From 68c92563393116dd9de2a8e4d2a91b54242a3e80 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Gr=C3=A9goire=20Aubert?= <gregoire.aubert@sonarsource.com>
Date: Mon, 28 Oct 2024 16:54:26 +0100
Subject: [PATCH] Patch

---
 .cirrus/cirrus-env                      |  6 +-
 .cirrus/cirrus-promote-webapp-assets.sh | 28 ++++++++
 .cirrus/cirrus-publish-webui.sh         | 85 +++++++++++++++++++++++++
 .cirrus/webapp-assets-build.json        | 19 ++++++
 build.gradle                            | 33 ++++++++++
 gradle.properties                       |  1 +
 server/sonar-web/build.gradle           | 16 -----
 server/sonar-web/package.json           | 23 ++++---
 server/sonar-web/public/images/logo.svg |  5 --
 sonar-application/build.gradle          | 14 +---
 10 files changed, 183 insertions(+), 47 deletions(-)
 create mode 100755 .cirrus/cirrus-promote-webapp-assets.sh
 create mode 100644 .cirrus/cirrus-publish-webui.sh
 create mode 100644 .cirrus/webapp-assets-build.json
 delete mode 100644 server/sonar-web/public/images/logo.svg

diff --git a/.cirrus/cirrus-env b/.cirrus/cirrus-env
index 84df2e8aee3..92988c20d30 100644
--- a/.cirrus/cirrus-env
+++ b/.cirrus/cirrus-env
@@ -1,11 +1,11 @@
 #!/bin/bash
 set -uo pipefail
 
+export BUILD_NUMBER=${CI_BUILD_NUMBER?}
 export GIT_SHA1=${CIRRUS_CHANGE_IN_REPO?}
 export GITHUB_BASE_BRANCH=${CIRRUS_BASE_BRANCH:-}
 export GITHUB_BRANCH=${CIRRUS_BRANCH?}
 export GITHUB_REPO=${CIRRUS_REPO_FULL_NAME?}
-export BUILD_NUMBER=${CI_BUILD_NUMBER?}
-export PULL_REQUEST=${CIRRUS_PR:-false}
-export PULL_REQUEST_SHA=${CIRRUS_BASE_SHA:-}
 export PIPELINE_ID=${CIRRUS_BUILD_ID?}
+export PULL_REQUEST_SHA=${CIRRUS_BASE_SHA:-}
+export PULL_REQUEST=${CIRRUS_PR:-false}
diff --git a/.cirrus/cirrus-promote-webapp-assets.sh b/.cirrus/cirrus-promote-webapp-assets.sh
new file mode 100755
index 00000000000..76fc122a759
--- /dev/null
+++ b/.cirrus/cirrus-promote-webapp-assets.sh
@@ -0,0 +1,28 @@
+#!/bin/bash
+
+if [ "$PULL_REQUEST" != "" ]; then
+  PRIVATE_TARGET_REPO='sonarsource-private-dev'
+  PUBLIC_TARGET_REPO='sonarsource-public-dev'
+  STATUS='it-passed-pr'
+# CirrusCI build on master branch
+elif [[ "$CIRRUS_CI" == "true" ]] && [[ ("$GITHUB_BRANCH" == "master" || "$GITHUB_BRANCH" == "branch-"*) ]]; then
+  PRIVATE_TARGET_REPO='sonarsource-private-builds'
+  PUBLIC_TARGET_REPO='sonarsource-public-builds'
+  STATUS='it-passed'
+fi
+
+if [ -n "${STATUS:-}" ]; then
+  echo "Promoting build sonarqube-webapp-assets#$BUILD_NUMBER"
+  OP_DATE=$(date +%Y%m%d%H%M%S)
+  # TODO Need to add promotion for public repo see cirrus-promote.sh
+  DATA_JSON="{ \"status\": \"$STATUS\", \"properties\": { \"release\" : [ \"$OP_DATE\" ]}, \"targetRepo\": \"$PRIVATE_TARGET_REPO\", \"copy\": false }"
+  HTTP_CODE=$(curl -s -o /dev/null -w %{http_code} -H "Content-Type: application/json" -H "Authorization: Bearer ${ARTIFACTORY_PROMOTE_ACCESS_TOKEN}" -X POST "$ARTIFACTORY_URL/api/build/promote/sonarqube-webapp-assets/$BUILD_NUMBER" --data "$DATA_JSON")
+  if [ "$HTTP_CODE" != "200" ]; then
+    echo "Cannot promote build sonarqube-webapp-assets#$BUILD_NUMBER: HTTP return code $HTTP_CODE"
+    exit 1
