Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-60643

Auto-create project for maven-based jobs

    Details

    • Similar Issues:

      Description

      Currently the plugin/pipeline configuration requires an existing project by defining projectId.
      I think it would be smoother to auto-create project, and read name/version from pom-files like:
      name: ${groupId}-${artifactId}
      version: ${version}

      then the entry-barrier would be lowered and it would be easier to adopt DT at larger scale.

        Attachments

          Activity

          davidkarlsen davidkarlsen created issue -
          Hide
          sspringett Steve Springett added a comment -

          Auto-creating projects is already supported, but is limited to pipeline jobs. Non-pipeline jobs do not have the option.

          Show
          sspringett Steve Springett added a comment - Auto-creating projects is already supported, but is limited to pipeline jobs. Non-pipeline jobs do not have the option.
          Hide
          davidkarlsen davidkarlsen added a comment -

          Hm - I get:
          Missing required parameter: "projectId" @ line 114, column 9.
          dependencyTrackPublisher artifact: 'target/bom.xml', artifactType: 'bom'

          when running with:
          dependencyTrackPublisher artifact: 'target/bom.xml', artifactType: 'bom'

          Show
          davidkarlsen davidkarlsen added a comment - Hm - I get: Missing required parameter: "projectId" @ line 114, column 9. dependencyTrackPublisher artifact: 'target/bom.xml', artifactType: 'bom' when running with: dependencyTrackPublisher artifact: 'target/bom.xml', artifactType: 'bom'
          Hide
          sspringett Steve Springett added a comment -

          Pipeline parameters are documented here:

          https://jenkins.io/doc/pipeline/steps/dependency-track/

           

          If you don't specify a projectId, then you have to specify the projectName and projectVersion. If the project name and version does not exist, it will be created.

          Show
          sspringett Steve Springett added a comment - Pipeline parameters are documented here: https://jenkins.io/doc/pipeline/steps/dependency-track/   If you don't specify a projectId, then you have to specify the projectName and projectVersion. If the project name and version does not exist, it will be created.
          Hide
          davidkarlsen davidkarlsen added a comment -

          I get:

          WorkflowScript: 102: Invalid parameter "projectVersion", did you mean "projectId"? @ line 102, column 121.
          .edb.fs.tac.jfr.srv:jfr-srv", projectVer
          ^

          when running:
          dependencyTrackPublisher artifact: 'bom.xml', artifactType: 'bom', projectId: "com.edb.fs.tac.jfr.srv:jfr-srv", projectVersion: "10.1.0-SNAPSHOT"

          Show
          davidkarlsen davidkarlsen added a comment - I get: WorkflowScript: 102: Invalid parameter "projectVersion", did you mean "projectId"? @ line 102, column 121. .edb.fs.tac.jfr.srv:jfr-srv", projectVer ^ when running: dependencyTrackPublisher artifact: 'bom.xml', artifactType: 'bom', projectId: "com.edb.fs.tac.jfr.srv:jfr-srv", projectVersion: "10.1.0-SNAPSHOT"
          Hide
          davidkarlsen davidkarlsen added a comment - - edited

          When I visit the ..../pipeline-syntax page, only these parameters are documented:

          dependencyTrackPublisher: Publish results to Dependency-Track
          projectId
          Type:String
          artifact
          Type:String
          artifactType
          Type:String

          installed plugin version: 2.2.0

          Show
          davidkarlsen davidkarlsen added a comment - - edited When I visit the ..../pipeline-syntax page, only these parameters are documented: dependencyTrackPublisher: Publish results to Dependency-Track projectId Type:String artifact Type:String artifactType Type:String installed plugin version: 2.2.0
          davidkarlsen davidkarlsen made changes -
          Field Original Value New Value
          Environment plugin version: 2.2.0
          jenkins: CloudBees Jenkins Enterprise 2.176.4.3-rolling
          Hide
          sspringett Steve Springett added a comment -

          I'm still unable to replicate. The automated generated docs posted here https://jenkins.io/doc/pipeline/steps/dependency-track/ contain all the configurable params including the projectName and projectVersion params I mentioned earlier. The pipeline syntax feature in Jenkins itself has a lot of limitations and will not properly generate all docs for some plugins. Use jenkins.io for plugin docs.

           

          dependencyTrackPublisher artifact: 'bom.xml', artifactType: 'bom', projectName: 'Acme Example', projectVersion: '1.0.0', synchronous: true
          
          Show
          sspringett Steve Springett added a comment - I'm still unable to replicate. The automated generated docs posted here https://jenkins.io/doc/pipeline/steps/dependency-track/  contain all the configurable params including the projectName and projectVersion params I mentioned earlier. The pipeline syntax feature in Jenkins itself has a lot of limitations and will not properly generate all docs for some plugins. Use jenkins.io for plugin docs.   dependencyTrackPublisher artifact: 'bom.xml' , artifactType: 'bom' , projectName: 'Acme Example' , projectVersion: '1.0.0' , synchronous: true
          davidkarlsen davidkarlsen made changes -
          Hide
          davidkarlsen davidkarlsen added a comment -


          Our config section looks a "little strange" - double up with settings. What could cause this?

          Show
          davidkarlsen davidkarlsen added a comment - Our config section looks a "little strange" - double up with settings. What could cause this?
          Hide
          sspringett Steve Springett added a comment -

          That is likely due to the use of an old version of the Dependency-Check Jenkins plugin being installed. That version of the plugin doesn't work anymore. It was compatible with DC 4.x, which utilized the XML feeds from the NVD. Those feeds are no longer available, so DC 4.x no longer works. Because of that, the old DC Jenkins plugin is likely safe to remove.

          Show
          sspringett Steve Springett added a comment - That is likely due to the use of an old version of the Dependency-Check Jenkins plugin being installed. That version of the plugin doesn't work anymore. It was compatible with DC 4.x, which utilized the XML feeds from the NVD. Those feeds are no longer available, so DC 4.x no longer works. Because of that, the old DC Jenkins plugin is likely safe to remove.
          Hide
          davidkarlsen davidkarlsen added a comment -

          Indeed the old dependency check plugin shadowed the dependency track one and everything works as designed. (However the name and version parameters don't show in the pipeline-syntax ui - but that's unrelated).
          Thanks!

          Show
          davidkarlsen davidkarlsen added a comment - Indeed the old dependency check plugin shadowed the dependency track one and everything works as designed. (However the name and version parameters don't show in the pipeline-syntax ui - but that's unrelated). Thanks!
          davidkarlsen davidkarlsen made changes -
          Status Open [ 1 ] Closed [ 6 ]
          Resolution Not A Defect [ 7 ]

            People

            • Assignee:
              sspringett Steve Springett
              Reporter:
              davidkarlsen davidkarlsen
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: