@@ -1,5 +1,7 @@ | |||
# content of service-account-credentials.json, used to access to Google Cloud Platform | |||
gcp_credentials: ENCRYPTED[!e5f7207bd8d02d383733bef47e18296ac32e3b7d22eb480354e8dd8fdc0004be45a8a4e72c797bd66ee94eb3340fa363!] | |||
aws_credentials: | |||
role_arn: arn:aws:iam::275878209202:role/CirrusCI-prod | |||
role_session_name: cirrus | |||
region: eu-central-1 | |||
# | |||
# ENV VARIABLES | |||
@@ -31,11 +33,21 @@ env: | |||
# | |||
# RE-USABLE CONFIGS | |||
# | |||
container_definition: &CONTAINER_DEFINITION | |||
image: us.gcr.io/sonarqube-team/base:j11-m3-latest | |||
cluster_name: cirrus-ci-cluster | |||
zone: us-central1-a | |||
eks_container: &EKS_CONTAINER | |||
region: eu-central-1 | |||
cluster_name: CirrusCI-prod | |||
namespace: default | |||
image: 275878209202.dkr.ecr.eu-central-1.amazonaws.com/base:j11-m3-latest | |||
cpu: 1 | |||
memory: 2G | |||
ec2_instance: &EC2_INSTANCE_WINDOWS | |||
experimental: true # see https://github.com/cirruslabs/cirrus-ci-docs/issues/1051 | |||
region: eu-central-1 | |||
subnet_id: subnet-063c427f490da35b9 | |||
type: t2.2xlarge | |||
image: lt-base-windows-jdk11-v* | |||
platform: windows | |||
only_sonarsource_qa: &ONLY_SONARSOURCE_QA | |||
only_if: $CIRRUS_USER_COLLABORATOR == 'true' && ($CIRRUS_PR != "" || $CIRRUS_BRANCH == "master" || $CIRRUS_BRANCH =~ "branch-.*" || $CIRRUS_BRANCH =~ "dogfood-on-.*") | |||
@@ -45,10 +57,8 @@ only_sonarsource_qa: &ONLY_SONARSOURCE_QA | |||
# TASKS | |||
# | |||
build_task: | |||
gke_container: | |||
<<: *CONTAINER_DEFINITION | |||
cpu: 1 | |||
memory: 2G | |||
eks_container: | |||
<<: *EKS_CONTAINER | |||
env: | |||
SONAR_TOKEN: ENCRYPTED[!b6fd814826c51e64ee61b0b6f3ae621551f6413383f7170f73580e2e141ac78c4b134b506f6288c74faa0dd564c05a29!] | |||
SONAR_HOST_URL: https://next.sonarqube.com/sonarqube | |||
@@ -66,15 +76,8 @@ linux_qa_task: | |||
depends_on: | |||
- build | |||
<<: *ONLY_SONARSOURCE_QA | |||
gke_container: | |||
dockerfile: it/docker/Dockerfile | |||
builder_image_project: sonarqube-team | |||
builder_image_name: docker-builder-v20200915 | |||
cluster_name: cirrus-ci-cluster | |||
zone: us-central1-a | |||
namespace: default | |||
cpu: 1 | |||
memory: 2G | |||
eks_container: | |||
<<: *EKS_CONTAINER | |||
env: | |||
matrix: | |||
- SQ_VERSION: LATEST_RELEASE[7.9] | |||
@@ -94,15 +97,9 @@ linux_qa_java17_task: | |||
depends_on: | |||
- build | |||
<<: *ONLY_SONARSOURCE_QA | |||
gke_container: | |||
dockerfile: it/docker/Dockerfile_17 | |||
builder_image_project: sonarqube-team | |||
builder_image_name: docker-builder-v20200915 | |||
cluster_name: cirrus-ci-cluster | |||
zone: us-central1-a | |||
namespace: default | |||
cpu: 1 | |||
memory: 2G | |||
eks_container: | |||
<<: *EKS_CONTAINER | |||
image: 275878209202.dkr.ecr.eu-central-1.amazonaws.com/base:j17-m3-latest | |||
env: | |||
matrix: | |||
- SQ_VERSION: LATEST_RELEASE[8.9] | |||
@@ -117,33 +114,12 @@ linux_qa_java17_task: | |||
cleanup_before_cache_script: | |||
- cleanup_maven_repository | |||
create_win_vm_task: | |||
<<: *ONLY_SONARSOURCE_QA | |||
skip: "!changesInclude('it/packer/setup.ps1', 'it/packer/sonar-scanner-cli-qa.json')" | |||
gce_instance: | |||
image_project: sonarqube-team | |||
image_family: packer-builder | |||
zone: us-central1-a | |||
type: n1-standard-8 | |||
use_ssd: true | |||
scopes: | |||
- cloud-platform | |||
build_script: | |||
- packer build -force it/packer/sonar-scanner-cli-qa.json | |||
win_qa_task: | |||
depends_on: | |||
- create_win_vm | |||
- build | |||
<<: *ONLY_SONARSOURCE_QA | |||
gce_instance: | |||
image_project: sonarqube-team | |||
# This VM is built using Packer, see "create_win_vm_task" above. | |||
image_name: sonar-scanner-cli-qa | |||
platform: windows | |||
zone: us-central1-a | |||
type: n1-standard-8 | |||
use_ssd: true | |||
ec2_instance: | |||
<<: *EC2_INSTANCE_WINDOWS | |||
env: | |||
CIRRUS_SHELL: bash | |||
matrix: | |||
@@ -164,8 +140,8 @@ promote_task: | |||
- linux_qa | |||
- win_qa | |||
<<: *ONLY_SONARSOURCE_QA | |||
gke_container: | |||
<<: *CONTAINER_DEFINITION | |||
eks_container: | |||
<<: *EKS_CONTAINER | |||
cpu: 0.5 | |||
memory: 500M | |||
maven_cache: |
@@ -1,21 +0,0 @@ | |||
#------------------------------------------------------------------------------ | |||
# Installs NodeJS, which is needed for running the Linux ITs. | |||
# | |||
# Build from the basedir: | |||
# docker build -f it/docker/Dockerfile-qa -t sonar-scanner-cli-qa it/docker | |||
# | |||
# Verify the content of the image by running a shell session in it: | |||
# docker run -it sonar-scanner-cli-qa bash | |||
# | |||
# CirrusCI builds the image when needed. No need to manually upload it to | |||
# Google Cloud Container Registry. See section "gke_container" of .cirrus.yml | |||
#------------------------------------------------------------------------------ | |||
FROM us.gcr.io/sonarqube-team/base:j11-m3-latest | |||
USER root | |||
RUN curl -sL https://deb.nodesource.com/setup_10.x | bash - | |||
RUN apt-get install -y nodejs | |||
USER sonarsource |
@@ -1,21 +0,0 @@ | |||
#------------------------------------------------------------------------------ | |||
# Installs NodeJS, which is needed for running the Linux ITs. | |||
# | |||
# Build from the basedir: | |||
# docker build -f it/docker/Dockerfile-qa -t sonar-scanner-cli-qa it/docker | |||
# | |||
# Verify the content of the image by running a shell session in it: | |||
# docker run -it sonar-scanner-cli-qa bash | |||
# | |||
# CirrusCI builds the image when needed. No need to manually upload it to | |||
# Google Cloud Container Registry. See section "gke_container" of .cirrus.yml | |||
#------------------------------------------------------------------------------ | |||
FROM us.gcr.io/sonarqube-team/base:j17-m3-latest | |||
USER root | |||
RUN curl -sL https://deb.nodesource.com/setup_10.x | bash - | |||
RUN apt-get install -y nodejs | |||
USER sonarsource |
@@ -1,23 +0,0 @@ | |||
Custom Windows VM image for sonar-scanner-cli Windows ITs | |||
========================================================= | |||
This defines a custom Windows image necessary for the ITs. It contains all [build tools helpers](https://github.com/SonarSource/buildTools/blob/docker/bin/), as well as Node JS, which is needed to scan the example projects. | |||
How to build this VM image | |||
-------------------------- | |||
*This isn't supposed to be built by hand.* We have a special image on our Google Cloud project, called *packer-builder-v1*. This image gets started up by Cirrus CI in the `create_win_vm_task` (see [`../../.cirrus.yml`](../../.cirrus.yml)), and will use [Packer](https://packer.io/) to create our custom VM image. The Packer instructions are contained in the `sonar-scanner-cli-qa.json` file. | |||
Note that this image is rebuilt by Cirrus CI every time the `sonar-scanner-cli-qa.json` or `setup.ps1` files change (see the `create_win_vm_task`'s `skip` instruction in [`../../.cirrus.yml`](../../.cirrus.yml)). If no changes are detected, the build will be skipped, and the previously existing image will be used. | |||
How to debug this VM image | |||
-------------------------- | |||