+  else
+    echo "Build sonarqube-webapp-assets#${BUILD_NUMBER} promoted to ${PRIVATE_TARGET_REPO}"
+  fi
+else
+  echo 'No promotion for builds coming from a development branch'
+fi
diff --git a/.cirrus/cirrus-publish-webui.sh b/.cirrus/cirrus-publish-webui.sh
new file mode 100644
index 00000000000..c3b0826b610
--- /dev/null
+++ b/.cirrus/cirrus-publish-webui.sh
@@ -0,0 +1,85 @@
+#!/bin/bash
+
+function getProjectVersion() {
+  local projectVersion
+  # We will need to get it from package.json once in the new repo, something like: $(jq -r .version "package.json")
+  projectVersion=$(grep "version=" gradle.properties | cut -d= -f2)
+  [[ "${projectVersion//[^\.]}" == "." ]] && projectVersion="${projectVersion}.0"
+  echo "$projectVersion"
+}
+
+VERSION="$(getProjectVersion)"
+ARTIFACT_NAME="webapp-assets"
+BUILD_NAME="sonarqube-$ARTIFACT_NAME"
+UPLOADED_ZIP_NAME="$ARTIFACT_NAME-$VERSION.$BUILD_NUMBER.zip"
+ARTIFACT_FILE_PATH="server/sonar-web/build/$ARTIFACT_NAME.zip"
+
+PUBLISH_COMMON_PARAMS="build.number=$BUILD_NUMBER"
+PUBLISH_COMMON_PARAMS="$PUBLISH_COMMON_PARAMS;vcs.revision=$GIT_SHA1"
+PUBLISH_COMMON_PARAMS="$PUBLISH_COMMON_PARAMS;vcs.branch=$GITHUB_BRANCH"
+PUBLISH_COMMON_PARAMS="$PUBLISH_COMMON_PARAMS;pr.number=$PULL_REQUEST"
+PUBLISH_COMMON_PARAMS="$PUBLISH_COMMON_PARAMS;pr.branch.target=$GITHUB_BASE_BRANCH"
+
+publish_to_artifactory()
+{
+  PUBLISH_URL=$1
+  LOCAL_FILE=$2
+  BUILD_NAME=$3
+  ARTIFACTORY_DEPLOY_REPO=$4
+
+  PARAMS="$PUBLISH_COMMON_PARAMS;build.name=$BUILD_NAME"
+  API_CALL="$PUBLISH_URL;$PARAMS"
+
+  echo "Publishing $LOCAL_FILE to ${ARTIFACTORY_DEPLOY_REPO}"
+  echo "Publish params: $PARAMS"
+
+  #Upload build artifact
+  HTTP_CODE=$(curl -H "Authorization: Bearer $ARTIFACTORY_DEPLOY_PASSWORD" -s -o /dev/null -w %{http_code} -XPUT $API_CALL -T $LOCAL_FILE)
+  if [ "$HTTP_CODE" != "201" ]; then
+      echo "Cannot upload $LOCAL_FILE to $ARTIFACTORY_DEPLOY_REPO: HTTP return code $HTTP_CODE"
+      exit 1
+  else
+      echo "$LOCAL_FILE uploaded to ${ARTIFACTORY_DEPLOY_REPO}"
+  fi
+}
+
+create_build_in_artifactory()
+{
+  ZIP_API_CALL=$1
+  PATH_TO_BUILD_JSON=$2
+  ARTIFACTORY_DEPLOY_REPO=$3
+
+  #Get MD5 and SHA1 values
+  RESPONSE=$(curl -H "Authorization: Bearer $ARTIFACTORY_DEPLOY_PASSWORD" -s -XGET $ZIP_API_CALL)
+  ZIP_MD5=$(echo $RESPONSE | jq .checksums.md5)
+  ZIP_SHA1=$(echo $RESPONSE | jq .checksums.sha1)
+  TIME_CREATED=$(echo $RESPONSE | jq .created)
+
+  #Replace the values in template file
+  sed -i -e "s/VERSION/$VERSION/g" $PATH_TO_BUILD_JSON
+  sed -i -e "s/BUILD_NUMBER/$BUILD_NUMBER/g" $PATH_TO_BUILD_JSON
+  sed -i -e "s/ZIP_SHA1/$ZIP_SHA1/g" $PATH_TO_BUILD_JSON
+  sed -i -e "s/ZIP_MD5/$ZIP_MD5/g" $PATH_TO_BUILD_JSON
+  sed -i -e "s/TIME_CREATED/$TIME_CREATED/g" $PATH_TO_BUILD_JSON
+  sed -i -e "s/ARTIFACTORY_DEPLOY_REPO/$ARTIFACTORY_DEPLOY_REPO/g" $PATH_TO_BUILD_JSON
+
+  echo "Creating build for $UPLOADED_ZIP_NAME in ${ARTIFACTORY_DEPLOY_REPO}"
+
+  #Create a build in artifactory
+  API_CALL="$ARTIFACTORY_URL/api/build"
+  HTTP_CODE=$(curl -H "Content-Type: application/json" -H "Authorization: Bearer $ARTIFACTORY_DEPLOY_PASSWORD" -s -o /dev/null -w %{http_code} -XPUT $API_CALL --upload-file $PATH_TO_BUILD_JSON)
+  if [ "$HTTP_CODE" != "204" ]; then
+      echo "Cannot create build for $UPLOADED_ZIP_NAME in $ARTIFACTORY_DEPLOY_REPO: HTTP return code $HTTP_CODE"
+      exit 1
+  else
+      echo "build for $UPLOADED_ZIP_NAME created in $ARTIFACTORY_DEPLOY_REPO"
+  fi
+}
+
+PUT_URL="$ARTIFACTORY_URL/$ARTIFACTORY_DEPLOY_REPO_PRIVATE/com/sonarsource/sonarqube/$ARTIFACT_NAME/$VERSION.$BUILD_NUMBER/$UPLOADED_ZIP_NAME"
+publish_to_artifactory "$PUT_URL" "$ARTIFACT_FILE_PATH" "$BUILD_NAME" "$ARTIFACTORY_DEPLOY_REPO_PRIVATE"
+
+ZIP_GET_URL="$ARTIFACTORY_URL/api/storage/$ARTIFACTORY_DEPLOY_REPO_PRIVATE/com/sonarsource/sonarqube/$ARTIFACT_NAME/$VERSION.$BUILD_NUMBER/$UPLOADED_ZIP_NAME"
+BUILD_JSON=.cirrus/$ARTIFACT_NAME-build.json
+
+create_build_in_artifactory "$ZIP_GET_URL" "$BUILD_JSON" "$ARTIFACTORY_DEPLOY_REPO_PRIVATE"
diff --git a/.cirrus/webapp-assets-build.json b/.cirrus/webapp-assets-build.json
new file mode 100644
index 00000000000..884a1962e68
--- /dev/null
+++ b/.cirrus/webapp-assets-build.json
@@ -0,0 +1,19 @@
+{
+  "version": "1.0.1",
+  "number" : "BUILD_NUMBER",
+  "name" : "sonarqube-webapp-assets",
+  "started" : TIME_CREATED,
+  "modules": [{
+    "id": "com.sonarsource.sonarqube:webapp-assets:VERSION.BUILD_NUMBER",
+    "repository": "ARTIFACTORY_DEPLOY_REPO",
+    "artifacts": [{
+      "type": "zip",
+      "md5": ZIP_MD5,
+      "sha1": ZIP_SHA1,
+      "name": "webapp-assets-VERSION.BUILD_NUMBER.zip",
+      "path": "com/sonarsource/sonarqube/webapp-assets/VERSION.BUILD_NUMBER/webapp-assets-VERSION.BUILD_NUMBER.zip"
+    }],
+    "excludedArtifacts": [],
+    "dependencies": []
+  }]
+}
diff --git a/build.gradle b/build.gradle
index 497596685de..c712d26f44c 100644
--- a/build.gradle
+++ b/build.gradle
@@ -130,6 +130,39 @@ allprojects {
 
           metadataSources { artifact() }
     }
+    ivy {
+      if (artifactoryUsername && artifactoryPassword) {
+        url "${artifactoryUrl}/sonarsource-private-qa/com/sonarsource"
+
+        authentication {
+          header(HttpHeaderAuthentication)
+        }
+        credentials(HttpHeaderCredentials) {
+          name = "Authorization"
+          value = "Bearer $artifactoryPassword"
+        }
+
+        patternLayout {
+          artifact '[organisation]/[module]/[revision]/[module](-[revision]).[ext]'
+        }
+      } else {
+        url "${artifactoryUrl}/sonarsource-public-qa/com/sonarsource"
+
+        authentication {
+          header(HttpHeaderAuthentication)
+        }
+        credentials(HttpHeaderCredentials) {
+          name = "Authorization"
+          value = "Bearer $artifactoryPassword"
+        }
+
+        patternLayout {
+          artifact '[organisation]/[module]/[revision]/[module](-[revision]).[ext]'
+        }
+      }
+
+      metadataSources { artifact() }
+    }
   }
 
   task allDependencies {
diff --git a/gradle.properties b/gradle.properties
index 0794fc47a86..96dc308de26 100644
--- a/gradle.properties
+++ b/gradle.properties
@@ -15,3 +15,4 @@ elasticSearchServerVersion=8.14.3
 projectType=application
