Upgrade to Pro — share decks privately, control downloads, hide ads and more …

DevSecOps: The Java Developer's Guide to Automa...

Jeanne Boyarsky
October 14, 2018
0
170

DevSecOps: The Java Developer's Guide to Automating with Groovy

Learn how to use Groovy to automate Jenkins/Nexus security config.

Jeanne Boyarsky

October 14, 2018
Tweet

More Decks by Jeanne Boyarsky

See All by Jeanne Boyarsky
Managing Your Time for Work, Learning, and Fun
boyarsky
0
43
Preparing for the Java 21 Certification and Learning New Features
boyarsky
0
160
2024-java21.pdf
boyarsky
0
37
NYC FRC 2024 Kickoff Awards Presentation
boyarsky
0
89
Preparing to Apply and Speak at Conferences
boyarsky
0
55
Refactoring to Java 21
boyarsky
1
80
2023-static-analysis.pdf
boyarsky
0
56
Readable Regular Expressions in Java
boyarsky
0
170
Readable Regular Expressions
boyarsky
0
230

Featured

See All Featured
The MySQL Ecosystem @ GitHub 2015
samlambert
250
12k
Adopting Sorbet at Scale
ufuk
73
9.1k
Music & Morning Musume
bryan
46
6.2k
What’s in a name? Adding method to the madness
productmarketing
PRO
22
3.1k
RailsConf & Balkan Ruby 2019: The Past, Present, and Future of Rails at GitHub
eileencodes
131
33k
Easily Structure & Communicate Ideas using Wireframe
afnizarnur
191
16k
The Cost Of JavaScript in 2023
addyosmani
45
6.7k
Faster Mobile Websites
deanohume
305
30k
Speed Design
sergeychernyshev
25
620
A designer walks into a library…
pauljervisheath
204
24k
StorybookのUI Testing Handbookを読んだ
zakiyama
27
5.3k
KATA
mclloyd
29
14k

Transcript

  1. @jeanneboyarsky Jeanne Boyarsky Tuesday Oct 23, 2018 Oracle Code One

    – DEV4959 DevSecOps: The Java Developer’s Guide to Automating with Groovy speakerdeck.com/boyarsky

  2. @jeanneboyarsky 2

  3. @jeanneboyarsky About Me •  16 years as Java Developer • 

    Years of tooling & Groovy 3

  4. @jeanneboyarsky Wednesday Recommendations 4 Date Time Title Speaker Wed Oct

    24 1:30-2:15 Functional Programming in Java, Groovy & Kotlin Ken Kousen Wed Oct 24 2:30-3:15 JVM Languages: Compare (Java, Kotlin, Groovy, Scala) Leonardo Lima, Nikhil Nanivadekar & Donald Raab Wed Oct 24 2:30-3:15 Which Java Version from Which Java Vendor with What Support Jeanne Boyarsky

  5. @jeanneboyarsky Will cover •  Groovy syntax & idioms •  Using

    Groovy from Nexus •  Using Groovy from Jenkins •  Live demo 5

  6. @jeanneboyarsky This morning’s lab https://github.com/boyarsky/OracleCodeOne2018- HOL-Automating-Stack-Groovy •  Nexus - Groovy

    •  Jenkins - Groovy •  Bonus – Java Sonar rule 6

  7. @jeanneboyarsky GROOVY SYNTAX & IDIOMS 7

  8. @jeanneboyarsky 8 Groovy Java

  9. @jeanneboyarsky Java à Groovy 9 int lastYear = 2017; int

    year = 2018 def nextYear = 2019 Can use Java syntax Without semicolon or type

  10. @jeanneboyarsky Strings 10 def city = 'SF' println 'Here: $city'

    println "Here: $city" println "In ${city.class}" Java String GString Here: $city Here: SF In class java.lang.String

  11. @jeanneboyarsky Multiline string 11 def name = 'Jeanne' def text

    = """ Name ______ $name """ Name ______ Jeanne Coming in Java 13 with new syntax?

  12. @jeanneboyarsky What does this print? 12 def name = 'Jeanne'

    def text = ’’’ Name ______ $name ’’’ Name ______ $name

  13. @jeanneboyarsky Getters vs properties 13 def animal = 'dog' println

    animal.getBytes() println animal.bytes

  14. @jeanneboyarsky == vs equals() def monday ='monday' def nextMonday =

    new String('monday') def tuesday ='tuesday' println monday == null println null == monday println monday == tuesday println monday == nextMonday 14 Can use Java syntax True!

