-
Notifications
You must be signed in to change notification settings - Fork 9
Release validations
This pages displays the available validations performed at the moment a new release is promoted. Also there is a description on where these validations impact the release process.
The term validation represents a verification performed by the system when release management steps are involved. Each of the validations provides information to the end-user which is the R&D member doing the product release. This happens no matter how the validations are being set: warning or errors.
Grapes provides as part of its REST API one endpoint which can be used at any time a team needs.
/module/{name}/{version}/promotion/report will provide the content of the report showing warnings, errors
and a boolean flag showing if the module can be promoted.
Other APIs depending the the promotion report
/module/{name}/{version}/promotion/doable/module/{name}/{version}/promotion
Validation report of module can be seen in the details of a particular module.
The validation report provides information about the validations performed against the target module. It provides in response a series of messages, each one being labeled (tagged) as minor, major or critical. These are just an indication on their severeness, the value of promotable flag does not depend on messaging.
Example of validation report
{
"promotable" : false,
"messages" : [
{
"body" : "Dependencies marked as not usable: junit:junit:2.0::jar",
"tag" : "critical"
},
{
"body" : "some message",
"tag" : "major"
},
{
"body" : "Third party dependencies under licenses not accepted: oracle:ojdbc:11.2.0.3 licensed as Oracle Technology Network Development and Distribution License Terms",
"tag" : "major"
}
]
}To configure how the server treats validations, use the promotionValidation section.
This allows setting which of the releases are going to have a blocking impact against the promotion process. Use the errors section to indicate which validations are errors. Errors block the promotion.
Validations will generate associated messages and message support the tag attribute. The system uses this to indicate to users how serious the warning is.
Currently supported tags: MINOR, MAJOR and CRITICAL
Example of configuration section
promotionValidation:
errors : [VERSION_IS_SNAPSHOT]
tags :
critical: [VERSION_IS_SNAPSHOT, DO_NOT_USE_DEPS]
major : [DEPS_UNACCEPTABLE_LICENSE, UNPROMOTED_DEPS]
minor : [DEPS_WITH_NO_LICENSES]In the example above, modules having SNAPSHOT version are going to be prevented from promotion. Every other validation will attract messages being displayed, but they are just warnings of different tags.
Errors related to using dependencies marked as DO_NOT_USE will show up as criticals, artifacts with unacceptable license terms will be majors and so on.
If a certain validation is not explicitly set, it will be considered as MINOR
By configuring the validation policy, Grapes supports different styles of treating the lack of compliance.
One extreme is to be very lenient, only informing the teams about elements which are not compliant. To take
this approach, do not configure any error in config file promotionValidation.
On the other hand, it can be set much more strict and enforce every rule to be an error. This would enforce all the standardization aspects.
How each organization chooses to configure the system is a matter of own internal policy, the tool has been enhanced to support different styles.
All registered server validations
Release version is SNAPSHOT. Letting this validation be considered warning means a team can create a release called 1.2.3-SNAPSHOT. As improbable as this may sound, such teams do exist.
Release contains dependencies marked as DO_NOT_USE. Setting this validation to error allows marking a certain artifact as not usable (DO_NOT_USE) would prevent a team from promoting a release which uses that artifact.
Release contains corporate dependencies which are not promoted. This validation is particular useful for corporate modules making use of other corporate artifacts created by different teams.
Release contains dependencies with no license information. This validation gives a good idea on which used third party dependencies have no license information associated.
Release contains dependencies subject of license terms not accepted. It may be possible for a corporation not to agree to some licensing terms. They will probably reject some of the terms by marking the license as unacceptable in Grapes. Turning this validation on will cause the team using one or several third party artifacts not able to promote if the dependencies are subject to unacceptable terms.
© Grapes 2014-2017