How To Set Up CICD On Bitbucket Pipelines With Salesforce DX And Delta Deployment

Learn how to setup set up CICD delta deployment with Salesforce DX. Tips and tricks for authorisation , setting up node and the basic git commands.

I’m revamping our CICD process with Salesforce DX and Bitbucket Pipeline with the following initial setup which will only a delta deployment

Authentication method – authorize an org and grab the sfdxurl to be stored as repository variable in Bitbucket

sfdx force:auth:web:login 
sfdx force:org:display --verbose

There would be two token types

force://<refreshToken>@<instanceUrl> 
or 
force://<clientId>:<clientSecret>:<refreshToken>@<instanceUrl>

Copy the SFDX Auth URL which will be the second type. Create a repository variable AUTH_URL in Bitbucket and store the copied value.

Echo the AUTH_URL to a file then authenticate with with sfdxurl:store

echo $AUTH_URL >> /tmp/sfdx_auth.txt
sfdx force:auth:sfdxurl:store -f /tmp/sfdx_auth.txt -s -a dxpipeline

Grab the latest sfdx tool and install.

wget https://developer.salesforce.com/media/salesforce-cli/sfdx-linux-amd64.tar.xz 
mkdir sfdx-cli 
tar xJf sfdx-linux-amd64.tar.xz -C sfdx-cli --strip-components 1 
./sfdx-cli/install

Next, to compare delta files – there is node tool available in github that does delta comparison between hash commit or branch. Install the sfdx-git-delta app

npm install sfdx-git-delta@latest -g

Finally I incorporated these to my git workflow

On a Pull Request – I want to run a delta comparison and do an empty check only that my delta files changes are deployable and does break any unit tests.

First checkout a temporary branch from the feature branch

git checkout -b some-pr-branch

Next, run the tool to create a delta comparison from that branch to the target branch.

sgd --to some-pr-branch --from origin/staging --repo . --output .

The tool should create a package.xml/destructiveChange.xml file based on the diff on their respective directory.

Next convert the source format to mdapi so we can run a transactional deploy.

sfdx force:source:convert --manifest=package/package.xml --outputdir=convert

After conversion, do an empty check deploy and run the unit test

sfdx force:mdapi:deploy --deploydir=convert -c -l RunLocalTests -w 30

Below is the complete Pull Request script.

image: atlassian/default-image:2

pipelines:
  pull-requests:
    'feature/*': # Pull request from feature branch to Staging
      - step:
          name: "Staging Pull Request Validate Package"
          script:
            - echo "QA Pull Request Validation"
            - wget https://developer.salesforce.com/media/salesforce-cli/sfdx-linux-amd64.tar.xz
            - mkdir sfdx-cli
            - tar xJf sfdx-linux-amd64.tar.xz -C sfdx-cli --strip-components 1
            - ./sfdx-cli/install
            - echo $AUTH_URL >> /tmp/sfdx_auth.txt
            - sfdx force:auth:sfdxurl:store -f /tmp/sfdx_auth.txt -s -a dxpipeline
            - npm install sfdx-git-delta@latest -g
            - git checkout -b some-pr-branch          
            - git --no-pager diff --name-status some-pr-branch  origin/staging
            - sgd --to some-pr-branch  --from origin/staging --repo . --output .
            - echo "--- package.xml generated with added and modified metadata ---"
            - cat package/package.xml
            - sfdx force:source:convert --manifest=package/package.xml --outputdir=convert 
            - echo "---- Validating delta package  ----"
            - sfdx force:mdapi:deploy --deploydir=convert -c -l RunLocalTests -w 30

On Push to the branch – I ran similar steps with the only exception that I compare the current branch to the staging branch and not do an empty check or run the test classes as I already ran them.

