|
|
@@ -1,732 +0,0 @@ |
|
|
|
env: |
|
|
|
GRADLE_OPTS: -Dorg.gradle.jvmargs="-XX:+PrintFlagsFinal -XshowSettings:vm -XX:+HeapDumpOnOutOfMemoryError -XX:+UnlockExperimentalVMOptions -Djava.security.egd=file:/dev/./urandom -Dfile.encoding=UTF8 -Duser.language=en -Duser.country=US" |
|
|
|
# to be replaced by other credentials |
|
|
|
ARTIFACTORY_URL: VAULT[development/kv/data/repox data.url] |
|
|
|
ARTIFACTORY_PRIVATE_USERNAME: vault-${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-private-reader |
|
|
|
ARTIFACTORY_PRIVATE_PASSWORD: VAULT[development/artifactory/token/${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-private-reader access_token] |
|
|
|
ARTIFACTORY_DEPLOY_USERNAME: vault-${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-qa-deployer |
|
|
|
ARTIFACTORY_DEPLOY_PASSWORD: VAULT[development/artifactory/token/${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-qa-deployer access_token] |
|
|
|
ARTIFACTORY_ACCESS_TOKEN: VAULT[development/artifactory/token/${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-private-reader access_token] |
|
|
|
ARTIFACTORY_PROMOTE_ACCESS_TOKEN: VAULT[development/artifactory/token/${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-promoter access_token] |
|
|
|
#NPM config |
|
|
|
NPM_CONFIG_registry: https://repox.jfrog.io/artifactory/api/npm/npm |
|
|
|
NPM_CONFIG_//repox.jfrog.io/artifactory/api/npm/:_authToken: VAULT[development/artifactory/token/${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-private-reader access_token] |
|
|
|
# download licenses for testing commercial editions |
|
|
|
GITHUB_TOKEN: VAULT[development/github/token/licenses-ro token] |
|
|
|
# notifications to burgr |
|
|
|
BURGR_URL: VAULT[development/kv/data/burgr data.url] |
|
|
|
BURGR_USERNAME: VAULT[development/kv/data/burgr data.cirrus_username] |
|
|
|
BURGR_PASSWORD: VAULT[development/kv/data/burgr data.cirrus_password] |
|
|
|
# analysis on next.sonarqube.com |
|
|
|
SONARQUBE_NEXT_TOKEN: VAULT[development/kv/data/next data.token] |
|
|
|
# to trigger docs deployment |
|
|
|
ELASTIC_PWD: VAULT[development/team/sonarqube/kv/data/elasticsearch-cloud data.password] |
|
|
|
CIRRUS_LOG_TIMESTAMP: true |
|
|
|
BRANCH_MAIN: 'master' |
|
|
|
BRANCH_PATTERN_MAINTENANCE: 'branch-.*' |
|
|
|
BRANCH_PATTERN_PUBLIC: 'public_.*' |
|
|
|
NIGHTLY_99_CRON: '9-9-lts-nightly' |
|
|
|
|
|
|
|
auto_cancellation: $CIRRUS_BRANCH != $BRANCH_MAIN && $CIRRUS_BRANCH !=~ $BRANCH_PATTERN_MAINTENANCE |
|
|
|
|
|
|
|
skip_public_branches_template: &SKIP_PUBLIC_BRANCHES_TEMPLATE |
|
|
|
skip: $CIRRUS_BRANCH =~ $BRANCH_PATTERN_PUBLIC |
|
|
|
|
|
|
|
build_dependant_task_template: &BUILD_DEPENDANT_TASK_TEMPLATE |
|
|
|
depends_on: build |
|
|
|
|
|
|
|
nightly_task_template: &NIGHTLY_TASK_TEMPLATE |
|
|
|
only_if: $CIRRUS_CRON == $NIGHTLY_99_CRON |
|
|
|
|
|
|
|
master_or_nightly_or_maintenance_task_template: &MASTER_OR_NIGHTLY_OR_MAINTENANCE_TASK_TEMPLATE |
|
|
|
only_if: $CIRRUS_BRANCH == $BRANCH_NIGHTLY || $CIRRUS_BRANCH == $BRANCH_MAIN || $CIRRUS_BRANCH =~ $BRANCH_PATTERN_MAINTENANCE |
|
|
|
|
|
|
|
except_nightly_task_template: &EXCEPT_ON_NIGHTLY_TASK_TEMPLATE |
|
|
|
only_if: $CIRRUS_CRON != $NIGHTLY_99_CRON |
|
|
|
|
|
|
|
database_related_task_template: &DATABASE_RELATED_TASK_TEMPLATE |
|
|
|
only_if: >- |
|
|
|
$CIRRUS_BRANCH == $BRANCH_MAIN || $CIRRUS_BRANCH =~ $BRANCH_PATTERN_MAINTENANCE || $CIRRUS_BRANCH == $BRANCH_NIGHTLY || |
|
|
|
changesInclude('server/sonar-db-dao/**/*Mapper.xml', 'server/sonar-db-migration/**/DbVersion*.java', 'server/sonar-db-dao/**/*Dao.java', 'server/sonar-db-core/src/main/java/org/sonar/db/*.java') |
|
|
|
|
|
|
|
saml_task_template: &SAML_TASK_TEMPLATE |
|
|
|
only_if: >- |
|
|
|
$CIRRUS_BRANCH == $BRANCH_MAIN || $CIRRUS_BRANCH =~ $BRANCH_PATTERN_MAINTENANCE || $CIRRUS_BRANCH == $BRANCH_NIGHTLY || |
|
|
|
changesInclude('server/sonar-auth-saml/src/main/java/**/*.java', 'server/sonar-auth-saml/src/main/resources/**/*', 'server/sonar-db-dao/src/main/**/SAML*.java', 'private/it-core/src/test/java/org/sonarqube/tests/saml/*.java', 'server/sonar-webserver-webapi/src/main/java/org/sonar/server/saml/**/*.java') |
|
|
|
|
|
|
|
ldap_task_template: &LDAP_TASK_TEMPLATE |
|
|
|
only_if: >- |
|
|
|
$CIRRUS_BRANCH == $BRANCH_MAIN || $CIRRUS_BRANCH =~ $BRANCH_PATTERN_MAINTENANCE || $CIRRUS_BRANCH == $BRANCH_NIGHTLY || |
|
|
|
changesInclude('server/sonar-auth-ldap/src/main/java/**/*.java', 'server/sonar-webserver-auth/src/main/java/org/sonar/server/authentication/LdapCredentialsAuthentication.java', 'private/it-core/src/test/java/org/sonarqube/tests/ldap/*.java') |
|
|
|
|
|
|
|
github_task_template: &GITHUB_TASK_TEMPLATE |
|
|
|
only_if: >- |
|
|
|
$CIRRUS_BRANCH == $BRANCH_MAIN || $CIRRUS_BRANCH =~ $BRANCH_PATTERN_MAINTENANCE || $CIRRUS_BRANCH == $BRANCH_NIGHTLY || |
|
|
|
changesInclude('private/core-extension-developer-server/src/main/java/com/sonarsource/branch/pr/github/*.java', 'private/it-branch/it-tests/src/test/java/com/sonarsource/branch/it/suite/pr/github/*.java') |
|
|
|
|
|
|
|
docker_build_container_template: &CONTAINER_TEMPLATE |
|
|
|
region: eu-central-1 |
|
|
|
cluster_name: ${CIRRUS_CLUSTER_NAME} |
|
|
|
namespace: default |
|
|
|
builder_subnet_id: ${CIRRUS_AWS_SUBNET} |
|
|
|
builder_role: cirrus-builder |
|
|
|
builder_image: docker-builder-v* |
|
|
|
builder_instance_type: t2.small |
|
|
|
dockerfile: private/docker/Dockerfile-build |
|
|
|
docker_arguments: |
|
|
|
CIRRUS_AWS_ACCOUNT: ${CIRRUS_AWS_ACCOUNT} |
|
|
|
cpu: 1 |
|
|
|
memory: 2Gb |
|
|
|
|
|
|
|
vm_instance_template: &VM_TEMPLATE |
|
|
|
experimental: true # see https://github.com/cirruslabs/cirrus-ci-docs/issues/1051 |
|
|
|
image: docker-builder-v* |
|
|
|
type: t2.small |
|
|
|
region: eu-central-1 |
|
|
|
subnet_id: ${CIRRUS_AWS_SUBNET} |
|
|
|
disk: 10 |
|
|
|
cpu: 4 |
|
|
|
memory: 8G |
|
|
|
|
|
|
|
oracle_additional_container_template: &ORACLE_ADDITIONAL_CONTAINER_TEMPLATE |
|
|
|
name: oracle |
|
|
|
image: gvenzl/oracle-xe:21-faststart |
|
|
|
port: 1521 |
|
|
|
cpu: 2 |
|
|
|
memory: 5Gb |
|
|
|
env: |
|
|
|
ORACLE_PASSWORD: sonarqube |
|
|
|
APP_USER: sonarqube |
|
|
|
APP_USER_PASSWORD: sonarqube |
|
|
|
|
|
|
|
postgres_additional_container_template: &POSTGRES_ADDITIONAL_CONTAINER_TEMPLATE |
|
|
|
name: postgres |
|
|
|
image: public.ecr.aws/docker/library/postgres:15 |
|
|
|
port: 5432 |
|
|
|
cpu: 1 |
|
|
|
memory: 1Gb |
|
|
|
env: |
|
|
|
POSTGRES_USER: postgres |
|
|
|
POSTGRES_PASSWORD: postgres |
|
|
|
|
|
|
|
default_artifact_template: &DEFAULT_ARTIFACTS_TEMPLATE |
|
|
|
on_failure: |
|
|
|
jest_junit_cleanup_script: > |
|
|
|
find . -type f -wholename "**/build/test-results/test-jest/junit.xml" -exec |
|
|
|
xmlstarlet edit --inplace --delete '//testsuite[@errors=0 and @failures=0]' {} \; |
|
|
|
junit_artifacts: |
|
|
|
path: "**/build/test-results/**/*.xml" |
|
|
|
type: "text/xml" |
|
|
|
format: junit |
|
|
|
reports_artifacts: |
|
|
|
path: "**/build/reports/**/*" |
|
|
|
screenshots_artifacts: |
|
|
|
