Comments (21)
Bitbucket Cloud appears to have a "reports" API that has the same concepts as Code Insights in Bitbucket Server. However, the URL templates, JSON property names, and enumeration types are different, so it would not be possible to develop the plugin against Bitbucket Cloud and have it just work on Bitbucket Server (and Data Center) as well.
from checks-api-plugin.
@regicsolutions I have a Jenkins plugin basically working but…
- need to discuss licensing etc. with employer
- would need somebody else to take over as maintainer
- no tests
- does not support a Job without a Run, thus no "status checks"
- support for reading API URLs and credentials from Bitbucket Server Integration Plugin relies on "internal" classes so might break in the future
- missing features in Bitbucket Server make Code Insights less useful than GitHub Checks, and Atlassian isn't responding to the issues that have been filed, so it feels like a dead end
from checks-api-plugin.
@KalleOlaviNiemitalo just checking in to see if this is something that could potentially be contributed?
from checks-api-plugin.
No determined plan but we'd love to have implementations for other platforms!
I've no experience with bitbucket but will look into it, thanks for the link.
from checks-api-plugin.
To all: any contributions or a POC are always welcomed!
from checks-api-plugin.
For volunteers that are going to implement support for GitLab, BitBucket, etc.: you can get some inspirations from the https://plugins.jenkins.io/violation-comments-to-stash/ and https://plugins.jenkins.io/violation-comments-to-gitlab/ plugins. Maybe it is possible to extract the API calls from there.
from checks-api-plugin.
Bitbucket Server has Code Insights feature that is an alternative to GitHub Checks:
- https://developer.atlassian.com/server/bitbucket/how-tos/code-insights/
- https://docs.atlassian.com/bitbucket-server/rest/latest/bitbucket-code-insights-rest.html
from checks-api-plugin.
I had requested something like this from Atlassian earlier and the request was split to BSERV-11477.
Difficulties:
- Code Insights does not support Markdown (BSERV-11523), so the plugin would have to render that to plain text. The Markdown renderer would have to be secure against malicious input, e.g. not follow any URLs to check sizes of images.
- Cannot support ChecksAction.
- Cannot support ChecksImage.
- ChecksOutput has
getTitle
,getSummary
, andgetText
, while Code Insights has onlytitle
anddetails
. Could concatenate the summary and the text. - How to set the
data
property. Could perhaps use it for ChecksConclusion (if the value cannot be mapped to PASS/FAIL), ChecksStatus, and timestamps. - If multiple checks run during a build, should each of them be able to set distinct values for
reporter
andlogoUrl
? Could perhaps extend ChecksDetails (or ChecksOutput?) so that consumer plugins can provide those values, and then also extend ChecksInfo and WithChecksStep so that the pipeline can override them.
from checks-api-plugin.
I don't think the Checks API implementation should necessarily be part of the Bitbucket Branch Source plugin. A separate plugin could easily locate the BitbucketSCMSource instance and call its public methods to read the REST API parameters (base URL, project, repository, and credential). Such a separate plugin could later be extended to support the other BitbucketSCMSource from Atlassian's Bitbucket Server Integration plugin as well, or the REST API parameters could even be provided in a BranchProperty or an SCMSourceTrait if the project uses neither of those SCM sources.
from checks-api-plugin.
violation-comments-to-stash sends warnings to Bitbucket Server as comments in a pull request. It does not use the newer Code Insights feature, which supports reports on all commits even if they are not in a pull request.
from checks-api-plugin.
In addition to the Code Insights API, Bitbucket Server has two ways to report build statuses:
- The older /rest/build-status/1.0/commits/{commitId} associates a build status with a commit ID. The build status will appear in every repository that contains a matching commit.
- Bitbucket Server 7.4 adds /rest/api/1.0/projects/{projectKey}/repos/{repositorySlug}/commits/{commitId}/builds, which also supports statistics about failing and passing tests.
The Bitbucket Branch Source plugin supports only the older build status API. The Bitbucket Server Integration plugin supports both and asks Bitbucket Server whether the newer API is available.
Neither of those build status APIs supports annotations on lines of files. The Code Insights API supports that.
from checks-api-plugin.
Cannot support ChecksAction.
This would not be a problem in practice, because consumer plugins (e.g. the JUnit plugin) do not use ChecksAction yet. Checks API does not currently provide a way for a consumer plugin to be notified when a user chooses an action.
The GitHub Checks plugin does not provide that capability, either. Its CheckRunGHEventSubscriber class recognises only "action": "rerequested"
generated by GitHub. The plugin does not recognise "action": "requested_action", "requested_action": {…}
, which would correspond to a ChecksAction.
from checks-api-plugin.
- How to set the
data
property. Could perhaps use it for ChecksConclusion (if the value cannot be mapped to PASS/FAIL), ChecksStatus, and timestamps.
AFAICT, consumer plugins and WithChecksStep do not set the startedAt
and completedAt
timestamps yet. They could easily start doing so, though.
from checks-api-plugin.
- Code Insights does not support Markdown (BSERV-11523), so the plugin would have to render that to plain text.
