DevSecOps: The Java Developer's Guide to Automating with Groovy

Transcript

1. @jeanneboyarsky Jeanne Boyarsky Tuesday Oct 23, 2018 Oracle Code One

   – DEV4959 DevSecOps: The Java Developer’s Guide to Automating with Groovy speakerdeck.com/boyarsky

2. @jeanneboyarsky 2

3. @jeanneboyarsky About Me •  16 years as Java Developer • 

   Years of tooling & Groovy 3

4. @jeanneboyarsky Wednesday Recommendations 4 Date Time Title Speaker Wed Oct

   24 1:30-2:15 Functional Programming in Java, Groovy & Kotlin Ken Kousen Wed Oct 24 2:30-3:15 JVM Languages: Compare (Java, Kotlin, Groovy, Scala) Leonardo Lima, Nikhil Nanivadekar & Donald Raab Wed Oct 24 2:30-3:15 Which Java Version from Which Java Vendor with What Support Jeanne Boyarsky

5. @jeanneboyarsky Will cover •  Groovy syntax & idioms •  Using

   Groovy from Nexus •  Using Groovy from Jenkins •  Live demo 5

6. @jeanneboyarsky This morning’s lab https://github.com/boyarsky/OracleCodeOne2018- HOL-Automating-Stack-Groovy •  Nexus - Groovy

   •  Jenkins - Groovy •  Bonus – Java Sonar rule 6

7. @jeanneboyarsky GROOVY SYNTAX & IDIOMS 7

8. @jeanneboyarsky 8 Groovy Java

9. @jeanneboyarsky Java à Groovy 9 int lastYear = 2017; int

   year = 2018 def nextYear = 2019 Can use Java syntax Without semicolon or type

10. @jeanneboyarsky Strings 10 def city = 'SF' println 'Here: $city'

    println "Here: $city" println "In ${city.class}" Java String GString Here: $city Here: SF In class java.lang.String

11. @jeanneboyarsky Multiline string 11 def name = 'Jeanne' def text

    = """ Name ______ $name """ Name ______ Jeanne Coming in Java 13 with new syntax?

12. @jeanneboyarsky What does this print? 12 def name = 'Jeanne'

    def text = ’’’ Name ______ $name ’’’ Name ______ $name

13. @jeanneboyarsky Getters vs properties 13 def animal = 'dog' println

    animal.getBytes() println animal.bytes

14. @jeanneboyarsky == vs equals() def monday ='monday' def nextMonday =

    new String('monday') def tuesday ='tuesday' println monday == null println null == monday println monday == tuesday println monday == nextMonday 14 Can use Java syntax True!

15. @jeanneboyarsky What is the truth? 15 Value Result Null False

    Empty String False Empty List False 1 character String True

16. @jeanneboyarsky Elvis has entered the building 16 println Jenkins.instance .getItemByFullName(jobName)

    ?.lastBuild ?.timestamp ?.time

17. @jeanneboyarsky Optional Parens 17 def ch = 'abc'.charAt 1 println

    ch Optional when no ambiguity Ambiguity: •  Zero params •  Within println

18. @jeanneboyarsky ArrayList++ 18 def list = ['cookie', 'chocolate’] list <<

    'candy' println list.getClass() class java.util.ArrayList println list[1] chocolate ArrayList does what now?!

19. @jeanneboyarsky ArrayList++ 19 println list [cookie, chocolate, candy] println list[-1]

    candy println list.min() candy list.sort() println list [candy, chocolate, cookie]

20. @jeanneboyarsky MetaClass def list = [1,3,5,7] println list.metaClass.methods println list.metaClass.methods*.name.sort().unique()

    20 •  Method signatures •  Method names

21. @jeanneboyarsky Streams/lambas def list = [1,3,5,7] list.stream().filter({n -> n >=

    5}).forEach({n -> System.out.println(n)}) println list.grep { num -> num >= 5 } println list.grep { it >= 5 } 21 “it” implies param •  grep vs filter •  less plumbing

22. @jeanneboyarsky Countdown! (10..1).each{ println "--> $it" } println 'Blast off!'

    22

23. @jeanneboyarsky Stream Mapping Java Groovy filter grep map collect forEach

    for limit take distinct unique anyMatch/allMatch any/every findFirst find 23

24. @jeanneboyarsky Lazy? 24 Groovy; not lazy Java streams

25. @jeanneboyarsky Functions incrementBy = 4; def add(num) { num +

    incrementBy } println add(2) 25 no def Return optional Types optional

26. @jeanneboyarsky Named Params def config = new SelectorConfiguration( name: ‘selector',

    description: ‘packages', ) 26 Only the default constructor exists!

27. @jeanneboyarsky More on Groovy http://groovy-lang.org/style-guide.html http://docs.groovy-lang.org/next/html/ documentation/working-with-collections.htm http://docs.groovy-lang.org/2.4.7/html/groovy-jdk/ overview-summary.html 27

28. @jeanneboyarsky USING GROOVY IN JENKINS 28

29. @jeanneboyarsky 29 println 'Hello Oracle Code One! ' println GroovySystem.version

    Hello Oracle Code One! 2.4.11

30. @jeanneboyarsky 30

31. @jeanneboyarsky 31 Jenkins/Hudson split

32. @jeanneboyarsky 32 System scripts can access object model Can’t choose

    Groovy version

33. @jeanneboyarsky Three ways to find methods JavaDoc https://javadoc.jenkins.io https://javadoc.jenkins.io/plugin Groovy

    def instance = Jenkins.getInstance() println instance.metaClass.methods*.name .sort().unique() println instance.metaClass.methods Google Reuse existing scripts 33

34. @jeanneboyarsky Sample Object model code import jenkins.model.Jenkins def instance =

    Jenkins.getInstance() def realm = Jenkins.getInstance().securityRealm realm.createAccount('olivia', 'olivia') instance.save() 34

35. @jeanneboyarsky Pipeline Syntax Helper 35

36. @jeanneboyarsky Convert to Pipeline Plugin 36

37. @jeanneboyarsky 37

38. @jeanneboyarsky 38

39. @jeanneboyarsky Script Security Plugin 39 ERROR: Build step failed with

    exception org.jenkinsci.plugins.scriptsecurity.sandbox.RejectedAccessExce ption: Scripts not permitted to use staticMethod jenkins.model.Jenkins getInstance Options: •  Approve each script manually •  Sandbox - whitelist APIs •  Authorized Build plugin to run as admin

40. @jeanneboyarsky USING GROOVY IN NEXUS 40

41. @jeanneboyarsky 41 log.info'Hello Oracle Code One! ’ log.info GroovySystem.version

42. @jeanneboyarsky Nexus Built Ins 42 repository (RepositoryApi) ScriptApi blobStore (BlobStoreApi)

    core (CoreApi) security (SecurityApi)

43. @jeanneboyarsky And then there is 43 container GlobalComponentLookupHelper selectorManager =

    container.lookup(SelectorManager.class.name) securitySystem = container.lookup(SecuritySystem.class.name) authorizationManager = securitySystem.getAuthorizationManager('default')

44. @jeanneboyarsky Eclipse (or IntelliJ) 44

45. @jeanneboyarsky LIVE DEMO 45

46. @jeanneboyarsky What we will cover Code Examples Walkthrough •  Nexus

    object model •  Jenkins object model •  Jenkins pipeline Demo – Nexus and Jenkins 46

47. @jeanneboyarsky 47