path: "**/build/screenshots/**/*" |
|
|
|
always: |
|
|
|
profile_artifacts: |
|
|
|
path: "**/build/reports/profile/**/*" |
|
|
|
|
|
|
|
yarn_cache_template: &YARN_CACHE_TEMPLATE |
|
|
|
yarn_cache: |
|
|
|
folder: "~/.yarn/berry/cache" |
|
|
|
fingerprint_script: | |
|
|
|
cat \ |
|
|
|
server/sonar-web/yarn.lock \ |
|
|
|
private/core-extension-developer-server/yarn.lock \ |
|
|
|
private/core-extension-enterprise-server/yarn.lock \ |
|
|
|
private/core-extension-license/yarn.lock \ |
|
|
|
private/core-extension-securityreport/yarn.lock |
|
|
|
|
|
|
|
gradle_cache_template: &GRADLE_CACHE_TEMPLATE |
|
|
|
gradle_cache: |
|
|
|
folder: "~/.gradle/caches" |
|
|
|
fingerprint_script: find -type f \( -name "*.gradle*" -or -name "gradle*.properties" \) -exec cat {} + |
|
|
|
|
|
|
|
jar_cache_template: &JAR_CACHE_TEMPLATE |
|
|
|
jar_cache: |
|
|
|
folder: "**/build/libs/*.jar" |
|
|
|
fingerprint_key: jar-cache_$CIRRUS_BUILD_ID |
|
|
|
|
|
|
|
eslint_report_cache_template: &ESLINT_REPORT_CACHE_TEMPLATE |
|
|
|
eslint_report_cache: |
|
|
|
folders: |
|
|
|
- server/sonar-web/eslint-report/ |
|
|
|
- private/core-extension-securityreport/eslint-report/ |
|
|
|
- private/core-extension-license/eslint-report/ |
|
|
|
- private/core-extension-enterprise-server/eslint-report/ |
|
|
|
- private/core-extension-developer-server/eslint-report/ |
|
|
|
fingerprint_script: echo $CIRRUS_BUILD_ID |
|
|
|
|
|
|
|
jest_report_cache_template: &JEST_REPORT_CACHE_TEMPLATE |
|
|
|
jest_report_cache: |
|
|
|
folders: |
|
|
|
- server/sonar-web/coverage/ |
|
|
|
- private/core-extension-securityreport/coverage/ |
|
|
|
- private/core-extension-license/coverage/ |
|
|
|
- private/core-extension-enterprise-server/coverage/ |
|
|
|
- private/core-extension-developer-server/coverage/ |
|
|
|
fingerprint_script: echo $CIRRUS_BUILD_ID |
|
|
|
|
|
|
|
junit_report_cache_template: &JUNIT_REPORT_CACHE_TEMPLATE |
|
|
|
junit_report_cache: |
|
|
|
folders: |
|
|
|
- "**/reports/jacoco" |
|
|
|
- "**/test-results/test" |
|
|
|
fingerprint_script: echo $CIRRUS_BUILD_ID |
|
|
|
|
|
|
|
default_template: &DEFAULT_TEMPLATE |
|
|
|
<<: *SKIP_PUBLIC_BRANCHES_TEMPLATE |
|
|
|
clone_script: | |
|
|
|
git init |
|
|
|
git remote add origin https://x-access-token:${CIRRUS_REPO_CLONE_TOKEN}@github.com/${CIRRUS_REPO_FULL_NAME}.git |
|
|
|
git fetch origin $CIRRUS_CHANGE_IN_REPO $FETCH_DEPTH |
|
|
|
git reset --hard $CIRRUS_CHANGE_IN_REPO |
|
|
|
env: |
|
|
|
FETCH_DEPTH: --depth=1 |
|
|
|
|
|
|
|
build_task: |
|
|
|
<<: *DEFAULT_TEMPLATE |
|
|
|
<<: *GRADLE_CACHE_TEMPLATE |
|
|
|
<<: *YARN_CACHE_TEMPLATE |
|
|
|
<<: *JAR_CACHE_TEMPLATE |
|
|
|
eks_container: |
|
|
|
<<: *CONTAINER_TEMPLATE |
|
|
|
cpu: 7.5 |
|
|
|
memory: 8Gb |
|
|
|
elasticsearch_distribution_cache: |
|
|
|
folder: sonar-application/build/elasticsearch-**.tar.gz |
|
|
|
script: |
|
|
|
- ./private/cirrus/cirrus-build.sh |
|
|
|
<<: *DEFAULT_ARTIFACTS_TEMPLATE |
|
|
|
|
|
|
|
publish_task: |
|
|
|
<<: *DEFAULT_TEMPLATE |
|
|
|
<<: *GRADLE_CACHE_TEMPLATE |
|
|
|
<<: *BUILD_DEPENDANT_TASK_TEMPLATE |
|
|
|
eks_container: |
|
|
|
<<: *CONTAINER_TEMPLATE |
|
|
|
cpu: 4 |
|
|
|
memory: 4Gb |
|
|
|
env: |
|
|
|
ORG_GRADLE_PROJECT_signingKey: VAULT[development/kv/data/sign data.key] |
|
|
|
ORG_GRADLE_PROJECT_signingPassword: VAULT[development/kv/data/sign data.passphrase] |
|
|
|
ORG_GRADLE_PROJECT_signingKeyId: VAULT[development/kv/data/sign data.key_id] |
|
|
|
script: |
|
|
|
- ./private/cirrus/cirrus-publish.sh |
|
|
|
|
|
|
|
