new products emerged with a service...
Categories: Open Source

Registration is Open for Jenkins World 2016!

This is a guest post by Alyssa Tong. Alyssa works for CloudBees, helping to organize Jenkins community events around the world. Jenkins World 2016 will be the largest gathering of Jenkins users in the world. This event will bring together Jenkins experts, continuous delivery thought leaders and the ecosystem offering complementary technologies for Jenkins. Join us September 13-15, 2016 in Santa Clara, California to learn and explore, network face-to-face and help shape the next evolution of Jenkins development and solutions for DevOps. Registration for Jenkins World 2016 is now live. Take advantage of the Super Early Bird rate of $399 (available until July 1st). And don’t...
Categories: Open Source