DevSecOps: The Java Developer's Guide to Automating with Groovy

Transcript

1. @jeanneboyarsky Jeanne Boyarsky Tuesday May 21, 2018 Oracle Code New

   York DevSecOps: The Java Developer’s Guide to Automating with Groovy speakerdeck.com/boyarsky

2. @jeanneboyarsky 2

3. @jeanneboyarsky About Me •  16 years as Java Developer • 

   Years of tooling & Groovy 3

4. @jeanneboyarsky Will cover •  Groovy syntax & idioms •  Using

   Groovy from Nexus •  Using Groovy from Jenkins •  Live demo 4

5. @jeanneboyarsky Oracle Code One Lab https://github.com/boyarsky/OracleCodeOne2018- HOL-Automating-Stack-Groovy •  Nexus -

   Groovy •  Jenkins - Groovy •  Bonus – Java Sonar rule 5

6. @jeanneboyarsky GROOVY SYNTAX & IDIOMS 6

7. @jeanneboyarsky 7 Groovy Java

8. @jeanneboyarsky Java à Groovy 8 int lastYear = 2018; int

   year = 2019 def nextYear = 2020 Can use Java syntax Without semicolon or type

9. @jeanneboyarsky Strings 9 def city = ’NYC' println 'Here: $city'

   println "Here: $city" println "In ${city.class}" Java String GString Here: $city Here: NYC In class java.lang.String

10. @jeanneboyarsky Multiline string 10 def name = 'Jeanne' def text

    = """ Name ______ $name """ Name ______ Jeanne Coming in Java 13 (raw string literals) 14? (text blocks) with new syntax

11. @jeanneboyarsky What does this print? 11 def name = 'Jeanne'

    def text = ’’’ Name ______ $name ’’’ Name ______ $name

12. @jeanneboyarsky Getters vs properties 12 def animal = 'dog' println

    animal.getBytes() println animal.bytes

13. @jeanneboyarsky == vs equals() def monday ='monday' def nextMonday =

    new String('monday') def tuesday ='tuesday' println monday == null println null == monday println monday == tuesday println monday == nextMonday 13 Can use Java syntax True!

14. @jeanneboyarsky What is the truth? 14 Value Result Null False

    Empty String False Empty List False 1 character String True

15. @jeanneboyarsky Elvis has entered the building 15 println Jenkins.instance .getItemByFullName(jobName)

    ?.lastBuild ?.timestamp ?.time

16. @jeanneboyarsky Optional Parens 16 def ch = 'abc'.charAt 1 println

    ch Optional when no ambiguity Ambiguity: •  Zero params •  Within println

17. @jeanneboyarsky ArrayList++ 17 def list = ['cookie', 'chocolate’] list <<

    'candy' println list.getClass() class java.util.ArrayList println list[1] chocolate ArrayList does what now?!

18. @jeanneboyarsky ArrayList++ 18 println list [cookie, chocolate, candy] println list[-1]

    candy println list.min() candy list.sort() println list [candy, chocolate, cookie]

19. @jeanneboyarsky MetaClass def list = [1,3,5,7] println list.metaClass.methods println list.metaClass.methods*.name.sort().unique()

    19 •  Method signatures •  Method names

20. @jeanneboyarsky Streams/lambas def list = [1,3,5,7] list.stream().filter({n -> n >=

    5}).forEach({n -> System.out.println(n)}) println list.grep { num -> num >= 5 } println list.grep { it >= 5 } 20 “it” implies param •  grep vs filter •  less plumbing

21. @jeanneboyarsky Countdown! (10..1).each{ println "--> $it" } println 'Blast off!'

    21

22. @jeanneboyarsky Stream Mapping Java Groovy filter grep map collect forEach

    for limit take distinct unique anyMatch/allMatch any/every findFirst find 22

23. @jeanneboyarsky Lazy? 23 Groovy; not lazy Java streams

24. @jeanneboyarsky Functions incrementBy = 4; def add(num) { num +

    incrementBy } println add(2) 24 no def Return optional Types optional

25. @jeanneboyarsky Named Params def config = new SelectorConfiguration( name: ‘selector',

    description: ‘packages', ) 25 Only the default constructor exists!

26. @jeanneboyarsky More on Groovy http://groovy-lang.org/style-guide.html http://docs.groovy-lang.org/next/html/ documentation/working-with-collections.htm http://docs.groovy-lang.org/2.4.7/html/groovy-jdk/ overview-summary.html 26

27. @jeanneboyarsky USING GROOVY IN JENKINS 27

28. @jeanneboyarsky 28 println 'Hello Oracle Code One! ' println GroovySystem.version

    Hello Oracle Code One! 2.4.11

29. @jeanneboyarsky 29

30. @jeanneboyarsky 30 Jenkins/Hudson split

31. @jeanneboyarsky 31 System scripts can access object model Can’t choose

    Groovy version

32. @jeanneboyarsky Three ways to find methods JavaDoc https://javadoc.jenkins.io https://javadoc.jenkins.io/plugin Groovy

    def instance = Jenkins.getInstance() println instance.metaClass.methods*.name .sort().unique() println instance.metaClass.methods Google Reuse existing scripts 32

33. @jeanneboyarsky Sample Object model code import jenkins.model.Jenkins def instance =

    Jenkins.getInstance() def realm = Jenkins.getInstance().securityRealm realm.createAccount('olivia', 'olivia') instance.save() 33

34. @jeanneboyarsky Pipeline Syntax Helper 34

35. @jeanneboyarsky Convert to Pipeline Plugin 35

36. @jeanneboyarsky 36

37. @jeanneboyarsky 37

38. @jeanneboyarsky Script Security Plugin 38 ERROR: Build step failed with

    exception org.jenkinsci.plugins.scriptsecurity.sandbox.RejectedAccessExce ption: Scripts not permitted to use staticMethod jenkins.model.Jenkins getInstance Options: •  Approve each script manually •  Sandbox - whitelist APIs •  Authorized Build plugin to run as admin

39. @jeanneboyarsky USING GROOVY IN NEXUS 39

40. @jeanneboyarsky 40 log.info'Hello Oracle Code One! ’ log.info GroovySystem.version

41. @jeanneboyarsky Nexus Built Ins 41 repository (RepositoryApi) ScriptApi blobStore (BlobStoreApi)

    core (CoreApi) security (SecurityApi)

42. @jeanneboyarsky And then there is 42 container GlobalComponentLookupHelper selectorManager =

    container.lookup(SelectorManager.class.name) securitySystem = container.lookup(SecuritySystem.class.name) authorizationManager = securitySystem.getAuthorizationManager('default')

43. @jeanneboyarsky Eclipse (or IntelliJ) 43

44. @jeanneboyarsky LIVE DEMO 44

45. @jeanneboyarsky What we will cover Code Examples Walkthrough •  Nexus

    object model •  Jenkins object model •  Jenkins pipeline Demo – Nexus and Jenkins 45

46. @jeanneboyarsky 46