Hi Venu
since you already produced identityiq.war with SSB, the next step is simply to put the SSB project in GitHub and let Jenkins repeat the same build + deploy steps automatically.
Manish already pointed you to “SSB in Git + pipeline + video.” Below is the step-by-step that works on a single laptop and scales later to DEV/TEST/PROD without redesign.
1) What goes in GitHub (source of truth)
Commit the SSB project + your deployable inputs, not the running server state:
-
ssb/ (or your SSB build folder)
-
config/ exported IIQ XML artifacts (Rules / Workflows / Bundles / Email templates / etc.)
-
src/ any custom Java code (if you have it)
-
web/ any UI customizations (if you have it)
Do NOT commit secrets (DB creds, AD bind creds, API keys). Store them in Jenkins Credentials and inject them at build/deploy time.
Important (not mentioned in the thread): export objects using IIQ console export -clean so your XML diffs stay stable across environments (removes id/created/modified/lastRefresh noise). This is a huge quality-of-life improvement for Git and code reviews.
2) Decide when you really need a WAR vs just importing XML
On a laptop, the safest pattern is:
-
Most changes (rules/workflows/bundles/config): deploy by importing XML.
-
Only build/deploy WAR when you changed UI files, Java code, plugins, or you’re upgrading IIQ/efix.
This matches how experienced teams reduce downtime and risk.
3) Jenkins pipeline (local laptop version)
Stage A — Checkout
- Jenkins pulls your repo on every push (or manual “Build Now” while learning).
Stage B — Build (SSB)
Stage C — Deploy (Tomcat)
Stage D — Import config (XML)
- Use IIQ console
import to load only the artifacts you changed (or a packaged file).
Stage E — Smoke test
- Confirm login page loads + a trivial function works (e.g., list identities / search a known object).
If your pipeline imports Application objects, you can accidentally overwrite runtime state stored in the Application (example: delta aggregation state; and sometimes tokens or connector-specific cached values).
Some teams explicitly save/restore delta state and tokens during deployment to avoid breaking delta aggregations after importing application XML.
Even on a single laptop, adopting this mindset early prevents painful surprises later.
5) Minimal Jenkinsfile outline (placeholders)
pipeline {
agent any
stages {
stage('Checkout') {
steps { checkout scm }
}
stage('Build (SSB)') {
steps {
sh '<YOUR_SSB_BUILD_COMMAND>'
archiveArtifacts artifacts: '**/identityiq.war', fingerprint: true
}
}
stage('Deploy WAR') {
steps {
sh '<STOP_TOMCAT>'
sh '<BACKUP_CURRENT_WAR>'
sh '<COPY_NEW_WAR_TO_TOMCAT_WEBAPPS>'
sh '<START_TOMCAT>'
sh '<WAIT_FOR_HTTP_200>'
}
}
stage('Import XML artifacts') {
steps {
sh '<IIQ_CONSOLE_IMPORT_COMMANDS>'
}
}
stage('Smoke test') {
steps {
sh '<HEALTHCHECK_COMMANDS>'
}
}
}
}
Reference you may need to check and helpfull to you
-
SailPoint video referenced in related CI/CD discussion:
-
Community example CI/CD architecture (Jenkins + Ansible + “save/restore delta state” during imports):
-
IIQ Console commands (official) — export -clean syntax + examples:
-
SailPoint guidance on keeping XML artifacts Git-friendly (recommends ./iiq export -clean):
