Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Create a new tool with Tool Type: Salesforce Code Analyzer.

  2. Navigate to the Validation Rules tab to add a new scan rule.

  3. Click + New SFDX Scan Rule and complete the form:

    Name - Provide a unique name for the Scan Rule
    Category - Select a Category. Choose from the following: Security, Best Practices, Performances, Code Style, Design, Documentation, Error Prone, ECMAScript6, Possible Errors, Variables, or Stylistic Issues.
    Threshold - Provide a number for threshold to be used against the Category selected. During the scan, if the number of vulnerabilities is higher than the threshold, the pipeline step will fail.
    Quality Gates -

    Image Removed

    Select a Rule and Threshold/Count. If there are more vulnerabilities than the Threshold in the particular Rule, the Quality Gate will fail.

    Image Added


  4. Click Create to save the form.

...

  1. Create a new pipeline step and select Tool Type: Salesforce Code Analyzer. Save the step and then click the gear icon to configure it.

    Image RemovedImage Added
  2. In Step Configuration, make the following selections to configure the step:

    Step Tool - Select the configured Jenkins tool containing the Salesforce Code Analyzer job.
    Job - Select the Salesforce Code Analyzer job.
    Build/Package Step - Choose the pipeline step you wish to scan.
    Select Salesforce Scan Tool - Select the configured Salesforce Code Analyzer job.
    Quality Gates -

    Image Removed
  3. asdf

...

  1. Image Added

    Once the pipeline is configured properly, it can be triggered.

Pipeline Logs

  1. To view the results from the scan, view the Pipeline Activity Logs.

  2. Locate the column containing the Sfdx Code Scan Report and click it.

    Image Added
  3. View Summary and Execution details to analyze Quality Gates.

    Image Added

...