This guide will show you how to integrate Kiuwan into JetBrains TeamCity. 

Contents: 

Everybody knows the benefits of CI in the SDLC. I’m not discovering new ground here, but what’s interesting is that you can leverage your continuous integration processes to have a continuous analysis process to have all the objective information you need from your applications at build time with Kiuwan.

If you run your application’s continuous integration with JetBrains’ TeamCity, in this article you will learn how easy it is to run a Kiuwan analysis as part of the process. Let’s get started.

How to run a Kiuwan analysis from a TeamCity build step-by-step

Requirements

1. TeamCity Server installed and operational (you can download the professional edition for free here).

1.  
2. TeamCity Build Agents installed, you can have as many as you need in different operating systems.

1.  
2. An active Kiuwan account of course.

1.  
2. Kiuwan Local Analyzer (KLA)

1. installed in every TeamCity

1. Agent Machine. (Read how to install it here: Install and Start Up Kiuwan Local Analyzer)

1. Create

I’m going to assume you have fulfilled the first 3 requirements. I’m going to guide you step-by-step on how to configure a TeamCity build to run an automatic Kiuwan analysis starting by installing the KLA and configure the agent machines to run it.

Run a Kiuwan analysis from a TeamCity build step-by-step

Install the KLA in the agent machines.

Installing the KLA is pretty simple and straightforward, just take the KiuwanLocalAnalyzer.zip downloaded directly from your Kiuwan account and unzip it in a directory of your choice. That directory /KiuwanLocalAnalyzer will be your Kiuwan home (sometimes we call it agent home, to avoid confusion with the TeamCity agent I’ll stick to Kiuwan home). In Windows machines, the KLA installation is done. For Unix based machines there are a couple of little things to do:
Go to your directory and run a chmod command for all *.sh files to add execution permission (find -name “*.sh” -exec chmod +x {} \;)
Now, go to /bin directory and create a symbolic link named agent pointing to agent.sh (ln -s agent.sh agent).
To be able to invoke the KLA CLI in every machine without the installation path, add the /bin directory to the system path.

or edit a TeamCity project

Select an existing project in TeamCity or create a new one.

In TeamCity, every project has one or more Version Control System (VCS) associated with it. This way the agent build agents take care of extracting the source code automatically. The VCS could be basically any: SVN, Git, GitHub, BitBucket, TFS, etc.

2. Configure an analysis step in a build configuration

The next step is to configure a new build step that will run the Kiuwan analysis in a project with an existing build configuration, or to create a new build configuration to include the Kiuwan analysis step.

Click create a Create build configuration or edit an existing one in the general project settings page.

3. Define Kiuwan credentials variables

In the build configuration settings screen, the first thing to do is to define a couple of variables that will be available for the build agent at execution time to hold your Kiuwan credentials necessary to run the analysis. Look for the parameters section in the left menu.

Now you have to define 2 system-level variables: system.kiuwan.user y and system.kiuwan.password. This last one you can be set it to be of type = password, so it is never displayed.

4. Define the analysis step itself

Next, in the build configuration settings screen, you have to go to the build steps configuration and create a new one to set up the analysis.

Image Modified

You usually want to have your analysis The analysis should take place after the actual build of your application, that’s what we have done here. Let’s take a look at how do you have to configure the step.the application. Here's how to configure this: 

1. Set the Runner type to Command line from the pulldown. 
2. Give the step a name. 
3. Decide if you want to run this step depending on the result of the previous ones. 
4. Leave the working directory empty to use the default VCS checkout directory.
5. And now

1. define the command and parameters to run. 
2. Select Executable with parameters from the

1. dropdown menu.  
2. Specify agent as the command to run and the following parameters to pass to the command:

-n "%env.TEAMCITY_PROJECT_NAME%" -s "%teamcity.build.checkoutDir%" -l "#%build.number% TeamCity" --user %system.kiuwan.user% --pass %system.kiuwan.password%

Notice that we are using TeamCity variables for the name of the application to analyze (it will be the project name), the directory where the source code is (it will be the checkout directory), a label for the analysis (it will be the build number) and the Kiuwan credentials we defined previously.

This configuration will run a Kiuwan Baseline analysis. If you want to run a delivery analysis for a change request you can define another build configuration where the analysis step will have extra parameters for the KLA agent to run a delivery analysis. Refer to the to Kiuwan Local Analyzer documentation for  for more information on the available parameters.

5. Define a build trigger

The last thing is to define a trigger to run the build on the project on given conditions.

The typical ones will be to run a build when changes are committed to the VCS or run it periodically based on a defined schedule. TeamCity has a nice feature allowing you to run it periodically but only if there are committed changes in your VCS. That’s what I’ve done. 

For testing purposes, you can always run your build clicking the Run button on the top right of the above screen.

That’s it! You have successfully configured TeamCity to run an automatic Kiuwan analysis for a project.

6. Run the analysis

Run the If you run your analysis interactively to test it your build, you the build. You can follow its the execution in the build log console. You will see the Kiuwan command executed and all the log messages from it. 

Image Modified

When it finishes, you can see the final result of the execution and you have a link to access the analysis results in Kiuwan.

7. See the results in Kiuwan

Clicking the link will open your default browser and take you directly to the results summary page.

Now you can sit back and let your development team code away. With every TeamCity build, you will have the latest results with all the details of security vulnerabilities and other defects. Plan accordingly letting Kiuwan generate automatic action plans based on your team available effort and make you SDLC a continuous improvement process with JetBrains’ TeamCity.