Skip to content

Developer Guide

CI/CD, tooling, and integration reference for CWIQ platform developers.

This guide covers everything you need to integrate your code with CWIQ's CI/CD pipelines, security scanning, testing infrastructure, and artifact management.

Tool URL Purpose
GitLab gitlab.shared.cwiq.io Source code, CI/CD pipelines
Vault vault.shared.cwiq.io Secrets management
Nexus nexus.shared.cwiq.io Docker, RPM, PyPI, npm artifacts
SonarQube sonarqube.shared.cwiq.io Code quality & SAST analysis
DefectDojo defectdojo.shared.cwiq.io Vulnerability tracking
ReportPortal reportportal.shared.cwiq.io E2E test reporting

What's in This Guide

Section What You'll Learn
GitLab Organization Group hierarchy, project IDs, CI/CD variables, runner architecture
CI/CD Pipeline stages, templates, branch rules, Kaniko builds, deploy patterns
SonarQube Code quality scanning, sonar-project.properties, quality gates
Security Scanning Trivy (secrets + CVE), DefectDojo import, Semgrep SAST
E2E Testing Playwright setup, Page Object Model, ReportPortal integration
Vault Integration JWT auth in CI/CD, Vault Agent sidecar, AppRole, secret paths
Nexus Artifact Repository Docker registry, PyPI/npm, RPM, service accounts
Developer AWS Access AWS accounts, CLI profiles, Terraform operations