Merge pull request #14 from ServiceNow/scratch/release_5_1_0

README.md

@@ -55,16 +55,19 @@ npm unlink .
 ### Building Docker Image
 
 ```sh
-docker build -t servicenowdocker/sndevops:4.0.0 .
+docker build -t servicenowdocker/sndevops:5.1.0 .
 ```
 
 ```sh
-docker push servicenowdocker/sndevops:4.0.0
+docker push servicenowdocker/sndevops:5.1.0
 ```
 
 ## Integrating with GitLab
-
-[Example gitlab project](/gitlab-ci.yml)
+[Example Gitlab project](/gitlab-ci.yml)
+## Integrating with GitHub
+[Example Github project](/github-ci.yml)
+## Integrating with Harness
+[Example Harness project](/harness-ci.yml)
 
 
 ### Env variables 
@@ -75,6 +78,23 @@ SNOW_TOKEN = <servicenow-tool-token>
 SNOW_TOOLID = <servicenow-tool-id>
 ```
 
+### Additonal Env variables
+```
+CI_PIPELINE_ID: <pipeline-id>
+CI_API_V4_URL: <pipeline-url>
+CI_JOB_ID: <pipeline-execution-id>
+CI_PROJECT_PATH: <repository-path>
+CI_REPOSITORY_NAME: <repository-name>
+CI_RUN_ATTEMPT: <pipeline-attempt-number>
+CI_PROJECT_TITLE: <pipeline-name>
+```
+
+### Optional Env variables
+```
+CI_COMMIT_BRANCH: <commit-branch>
+CI_WORKFLOW_NAME: <workflow-name>
+```
+
 **Example with passing all ServiceNow information via commandline**
 ```yaml
 
@@ -85,7 +105,7 @@ stages:
 
 package:
   stage: package
-  image: servicenowdocker/sndevops:4.0.0
+  image: servicenowdocker/sndevops:5.1.0
   script: 
     - sndevopscli create artifact -a '[{"name":"artifact-name-$CI_JOB_ID","repositoryName":"artifact-repo-name" ,"version":"1.3.0"}]'
     - sndevopscli create package -n "package-name" -a '[{"name":"artifact-name-$CI_JOB_ID","repositoryName":"artifact-repo-name" ,"version":"1.3.0"}]
@@ -97,7 +117,7 @@ stages:
 
 package:
   stage: package
-  image: servicenowdocker/sndevops:4.0.0
+  image: servicenowdocker/sndevops:5.1.0
   script: 
     - sndevopscli create artifact -u <serviceno-url> -t <tool-id> --token <tool-token> -a '[{"name":"artifact-name-$CI_JOB_ID","repositoryName":"artifact-repo-name" ,"version":"1.3.0"}]'
     - sndevopscli create package -u <serviceno-url> -t <tool-id> --token <tool-token> -n "package-mame" -a '[{"name":"artifact-name-$CI_JOB_ID","repositoryName":"artifact-repo-name" ,"version":"1.3.0"}]
@@ -121,10 +141,20 @@ stages:
 
 ServiceNow DevOps Change:
   stage: DevOpsChangeApproval
-  image: servicenowdocker/sndevops:4.0.0
+  image: servicenowdocker/sndevops:5.1.0
   script: 
     - sndevopscli create change -p '{"changeStepDetails":{"timeout":3600,"interval":100},"attributes":{"short_description":"Automated Software Deployment","description":"Automated Software Deployment.","assignment_group":"XXXXXXX","implementation_plan":"Software update is tested and results can be found in Test Summaries Tab.","backout_plan":"When software fails in production, the previous software release will be re-deployed.","test_plan":"Testing if the software was successfully deployed or not"}}'
 
+
+-p: [optional]
+Change Attributes payload in JSON format
+
+-ctx: [optional]
+Additional context parameters in JSON format. These details will be used to build the request for the DevOps Change API
+
+-w: [optional]
+Specify for the pipeline to wait for change creation and approval. By default, the pipeline will be waiting until the change creation and it's approval
+
 changeStepDetails: [optional]
 It holds the timeout and interval details.
 
