Enabling artifact traceability with fingerprinting

1 minute read

Traceability is important for DevOps teams who need to be able to trace code from commit to deployment. It enables impact analysis by showing relationships between artifacts and allows for visibility into the full lifecycle of an artifact, from its code repository to where the artifact is eventually deployed in production.

Jenkins and the Pipeline feature support tracking versions of artifacts using file fingerprinting, which allows users to trace which downstream builds are using any given artifact. To fingerprint with Pipeline, simply add a "fingerprint: true" argument to any artifact archiving step. For example:

step([$class: 'ArtifactArchiver', artifacts: '**/target/*.war’, fingerprint: true])

will archive any WAR artifacts created in the Pipeline and fingerprint them for traceability. This trace log of this artifact and a list of all fingerprinted artifacts in a build will then be available in the left-hand menu of Jenkins:

Figure 1. List of fingerprinted files

To find where an artifact is used and deployed to, simply follow the "more details" link through the artifact’s name and view the entires for the artifact in its "Usage" list.

Figure 2. Fingerprint of a WAR

For more information, visit the Jenkins community’s wiki on how fingerprints work and their usage.