yarn_lint_task: |
|
|
|
<<: *DEFAULT_TEMPLATE |
|
|
|
<<: *GRADLE_CACHE_TEMPLATE |
|
|
|
<<: *YARN_CACHE_TEMPLATE |
|
|
|
<<: *ESLINT_REPORT_CACHE_TEMPLATE |
|
|
|
eks_container: |
|
|
|
<<: *CONTAINER_TEMPLATE |
|
|
|
cpu: 3 |
|
|
|
memory: 6Gb |
|
|
|
script: |
|
|
|
- ./private/cirrus/cirrus-yarn-lint-report.sh |
|
|
|
<<: *DEFAULT_ARTIFACTS_TEMPLATE |
|
|
|
|
|
|
|
yarn_check_task: |
|
|
|
<<: *DEFAULT_TEMPLATE |
|
|
|
<<: *GRADLE_CACHE_TEMPLATE |
|
|
|
<<: *YARN_CACHE_TEMPLATE |
|
|
|
eks_container: |
|
|
|
<<: *CONTAINER_TEMPLATE |
|
|
|
cpu: 3 |
|
|
|
memory: 4Gb |
|
|
|
script: | |
|
|
|
./private/cirrus/cirrus-env.sh YARN |
|
|
|
gradle yarn_check-ci --profile |
|
|
|
<<: *DEFAULT_ARTIFACTS_TEMPLATE |
|
|
|
|
|
|
|
yarn_validate_task: |
|
|
|
<<: *DEFAULT_TEMPLATE |
|
|
|
<<: *GRADLE_CACHE_TEMPLATE |
|
|
|
<<: *YARN_CACHE_TEMPLATE |
|
|
|
<<: *JEST_REPORT_CACHE_TEMPLATE |
|
|
|
eks_container: |
|
|
|
<<: *CONTAINER_TEMPLATE |
|
|
|
cpu: 7.5 |
|
|
|
memory: 20Gb |
|
|
|
script: |
|
|
|
- ./private/cirrus/cirrus-yarn-validate-ci.sh |
|
|
|
<<: *DEFAULT_ARTIFACTS_TEMPLATE |
|
|
|
|
|
|
|
junit_task: |
|
|
|
<<: *DEFAULT_TEMPLATE |
|
|
|
<<: *GRADLE_CACHE_TEMPLATE |
|
|
|
<<: *JUNIT_REPORT_CACHE_TEMPLATE |
|
|
|
eks_container: |
|
|
|
<<: *CONTAINER_TEMPLATE |
|
|
|
cpu: 7.5 |
|
|
|
memory: 10Gb |
|
|
|
script: |
|
|
|
- ./private/cirrus/cirrus-junit.sh |
|
|
|
<<: *DEFAULT_ARTIFACTS_TEMPLATE |
|
|
|
|
|
|
|
sq_analysis_task: |
|
|
|
<<: *SKIP_PUBLIC_BRANCHES_TEMPLATE |
|
|
|
<<: *EXCEPT_ON_NIGHTLY_TASK_TEMPLATE |
|
|
|
<<: *GRADLE_CACHE_TEMPLATE |
|
|
|
<<: *YARN_CACHE_TEMPLATE |
|
|
|
<<: *JEST_REPORT_CACHE_TEMPLATE |
|
|
|
<<: *ESLINT_REPORT_CACHE_TEMPLATE |
|
|
|
<<: *JUNIT_REPORT_CACHE_TEMPLATE |
|
|
|
depends_on: |
|
|
|
- yarn_validate |
|
|
|
- yarn_lint |
|
|
|
- junit |
|
|
|
eks_container: |
|
|
|
<<: *CONTAINER_TEMPLATE |
|
|
|
cpu: 7.5 |
|
|
|
memory: 15Gb |
|
|
|
script: |
|
|
|
- ./private/cirrus/cirrus-sq-analysis.sh |
|
|
|
<<: *DEFAULT_ARTIFACTS_TEMPLATE |
|
|
|
|
|
|
|
qa_task: |
|
|
|
<<: *DEFAULT_TEMPLATE |
|
|
|
<<: *BUILD_DEPENDANT_TASK_TEMPLATE |
|
|
|
<<: *GRADLE_CACHE_TEMPLATE |
|
|
|
<<: *JAR_CACHE_TEMPLATE |
|
|
|
eks_container: |
|
|
|
<<: *CONTAINER_TEMPLATE |
|
|
|
cpu: 3 |
|
|
|
memory: 7Gb |
|
|
|
additional_containers: |
|
|
|
- <<: *POSTGRES_ADDITIONAL_CONTAINER_TEMPLATE |
|
|
|
env: |
|
|
|
matrix: |
|
|
|
# QA name should not exceed 13 characters to be properly reported on wallboard by burgr |
|
|
|
# QA name cannot contain "_" |
|
|
|
- QA_CATEGORY: Cat1 |
|
|
|
- QA_CATEGORY: Cat2 |
|
|
|
- QA_CATEGORY: Cat3 |
|
|
|
- QA_CATEGORY: Cat4 |
|
|
|
- QA_CATEGORY: Cat5 |
|
|
|
- QA_CATEGORY: Cat6 |
|
|
|
- QA_CATEGORY: Analysis |
|
|
|
- QA_CATEGORY: Authorization |
|
|
|
- QA_CATEGORY: Auth |
|
|
|
- QA_CATEGORY: Branch1 |
|
|
|
- QA_CATEGORY: Branch2 |
|
|
|
- QA_CATEGORY: CE1 |
|
|
|
- QA_CATEGORY: CE2 |
|
|
|
- QA_CATEGORY: ComputeEngine |
|
|
|
- QA_CATEGORY: DE1 |
|
|
|
- QA_CATEGORY: DE2 |
|
|
|
- QA_CATEGORY: EE1 |
|
|
|
- QA_CATEGORY: EE2 |
|
|
|
- QA_CATEGORY: Issues1 |
|
|
|
- QA_CATEGORY: Issues2 |
|
|
|
- QA_CATEGORY: License1 |
|
|
|
- QA_CATEGORY: License2 |
|
|
|
- QA_CATEGORY: Plugins |
|
|
|
- QA_CATEGORY: Project |
|
|
|
- QA_CATEGORY: QP |
|
|
|
- QA_CATEGORY: Upgrade |
|
|
|
script: |
|
|
|
- ./private/cirrus/cirrus-qa.sh postgres |
|
|
|
<<: *DEFAULT_ARTIFACTS_TEMPLATE |
|
|
|
|
|
|
|
task: #bitbucket |
|
|
|
<<: *DEFAULT_TEMPLATE |
|
|
|
<<: *BUILD_DEPENDANT_TASK_TEMPLATE |
|
|
|
<<: *JAR_CACHE_TEMPLATE |
|
|
|
<<: *GRADLE_CACHE_TEMPLATE |
|
|
|
eks_container: |
|
|
|
<<: *CONTAINER_TEMPLATE |
|
|
|
cpu: 3 |
|
|
|
memory: 10Gb |
|
|
|
additional_containers: |
|
|
|
- <<: *POSTGRES_ADDITIONAL_CONTAINER_TEMPLATE |
|
|
|
maven_cache: |
|
|
|
folder: ~/.m2 |
|
|
|
env: |
|
|
|
QA_CATEGORY: BITBUCKET |
|
|
|
matrix: |
|
|
|
- name: qa_bb_5.15.0 |
|
|
|
bitbucket_background_script: ./private/cirrus/cirrus-start-bitbucket.sh 5.15.0 |
|
|
|
- name: qa_bb_latest |
|
|
|
bitbucket_background_script: ./private/cirrus/cirrus-start-bitbucket.sh LATEST |
|
|
|
wait_for_bitbucket_to_boot_script: secs=3600; endTime=$(( $(date +%s) + secs )); while [[ "$(curl -s -o /dev/null -w ''%{http_code}'' localhost:7990/bitbucket/status)" != "200" ]] || [ $(date +%s) -gt $endTime ]; do sleep 5; done |
|
|
|
script: |
|
|
|
- ./private/cirrus/cirrus-qa.sh postgres |
|
|
|
<<: *DEFAULT_ARTIFACTS_TEMPLATE |
|
|
|
|
|
|
|
qa_bb_cloud_task: |
|
|
|
<<: *DEFAULT_TEMPLATE |
|
|
|
<<: *BUILD_DEPENDANT_TASK_TEMPLATE |
|
|
|
<<: *JAR_CACHE_TEMPLATE |
|
|
|
<<: *GRADLE_CACHE_TEMPLATE |
|
|
|
eks_container: |
|
|
|
<<: *CONTAINER_TEMPLATE |
|
|
|
cpu: 2.4 |
|
|
|
memory: 5Gb |
|
|
|
env: |
|
|
|
QA_CATEGORY: BITBUCKET_CLOUD |
|
|
|
BBC_CLIENT_ID: VAULT[development/team/sonarqube/kv/data/bitbucket-cloud data.client_id] |
|
|
|
BBC_CLIENT_SECRET: VAULT[development/team/sonarqube/kv/data/bitbucket-cloud data.client_secret] |
|
|
|
BBC_USERNAME: VAULT[development/kv/data/bitbucket/sonarqube-its data.username] |
|
|
|
BBC_READ_REPOS_APP_PASSWORD: VAULT[development/kv/data/bitbucket/sonarqube-its data.password] |
|
|
|
script: |
|
|
|
- ./private/cirrus/cirrus-qa.sh h2 |
|
|
|
<<: *DEFAULT_ARTIFACTS_TEMPLATE |
|
|
|
|
|
|
|
qa_ha_cluster_task: |
|
|
|
<<: *DEFAULT_TEMPLATE |
|
|
|
<<: *BUILD_DEPENDANT_TASK_TEMPLATE |
|
|
|
<<: *MASTER_OR_NIGHTLY_OR_MAINTENANCE_TASK_TEMPLATE |
|
|
|
<<: *JAR_CACHE_TEMPLATE |
|
|
|
<<: *GRADLE_CACHE_TEMPLATE |
|
|
|
eks_container: |
|
|
|
<<: *CONTAINER_TEMPLATE |
|
|
|
cpu: 2.4 |
|
|
|
memory: 10Gb |
|
|
|
additional_containers: |
|
|
|
- <<: *POSTGRES_ADDITIONAL_CONTAINER_TEMPLATE |
|
|
|
env: |
|
|
|
QA_CATEGORY: HA_CLUSTER |
|
|
|
script: |
|
|
|
- ./private/cirrus/cirrus-qa.sh postgres |
|
|
|
<<: *DEFAULT_ARTIFACTS_TEMPLATE |
|
|
|
|
|
|
|
qa_ha_elasticsearch_task: |
|
|
|
<<: *DEFAULT_TEMPLATE |
|
|
|
<<: *BUILD_DEPENDANT_TASK_TEMPLATE |
|
|
|
<<: *MASTER_OR_NIGHTLY_OR_MAINTENANCE_TASK_TEMPLATE |
|
|
|
<<: *JAR_CACHE_TEMPLATE |
|
|
|
<<: *GRADLE_CACHE_TEMPLATE |
|
|
|
eks_container: |
|
|
|
<<: *CONTAINER_TEMPLATE |
|
|
|
cpu: 2.4 |
|
|
|
memory: 10Gb |
|
|
|
additional_containers: |
|
|
|
- <<: *POSTGRES_ADDITIONAL_CONTAINER_TEMPLATE |
|
|
|
env: |
|
|
|
QA_CATEGORY: HA_ELASTICSEARCH |
|
|
|
script: |
|
|
|
- ./private/cirrus/cirrus-qa.sh postgres |
|
|
|
<<: *DEFAULT_ARTIFACTS_TEMPLATE |
|
|
|
|
|
|
|
# GitLab QA is executed in a dedicated task in order to not slow down the pipeline, as a GitLab on-prem server docker image is required. |
|
|
|
qa_gitlab_task: |
|
|
|
<<: *DEFAULT_TEMPLATE |
|
|
|
<<: *JAR_CACHE_TEMPLATE |
|
|
|
<<: *GRADLE_CACHE_TEMPLATE |
|
|
|
depends_on: |
|
|
|
- build |
|
|
|
env: |
|
|
|
QA_CATEGORY: GITLAB |
|
|
|
matrix: |
|
|
|
- name: qa_gitlab_latest |
|
|
|
env: |
|
|
|
- GITLAB_VERSION: latest |
|
|
|
- name: qa_gitlab_oldest |
|
|
|
env: |
|
|
|
- GITLAB_VERSION: 15.6.2-ce.0 |
|
|
|
eks_container: |
|
|
|
<<: *CONTAINER_TEMPLATE |
|
|
|
cpu: 2.4 |
|
|
|
memory: 5Gb |
|
|
|
use_in_memory_disk: true |
|
|
|
additional_containers: |
|
|
|
- name: gitlab |
|
|
|
ports: |
|
|
|
- 80 |
|
|
|
- 443 |
|
|
|
cpu: 2 |
|
|
|
memory: 8Gb |
|
|
|
image: ${CIRRUS_AWS_ACCOUNT}.dkr.ecr.eu-central-1.amazonaws.com/gitlab:${GITLAB_VERSION} |
|
|
|
env: |
|
|
|
- GITLAB_POST_RECONFIGURE_SCRIPT: |- |
|
|
|
{ cat >/tmp/setup.rb <<-'EOF' |
|
|
|
token = User.find_by_username('root').personal_access_tokens.create(scopes: [:api], name: 'token'); |
|
|
|
token.set_token('token-here-456'); |
|
|
|
token.expires_at = Date.today+10.day |
|
|
|
token.save!; |
|
|
|
token_read = User.find_by_username('root').personal_access_tokens.create(scopes: [:read_user], name: 'token_read'); |
|
|
|
token_read.set_token('token-read-123'); |
|
|
|
token_read.expires_at = Date.today+10.day |
|
|
|
token_read.save!; |
|
|
|
user = User.find_by_username('root'); |
|
|
|
user.password = 'eng-YTU1ydh6kyt7tjd'; |
|
|
|
user.password_confirmation = 'eng-YTU1ydh6kyt7tjd'; |
|
|
|
user.save!; |
|
|
|
EOF |
|
|
|
} && gitlab-rails runner /tmp/setup.rb && \ |
|
|
|
echo 'from_file "/etc/gitlab/external_gitlab.rb"' >> /etc/gitlab/gitlab.rb && \ |
|
|
|
gitlab-ctl reconfigure |
|
|
|
script: |
|
|
|
- ./private/cirrus/cirrus-qa.sh h2 |
|
|
|
<<: *DEFAULT_ARTIFACTS_TEMPLATE |
|
|
|
|
|
|
|
qa_gitlab_cloud_task: |
|
|
|
<<: *DEFAULT_TEMPLATE |
|
|
|
<<: *BUILD_DEPENDANT_TASK_TEMPLATE |
|
|
|
<<: *JAR_CACHE_TEMPLATE |
|
|
|
<<: *GRADLE_CACHE_TEMPLATE |
|
|
|
eks_container: |
|
|
|
<<: *CONTAINER_TEMPLATE |
|
|
|
cpu: 2.4 |
|
|
|
memory: 5Gb |
|
|
|
use_in_memory_disk: true |
|
|
|
env: |
|
|
|
QA_CATEGORY: GITLAB_CLOUD |
|
|
|
GITLAB_API_TOKEN: VAULT[development/team/sonarqube/kv/data/gitlab-cloud data.api_token] |
|
|
|
GITLAB_READ_ONLY_TOKEN: VAULT[development/team/sonarqube/kv/data/gitlab-cloud data.api_token_ro] |
|
|
|
GITLAB_ADMIN_USERNAME: VAULT[development/team/sonarqube/kv/data/gitlab-cloud data.username] |
|
|
|
GITLAB_ADMIN_PASSWORD: VAULT[development/team/sonarqube/kv/data/gitlab-cloud data.password] |
|
|
|
script: |
|
|
|
- ./private/cirrus/cirrus-qa.sh h2 |
|
|
|
<<: *DEFAULT_ARTIFACTS_TEMPLATE |
|
|
|
|
|
|
|
# Azure QA is executed in a dedicated task in order to not slow down the pipeline. |
|
|
|
qa_azure_task: |
|
|
|
<<: *DEFAULT_TEMPLATE |
|
|
|
<<: *BUILD_DEPENDANT_TASK_TEMPLATE |
|
|
|
<<: *JAR_CACHE_TEMPLATE |
|
|
|
<<: *GRADLE_CACHE_TEMPLATE |
|
|
|
eks_container: |
|
|
|
<<: *CONTAINER_TEMPLATE |
|
|
|
cpu: 2.4 |
|
|
|
memory: 5Gb |
|
|
|
env: |
|
|
|
QA_CATEGORY: AZURE |
|
|
|
AZURE_USERNAME_LOGIN: VAULT[development/team/sonarqube/kv/data/azure-instance data.username] |
|
|
|
AZURE_CODE_READ_AND_WRITE_TOKEN: VAULT[development/team/sonarqube/kv/data/azure-instance data.token_code_read_write] |
|
|
|
AZURE_FULL_ACCESS_TOKEN: VAULT[development/team/sonarqube/kv/data/azure-instance data.token_full_access] |
|
|
|
script: |
|
|
|
- ./private/cirrus/cirrus-qa.sh h2 |
|
|
|
<<: *DEFAULT_ARTIFACTS_TEMPLATE |
|
|
|
|
|
|
|
qa_github_task: |
|
|
|
<<: *DEFAULT_TEMPLATE |
|
|
|
<<: *BUILD_DEPENDANT_TASK_TEMPLATE |
|
|
|
<<: *GITHUB_TASK_TEMPLATE |
|
|
|
<<: *JAR_CACHE_TEMPLATE |
|
|
|
<<: *GRADLE_CACHE_TEMPLATE |
|
|
|
eks_container: |
|
|
|
<<: *CONTAINER_TEMPLATE |
|
|
|
cpu: 2.4 |
|
|
|
memory: 5Gb |
|
|
|
env: |
|
|
|
QA_CATEGORY: GITHUB |
|
|
|
GITHUB_COM_CODE_SCANNING_ALERTS_TECHNICAL_USER_USERNAME: QA-task |
|
|
|
GITHUB_COM_CODE_SCANNING_ALERTS_TECHNICAL_USER_TOKEN: VAULT[development/github/token/SonarSource-sonar-enterprise-code-scanning token] |
|
|
|
script: |
|
|
|
- ./private/cirrus/cirrus-qa.sh h2 |
|
|
|
<<: *DEFAULT_ARTIFACTS_TEMPLATE |
|
|
|
|
|
|
|
# SAML QA is executed in a dedicated task in order to not slow down the pipeline, as a Keycloak server docker image is required. |
|
|
|
qa_saml_task: |
|
|
|
<<: *DEFAULT_TEMPLATE |
|
|
|
<<: *BUILD_DEPENDANT_TASK_TEMPLATE |
|
|
|
<<: *SAML_TASK_TEMPLATE |
|
|
|
<<: *JAR_CACHE_TEMPLATE |
|
|
|
<<: *GRADLE_CACHE_TEMPLATE |
|
|
|
eks_container: |
|
|
|
<<: *CONTAINER_TEMPLATE |
|
|
|
cpu: 2.4 |
|
|
|
memory: 10Gb |
|
|
|
additional_containers: |
|
|
|
- name: keycloak |
|
|
|
image: quay.io/keycloak/keycloak:17.0.1 |
|
|
|
port: 8080 |
|
|
|
cpu: 1 |
|
|
|
memory: 1Gb |
|
|
|
command: "/opt/keycloak/bin/kc.sh start-dev --http-relative-path /auth" |
|
|
|
env: |
|
|
|
KEYCLOAK_ADMIN: admin |
|
|
|
KEYCLOAK_ADMIN_PASSWORD: admin |
|
|
|
env: |
|
|
|
QA_CATEGORY: SAML |
|
|
|
script: |
|
|
|
- ./private/cirrus/cirrus-qa.sh h2 |
|
|
|
<<: *DEFAULT_ARTIFACTS_TEMPLATE |
|
|
|
|
|
|
|
# LDAP QA is executed in a dedicated task in order to not slow down the pipeline, as a LDAP server and SonarQube server are re-started on each test. |
|
|
|
qa_ldap_task: |
|
|
|
<<: *DEFAULT_TEMPLATE |
|
|
|
<<: *BUILD_DEPENDANT_TASK_TEMPLATE |
|
|
|
<<: *LDAP_TASK_TEMPLATE |
|
|
|
<<: *JAR_CACHE_TEMPLATE |
|
|
|
<<: *GRADLE_CACHE_TEMPLATE |
|
|
|
eks_container: |
|
|
|
<<: *CONTAINER_TEMPLATE |
|
|
|
cpu: 2.4 |
|
|
|
memory: 10Gb |
|
|
|
env: |
|
|
|
QA_CATEGORY: LDAP |
|
|
|
script: |
|
|
|
- ./private/cirrus/cirrus-qa.sh h2 |
|
|
|
<<: *DEFAULT_ARTIFACTS_TEMPLATE |
|
|
|
|
|
|
|
promote_task: |
|
|
|
<<: *DEFAULT_TEMPLATE |
|
|
|
depends_on: |
|
|
|
- build |
|
|
|
- sq_analysis |
|
|
|
- qa |
|
|
|
- qa_saml |
|
|
|
- qa_ldap |
|
|
|
- publish |
|
|
|
eks_container: |
|
|
|
<<: *CONTAINER_TEMPLATE |
|
|
|
memory: 512M |
|
|
|
stateful: true |
|
|
|
script: |
|
|
|
- ./private/cirrus/cirrus-promote.sh |
|
|
|
|
|
|
|
package_docker_task: |
|
|
|
<<: *DEFAULT_TEMPLATE |
|
|
|
depends_on: promote |
|
|
|
only_if: $CIRRUS_BRANCH == $BRANCH_MAIN |
|
|
|
ec2_instance: |
|
|
|
<<: *VM_TEMPLATE |
|
|
|
clone_script: | |
|
|
|
git clone --recursive --branch=$CIRRUS_BRANCH https://x-access-token:${CIRRUS_REPO_CLONE_TOKEN}@github.com/${CIRRUS_REPO_FULL_NAME}.git $CIRRUS_WORKING_DIR --depth=1 |
|
|
|
git fetch origin $CIRRUS_CHANGE_IN_REPO --depth=1 |
|
|
|
git reset --hard $CIRRUS_CHANGE_IN_REPO |
|
|
|
install_tooling_script: |
|
|
|
- ./private/cirrus/cirrus-tooling-for-package-docker.sh |
|
|
|
package_script: |
|
|
|
- ./private/cirrus/cirrus-package-docker.sh |
|
|
|
|
|
|
|
sql_mssql_task: |
|
|
|
<<: *DEFAULT_TEMPLATE |
|
|
|
<<: *BUILD_DEPENDANT_TASK_TEMPLATE |
|
|
|
<<: *DATABASE_RELATED_TASK_TEMPLATE |
|
|
|
<<: *GRADLE_CACHE_TEMPLATE |
|
|
|
eks_container: |
|
|
|
<<: *CONTAINER_TEMPLATE |
|
|
|
memory: 5Gb |
|
|
|
additional_containers: |
|
|
|
- name: mssql |
|
|
|
image: mcr.microsoft.com/mssql/server:2019-GA-ubuntu-16.04 |
|
|
|
port: 1433 |
|
|
|
cpu: 2 |
|
|
|
memory: 5Gb |
|
|
|
env: |
|
|
|
MSSQL_PID: Developer # this is the default edition |
|
|
|
ACCEPT_EULA: Y |
|
|
|
SA_PASSWORD: sonarqube!1 |
|
|
|
script: |
|
|
|
- ./private/cirrus/cirrus-db-unit-test.sh mssql |
|
|
|
<<: *DEFAULT_ARTIFACTS_TEMPLATE |
|
|
|
|
|
|
|
sql_postgres_task: |
|
|
|
<<: *DEFAULT_TEMPLATE |
|
|
|
<<: *BUILD_DEPENDANT_TASK_TEMPLATE |
|
|
|
<<: *DATABASE_RELATED_TASK_TEMPLATE |
|
|
|
<<: *GRADLE_CACHE_TEMPLATE |
|
|
|
eks_container: |
|
|
|
<<: *CONTAINER_TEMPLATE |
|
|
|
memory: 5Gb |
|
|
|
