Skip to content

COMING SOON! This plugin scans your mobile app using Google Checks to uncover compliance issues and data collection/sharing behaviors.

License

Notifications You must be signed in to change notification settings

google-checks/checks-jenkins-plugin

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Google Checks plugin for Jenkins

Introduction

This Jenkins plugin scans your mobile app using Google Checks to uncover compliance issues and data collection/sharing behaviors.

Checks is a compliance platform from Google for mobile app developers that simplifies the path to privacy for development teams and the apps they’re building. Learn more at checks.google.com.

Requirements

Getting started

Read our developer document at https://developers.google.com/checks/guide/ci-cd/jenkins.

Variables

Name Type Default Description
accountId string Google Checks account ID from Checks settings page
appId string Google Checks application ID
binaryPath string Path to the application binary file: .apk, .aab or .ipa
credentialsId string Store the contents of your service account JSON file as a secret text credential in Jenkins. For instructions on generating a service account, refer to the Authenticate Google Checks with a service account documentation. To learn how to add a new secret in Jenkins, refer to the Jenkins Credentials documentation.
generateReport boolean true If false, the step won't upload and run the report for binaryPath. It is useful to test your authentication and other paramaters.
waitForReport boolean true If false, the step won't wait for the report completion and the pipeline will keep going.
severityThreshold string Valid values are: PRIORITY POTENTIAL OPPORTUNITY
failOn string if ALL then step will fail if there are any failed checks following severityThreshold condition. It won't fail by default.
pipeline {
    agent any

    stages {
        stage('Upload to checks') {
            steps {
                uploadToChecks(
                    accountId: '<your Google Checks account ID>',
                    appId: '<your Google Checks app ID>',
                    binaryPath: '<path to .apk/.aab/.ipa>',
                    credentialsId: '<credentials ID from Jenkins Credentials>',
                )
            }
        }
    }
}

Run pipeline locally

We'll be assuming that you have some knowledge of Jenkins and Checks.

  1. Clone this repository
  2. Run mvn hpi:run
  3. Go to http://localhost:8080/jenkins
  4. Update the installed plugins.
  5. Install Pipeline plugin. It isn't added as a dependency of the plugin because it isn't recommended.
  6. Add your service account content into a Jenkins credentials under Global domain
  7. Create and run a pipeline (see README to find an example, and we suggest to use: generateReport: false at the beginning to make sure the authentication and other parameters are valid.)
  8. if you want to upload an APK file, you can place an APK file at the root of this repository, and it'll be accessible with binaryPath: './my-app.apk'

Run tests

run mvn test or when using Intellij IDEA you can open test files and run individual classes and/or tests.

Architecture

The plugin focuses on running as a step within a pipeline. Here are a quick explanation of the files:

Classes that interact with Jenkins:

Classes that interact with Google Checks:

About

COMING SOON! This plugin scans your mobile app using Google Checks to uncover compliance issues and data collection/sharing behaviors.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages