Use CircleCI version 2.1 at the top of your .circleci/config.yml file.
1
version: 2.1
Add the orbs
stanza below your version, invoking the orb:
1
2
orbs:
policy: datree/policy@1.0.12
Use policy
elements in your existing workflows and jobs.
Opt-in to use of uncertified orbs on your organization’s Security settings page.
Example of using Datree's branch name convention rule. The `issue_tracker` parameter is optional (defaults to Jira)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
orbs:
datree: datree/policy@volatile
description: A circle-ci job to enforce Datree's branch name convention rule
jobs:
my_job:
docker:
- image: circleci/node:10
steps:
- datree/branch-name-convention:
issue_tracker: jira
version: 2.1
workflows:
main:
jobs:
- my_job
Example of using Datree's pull request title convention rule. The `issue_tracker` parameter is optional (defaults to Jira). The `token` parameter is required. It is possible to pass it using `GITHUB_TOKEN` environment variable.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
orbs:
datree: datree/policy@volatile
description: A circle-ci job to enforce Datree's pull request title convention rule
jobs:
my_job:
docker:
- image: circleci/node:10
steps:
- datree/pull-request-title-convention:
issue_tracker: jira
version: 2.1
workflows:
main:
jobs:
- my_job:
context: github-token-context
Example of using Datree's version alignment rule. The `payload` parameter is required. In this example we run a fake job that extracts the actual installed versions from within the build. The `DATREE_API_KEY` parameter is required. It is possible to pass it using an environment variable of the same name.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
orbs:
datree: datree/policy@volatile
description: A circle-ci to enforce uses Datree's version alignment rule
jobs:
extract-versions:
docker:
- image: circleci/circleci-cli:0.1.2709
steps:
- run: echo "running version extraction script"
my_job:
docker:
- image: circleci/node:10
steps:
- datree/version-alignment
version: 2.1
workflows:
main:
jobs:
- extract-versions
- my_job:
requires:
- extract-versions
context: datree-api-context
payload: >-
{ "expected":
[{"name":"webpack-node-externals","category":"npm","version":"1.7.2"}],
"actual":
[{"name":"webpack-node-externals","category":"npm","version":"1.7.2"}]
}
Validate that the branch name is linked to your issue tracker. This orb will fail your build in case the branch name doesn't contain the pattern expected by your issue tracker.
PARAMETER | DESCRIPTION | REQUIRED | DEFAULT | TYPE |
---|---|---|---|---|
issue_tracker | Name of you issue tracker. Currently Jira and Pivotal are supported. | No | jira | enum |
Validate that the pull request title is linked to your issue tracker. This orb will fail your build in case the pull request title doesn't contain the pattern expected by your issue tracker. In case the build doesn't run on a pull request, the orb will automatically continue. For a 'how-to' guide on generating a Github Token see here - https://docs.datree.io/docs/generate-github-token.
PARAMETER | DESCRIPTION | REQUIRED | DEFAULT | TYPE |
---|---|---|---|---|
issue_tracker | Name of you issue tracker - currently only Jira is supported.
When using Pivotal, pull requests will connect automatically if the branch was linked.
| No | jira | enum |
token | Enter either your github token or use the CircleCI UI to add your token under the 'GITHUB_TOKEN' environment variable | No | $GITHUB_TOKEN | string |
Control version alignment of packages across multiple repositories.
PARAMETER | DESCRIPTION | REQUIRED | DEFAULT | TYPE |
---|---|---|---|---|
API_KEY | Enter either your Datree api key or use the CircleCI UI to add your token under the 'DATREE_API_KEY' env var | No | $DATREE_API_KEY | string |
file_path | JSON formatted object including the expected an actual code component version. For more information view README file | No | '' | string |
payload | JSON formatted object including the expected an actual code component version. For more information view README file | No | '' | string |
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
# This code is licensed from CircleCI to the user under the MIT license.
# See here for details: https://circleci.com/developer/orbs/licensing
version: 2.1
description: |
Use Datree's Policy Enforcement from within your build.
The orb includes several commands you can run during your build to enforce your policy.
For more information check here - https://docs.datree.io/docs/datree-and-circleci
display:
source_url: https://github.com/datreeio/datree-orb
home_url: https://datree.io
commands:
branch-name-convention:
description: |
Validate that the branch name is linked to your issue tracker.
This orb will fail your build in case the branch name doesn't contain the pattern expected by your issue tracker.
parameters:
issue_tracker:
description: Name of you issue tracker. Currently Jira and Pivotal are supported.
default: 'jira'
type: enum
enum: ['jira', 'pivotal']
steps:
- run:
name: datree branch-name-convention policy
command: |
res=$(curl -X POST \
https://gateway.datree.io/v1/policy/orb/branchname \
-H 'Content-Type: application/json' \
-d '{ "issue_tracker": "<< parameters.issue_tracker >>", "branch_name": "'"$CIRCLE_BRANCH"'"}') && \
prop="passed" && \
# parse json and extract value
# credit to cjus - https://gist.github.com/cjus/1047794
passed=`echo $res | sed 's/\\\\\//\//g' | sed 's/[{}]//g' | awk -v k="text" '{n=split($0,a,","); for (i=1; i<=n; i++) print a[i]}' | sed 's/\"\:\"/\|/g' | sed 's/[\,]/ /g' | sed 's/\"//g' | grep -w $prop | cut -d":" -f2| sed -e 's/^ *//g' -e 's/ *$//g'` && \
if [ "$passed" = true ]
then
echo "Success - branch name mentions issue tracker format"
else
echo "Failed - branch name doesn't mention issue tracker"
echo "In order to fix go to - https://docs.datree.io/docs/rename-a-local-and-remote-branch"
exit 1
fi
pull-request-title-convention:
description: |
Validate that the pull request title is linked to your issue tracker.