1. Log on to [Google Cloud](http://console.cloud.google.com/) | |||
2. Go to our SonarQube project (`sonarqube-team`) | |||
3. Under *Compute Engine > Images*, you should see *packer-builder-v1*. Start a new VM with this image. | |||
This image is pre-configured for using Packer, as well as pushing new VM images to our SonarQube project. | |||
4. Once started, SSH into this VM (you can do this directly via the browser). | |||
5. `sudo su` to use the root user (which is configured to use the GCE service account). | |||
You can now add packer JSON files, and run the `packer build` command to test your new images. **Make sure you remove any test images from GCE.** | |||
@@ -1,60 +0,0 @@ | |||
$ErrorActionPreference = 'Stop' | |||
function Install-Chocolatey { | |||
# Run the installer. | |||
Set-ExecutionPolicy Bypass -Scope Process -Force; Invoke-Expression ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1')) | |||
} | |||
function Install-NodeJs { | |||
choco install -y nodejs | |||
} | |||
function Install-Buildtools { | |||
$path = "${env:Temp}\buildTools.zip" | |||
# Fetch the build tools archive. | |||
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 | |||
(New-Object System.Net.WebClient).DownloadFile('https://github.com/SonarSource/buildTools/archive/docker.zip', $path) | |||
# Extract the archive to the C drive. | |||
Add-Type -AssemblyName System.IO.Compression.FileSystem | |||
[System.IO.Compression.ZipFile]::ExtractToDirectory($path, 'C:\') | |||
# Update global PATH. | |||
$currentPath = (Get-ItemProperty -Path 'Registry::HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\Environment' -Name PATH).Path | |||
$updatedPath = $currentPath+';C:\buildTools-docker\bin' | |||
Set-ItemProperty -Path 'Registry::HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\Environment' -Name PATH -Value $updatedPath | |||
# Remove archive. | |||
del $path | |||
} | |||
function Install-Maven { | |||
choco install -y openjdk11 --version 11.0.4.11 | |||
choco install -y maven --version 3.6.2 | |||
} | |||
function Install-Git { | |||
# We use Git to enable Unix Tools. This will allow us to use Bash-style | |||
# commands in .cirrus.yml, like "source". | |||
choco install -y git --version 2.23.0 --package-parameters "/GitAndUnixToolsOnPath" | |||
} | |||
Write-Host "Install chocolatey" | |||
Install-Chocolatey | |||
Write-Host "Install Maven" | |||
Install-Maven | |||
Write-Host "Install NodeJs" | |||
Install-NodeJs | |||
Write-Host "Install Unix Tools" | |||
Install-Git | |||
Write-Host "Set up build tools" | |||
Install-Buildtools | |||
# Disable antivirus analysis on C drive. | |||
Write-Host "Finalize VM configuration" | |||
Set-MpPreference -ScanAvgCPULoadFactor 5 -ExclusionPath "C:\" |
@@ -1,29 +0,0 @@ | |||
{ | |||
"builders": [ | |||
{ | |||
"type": "googlecompute", | |||
"project_id": "sonarqube-team", | |||
"source_image": "windows-server-1809-dc-core-v20200813", | |||
"image_name": "sonar-scanner-cli-qa", | |||
"disk_size": "50", | |||
"machine_type": "n1-standard-1", | |||
"communicator": "winrm", | |||
"winrm_username": "packer_user", | |||
"winrm_insecure": true, | |||
"winrm_use_ssl": true, | |||
"metadata": { | |||
"windows-startup-script-cmd": "winrm quickconfig -quiet & net user /add packer_user & net localgroup administrators packer_user /add & winrm set winrm/config/service/auth @{Basic=\"true\"}" | |||
}, | |||
"zone": "us-central1-a", | |||
"tags": ["packer"] | |||
} | |||
], | |||
"provisioners": [ | |||
{ | |||
"type": "powershell", | |||
"scripts": [ | |||
"{{template_dir}}/setup.ps1" | |||
] | |||
} | |||
] | |||
} |