additional_containers: |
|
|
|
- <<: *POSTGRES_ADDITIONAL_CONTAINER_TEMPLATE |
|
|
|
script: |
|
|
|
- ./private/cirrus/cirrus-db-unit-test.sh postgres |
|
|
|
<<: *DEFAULT_ARTIFACTS_TEMPLATE |
|
|
|
|
|
|
|
# this is the oldest compatible version of PostgreSQL |
|
|
|
sql_postgres11_task: |
|
|
|
<<: *DEFAULT_TEMPLATE |
|
|
|
<<: *BUILD_DEPENDANT_TASK_TEMPLATE |
|
|
|
<<: *DATABASE_RELATED_TASK_TEMPLATE |
|
|
|
<<: *GRADLE_CACHE_TEMPLATE |
|
|
|
eks_container: |
|
|
|
<<: *CONTAINER_TEMPLATE |
|
|
|
memory: 5Gb |
|
|
|
additional_containers: |
|
|
|
- <<: *POSTGRES_ADDITIONAL_CONTAINER_TEMPLATE |
|
|
|
image: public.ecr.aws/docker/library/postgres:11 |
|
|
|
script: |
|
|
|
- ./private/cirrus/cirrus-db-unit-test.sh postgres |
|
|
|
<<: *DEFAULT_ARTIFACTS_TEMPLATE |
|
|
|
|
|
|
|
sql_oracle21_task: |
|
|
|
<<: *DEFAULT_TEMPLATE |
|
|
|
<<: *BUILD_DEPENDANT_TASK_TEMPLATE |
|
|
|
<<: *DATABASE_RELATED_TASK_TEMPLATE |
|
|
|
<<: *GRADLE_CACHE_TEMPLATE |
|
|
|
eks_container: |
|
|
|
<<: *CONTAINER_TEMPLATE |
|
|
|
memory: 5Gb |
|
|
|
additional_containers: |
|
|
|
- <<: *ORACLE_ADDITIONAL_CONTAINER_TEMPLATE |
|
|
|
script: |
|
|
|
- ./private/cirrus/cirrus-db-unit-test.sh oracle21 |
|
|
|
<<: *DEFAULT_ARTIFACTS_TEMPLATE |
|
|
|
|
|
|
|
upgd_mssql_task: |
|
|
|
<<: *DEFAULT_TEMPLATE |
|
|
|
<<: *BUILD_DEPENDANT_TASK_TEMPLATE |
|
|
|
<<: *DATABASE_RELATED_TASK_TEMPLATE |
|
|
|
<<: *JAR_CACHE_TEMPLATE |
|
|
|
<<: *GRADLE_CACHE_TEMPLATE |
|
|
|
eks_container: |
|
|
|
<<: *CONTAINER_TEMPLATE |
|
|
|
cpu: 1.5 |
|
|
|
memory: 6Gb |
|
|
|
additional_containers: |
|
|
|
- name: mssql |
|
|
|
image: mcr.microsoft.com/mssql/server:2022-latest |
|
|
|
port: 1433 |
|
|
|
cpu: 2 |
|
|
|
memory: 5Gb |
|
|
|
env: |
|
|
|
MSSQL_PID: Developer # this is the default edition |
|
|
|
ACCEPT_EULA: Y |
|
|
|
SA_PASSWORD: sonarqube!1 |
|
|
|
env: |
|
|
|
QA_CATEGORY: Upgrade |
|
|
|
script: |
|
|
|
- ./private/cirrus/cirrus-qa.sh mssql |
|
|
|
<<: *DEFAULT_ARTIFACTS_TEMPLATE |
|
|
|
|
|
|
|
upgd_oracle21_task: |
|
|
|
<<: *DEFAULT_TEMPLATE |
|
|
|
<<: *BUILD_DEPENDANT_TASK_TEMPLATE |
|
|
|
<<: *DATABASE_RELATED_TASK_TEMPLATE |
|
|
|
<<: *JAR_CACHE_TEMPLATE |
|
|
|
<<: *GRADLE_CACHE_TEMPLATE |
|
|
|
eks_container: |
|
|
|
<<: *CONTAINER_TEMPLATE |
|
|
|
cpu: 1.5 |
|
|
|
memory: 6Gb |
|
|
|
additional_containers: |
|
|
|
- <<: *ORACLE_ADDITIONAL_CONTAINER_TEMPLATE |
|
|
|
env: |
|
|
|
QA_CATEGORY: Upgrade |
|
|
|
script: |
|
|
|
- ./private/cirrus/cirrus-qa.sh oracle21 |
|
|
|
<<: *DEFAULT_ARTIFACTS_TEMPLATE |
|
|
|
|
|
|
|
mend_scan_task: |
|
|
|
<<: *DEFAULT_TEMPLATE |
|
|
|
<<: *BUILD_DEPENDANT_TASK_TEMPLATE |
|
|
|
only_if: >- |
|
|
|
$CIRRUS_BRANCH == $BRANCH_MAIN || ($CIRRUS_BRANCH =~ $BRANCH_PATTERN_MAINTENANCE && $CIRRUS_BRANCH != $BRANCH_NIGHTLY) |
|
|
|
<<: *YARN_CACHE_TEMPLATE |
|
|
|
<<: *GRADLE_CACHE_TEMPLATE |
|
|
|
timeout_in: 30m |
|
|
|
eks_container: |
|
|
|
<<: *CONTAINER_TEMPLATE |
|
|
|
cpu: 2 |
|
|
|
memory: 4Gb |
|
|
|
env: |
|
|
|
WS_APIKEY: VAULT[development/kv/data/mend data.apikey] |
|
|
|
WS_WSS_URL: VAULT[development/kv/data/mend data.url] |
|
|
|
WS_USERKEY: VAULT[development/kv/data/mend data.userKey] |
|
|
|
SLACK_WEBHOOK_SQ: VAULT[development/kv/data/slack data.webhook] |
|
|
|
mend_script: |
|
|
|
- ./private/cirrus/cirrus-mend-scan.sh |
|
|
|
allow_failures: "true" |
|
|
|
on_failure: |
|
|
|
slack_notification_script: |
|
|
|
- ./private/cirrus/cirrus-mend-notifications.sh |
|
|
|
always: |
|
|
|
ws_artifacts: |
|
|
|
path: "whitesource/**/*" |