This orb will fail your build in case the pull request title doesn't contain the pattern expected by your issue tracker.
In case the build doesn't run on a pull request, the orb will automatically continue.
For a 'how-to' guide on generating a Github Token see here - https://docs.datree.io/docs/generate-github-token.
parameters:
issue_tracker:
description: |
Name of you issue tracker - currently only Jira is supported.
When using Pivotal, pull requests will connect automatically if the branch was linked.
default: 'jira'
type: enum
enum: ['jira']
token:
description: Enter either your github token or use the CircleCI UI to add your token under the 'GITHUB_TOKEN' environment variable
default: $GITHUB_TOKEN
type: string
steps:
- run:
name: datree pull-request-title-convention policy
command: |
# if no pull request is available exit early
if [ -z "$CIRCLE_PULL_REQUEST" ]
then
echo "No pull request available"
exit 0
fi && \
# parse pull request number from url
PR_NUMBER=${CIRCLE_PULL_REQUEST##*/} && \
REPOSITORY_URL=$(echo $CIRCLE_PULL_REQUEST | sed 's|\(.*\)/.*|\1|' | sed 's|\(.*\)/.*|\1|')
TOKEN="<< parameters.token >>"
res=$(curl -X POST \
https://gateway.datree.io/v1/policy/orb/pullrequesttitle \
-H 'Content-Type: application/json' \
-d '{ "issue_tracker": "<< parameters.issue_tracker >>", "token": "'"$TOKEN"'", "repositoryUrl": "'"$REPOSITORY_URL"'", "pullRequestNumber": "'"$PR_NUMBER"'" }') && \
prop="passed" && \
# parse json and extract value
# credit to cjus - https://gist.github.com/cjus/1047794
passed=`echo $res | sed 's/\\\\\//\//g' | sed 's/[{}]//g' | awk -v k="text" '{n=split($0,a,","); for (i=1; i<=n; i++) print a[i]}' | sed 's/\"\:\"/\|/g' | sed 's/[\,]/ /g' | sed 's/\"//g' | grep -w $prop | cut -d":" -f2| sed -e 's/^ *//g' -e 's/ *$//g'` && \
if [ "$passed" = true ]
then
echo "Success - pull request title mentions issue tracker format"
else
echo "Failed - pull request title doesn't mention issue tracker"
echo "In order to fix go to - https://docs.datree.io/docs/link-pull-request-to-a-jira-ticket#how-to-fix"
exit 1
fi
version-alignment:
description: Control version alignment of packages across multiple repositories.
parameters:
API_KEY:
description: Enter either your Datree api key or use the CircleCI UI to add your token under the 'DATREE_API_KEY' env var
default: $DATREE_API_KEY
type: string
file_path:
description: JSON formatted object including the expected an actual code component version. For more information view README file
default: ''
type: string
payload:
description: JSON formatted object including the expected an actual code component version. For more information view README file
default: ''
type: string
steps:
- checkout
- run:
name: datree version-compare policy
command: |
npm install @datreeio/version-compare && \
node ./node_modules/@datreeio/version-compare/index \
-a << parameters.API_KEY >> \
-f '<< parameters.file_path >>' \
-p '<< parameters.payload >>' \
-u $CIRCLE_PULL_REQUEST
examples:
branch-name-convention:
description: |
Example of using Datree's branch name convention rule.
The `issue_tracker` parameter is optional (defaults to Jira)
usage:
orbs:
datree: datree/policy@volatile # we advise to lock the version before pushing to production
description: A circle-ci job to enforce Datree's branch name convention rule
jobs:
my_job:
docker:
- image: circleci/node:10
steps:
- datree/branch-name-convention:
issue_tracker: jira
version: 2.1
workflows:
main:
jobs:
- my_job
pull-request-title-convention:
description: |
Example of using Datree's pull request title convention rule.
The `issue_tracker` parameter is optional (defaults to Jira).
The `token` parameter is required. It is possible to pass it using `GITHUB_TOKEN` environment variable.
usage:
orbs:
datree: datree/policy@volatile # we advise to lock the version before pushing to production
description: A circle-ci job to enforce Datree's pull request title convention rule
jobs:
my_job:
docker:
- image: circleci/node:10
steps:
- datree/pull-request-title-convention:
issue_tracker: jira
version: 2.1
workflows:
main:
jobs:
- my_job:
context: github-token-context # required in order to use the environment variable
version-alignment:
description: |
Example of using Datree's version alignment rule.
The `payload` parameter is required. In this example we run a fake job that extracts the actual installed versions from within the build.
The `DATREE_API_KEY` parameter is required. It is possible to pass it using an environment variable of the same name.
usage:
orbs:
datree: datree/policy@volatile # we advise to lock the version before pushing to production
description: A circle-ci to enforce uses Datree's version alignment rule
jobs:
extract-versions:
docker:
- image: circleci/circleci-cli:0.1.2709
steps:
- run: echo "running version extraction script"
# this is a mock demo - running a script to extract the package versions that were installed during the build
my_job:
docker:
- image: circleci/node:10
steps:
- datree/version-alignment
version: 2.1
workflows:
main:
jobs:
- extract-versions
- my_job:
requires:
- extract-versions
context: datree-api-context # required in order to use the environment variable
payload: '{
"expected":
[{"name":"webpack-node-externals","category":"npm","version":"1.7.2"}],
"actual":
[{"name":"webpack-node-externals","category":"npm","version":"1.7.2"}]
}' # In a real life scenario this is passed from the extract-versions job.