@@ -151,16 +181,47 @@ stages:
 
 ServiceNow DevOps Sonar Scan Results:
   stage: DevOpsSonarStage
-  image: servicenowdocker/sndevops:4.0.0
+  image: servicenowdocker/sndevops:5.1.0
   script: 
-    - sndevopscli create sonar -url 'https://sonarcloud.io' -projectKey 'xxxxxxx'
+    - sndevopscli create sonar -url 'https://sonarcloud.io' -projectKey 'xxxxxxx' -branch 'master'
 
 url: [mandatory]
 This specifies the sonar url.
 
 projectKey: [mandatory]
 This specifies the sonar project key.
 
+branch: [optional]
+This specifies the branch on which the Sonar scan was executed. By default, it matches the branch for which the build was run. Note, for Harness, the branch option is required if CI_COMMIT_BRANCH is not provided.
+
+```
+
+**Example of Registring Security scan results in ServiceNow via commandline**
+```yaml
+
+This custom step needs to be added at job level to register security scan results in ServiceNow instance.
+
+stages:
+  - DevOpsSecurityScanStage
+
+ServiceNow DevOps Security Scan Results:
+  stage: DevOpsSecurityScanStage
+  image: servicenowdocker/sndevops:5.1.0
+  script: 
+    - sndevopscli create securityScan -p "{\"pipelineInfo\":{\"buildNumber\":\"${CI_PIPELINE_ID}\",\"pipelineExecutionUrl\":\"${CI_PIPELINE_URL}\" },\"securityResultAttributes\":{ \"scanner\":\"Veracode\",\"applicationName\":\"PetStoreAPI-Github\",\"buildVersion\":\"\",\"securityToolId\":\"\"}}"
+
+
+-p: [mandatory]
+ It the payload of security result attributes. The payload will have attributes as follows:
+  buildNumber: CI_PIPELINE_ID (mandatory)
+  pipelineExecutionUrl: CI_PIPELINE_URL (mandatory)
+  scanner: Scanning tool and is required e.g. Checkmarx One.
+  projectName/projectId: Name/Id of your Checkmarx One project and is required. This attribute is applicable only for Checkmarx One.
+  applicationName: Name of your Veracode application and is required. This attribute is applicable only for Veracode.
+  buildVersion": Veracode Scan name / build version and is optional. This attribute is applicable only for Veracode.
+  scanId: Checkmarx One scan id and is optional. This attribute is applicable only for Checkmarx One.
+  securityToolId: Security tool onboarded in ServiceNow (sys_id of the onboarded security tool) and is optional.
+
 ```
 
 **Example of get change for ServiceNow via commandline**
@@ -173,7 +234,7 @@ stages:
 
 ServiceNow DevOps Get Change:
   stage: DevOpsGetChange
-  image: servicenowdocker/sndevops:4.0.0
+  image: servicenowdocker/sndevops:5.1.0
   script: 
     - sndevopscli get change -p "{\"buildNumber\":${CHG_JOB_ID},\"stageName\":\"ServiceNow DevOps Change Step\",\"pipelineName\":\"GitlabDockerGetAndUpdateChange\"}"
 
@@ -209,9 +270,9 @@ stages:
 
 ServiceNow DevOps Update Change:
   stage: DevOpsUpdateChangeStage
-  image: servicenowdocker/sndevops:4.0.0
+  image: servicenowdocker/sndevops:5.1.0
   script: 
-    - sndevopscli update change -n 'CHGXXXXXX' -p "{\"short_description\":\"G Venkata12345 Automated Software Deployment\",\"description\":\"Automated Software Deployment.\",\"assignment_group\":\"XXXXX\",\"implementation_plan\":\"Software update is tested and results can be found in Test Summaries Tab.\",\"backout_plan\":\"When software fails in production, the previous software release will be re-deployed.\",\"test_plan\":\"Testing if the software was successfully deployed or not\"}"
+    - sndevopscli update change -n 'CHGXXXXXX' -p "{\"short_description\":\"Automated Software Deployment\",\"description\":\"Automated Software Deployment.\",\"assignment_group\":\"XXXXX\",\"implementation_plan\":\"Software update is tested and results can be found in Test Summaries Tab.\",\"backout_plan\":\"When software fails in production, the previous software release will be re-deployed.\",\"test_plan\":\"Testing if the software was successfully deployed or not\"}"
 
 -n [Not mandatory if we have sndevopschg.json in our pipeline yml]: It stands for changeRequestNumber. The change request number to identify a unique change request. 
    Precedence of choosing changeRequestNumber: 
@@ -236,9 +297,9 @@ stages:
 
 ServiceNow DevOps Change Step:
   stage: changeapproval
-  image: servicenowdocker/sndevops:4.0.0
+  image: servicenowdocker/sndevops:5.1.0
   script: 
-     - sndevopscli create change -p "{\"changeStepDetails\":{\"timeout\":3600,\"interval\":100},\"autoCloseChange\":true,\"attributes\":{\"short_description\":\"G Venkata Automated Software Deployment\",\"description\":\"Automated Software Deployment.\",\"assignment_group\":\"xxxxxxxx\",\"implementation_plan\":\"Software update is tested and results can be found in Test Summaries Tab.\",\"backout_plan\":\"When software fails in production, the previous software release will be re-deployed.\",\"test_plan\":\"Testing if the software was successfully deployed or not\"}}"
+     - sndevopscli create change -p "{\"changeStepDetails\":{\"timeout\":3600,\"interval\":100},\"autoCloseChange\":true,\"attributes\":{\"short_description\":\"Automated Software Deployment\",\"description\":\"Automated Software Deployment.\",\"assignment_group\":\"xxxxxxxx\",\"implementation_plan\":\"Software update is tested and results can be found in Test Summaries Tab.\",\"backout_plan\":\"When software fails in production, the previous software release will be re-deployed.\",\"test_plan\":\"Testing if the software was successfully deployed or not\"}}"
 
 autoCloseChange: [optional] : Boolean value
 

github-ci.yml

@@ -0,0 +1,95 @@
+name: GithubAction
+
+on:
+  push:
+    branches: ["main"]
+  pull_request:
+    branches: ["main"]
+
+permissions:
+  contents: read
+env:
+  SNOW_URL: ${{ secrets.SNOW_URL }}
+  SNOW_TOKEN: ${{ secrets.SNOW_TOKEN }}
+  SNOW_TOOLID: ${{ secrets.SNOW_TOOLID }}
+  # These are the optional env variables
+  #CI_PIPELINE_ID: ${{ github.run_id }}
+  #CI_API_V4_URL: ${{ github.server_url }}
+  #CI_JOB_ID: ${{ github.run_id }}
+  #CI_PROJECT_PATH: ${{ github.job }}
+  #CI_REPOSITORY_NAME: ${{ github.repository }}
+  #CI_RUN_ATTEMPT: ${{ github.run_attempt }}
+  #CI_PROJECT_TITLE: ${{ github.repository }}/${{github.workflow}}
+  #CI_COMMIT_BRANCH: ${{ github.ref_name }}
+  #CI_WORKFLOW_NAME: ${{ github.workflow }}
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Set up JDK 17
+        run: |
+          echo 'hello'
+
+  ServiceNowDevOpsChange:
+     runs-on: ubuntu-latest
+     needs: build
+     container:
+       image: servicenowdocker/sndevops:5.1.0
+     env:
+       CI_JOB_NAME: "ServiceNowDevOpsChange"
+
+     steps:
+       - name: create change
+         run: |
+           sndevopscli create change -p "{\"changeStepDetails\":{\"timeout\":3600,\"interval\":10},\"autoCloseChange\":true,\"attributes\":{\"short_description\":\"G Venkata Automated Software Deployment\",\"description\":\"Automated Software Deployment.\",\"assignment_group\":\"a715cd759f2002002920bde8132e7018\",\"implementation_plan\":\"Software update is tested and results can be found in Test Summaries Tab.\",\"backout_plan\":\"When software fails in production, the previous software release will be re-deployed.\",\"test_plan\":\"Testing if the software was successfully deployed or not\"}}"
+
+  ServiceNowUpdateDevOpsChange:
+       runs-on: ubuntu-latest
+       needs: ServiceNowDevOpsChange
+       container:
+         image: servicenowdocker/sndevops:5.1.0
+       env:
+         CI_JOB_NAME: "ServiceNowDevOpsChange"
+
+       steps:
+         - name: update change
+           run: |
+             sndevopscli update change -p "{\"short_description\":\"Updated Automated Software Deployment\",\"description\":\"Automated Software Deployment.\",\"assignment_group\":\"a715cd759f2002002920bde8132e7018\",\"implementation_plan\":\"Software update is tested and results can be found in Test Summaries Tab.\",\"backout_plan\":\"When software fails in production, the previous software release will be re-deployed.\",\"test_plan\":\"Testing if the software was successfully deployed or not\"}"
+
+  ArtifactAndPackage:
+      runs-on: ubuntu-latest
+      needs: build
+      container:
+        image: servicenowdocker/sndevops:5.1.0
+      env:
+        CI_JOB_NAME: "ArtifactAndPackage"
+      steps:
+        - name: create artifact
+          run: |
+             sndevopscli create artifact -a "[{\"name\": \"com:customactiondemo\",\"version\": \"1.${{ github.run_number }}\",\"semanticVersion\": \"1.${{ github.run_number }}.0\",\"repositoryName\": \"${{ github.repository }}\"}]"
+             sndevopscli create package -n "Test_Package" -a "[{\"name\": \"com:customactiondemo\",\"version\": \"1.${{ github.run_number }}\",\"semanticVersion\": \"1.${{ github.run_number }}.0\",\"repositoryName\": \"${{ github.repository }}\"}]"
+
+  ServiceNowDevOpsSonarScanResults:
+      name: ServiceNowDevOpsSonarScanResults
+      needs: ArtifactAndPackage
+      runs-on: ubuntu-latest
+      container:
+        image: servicenowdocker/sndevops:5.1.0
+      env:
+        CI_JOB_NAME: "ServiceNowDevOpsSonarScanResults"
+      steps:
+        - name: devops soanr results
+          run: |
+            sndevopscli create sonar -url 'https://sonarcloud.io' -projectKey 'xxxxxxx'
+
+  ServiceNowDevOpsSecurityScan:
+      name: ServiceNowDevOpsSecurityScan
+      runs-on: ubuntu-latest
+      needs: build
+      container:
+        image: servicenowdocker/sndevops:5.1.0
+      steps:
+        - name: security scan
+          run: |
+           sndevopscli create securityScan -p "{ \"pipelineInfo\": {  \"runId\": \"${{ github.run_id }}\",   \"runNumber\": \"${{ github.run_number }}\", \"runAttempt\": \"${{ github.run_attempt }}\",   \"job\": \"ServiceNowDevOpsSecurityScan\",  \"workflow\": \"${{ github.workflow }}\",  \"repository\": \"${{github.repository}}\" }, \"securityResultAttributes\": { \"scanner\": \"Veracode\",    \"applicationName\": \"PetStoreAPI-Github\",\"buildVersion\": \"\",   \"securityToolId\": \"\"}}"

gitlab-ci.yml

@@ -1,8 +1,9 @@
-image: servicenowdocker/sndevops:4.0.0
+image: servicenowdocker/sndevops:5.1.0
 stages:
   - pre-build
   - build
   - sonar
+  - securityscan
   - changeapproval
   - getchange
   - updatechange
@@ -26,6 +27,12 @@ ServiceNow DevOps SonarScan Results:
   script:
     - sndevopscli create sonar -url 'https://sonarcloud.io' -projectKey 'xxxxxxx'
 
+
+ServiceNow DevOps Security Scan Results:
+  stage: securityscan
+  script:
+    - sndevopscli create securityScan -p "{\"pipelineInfo\":{\"buildNumber\":\"${CI_JOB_ID}\", \"stageName\":\"ServiceNow DevOps Security Scan Results\",\"taskExecutionUrl\":\"${CI_JOB_URL}\" },\"securityResultAttributes\":{ \"scanner\":\"Veracode\",\"applicationName\":\"PetStoreAPI-Github\",\"buildVersion\":\"\",\"securityToolId\":\"\"}}"
+
 ServiceNow DevOps Change Step:
   stage: changeapproval
   variables: