Usage

To install the plug-in, perform the following steps:

1. 1. In HCL DevOps Velocity, click Settings > Integrations > Available.
2. 2. In the Action column for the Twistlock plug-in, click Install.

Integrating the plug-in by using user interface

To integrate the plug-in using the user interface, perform the following steps:

1. 1. In HCL DevOps Velocity, click Settings > Integrations > Installed.
2. 2. In the Action column for the Twistlock plug-in, click Add Integration.
3. 3. On the Add Integration dialog, enter the values for the fields to configure the integration and define communication.
4. 4. Click Add.

Integration type

The Twistlock plug-in is a parser type plug-in. It parses data from Twistlock JSON files.

Invoking the plug-in

To gather data from the Twistlock server, send an HTTP Post request with the data to parse. Whenever there is a hit to the endpoint, the data is parsed and displayed as metrics in HCL DevOps Velocity. You can use various methods such as Postman, REST calls, CURL, and CI/CD tools like Jenkins to invoke the plug-in endpoints.

Invoke using the Jenkins plug-in

Install the HCLDevOpsVelocity plugin into your Jenkins server. In your freestyle job or pipeline use the UCV-Upload Metrics File to DevOps Velocity step and provide the required fields. This step allows your build job to upload generated coverage results files to HCL DevOps Velocity.

pipeline {
   agent any
   stages {
      stage('twistlockMetrics') {
         steps {
            step([$class: 'UploadMetricsFile',  appName: 'My Twistlock Test', dataFormat: 'twistlockJSON', filePath: '<location of the twistlock report>', name: 'my-twistlock-test', pluginType: 'twistlock', tenantId: '<tenant Id>', testSetName: 'twistlock', metricsRecordUrl: "${env.BUILD_URL}"])
         }
      }
   }
}

Invoke using a Rest call

When using a REST call to invoke the Twistlock plugin, it must be a POST method and include the location of the HCL DevOps Velocity quality data endpoint.

The following request sample shows a REST call that you can copy and update as necessary. Key points about the snippet:

• The URL points to the HCL DevOps Velocity quality data endpoint. Update with the server location for your installation of HCL DevOps Velocity.
• The BODY of the call is a multipart/form data. It includes information about the payload.

METHOD: POST 
URL: https://<url_devopsvelocity_server>/reporting-consumer/metrics
BODY (multipart/form-data):
 {
  payload: <json_object_string> // See below for schema format
 testArtifact: <twistlock_json_file>
 }

Invoking using Curl

curl --request POST \
  --url https:///reporting-consumer/metrics \
  --form 'payload={
    "tenant_id": "5ade13625558f2c6688d15ce",
    "application": {
    "name": "My Application"
  },
  "record": {
    "pluginType": "twistlock",
    "dataFormat": "twistlockJSON"
  }
}
' \
  --form testArtifact=@test-result/twistlock.json

Payload schema

The following shows the schema for the payload. Replace the angle brackets with your values for the parameters.

{
  "tenant_id": "<tenant_id>",    // required Tenant ID
  "metricName": "<metric_name>", // optional: name for recurring test set
  "application": {
    "name": "<application_name>"  //Name of application
  },
  "record": {
    "recordName": "<record_name>", // optional: Name for this record
    "executionDate": 1547983466015, // optional: UNIX Epoch
    "pluginType": "twistlock",
    "dataFormat": "twistlockJSON",
    "metricsRecordUrl": "<Jenkins_build_url>" // optional: To link the Jenkins build with test results
  },
  "build": {  // Optional: One of the following fields must be included 
    "buildId": "<build_id>",
    "jobExternalId": "<external_job_id>",
    "url": "<build_url>",
  },
  "commitId": "<commit_id>",  // optional
  "pullRequestId": "<pullrequest_id>", // optional
  "environment": "<environment_name>" // optional
}