Below is the complete Push script.

image: atlassian/default-image:2

pipelines:
  pushs:
    staging: 
      - step:
          name: "Deploy to Staging"
          script:
            - echo "Deploy to Staging"
            - wget https://developer.salesforce.com/media/salesforce-cli/sfdx-linux-amd64.tar.xz
            - mkdir sfdx-cli
            - tar xJf sfdx-linux-amd64.tar.xz -C sfdx-cli --strip-components 1
            - ./sfdx-cli/install
            - echo $AUTH_URL >> /tmp/sfdx_auth.txt
            - sfdx force:auth:sfdxurl:store -f /tmp/sfdx_auth.txt -s -a dxpipeline
            - npm install sfdx-git-delta@latest -g
            - git checkout -b dev          
            - git --no-pager diff --name-status some-pr-branch  origin/staging
            - sgd --to dev  --from origin/staging --repo . --output .
            - echo "--- package.xml generated with added and modified metadata ---"
            - cat package/package.xml
            - sfdx force:source:convert --manifest=package/package.xml --outputdir=convert 
            - echo "---- Validating delta package  ----"
            - sfdx force:mdapi:deploy --deploydir=convert -w 30

Hope you find this useful. Hit me up on the comments below for any questions.

How To Replace Salesforce Metadata Before Deploying using Ant Scripts

My particular use case is for Salesforce ant deployment. I wanted to replace some metadata before I deploy to the target org which will allow me to automate the process. I can fetch metadata from my sandbox org and when it gets deployed to the target org like production the values will be updated.

You should have the latest ant-salesforce.jar as a requirement. You can grab the latest ant migration tool from here – https://help.salesforce.com/articleView?id=code_tools_ant_using.htm&type=5

My sample script entails having a conditional check before doing the replace a logic with Custom Labels. This is how my build XML looks.

Additional library you would need to perform the conditional check is ant-contrib.jar file. You can grab the latest library from here – http://ant-contrib.sourceforge.net/

If you try to run the script without the library you might end with the error below.

Fix Ant Build Error: Problem: failed to create task or type if

On the build.xml simply add the reference to the library.

If everything is in place, like the properties file has the right credentials, running the following command should deploy your code and replace the values as per your ant script.

ant -Denvironment=prod -buildfile build.xml deployMetadata

Source code available here – https://github.com/olopsman/salesforce-ant

How to Fix Salesforce Deployment Errors: InfoNot a valid enumeration for type

If your deployment strategy still evolves around ant deployment and not the new Salesforce CLI and you encounter this error on your deployment.

Failed to check the status for request ID=0Af0r00000ClbNgCAJ. Error: InfoNot a valid enumeration for type: class com.sforce.soap.metadata.DeployProblemType. Retrying…

While digging around, I found out this is a tool issue. Chances are your ant-salesforce jar library is outdated, you need to grab the latest salesforce-ant version from here

https://developer.salesforce.com/docs/atlas.en-us.daas.meta/daas/forcemigrationtool_install.htm

Update the library on your ant build path. Check your build.xml for the classPath if you are unsure of the path.

<taskdef resource="com/salesforce/antlib.xml" uri="antlib:com.salesforce">
        <classpath>
            <pathelement location="${basedir}/ant-salesforce.jar" />
        </classpath>
</taskdef>

How to Fix Salesforce Deployment Errors: Platform Encryption cannot be enabled for standard fields when Portals are enabled.

Go to Salesforce Classic UI and search under Setup for “Customer Portal” and Disable Login Enabled. You should move your portal to Communities where Platform Encryption is supported.

How to Fix Salesforce Deployment Errors: You may not modify the permission Connect Org to Customer 360 Data Manager while editing a Standard Profile

If you try to deploy the Admin profile and might get this error if you have Dev Hub enabled on your org. You need to edit the Admin profile and remove the following lines

<userPermissions>
   <enabled>true</enabled>
   <name>ManageHubConnections</name>
</userPermissions>

How to Fix Salesforce Deployment Errors: source:push “You may not modify the permission Access Tracer for External Data Sources while editing a Standard Profile”

There are some permissions that are not applicable to a scratch org and this is one of those weird ones. Pushing the standard Admin profile to my scratch org I encountered this error.

You may not modify the permission Access Tracer for External Data Sources while editing a Standard Profile.

To fix this you need to edit and remove this specific profile permission. So far I cannot find any documentation about this TraceXdsQueries permission and what it actually does.

    <userPermissions>
        <enabled>true</enabled>
        <name>TraceXdsQueries</name>
    </userPermissions>