Julien Carsique
1 year ago
6 changed files with 29 additions and 207 deletions
+ 29
- 53
.cirrus.yml
View File
| @@ -1,5 +1,7 @@ | |||
| # content of service-account-credentials.json, used to access to Google Cloud Platform | |||
| gcp_credentials: ENCRYPTED[!e5f7207bd8d02d383733bef47e18296ac32e3b7d22eb480354e8dd8fdc0004be45a8a4e72c797bd66ee94eb3340fa363!] | |||
| aws_credentials: | |||
| role_arn: arn:aws:iam::275878209202:role/CirrusCI-prod | |||
| role_session_name: cirrus | |||
| region: eu-central-1 | |||
| # | |||
| # ENV VARIABLES | |||
| @@ -31,11 +33,21 @@ env: | |||
| # | |||
| # RE-USABLE CONFIGS | |||
| # | |||
| container_definition: &CONTAINER_DEFINITION | |||
| image: us.gcr.io/sonarqube-team/base:j11-m3-latest | |||
| cluster_name: cirrus-ci-cluster | |||
| zone: us-central1-a | |||
| eks_container: &EKS_CONTAINER | |||
| region: eu-central-1 | |||
| cluster_name: CirrusCI-prod | |||
| namespace: default | |||
| image: 275878209202.dkr.ecr.eu-central-1.amazonaws.com/base:j11-m3-latest | |||
| cpu: 1 | |||
| memory: 2G | |||
| ec2_instance: &EC2_INSTANCE_WINDOWS | |||
| experimental: true # see https://github.com/cirruslabs/cirrus-ci-docs/issues/1051 | |||
| region: eu-central-1 | |||
| subnet_id: subnet-063c427f490da35b9 | |||
| type: t2.2xlarge | |||
| image: lt-base-windows-jdk11-v* | |||
| platform: windows | |||
| only_sonarsource_qa: &ONLY_SONARSOURCE_QA | |||
| only_if: $CIRRUS_USER_COLLABORATOR == 'true' && ($CIRRUS_PR != "" || $CIRRUS_BRANCH == "master" || $CIRRUS_BRANCH =~ "branch-.*" || $CIRRUS_BRANCH =~ "dogfood-on-.*") | |||
| @@ -45,10 +57,8 @@ only_sonarsource_qa: &ONLY_SONARSOURCE_QA | |||
| # TASKS | |||
| # | |||
| build_task: | |||
| gke_container: | |||
| <<: *CONTAINER_DEFINITION | |||
| cpu: 1 | |||
| memory: 2G | |||
| eks_container: | |||
| <<: *EKS_CONTAINER | |||
| env: | |||
| SONAR_TOKEN: ENCRYPTED[!b6fd814826c51e64ee61b0b6f3ae621551f6413383f7170f73580e2e141ac78c4b134b506f6288c74faa0dd564c05a29!] | |||
| SONAR_HOST_URL: https://next.sonarqube.com/sonarqube | |||
| @@ -66,15 +76,8 @@ linux_qa_task: | |||
| depends_on: | |||
| - build | |||
| <<: *ONLY_SONARSOURCE_QA | |||
| gke_container: | |||
| dockerfile: it/docker/Dockerfile | |||
| builder_image_project: sonarqube-team | |||
| builder_image_name: docker-builder-v20200915 | |||
| cluster_name: cirrus-ci-cluster | |||
| zone: us-central1-a | |||
| namespace: default | |||
| cpu: 1 | |||
| memory: 2G | |||
| eks_container: | |||
| <<: *EKS_CONTAINER | |||
| env: | |||
| matrix: | |||
| - SQ_VERSION: LATEST_RELEASE[7.9] | |||
| @@ -94,15 +97,9 @@ linux_qa_java17_task: | |||
| depends_on: | |||
| - build | |||
| <<: *ONLY_SONARSOURCE_QA | |||
| gke_container: | |||
| dockerfile: it/docker/Dockerfile_17 | |||
| builder_image_project: sonarqube-team | |||
| builder_image_name: docker-builder-v20200915 | |||
| cluster_name: cirrus-ci-cluster | |||
| zone: us-central1-a | |||
| namespace: default | |||
| cpu: 1 | |||
| memory: 2G | |||
| eks_container: | |||
| <<: *EKS_CONTAINER | |||
| image: 275878209202.dkr.ecr.eu-central-1.amazonaws.com/base:j17-m3-latest | |||
| env: | |||
| matrix: | |||
| - SQ_VERSION: LATEST_RELEASE[8.9] | |||
| @@ -117,33 +114,12 @@ linux_qa_java17_task: | |||
| cleanup_before_cache_script: | |||
| - cleanup_maven_repository | |||
| create_win_vm_task: | |||
| <<: *ONLY_SONARSOURCE_QA | |||
| skip: "!changesInclude('it/packer/setup.ps1', 'it/packer/sonar-scanner-cli-qa.json')" | |||
| gce_instance: | |||
| image_project: sonarqube-team | |||
| image_family: packer-builder | |||
| zone: us-central1-a | |||
| type: n1-standard-8 | |||
| use_ssd: true | |||
| scopes: | |||
| - cloud-platform | |||
| build_script: | |||
| - packer build -force it/packer/sonar-scanner-cli-qa.json | |||
| win_qa_task: | |||
| depends_on: | |||
| - create_win_vm | |||
| - build | |||
| <<: *ONLY_SONARSOURCE_QA | |||
| gce_instance: | |||
| image_project: sonarqube-team | |||
| # This VM is built using Packer, see "create_win_vm_task" above. | |||
| image_name: sonar-scanner-cli-qa | |||
| platform: windows | |||
| zone: us-central1-a | |||
| type: n1-standard-8 | |||
| use_ssd: true | |||
| ec2_instance: | |||
| <<: *EC2_INSTANCE_WINDOWS | |||
| env: | |||
| CIRRUS_SHELL: bash | |||
| matrix: | |||
| @@ -164,8 +140,8 @@ promote_task: | |||
| - linux_qa | |||
| - win_qa | |||
| <<: *ONLY_SONARSOURCE_QA | |||
| gke_container: | |||
| <<: *CONTAINER_DEFINITION | |||
| eks_container: | |||
| <<: *EKS_CONTAINER | |||
| cpu: 0.5 | |||
| memory: 500M | |||
| maven_cache: | |||
+ 0
- 21
it/docker/Dockerfile
View File
| @@ -1,21 +0,0 @@ | |||
| #------------------------------------------------------------------------------ | |||
| # Installs NodeJS, which is needed for running the Linux ITs. | |||
| # | |||
| # Build from the basedir: | |||
| # docker build -f it/docker/Dockerfile-qa -t sonar-scanner-cli-qa it/docker | |||
| # | |||
| # Verify the content of the image by running a shell session in it: | |||
| # docker run -it sonar-scanner-cli-qa bash | |||
| # | |||
| # CirrusCI builds the image when needed. No need to manually upload it to | |||
| # Google Cloud Container Registry. See section "gke_container" of .cirrus.yml | |||
| #------------------------------------------------------------------------------ | |||
| FROM us.gcr.io/sonarqube-team/base:j11-m3-latest | |||
| USER root | |||
| RUN curl -sL https://deb.nodesource.com/setup_10.x | bash - | |||
| RUN apt-get install -y nodejs | |||
| USER sonarsource | |||
+ 0
- 21
it/docker/Dockerfile_17
View File
| @@ -1,21 +0,0 @@ | |||
| #------------------------------------------------------------------------------ | |||
| # Installs NodeJS, which is needed for running the Linux ITs. | |||
| # | |||
| # Build from the basedir: | |||
| # docker build -f it/docker/Dockerfile-qa -t sonar-scanner-cli-qa it/docker | |||
| # | |||
| # Verify the content of the image by running a shell session in it: | |||
| # docker run -it sonar-scanner-cli-qa bash | |||
| # | |||
| # CirrusCI builds the image when needed. No need to manually upload it to | |||
| # Google Cloud Container Registry. See section "gke_container" of .cirrus.yml | |||
| #------------------------------------------------------------------------------ | |||
| FROM us.gcr.io/sonarqube-team/base:j17-m3-latest | |||
| USER root | |||
| RUN curl -sL https://deb.nodesource.com/setup_10.x | bash - | |||
| RUN apt-get install -y nodejs | |||
| USER sonarsource | |||
+ 0
- 23
it/packer/README.md
View File
| @@ -1,23 +0,0 @@ | |||
| Custom Windows VM image for sonar-scanner-cli Windows ITs | |||
| ========================================================= | |||
| This defines a custom Windows image necessary for the ITs. It contains all [build tools helpers](https://github.com/SonarSource/buildTools/blob/docker/bin/), as well as Node JS, which is needed to scan the example projects. | |||
| How to build this VM image | |||
| -------------------------- | |||
| *This isn't supposed to be built by hand.* We have a special image on our Google Cloud project, called *packer-builder-v1*. This image gets started up by Cirrus CI in the `create_win_vm_task` (see [`../../.cirrus.yml`](../../.cirrus.yml)), and will use [Packer](https://packer.io/) to create our custom VM image. The Packer instructions are contained in the `sonar-scanner-cli-qa.json` file. | |||
| Note that this image is rebuilt by Cirrus CI every time the `sonar-scanner-cli-qa.json` or `setup.ps1` files change (see the `create_win_vm_task`'s `skip` instruction in [`../../.cirrus.yml`](../../.cirrus.yml)). If no changes are detected, the build will be skipped, and the previously existing image will be used. | |||
| How to debug this VM image | |||
| -------------------------- | |||
| 1. Log on to [Google Cloud](http://console.cloud.google.com/) | |||
| 2. Go to our SonarQube project (`sonarqube-team`) | |||
| 3. Under *Compute Engine > Images*, you should see *packer-builder-v1*. Start a new VM with this image. | |||
| This image is pre-configured for using Packer, as well as pushing new VM images to our SonarQube project. | |||
| 4. Once started, SSH into this VM (you can do this directly via the browser). | |||
| 5. `sudo su` to use the root user (which is configured to use the GCE service account). | |||
| You can now add packer JSON files, and run the `packer build` command to test your new images. **Make sure you remove any test images from GCE.** | |||
+ 0
- 60
it/packer/setup.ps1
View File
| @@ -1,60 +0,0 @@ | |||
| $ErrorActionPreference = 'Stop' | |||
| function Install-Chocolatey { | |||
| # Run the installer. | |||
| Set-ExecutionPolicy Bypass -Scope Process -Force; Invoke-Expression ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1')) | |||
| } | |||
| function Install-NodeJs { | |||
| choco install -y nodejs | |||
| } | |||
| function Install-Buildtools { | |||
| $path = "${env:Temp}\buildTools.zip" | |||
| # Fetch the build tools archive. | |||
| [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 | |||
| (New-Object System.Net.WebClient).DownloadFile('https://github.com/SonarSource/buildTools/archive/docker.zip', $path) | |||
| # Extract the archive to the C drive. | |||
| Add-Type -AssemblyName System.IO.Compression.FileSystem | |||
| [System.IO.Compression.ZipFile]::ExtractToDirectory($path, 'C:\') | |||
| # Update global PATH. | |||
| $currentPath = (Get-ItemProperty -Path 'Registry::HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\Environment' -Name PATH).Path | |||
| $updatedPath = $currentPath+';C:\buildTools-docker\bin' | |||
| Set-ItemProperty -Path 'Registry::HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\Environment' -Name PATH -Value $updatedPath | |||
| # Remove archive. | |||
| del $path | |||
| } | |||
| function Install-Maven { | |||
| choco install -y openjdk11 --version 11.0.4.11 | |||
| choco install -y maven --version 3.6.2 | |||
| } | |||
| function Install-Git { | |||
| # We use Git to enable Unix Tools. This will allow us to use Bash-style | |||
| # commands in .cirrus.yml, like "source". | |||
| choco install -y git --version 2.23.0 --package-parameters "/GitAndUnixToolsOnPath" | |||
| } | |||
| Write-Host "Install chocolatey" | |||
| Install-Chocolatey | |||
| Write-Host "Install Maven" | |||
| Install-Maven | |||
| Write-Host "Install NodeJs" | |||
| Install-NodeJs | |||
| Write-Host "Install Unix Tools" | |||
| Install-Git | |||
| Write-Host "Set up build tools" | |||
| Install-Buildtools | |||
| # Disable antivirus analysis on C drive. | |||
| Write-Host "Finalize VM configuration" | |||
| Set-MpPreference -ScanAvgCPULoadFactor 5 -ExclusionPath "C:\" | |||
+ 0
- 29
it/packer/sonar-scanner-cli-qa.json
View File
| @@ -1,29 +0,0 @@ | |||
| { | |||
| "builders": [ | |||
| { | |||
| "type": "googlecompute", | |||
| "project_id": "sonarqube-team", | |||
| "source_image": "windows-server-1809-dc-core-v20200813", | |||
| "image_name": "sonar-scanner-cli-qa", | |||
| "disk_size": "50", | |||
| "machine_type": "n1-standard-1", | |||
| "communicator": "winrm", | |||
| "winrm_username": "packer_user", | |||
| "winrm_insecure": true, | |||
| "winrm_use_ssl": true, | |||
| "metadata": { | |||
| "windows-startup-script-cmd": "winrm quickconfig -quiet & net user /add packer_user & net localgroup administrators packer_user /add & winrm set winrm/config/service/auth @{Basic=\"true\"}" | |||
| }, | |||
| "zone": "us-central1-a", | |||
| "tags": ["packer"] | |||
| } | |||
| ], | |||
| "provisioners": [ | |||
| { | |||
| "type": "powershell", | |||
| "scripts": [ | |||
| "{{template_dir}}/setup.ps1" | |||
| ] | |||
| } | |||
| ] | |||
| } | |||
Loading…