Versions Compared

Old Version 3

changes.mady.by.user Kiuwan Editor User

Saved on

compared with

New Version Current

changes.mady.by.user Wara Hermosa Fernández

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Info
titleContents

Table of Contents

Everybody knows the benefits of CI in the SDLC. I’m not discovering new ground here, but what’s interesting is that you can leverage your continuous integration processes to have a continuous analysis processes to have all the objective information you need from your applications at build time with Kiuwan.

If you run your application’s continuous integration with JetBrains’ TeamCity, in this article you will learn how easy it is to run a Kiuwan analysis as part of the process. Let’s get started.

...

This guide will show you how to integrate Kiuwan into JetBrains TeamCity. 

Contents

Table of Contents

How to run a Kiuwan analysis from a TeamCity build step-by-step

Requirements

  1. TeamCity Server installed and operational (you can download the professional edition for free here).

...

  1.  
  2. TeamCity Build Agents installed, you can have as many as you need in different operating systems.

...

  1.  
  2. An active Kiuwan account of course.

...

  1.  
  2. Kiuwan Local Analyzer (KLA)

...

  1. installed in every TeamCity

...

  1. Agent Machine. (Read how to install it here: Install and Start Up Kiuwan Local Analyzer)

1. Create

I’m going to assume you have fulfilled the first 3 requirements. I’m going to guide you step-by-step on how to configure a TeamCity build to run an automatic Kiuwan analysis starting by installing the KLA and configure the agent machines to run it.

Run a Kiuwan analysis from a TeamCity build step-by-step

Install the KLA in the agent machines.

Installing the KLA is pretty simple and straightforward, just take the KiuwanLocalAnalyzer.zip downloaded directly from your Kiuwan account and unzip it in a directory of your choice. That directory /KiuwanLocalAnalyzer will be your Kiuwan home (sometimes we call it agent home, to avoid confusion with the TeamCity agent I’ll stick to Kiuwan home). In Windows machines the KLA installation is done. For unix based machines there are a couple of little things to do:
Go to your directory and run a chmod command for all *.sh files to add execution permission (find -name “*.sh” -exec chmod +x {} \;)
Now, go to /bin directory and create a symbolic link named agent pointing to agent.sh (ln -s agent.sh agent).
To be able to invoke the KLA CLI in every machine without the installation path, add the /bin directory to the system path.

...

or edit a TeamCity project

Select an existing project in TeamCity or create a new one.

In TeamCity, every project has one or more Version Control System (VCS) associated

...

with it. This way the agent build agents take care of extracting the source code automatically. The VCS could be basically any: SVN, Git, GitHub, BitBucket, TFS, etc.

Image Modified

2. Configure an analysis step in a build configuration

The next step is to configure a new build step that will run the Kiuwan analysis in a project with an existing build configuration, or to create a new build configuration to include the Kiuwan analysis step.

Image Modified

Click

...

Create build configuration or edit an existing one in the general project settings page.

3. Define Kiuwan credentials variables

In the build configuration settings screen, the first thing to do is to define

...

two variables that will be available for the build agent at execution time to hold your Kiuwan credentials necessary to run the analysis. Look for the parameters section in the left menu.

Image Modified

Now

...

define

...

two system-level variables: system.kiuwan.user

...

and system.kiuwan.password. This last one

...

can be set

...

to

...

type = password, so it is never displayed.

4. Define the analysis step itself

Next, in the build configuration settings screen

...

, go to the build steps configuration and create a new one to set up the analysis.

Image Modified

...

The analysis should take place after the

...

build of

...

the application. Here's how to configure this: 

  1. Set the Runner type to Command line from the

...

  1. pulldown. 
  2. Give the step a name. 
  3. Decide if you want to run this step depending on the result of the previous ones. 
  4. Leave the working directory empty to use the default VCS checkout directory.
  5. And now

...

  1. define the command and parameters to run. 
  2. Select Executable with parameters from the

...

  1. dropdown menu.  
  2. Specify agent as the command to run and the following parameters to pass to the command:


Code Block
-n "%env.TEAMCITY_PROJECT_NAME%" -s "%teamcity.build.checkoutDir%" -l "#%build.number% TeamCity" --user %system.kiuwan.user% --pass %system.kiuwan.password%

Notice that we are using TeamCity variables for the name of the application to analyze (it will be the project name), the directory where the source code is (it will be the checkout directory), a label for the analysis (it will be the build number) and the Kiuwan credentials we defined previously.

Image Modified

This configuration will run a Kiuwan Baseline analysis. If you want to run a delivery analysis for a change request you can define another build configuration where the analysis step will have extra parameters for the KLA agent to run a delivery analysis. Refer

...

to Kiuwan Local Analyzer

...

 for more information on the available parameters.

5. Define a build trigger

The last thing is to define a trigger to run the build on the project on given conditions.

The typical ones will be to run a build when changes are committed to the VCS or run it periodically based on a defined schedule. TeamCity has a nice feature allowing you to run it

...

periodically but only if there are committed changes in your VCS.

...

 

Image Modified

For testing purposes, you can always run your build clicking the Run button on the top right of the above screen.

That’s it! You have successfully configured TeamCity to run an automatic Kiuwan analysis for a project.

6. Run the analysis

...

Run the analysis interactively to test

...

the build. You can follow

...

the execution in the build log console.

...

 

Image Modified

When it finishes, you can see the final result of the execution and you have a link to access the analysis results in Kiuwan.

Image Modified

7. See the results in Kiuwan

Clicking the link will open your default browser and take you directly to the results summary page.

Image Modified

Image Modified

...

Now you can sit back and let your development team code away. With every TeamCity build you will have the latest results with all the details of security vulnerabilities and other defects. Plan accordingly letting Kiuwan generate automatic action plans based on your team available effort and make you SDLC a continuous improvement process with JetBrains’ TeamCity.

...