Consumer plugins post HTML tags and emoji shortcodes as well. I guess the Markdown would first have to be rendered to HTML and then stripped of tags.
from checks-api-plugin.
ChecksOutput.getSummary() and ChecksOutput.getText() assigned by Warnings Next Generation seem to mainly contain Markdown tables that would be difficult to render usefully for Bitbucket Server. I think the mapping should go like this:
- Code Insights report key in the URL = percent-encoded ChecksDetails.getName(). If that is not set, then don't publish anything. If checks are published to the same commit from multiple branches, then the last one overwrites earlier ones; if that is not desired, then the pipeline can use
withChecks
to change the name. - Code Insights report
title
= ChecksDetails.getName(). Don't use ChecksOutput.getTitle() here because it is too long and depends on analysis results. - Code Insights report
details
= ChecksOutput.getTitle(). Could also add the names of the job and the run here but they cannot be made hyperlinks. - Code Insights report
reporter
= hardcode "Jenkins" or omit the property. - Code Insights report
logoUrl
= root URL + "favicon.ico". Because the Code Insights UI stretches this to a square, jenkins.svg would look ugly. - Don't use ChecksOutput.getSummary() and ChecksOutput.getText() at all, because of the Markdown.
There are also some difficulties in converting the annotations. Checks API does not yet seem to support a property that could be mapped to the VULNERABILITY, CODE_SMELL, BUG enumeration used by Code Insights. The warning codes parsed from MSBuild output are also missing but perhaps that is a problem in Warnings NG rather than Checks API.
Microsoft's C# compiler is apparently able to save warnings to a SARIF file. I should compare the SARIF specification to the ChecksAnnotation model; perhaps it defines some properties that would be useful to add.
from checks-api-plugin.
- Code Insights does not support Markdown (BSERV-11523)
Bitbucket Server supports Markdown in pull request descriptions, pull request comments, and commit comments. There, it renders [Link text](http://example.org/)
as a hyperlink all right. However, it renders <a href="http://example.org/">Link text</a>
as markup and not as a hyperlink. Thus, even if Atlassian eventually copies the Markdown support to Code Insights, it still might not correctly render the hyperlink that WarningChecksPublisher.extractReferenceBuild adds as HTML. 😞
from checks-api-plugin.
There are a few difficulties in having a separate plugin read the REST API URL and credentials from Atlassian's Bitbucket Server Integration plugin:
- The necessary classes in Atlassian's plugin are public, but the package names (javadoc) include the word
internal
, which suggests that Atlassian might not want to support them as a stable API. The plugin does not have any@Restricted
annotations at all.
Filed JENKINS-64691. - Its pom.xml does not use https://github.com/jenkinsci/bom, and it depends directly on okhttp and other libraries, instead of going through API plugins. This leads to build-time version mismatch errors that need several dependency exclusions or managed dependencies to solve.
- Its BitbucketSCMSource class does not know the server URL but rather a server identifier whose meaning has to looked up with BitbucketPluginConfiguration.getServerById. To find the BitbucketPluginConfiguration instance, classes use
@Inject
, which is a bit annoying to do in a separate plugin that would not otherwise use this form of dependency injection. I suspect that@Inject
might not play nice with dynamic loading of Bitbucket Server Integration as an optional dependency, either.
from checks-api-plugin.
@KalleOlaviNiemitalo just starting to explore using the Bitbucket Server Code Insights feature within a Jenkins shared library, was wondering if you were able to come up with a solution?
from checks-api-plugin.
That's great that hear that you got a working plugin, would love to test it out if you are clear to release it.
from checks-api-plugin.
@KalleOlaviNiemitalo friendly ping 😀
from checks-api-plugin.
Hi,
Also posted on the Jira ticket.
More than happy to test anything if published to the Jenkins release center.
Regards,
from checks-api-plugin.
Related Issues (20)
- .pom file uploaded for 1.7.1? HOT 1
- Multiple Github repo's / global pipeline libraries how do we control the repo to which the checks are reported HOT 14
- Primary error message is not shown in error header, instead says `error in 'error' step` HOT 5
- Do not report handled exceptions HOT 3
- Build log Output truncated. - print tail of log instead of head HOT 2
- Allow using specific credentials for Checks HOT 5
- How do I create a custom rerun check in Pipeline HOT 1
- 1.7.5: download plugin checks-api to file: status code: 403, reason phrase: Forbidden HOT 2
- Phantom release 1.7.5 of checks-api HOT 1
- Possibility Of Specifying Credentials HOT 3
- Fix flaky test `BuildStatusChecksPublisherITest.shouldPublishStageDetails`
- [Question] Hanging checks with "withChecks()" HOT 5
- Include optional checks publisher to warnError HOT 1
- [doc] How to get started? HOT 5
- How to publish checks from sub-jobs HOT 1
- Dependency Dashboard
- Tests fail on Java 21 with Mockito errors HOT 2
- Setting Status checks name does not change it from the default Jenkins HOT 4
- Dependencies of flattened POM of latest release do not match `MANIFEST.MF`
- Return information about the check
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from checks-api-plugin.