  15. @jeanneboyarsky What is the truth? 15 Value Result Null False

    Empty String False Empty List False 1 character String True

  16. @jeanneboyarsky Elvis has entered the building 16 println Jenkins.instance .getItemByFullName(jobName)

    ?.lastBuild ?.timestamp ?.time

  17. @jeanneboyarsky Optional Parens 17 def ch = 'abc'.charAt 1 println

    ch Optional when no ambiguity Ambiguity: •  Zero params •  Within println

  18. @jeanneboyarsky ArrayList++ 18 def list = ['cookie', 'chocolate’] list <<

    'candy' println list.getClass() class java.util.ArrayList println list[1] chocolate ArrayList does what now?!

  19. @jeanneboyarsky ArrayList++ 19 println list [cookie, chocolate, candy] println list[-1]

    candy println list.min() candy list.sort() println list [candy, chocolate, cookie]

  20. @jeanneboyarsky MetaClass def list = [1,3,5,7] println list.metaClass.methods println list.metaClass.methods*.name.sort().unique()

    20 •  Method signatures •  Method names

  21. @jeanneboyarsky Streams/lambas def list = [1,3,5,7] list.stream().filter({n -> n >=

    5}).forEach({n -> System.out.println(n)}) println list.grep { num -> num >= 5 } println list.grep { it >= 5 } 21 “it” implies param •  grep vs filter •  less plumbing

  22. @jeanneboyarsky Countdown! (10..1).each{ println "--> $it" } println 'Blast off!'

    22

  23. @jeanneboyarsky Stream Mapping Java Groovy filter grep map collect forEach

    for limit take distinct unique anyMatch/allMatch any/every findFirst find 23

  24. @jeanneboyarsky Lazy? 24 Groovy; not lazy Java streams

  25. @jeanneboyarsky Functions incrementBy = 4; def add(num) { num +

    incrementBy } println add(2) 25 no def Return optional Types optional

  26. @jeanneboyarsky Named Params def config = new SelectorConfiguration( name: ‘selector',

    description: ‘packages', ) 26 Only the default constructor exists!

  27. @jeanneboyarsky More on Groovy http://groovy-lang.org/style-guide.html http://docs.groovy-lang.org/next/html/ documentation/working-with-collections.htm http://docs.groovy-lang.org/2.4.7/html/groovy-jdk/ overview-summary.html 27

  28. @jeanneboyarsky USING GROOVY IN JENKINS 28

  29. @jeanneboyarsky 29 println 'Hello Oracle Code One! ' println GroovySystem.version

    Hello Oracle Code One! 2.4.11

  30. @jeanneboyarsky 30

  31. @jeanneboyarsky 31 Jenkins/Hudson split

  32. @jeanneboyarsky 32 System scripts can access object model Can’t choose

    Groovy version

  33. @jeanneboyarsky Three ways to find methods JavaDoc https://javadoc.jenkins.io https://javadoc.jenkins.io/plugin Groovy

    def instance = Jenkins.getInstance() println instance.metaClass.methods*.name .sort().unique() println instance.metaClass.methods Google Reuse existing scripts 33

  34. @jeanneboyarsky Sample Object model code import jenkins.model.Jenkins def instance =

    Jenkins.getInstance() def realm = Jenkins.getInstance().securityRealm realm.createAccount('olivia', 'olivia') instance.save() 34

  35. @jeanneboyarsky Pipeline Syntax Helper 35

  36. @jeanneboyarsky Convert to Pipeline Plugin 36

  37. @jeanneboyarsky 37

  38. @jeanneboyarsky 38

  39. @jeanneboyarsky Script Security Plugin 39 ERROR: Build step failed with

    exception org.jenkinsci.plugins.scriptsecurity.sandbox.RejectedAccessExce ption: Scripts not permitted to use staticMethod jenkins.model.Jenkins getInstance Options: •  Approve each script manually •  Sandbox - whitelist APIs •  Authorized Build plugin to run as admin

  40. @jeanneboyarsky USING GROOVY IN NEXUS 40

  41. @jeanneboyarsky 41 log.info'Hello Oracle Code One! ’ log.info GroovySystem.version

  42. @jeanneboyarsky Nexus Built Ins 42 repository (RepositoryApi) ScriptApi blobStore (BlobStoreApi)

    core (CoreApi) security (SecurityApi)

  43. @jeanneboyarsky And then there is 43 container GlobalComponentLookupHelper selectorManager =

    container.lookup(SelectorManager.class.name) securitySystem = container.lookup(SecuritySystem.class.name) authorizationManager = securitySystem.getAuthorizationManager('default')

  44. @jeanneboyarsky Eclipse (or IntelliJ) 44

  45. @jeanneboyarsky LIVE DEMO 45

  46. @jeanneboyarsky What we will cover Code Examples Walkthrough •  Nexus

    object model •  Jenkins object model •  Jenkins pipeline Demo – Nexus and Jenkins 46

  47. @jeanneboyarsky 47