 artifactoryUrl=https://repox.jfrog.io/repox
 jre_release_name=jdk-17.0.11+9
+webappVersion=10.8.0.+
diff --git a/server/sonar-web/build.gradle b/server/sonar-web/build.gradle
index 48261edb792..02c93d6b167 100644
--- a/server/sonar-web/build.gradle
+++ b/server/sonar-web/build.gradle
@@ -11,24 +11,8 @@ sonar {
   }
 }
 
-def webappDir = "${buildDir}/webapp"
-
 compileJava.onlyIf {false}
 
-task yarn_run(type: Exec) {
-  ['config', 'public', 'scripts', 'src'].each {
-    inputs.dir(it).withPathSensitivity(PathSensitivity.RELATIVE)
-  }
-  ['package.json', 'tsconfig.json', 'yarn.lock', 'tailwind.config.js', 'tailwind.base.config.js'].each {
-    inputs.file(it).withPathSensitivity(PathSensitivity.RELATIVE)
-  }
-  outputs.dir(webappDir)
-  outputs.cacheIf { true }
-
-  commandLine osAdaptiveCommand(['npm', 'run', 'build-release'])
-}
-build.dependsOn(yarn_run)
-
 task "yarn_lint-report-ci"(type: Exec) {
   // Note that outputs are not relocatable, because contain absolute paths, and that's why inputs are not relativized
   ['config', 'src/main/js'].each {
diff --git a/server/sonar-web/package.json b/server/sonar-web/package.json
index cba1b568d50..f0c93ab4504 100644
--- a/server/sonar-web/package.json
+++ b/server/sonar-web/package.json
@@ -137,24 +137,23 @@
     "whatwg-fetch": "3.6.20"
   },
   "scripts": {
-    "start": "vite",
     "build": "vite build",
-    "build-release": "yarn install --immutable && yarn build",
+    "check-ci": "yarn install --immutable && yarn ts-check && yarn format-check && yarn test-eslint-local-rules && yarn dep-check",
     "chunks-analyze": "BUNDLE_ANALYSIS=true yarn build",
-    "test": "jest --workerIdleMemoryLimit=1G",
-    "test-ci": "NODE_OPTIONS=\"-r dd-trace/ci/init\" jest --coverage --maxWorkers=5 --workerIdleMemoryLimit=2G --ci",
-    "test-eslint-local-rules": "jest eslint-local-rules",
-    "format": "prettier --write --list-different \"src/main/js/**/*.{js,ts,tsx,css}\"",
+    "dep-check": "node scripts/validate-package-json.js",
     "format-check": "prettier --check \"src/main/js/**/*.{js,ts,tsx,css}\"",
-    "lint": "eslint --ext js,ts,tsx --quiet src/main/js",
-    "lint-report": "eslint --ext js,ts,tsx -f json -o eslint-report/eslint-report.json src/main/js",
+    "format": "prettier --write --list-different \"src/main/js/**/*.{js,ts,tsx,css}\"",
     "lint-report-ci": "yarn install --immutable && eslint --ext js,ts,tsx --config .eslintrc-ci -f json -o eslint-report/eslint-report.json src/main/js  || yarn lint",
+    "lint-report": "eslint --ext js,ts,tsx -f json -o eslint-report/eslint-report.json src/main/js",
+    "lint": "eslint --ext js,ts,tsx --quiet src/main/js",
+    "start": "vite",
+    "test-ci": "NODE_OPTIONS=\"-r dd-trace/ci/init\" jest --coverage --maxWorkers=5 --workerIdleMemoryLimit=2G --ci",
+    "test-eslint-local-rules": "jest eslint-local-rules",
+    "test": "jest --workerIdleMemoryLimit=1G",
     "ts-check": "tsc --noEmit",
-    "validate": "yarn dep-check && yarn lint && yarn ts-check && yarn format-check && yarn test",
-    "validate-ci": "yarn install --immutable && yarn dep-check && yarn test-ci",
