Hosting request for My-API-Plugin

[aprasanth3192]

Repository URL

https://github.com/Yakshna-Corporation/testwheel-trigger

New Repository Name

my-api-plugin

Description

TestWheel- Jenkins Plugin. You use this plugin to trigger test automation through Jenkins CI.

GitHub users to have commit permission

@baskerGanesan
@prakashkp88
@aprasanth3192

Jenkins project users to have release permission

baskerGanesan
prakashkp88
prasantha

Issue tracker

GitHub issues

[jenkins-cert-app]

Security audit, information and commands

The security team is auditing all the hosting requests, to ensure a better security by default.

This message informs you that a Jenkins Security Scan was triggered on your repository.
It takes ~10 minutes to complete.

Commands

The bot will parse all comments, and it will check if any line start with a command.

Security team only:

• /audit-ok => the audit is complete, the hosting can continue 🎉.
• /audit-skip => the audit is not necessary, the hosting can continue 🎉.
• /audit-findings => the audit reveals some issues that require corrections ✏️.

Anyone:

• /request-security-scan => the findings from the Jenkins Security Scan were corrected, this command will re-scan your repository 🔍.
• /audit-review => the findings from the audit were corrected, this command will ping the security team to review the findings 👀. It's only applicable when the previous audit required changes.

Only one command can be requested per comment.

(automatically generated message, version: 1.29.18)

[github-actions]

Hello from your friendly Jenkins Hosting Checker

It appears you have some issues with your hosting request. Please see the list below and correct all issues marked Required. Your hosting request will not be approved until these issues are corrected. Issues marked with Warning or Info are just recommendations and will not stall the hosting process.

• ⛔ Required: You must specify an <scm> block in your pom.xml. See https://maven.apache.org/pom.html#SCM for more information.
• ⛔ Required: The following usernames in 'Jenkins project users to have release permission' need to log into Jira: baskerGanesan, prakashkp88 (reports are re-synced hourly, wait to re-check for a bit after logging in)
• ⛔ Required: The following usernames in 'Jenkins project users to have release permission' need to log into Artifactory: baskerGanesan, prakashkp88, prasantha (reports are re-synced hourly, wait to re-check for a bit after logging in)
• ⛔ Required: The dependency org.json:json should be replaced with a dependency to the api plugin io.jenkins.plugins:json-api
• ⛔ Required: The dependency org.apache.httpcomponents.client5:httpclient5 should be replaced with a dependency to the api plugin io.jenkins.plugins:apache-httpcomponents-client-5-api
• ⛔ Required: The 'artifactId' from the pom.xml (api-plugin) is incorrect, it should be my-api ('New Repository Name' field with "-plugin" removed)
• ⛔ Required: Please specify a license in your pom.xml file using the <licenses> tag. See https://maven.apache.org/pom.html#Licenses for more information.

You can re-trigger a check by editing your hosting request or by commenting /hosting re-check

[jenkins-cert-app]

The Jenkins Security Scan did not find anything dangerous with your plugin, congratulations! 🎉

---

💡 The Security team recommends that you are setting up the scan in your repository by following our guide.

[mawinter69]

• Please give you plugin a meaningful name instead of my-api or just api e.g. testwheel-trigger
  So the repo name should be testwheel-trigger-plugin and the artifactid should then be testwheel-trigger
• https://github.com/Yakshna-Corporation/testwheel-trigger/blob/a36232abb70c80ed7f1de25f71b8d1eaca48e408/src/main/java/org/yakshna/testwheel/apiplugin/APICallBuilder.java#L126, use e.g. testwheelTrigger for the Symbol, this is what you will use in a pipeline job and apiCallBuilder doesn't give any hint what the step is doing
• https://github.com/Yakshna-Corporation/testwheel-trigger/blob/a36232abb70c80ed7f1de25f71b8d1eaca48e408/src/main/java/org/yakshna/testwheel/apiplugin/APICallBuilder.java#L131 use TestWheel Trigger in the displayname so people know in the build step dropdown in a freestyle job what the step is doing
• https://github.com/Yakshna-Corporation/testwheel-trigger/blob/a36232abb70c80ed7f1de25f71b8d1eaca48e408/src/main/java/org/yakshna/testwheel/apiplugin/APICallBuilder.java#L74 this code will not work when the job runs on an agent. You will need to use https://javadoc.jenkins.io/hudson/FilePath.html -> write()
• https://github.com/Yakshna-Corporation/testwheel-trigger/blob/a36232abb70c80ed7f1de25f71b8d1eaca48e408/src/main/resources/index.jelly#L3 please fill in a meaningful description here what the plugin is doing. This is shown in the plugin manager to users
• https://github.com/Yakshna-Corporation/testwheel-trigger/blob/a36232abb70c80ed7f1de25f71b8d1eaca48e408/pom.xml#L15 use a better name that includes TestWheel
• remove https://github.com/Yakshna-Corporation/testwheel-trigger/blob/a36232abb70c80ed7f1de25f71b8d1eaca48e408/pom.xml#L19-L24, the plugin should be built with jdk11 for now
• https://github.com/Yakshna-Corporation/testwheel-trigger/blob/a36232abb70c80ed7f1de25f71b8d1eaca48e408/pom.xml#L18 stick to the jenkins version that you have specified in the bom at line 30
• https://github.com/Yakshna-Corporation/testwheel-trigger/blob/a36232abb70c80ed7f1de25f71b8d1eaca48e408/pom.xml#L38 the dependency is not required you get it implicitly
• https://github.com/Yakshna-Corporation/testwheel-trigger/blob/a36232abb70c80ed7f1de25f71b8d1eaca48e408/pom.xml#L44 the dependency to structs is not required
• https://github.com/Yakshna-Corporation/testwheel-trigger/blob/a36232abb70c80ed7f1de25f71b8d1eaca48e408/pom.xml#L73 the dependency to common-io is not required
• The code is limited to freestyle jobs because of https://github.com/Yakshna-Corporation/testwheel-trigger/blob/a36232abb70c80ed7f1de25f71b8d1eaca48e408/src/main/java/org/yakshna/testwheel/apiplugin/APICallBuilder.java#L131, there is no reason for this limitation