I am working on integrating codebuild project with GitHub to run as required action for PRs as a Branch Protection Rule.
CodeBuild Settings :
Connected with GItHub Oauth
Enabled status badges
Enabled Rebuild every time a code change is pushed to this repository
Enabled Report build statuses to source provider when your builds start and finish
Added PULLREQUEST events to the webhooks
GitHub Settings :
Codebuild webhook is setup correctly.
Codebuild Oauth app has the AWS region permission
When ever I create/update a PR I see that the codebuild project is running. All good so far.
Now when I am trying to add a branch protection rule, it says
No status checks found
My assumption is when the codebuild is setup with OAuth properly I should be able to list down the codebuild check under branch protection rules settings.
Am I missing something? I am stuck here for almost a day. Any help is appreciated. Thank you.
Related
Our Company used to self-host GitLab for source-code management and configured webhook on gitlab to trigger all the project pipelines on jenkins. Initially, the gitlab url was 'https://git.fulcrumdigital.com' and later for an upgraded version, they changed url to 'https://autobuild.fulcrumdigital.com'
Recently, we migrated to 'github.com' and created an organization. The source codes for various projects are found under this organization, which is private. Now, when I try to configure webhooks for these projects, I see that they deliver as intended to jenkins, but jenkins doesn't trigger the respective project's build. Instead, it gives out a message as shown below.
jenkins-github webhook error
I don't find any info regarding this webhook on global configuration page.
Here is a snapshot of jenkins logs
jenkins logs
I don't face this webhook issue for newly created pipeline-projects on jenkins. I face this issue for older pipeline-projects that already had their webhook configured earlier for gitlab.
Help me to resolve this issue and make jenkins trigger build from github webhook for older pipeline-projects.
Did you try force regenerating the webhooks?
Go to Manage Jenkins > Configure System > GitHub plugin > Advance > Re-registers hooks for all jobs.
I had this problem myself. The first thing you want to do is go to Manage Jenkins -> Configure System scroll down to the GitHub section and click on "Advanced". You will see this:
It's important to have access to your Jenkins log (I'm running Jenkins with Docker). When I clicked on Re-register hooks for all jobs, I got the following error:
In my case, the error mentioned something with my access token. So, I checked my Github personal access token and it turned out, I need to turn on Read and Write for Webhook:
Now, go back to Jenkins and click on Re-register hooks for all jobs again, and on the next push, the build was automatically triggered.
I created a classic CI azure pipeline for a .net application present in GitHub repo and enabled continuous integration in triggers and also added 2 branches in branch filters. But when my team members made some changes and make commits, my pipeline is not triggering and build is not created. I can't understand what might be the problem as I'm new to azure pipelines
Here is some troubleshooting advices, and you can click this document for more detailed information:
Are you using the GitHub app connection to connect the pipeline to GitHub? If you are using a GitHub app connection, follow these steps:
Is the mapping set up properly between GitHub and Azure DevOps? Open a
pull request in your GitHub repository, and make the comment /azp
where. This reports back the Azure DevOps organization that the
repository is mapped to.
If no organizations are set up to build this repository using the app,
go to
https://github.com/<org_name>/<repo_name>/settings/installations and
complete the configuration of the app.
If a different Azure DevOps organization is reported, then someone has
already established a pipeline for this repo in a different
organization. We currently have the limitation that we can only map a
GitHub repo to a single DevOps org. Only the pipelines in the first
Azure DevOps org can be automatically triggered. To change the
mapping, uninstall the app from the GitHub organization, and
re-install it. As you re-install it, make sure to select the correct
organization when you are redirected to Azure DevOps.
Are you using OAuth or PAT to connect the pipeline to GitHub? If you are using a GitHub connection, follow these steps:
OAuth and PAT connections rely on webhooks to communicate updates to
Azure Pipelines. In GitHub, navigate to the settings for your
repository, then to Webhooks. Verify that the webhooks exist. Usually
you should see three webhooks - push, pull_request, and issue_comment.
If you don't, then you must re-create the service connection and
update the pipeline to use the new service connection.
Select each of the webhooks in GitHub and verify that the payload that
corresponds to the user's commit exists and was sent successfully to
Azure DevOps. You may see an error here if the event could not be
communicated to Azure DevOps.
Is your pipeline paused or disabled? Open the editor for the pipeline, and then select Settings to check. If your pipeline is
paused or disabled, then triggers do not work.
Have you used variables in defining the trigger or the paths? That is not supported.
Have you excluded the branches or paths to which you pushed your changes? Test by pushing a change to an included path in an included
branch. Note that paths in triggers are case-sensitive. Make sure that
you use the same case as those of real folders when specifying the
paths in triggers.
Updates:
You don't need to change webhooks in github, what you need to do is that go to github Settings -> Webhooks, check whether there are "Recent Deliveries". If there are errors in recent deliveries, the cause of the question is indicated.
If Azure DevOps and GitHub are properly connected, GitHub will automatically generate Webhooks. As shown below:
The content of "Payload URL" is:
https://dev.azure.com/{organization}/_apis/public/hooks/externalEvents?publisherId=github&channelId={channelId}&api-version=6.1-preview
Please note that a GitHub repository can only connect to one Azure DevOps organization. If you have connected to more than one organizations, keep the only one you are using currently.
In DevOps click Pipelines on the left-hand side navigation
Select your pipeline.
Click Edit
Then in the new window pane (top left), you'll see a tab for triggers.
This is where you can configure the continuous integration settings to trigger builds on push / pull requests etc.
Here's an example
Continues integration is enabled for the development branch, thus any push to that branch will trigger a build.
How do you configure Github's pull request review page to show Travis-CI build status?
I remember Github automatically showing build status for some of my repos configured to build using Travis-CI, but Github has stopped doing this. Whether the build passed or succeeded, Github would show the status near the "Merge pull request" button. Now I have to manually search for the pull request in Travis-CI.
Has this feature been discontinued by Github, or is there some new manual configuration needed to re-implement this?
This discussion thread explained the issue.
The solution was to:
revoke access to Travis-CI in Github
logout of Travis-CI
log back in to Travis-CI.
Travis-CI then automatically asked for Github credentials, and afterwards Github again shows Travis-CI build status in a check.
The legacy integration has been disabled and you need to perform the migration to the GitHub app integration. See the instructions here: https://docs.travis-ci.com/user/migrate/legacy-services-to-github-apps-migration-guide/
Note that if you are not the owner on the repo, you will need to request adding Travis access to the appropriate person.
According to the tutorial written on the sonarcloud blog (https://blog.sonarsource.com/integrate-sonarcloud-with-vsts-to-boost-code-quality) and the Azure DevOps lab (https://www.azuredevopslabs.com/labs/vstsextend/sonarcloud/) I should be able to use the outcome of the analysis as a qualitygate for my pullrequest.
Unfortunatly this option does not appear when adding a new status policy.
The code has been analysed in the build and in the buildsummary you can see the outcome from sonarcloud.
The last thing I need to do is add it as an approval pull-request requirement.
After several attempts, changes and other setting tweaks i'd managed to get this operational. I think the problem was solved by creating a new personal access token with only the code read/write option selected.
Now the sonarcloud decoration works (providing comments for codesmells) and the status policy is selectable in the branch security policy settings.
If SonarQube is updating each time you run a build, but when you try to add a PR Status Check via AzDO you cannot see the 'SonarQube/quality gate' option appear in the dropdown list you must then enable 'PR Decoration'.
As a SQ Admin, go-to General Settings -> PR Decoration -> select the organisation URL and add the AzDO project name and repository name.
Using the official guide, created build project to run tests on GitHub PullRequests creation. The webhook is correctly shown on GitHub, builds are being triggered in Codebuild, however, the build status is not shown in Github, despite the option Report build status is set true. If I correctly understood the tutorial, Codebuild has native support of GitHub, and after successful creation of a webhook, the new verification check should be added for PR submission automatically, any suggestions to make this work?
It should work automatically. If builds are triggering but codebuild is not reporting back on the status, then it sounds like the codebuild project no longer has permission to the repo. You could try adding the GitHub source to codebuild again.
"Report build status" actually has no effect when triggered by a webhook, and should always report back in theory (https://docs.aws.amazon.com/codebuild/latest/userguide/change-project.html). It's set to false for my project and always updates the pull requests.
Ensure the GitHub user has write access to the repository, and if you're using a Personal Access Token (PAT), ensure the repo:status scope is granted:
Grants read/write access to public and private repository commit statuses. This scope is only necessary to grant other users or services access to private repository commit statuses without granting access to the code.
https://developer.github.com/apps/building-oauth-apps/understanding-scopes-for-oauth-apps/
(I experienced this issue recently. The PAT had the necessary scopes granted but the GitHub user had read-only access to the repository. Granting the GitHub user write permission solved the problem.)