-    "check-ci": "yarn install --immutable && yarn ts-check && yarn format-check && yarn test-eslint-local-rules",
     "update-cwes": "node scripts/update-cwes.js",
-    "dep-check": "node scripts/validate-package-json.js"
+    "validate-ci": "yarn install --immutable && yarn test-ci",
+    "validate": "yarn dep-check && yarn lint && yarn ts-check && yarn format-check && yarn test"
   },
   "engines": {
     "node": ">=18.20"
diff --git a/server/sonar-web/public/images/logo.svg b/server/sonar-web/public/images/logo.svg
deleted file mode 100644
index 2f200d9d8e2..00000000000
--- a/server/sonar-web/public/images/logo.svg
+++ /dev/null
@@ -1,5 +0,0 @@
-<svg width="100" height="30" xmlns="http://www.w3.org/2000/svg" xmlns:svg="http://www.w3.org/2000/svg">
-    <g transform="matrix(1,0,0,1,35,0)">
-        <path d="M20.681,15.871L20.681,20.627C20.681,20.798 20.619,20.947 20.493,21.072C20.368,21.198 20.219,21.261 20.047,21.261L16.243,21.261L16.243,17.456L13.707,17.456L13.707,21.261L9.903,21.261C9.731,21.261 9.582,21.198 9.457,21.072C9.331,20.947 9.269,20.798 9.269,20.627L9.269,15.871C9.269,15.865 9.27,15.855 9.273,15.842C9.277,15.828 9.278,15.818 9.278,15.812L14.975,11.116L20.672,15.812C20.678,15.825 20.681,15.845 20.681,15.871L20.681,15.871ZM22.891,15.188L22.276,15.921C22.224,15.98 22.154,16.017 22.068,16.03L22.039,16.03C21.953,16.03 21.884,16.007 21.831,15.96L14.975,10.244L8.119,15.96C8.04,16.013 7.961,16.036 7.882,16.03C7.796,16.017 7.726,15.98 7.674,15.921L7.059,15.188C7.006,15.122 6.983,15.044 6.99,14.955C6.997,14.866 7.033,14.795 7.099,14.742L14.222,8.808C14.433,8.636 14.684,8.55 14.975,8.55C15.266,8.55 15.517,8.636 15.728,8.808L18.145,10.829L18.145,8.897C18.145,8.804 18.175,8.728 18.234,8.669C18.294,8.609 18.37,8.58 18.462,8.58L20.364,8.58C20.457,8.58 20.533,8.609 20.592,8.669C20.652,8.728 20.681,8.804 20.681,8.897L20.681,12.939L22.851,14.742C22.917,14.795 22.953,14.866 22.96,14.955C22.967,15.044 22.944,15.122 22.891,15.188L22.891,15.188L22.891,15.188Z" style="fill:white;fill-rule:nonzero;"/>
-    </g>
-</svg>
diff --git a/sonar-application/build.gradle b/sonar-application/build.gradle
index 5ab93dfd3c1..42602cd7849 100644
--- a/sonar-application/build.gradle
+++ b/sonar-application/build.gradle
@@ -84,7 +84,6 @@ dependencies {
     } else {
       zipDist "elasticsearch:elasticsearch:${elasticSearchServerVersion}-linux-x86_64@tar.gz"
     }
-
 }
 
 // declare dependencies in configuration bundledPlugin to be packaged in lib/extensions
@@ -307,16 +306,9 @@ task zip(type: Zip, dependsOn: [configurations.compileClasspath]) {
   }
   into("${archiveDir}/web/") {
     duplicatesStrategy DuplicatesStrategy.FAIL
-    // FIXME use configurations.web with correct artifacts
-    from(tasks.getByPath(':server:sonar-web:yarn_run').outputs) { a ->
-      if (official) {
-         project(':private:branding').fileTree('src').visit { b ->
-           if (!b.isDirectory()) {
-             a.exclude b.relativePath.toString()
-           }
-         }
-      }
-    }
+    
+    from(rootProject.fileTree("server/sonar-web/build/webapp/"))
+
     if (official) {
       from project(':private:branding').file('src')
     }
-- 
2.39.5