mirrors
/
sonarqube
spegling av https://github.com/SonarSource/sonarqube.git
Bevaka 1
Stjärnmärk 0
Förgrening 0
Kod Ärenden 0 Släpp 237 Wiki Aktiviteter
Du kan inte välja fler än 25 ämnen Ämnen måste starta med en bokstav eller siffra, kan innehålla bindestreck ('-') och vara max 35 tecken långa.
28696 Incheckningar
59 Grenar
Träd: 10db03e556
Grenar Taggar
${ item.name }
Skapa branchen ${ searchTerm }
från '10db03e556'
${ noResults }
sonarqube/.cirrus.yml

.cirrus.yml 13KB
Blame Historik

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340 
  1. # content of service-account-credentials.json, used to access to Google Cloud Platform

  2. gcp_credentials: ENCRYPTED[ec86f04ec57d8a7f29ad6b84b41262c9d576abc533485754fdfdb24db103adf0d33ba4ba89a57d29d2549790be5abc72]

  3. 

  4. env:

  5.   GRADLE_OPTS: -Dorg.gradle.daemon=false -Dorg.gradle.jvmargs="-XX:+PrintFlagsFinal -XshowSettings:vm -XX:+HeapDumpOnOutOfMemoryError -XX:+UnlockExperimentalVMOptions -Djava.security.egd=file:/dev/./urandom -Dfile.encoding=UTF8 -Duser.language=en -Duser.country=US"

  6.   # to be replaced by other credentials

  7.   ARTIFACTORY_PRIVATE_USERNAME: ENCRYPTED[c0baa3376daa1e08d602435081d07653799cf34ab09ca92e575f3dc4176bc6cf2ebf87120e83f3aa6804f072013e8e2b]

  8.   ARTIFACTORY_PRIVATE_PASSWORD: ENCRYPTED[f13d32d218c3da8008114d2c8857b2956047fbdab2163bbf186b8b89f789f0efa7504f499749a59ad5988c14e5360353]

  9.   ARTIFACTORY_DEPLOY_USERNAME: public-qa-deployer

  10.   ARTIFACTORY_DEPLOY_PASSWORD: ENCRYPTED[9362d735843b21b375b6e19d91e0de5216e053e229e39e2ce33a0c866306e6e3f9b08db8a0e126ca5e986fea97e975fd]

  11.   ARTIFACTORY_DEPLOY_USERNAME_PRIVATE: private-qa-deployer

  12.   ARTIFACTORY_DEPLOY_PASSWORD_PRIVATE: ENCRYPTED[61769719e9b775afe103dbee22141eeaa0116b3332eafb993be2a5919ff7bf017cdc519afed07dc6cac8ebbc0846f191]

  13.   ARTIFACTORY_API_KEY: ENCRYPTED[d52910db749f2678f43084b18c849486d68fbc02c2f5489c7ee1085c395de9dc7575313a8b348bb5361a693dd782e07e]

  14.   # download licenses for testing commercial editions

  15.   GITHUB_TOKEN: ENCRYPTED[!f272985ea5b49b3cf9c414b98de6a8e9096be47bfcee52f33311ba3131a2af637c1b956f49585b7757dd84b7c030233a!]

  16.   # use a permanent GitHub access token to perform a clone (by default CirrusCI uses a temporary one)

  17.   CIRRUS_REPO_CLONE_TOKEN: ENCRYPTED[f20fee6519296187a473964e60afb08a1bbdc889a624fad0297b41a21d8697f8d2da4d2d245194ade630dcf46b4b581e]

  18.   # notifications to burgr

  19.   BURGR_URL: ENCRYPTED[06b8fcc9aaa4b495043aa08bc4450b89588902ad9a60cc8525f53d14810aff84558812e4b7eb01131dd64f33916ac941]

  20.   BURGR_USERNAME: ENCRYPTED[cf7bfb936025fb763013bbfef0ab5723c0d9b53f135d79af36f9defa933f4b5fc72842bd83a97ce9b614503c1b77e6da]

  21.   BURGR_PASSWORD: ENCRYPTED[bc554fc6a06c9f14cc9924cefad0a69e962a905b6d1609fc9357d458b45fc52ac74c960ad9c7382a0691433fa9dcd483]

  22.   # ops-jenkins credentials required to trigger docs deppoyment

  23.   OPS_JENKINS_URL: ENCRYPTED[00ea2b88c762e374c02a3d29a306cc1cf3ceb4b3d807bda2a601486e0d483fd67a556ef295830231390f45e7d512b54d]

  24.   OPS_JENKINS_USERNAME: ENCRYPTED[c778b1483a7ca000dc760ef731c2fbe1dc05a9af38f2a85206cfbcdf649e50715ca447ac291485d513aa9120b0c9abad]

  25.   OPS_JENKINS_PASSWORD: ENCRYPTED[a035a2826c3bc971288284a59bd00dda193d8a81e7809e08bf4ec59b68894c16f30095a567e65755240bb7f919c2e0bf]

  26.   # DOCS_JOB_TOKEN: token required to launch the deployment of documentation job on ops-jenkins (see private/cirrus/cirrus-trigger-deploy-docs.sh)

  27.   DOCS_JOB_TOKEN: ENCRYPTED[7771f76a0fc0038f9929c32d98588963c8dcda6148ba054f57358bc17faa109ac638134c89067f3bacc8933d2fa2c541]

  28.   # analysis on next.sonarqube.com

  29.   SONARQUBE_NEXT_TOKEN: ENCRYPTED[e3d98fa0ecceb015e9803d47f78c3040f5a710d678a631107635d69f650d4e53ecaf2e2334cc1fe0c47037ec915dcda0]

  30. 

  31. auto_cancellation: $CIRRUS_BRANCH != 'master' && $CIRRUS_BRANCH !=~ 'branch.*'

  32. 

  33. task_only_nightly_depending_on_build_template: &TASK_ONLY_NIGHTLY_DEPENDING_ON_BUILD_TEMPLATE

  34.   depends_on: build

  35.   # Comment the following line and commit with message "DO NOT MERGE" in order to run

  36.   # this task on your branch

  37.   only_if: $CIRRUS_BRANCH == "branch-nightly-build"

  38. 

  39. task_only_default_depending_on_build_template: &TASK_ONLY_DEFAUT_DEPENDING_ON_BUILD_TEMPLATE

  40.   depends_on: build

  41.   only_if: >-

  42.            $CIRRUS_BRANCH !=~ "dogfood/.*" &&

  43.            $CIRRUS_BRANCH != "public_master" &&

  44.            $CIRRUS_BRANCH != "branch-nightly-build" &&

  45.            $CIRRUS_CRON == ""

  46. 

  47. docker_build_container_template: &GKE_CONTAINER_TEMPLATE

  48.   dockerfile: private/docker/Dockerfile-build

  49.   builder_image_project: sonarqube-team

  50.   builder_image_name: docker-builder-v20200915

  51.   cluster_name: cirrus-ci-cluster

  52.   zone: us-central1-a

  53.   namespace: default

  54.   cpu: 1

  55.   memory: 1Gb

  56. 

  57. oracle_additional_container_template: &ORACLE_ADDITIONAL_CONTAINER_TEMPLATE

  58.   name: oracle

  59.   image: us.gcr.io/sonarqube-team/oracle12:0.0.1 # see https://github.com/SonarSource/vms/blob/master/docker/README.md#oracle-12c to build it

  60.   port: 1521

  61.   cpu: 2

  62.   memory: 5Gb

  63.   env:

  64.     ORACLE_PWD: sonarqube

  65. 

  66. postgres_additional_container_template: &POSTGRES_ADDITIONAL_CONTAINER_TEMPLATE

  67.   name: postgres

  68.   image: postgres:10.6

  69.   port: 5432

  70.   cpu: 1

  71.   memory: 1Gb

  72.   env:

  73.     POSTGRES_USER: postgres

  74.     POSTGRES_PASSWORD: postgres

  75. 

  76. reports_junit_on_failure_template: &REPORTS_JUNIT_ON_FAILURE_TEMPLATE

  77.   reports_artifacts:

  78.     path: "**/build/reports/**/*"

  79.   junit_artifacts:

  80.     path: "**/test-results/**/*.xml"

  81.     format: junit

  82. 

  83. screenshots_on_failure_template: &REPORTS_JUNIT_SCREENSHOTS_ON_FAILURE_TEMPLATE

  84.   <<: *REPORTS_JUNIT_ON_FAILURE_TEMPLATE

  85.   screenshots_artifacts:

  86.     path: "**/build/screenshots/**/*"

  87. 

  88. build_task:

  89.   only_if: >-

  90.            $CIRRUS_BRANCH !=~ "dogfood/.*" &&

  91.            $CIRRUS_BRANCH != "public_master" &&

  92.            $CIRRUS_CRON == ""

  93.   timeout_in: 90m

  94.   gke_container:

  95.     <<: *GKE_CONTAINER_TEMPLATE

  96.     cpu: 4

  97.     memory: 7Gb

  98.   gradle_cache:

  99.     folder: ~/.gradle/caches

  100.   env:

  101.     # No need to clone the full history.

  102.     # Depth of 1 is not enough because it would fail the build in case of consecutive pushes

  103.     # (example of error: "Hard resetting to c968ecaf7a1942dacecd78480b3751ac74d53c33...Failed to force reset to c968ecaf7a1942dacecd78480b3751ac74d53c33: object not found!")

  104.     CIRRUS_CLONE_DEPTH: 50

  105.   script:

  106.     - ./private/cirrus/cirrus-build.sh

  107.   cleanup_before_cache_script:

  108.     - ./private/cirrus/cleanup-gradle-cache.sh

  109.   on_failure:

  110.     reports_artifacts:

  111.       path: "**/build/reports/**/*"

  112. 

  113. deploy_docs_task:

  114.   depends_on: build

  115.   only_if: $CIRRUS_BRANCH == 'dogfood-on-next'

  116.   gke_container:

  117.     <<: *GKE_CONTAINER_TEMPLATE

  118.   env:

  119.     # No need to clone the full history.

  120.     # Depth of 1 is not enough because it would fail the build in case of consecutive pushes

  121.     # (example of error: "Hard resetting to c968ecaf7a1942dacecd78480b3751ac74d53c33...Failed to force reset to c968ecaf7a1942dacecd78480b3751ac74d53c33: object not found!")

  122.     CIRRUS_CLONE_DEPTH: 50

  123.   script:

  124.     - ./private/cirrus/cirrus-trigger-deploy-docs.sh

  125. 

  126. validate_task:

  127.   <<: *TASK_ONLY_DEFAUT_DEPENDING_ON_BUILD_TEMPLATE

  128.   timeout_in: 90m

  129.   gke_container:

  130.     <<: *GKE_CONTAINER_TEMPLATE

  131.     cpu: 2

  132.     memory: 9Gb

  133.     additional_containers:

  134.       - <<: *POSTGRES_ADDITIONAL_CONTAINER_TEMPLATE

  135.   gradle_cache:

  136.     folder: ~/.gradle/caches

  137.   script:

  138.     - ./private/cirrus/cirrus-validate.sh postgres106

  139.   cleanup_before_cache_script:

  140.     - ./private/cirrus/cleanup-gradle-cache.sh

  141.   on_failure:

  142.     <<: *REPORTS_JUNIT_ON_FAILURE_TEMPLATE

  143. 

  144. qa_task:

  145.   <<: *TASK_ONLY_DEFAUT_DEPENDING_ON_BUILD_TEMPLATE

  146.   gke_container:

  147.     <<: *GKE_CONTAINER_TEMPLATE

  148.     cpu: 3

  149.     memory: 7Gb

  150.     additional_containers:

  151.       - <<: *POSTGRES_ADDITIONAL_CONTAINER_TEMPLATE

  152.   env:

  153.     # No need to clone the full history.

  154.     # Depth of 1 is not enough because it would fail the build in case of consecutive pushes

  155.     # (example of error: "Hard resetting to c968ecaf7a1942dacecd78480b3751ac74d53c33...Failed to force reset to c968ecaf7a1942dacecd78480b3751ac74d53c33: object not found!")

  156.     CIRRUS_CLONE_DEPTH: 50

  157.     matrix:

  158.       QA_CATEGORY: Cat1

  159.       QA_CATEGORY: Cat2

  160.       QA_CATEGORY: Cat3

  161.       QA_CATEGORY: Cat4

  162.       QA_CATEGORY: Cat5

  163.       QA_CATEGORY: Cat6

  164.       QA_CATEGORY: Cat7

  165.       QA_CATEGORY: Gov

  166.       QA_CATEGORY: Billing

  167.       QA_CATEGORY: License

  168.       QA_CATEGORY: Branch

  169.       QA_CATEGORY: Upgrade

  170.       QA_CATEGORY: HA

  171.   gradle_cache:

  172.     folder: ~/.gradle/caches

  173.   script:

  174.     - ./private/cirrus/cirrus-qa.sh postgres106

  175.   cleanup_before_cache_script:

  176.     - ./private/cirrus/cleanup-gradle-cache.sh

  177.   on_failure:

  178.     <<: *REPORTS_JUNIT_SCREENSHOTS_ON_FAILURE_TEMPLATE

  179. 

  180. promote_task:

  181.   <<: *TASK_ONLY_DEFAUT_DEPENDING_ON_BUILD_TEMPLATE

  182.   depends_on:

  183.     - build

  184.     - validate

  185.     - qa

  186.   gke_container:

  187.     <<: *GKE_CONTAINER_TEMPLATE

  188.   stateful: true

  189.   env:

  190.     # No need to clone the full history.

  191.     # Depth of 1 is not enough because it would fail the build in case of consecutive pushes

  192.     # (example of error: "Hard resetting to c968ecaf7a1942dacecd78480b3751ac74d53c33...Failed to force reset to c968ecaf7a1942dacecd78480b3751ac74d53c33: object not found!")

  193.     CIRRUS_CLONE_DEPTH: 50

  194.   script:

  195.     - ./private/cirrus/cirrus-promote.sh

  196. 

  197. sql_mssql2017_task:

  198.   <<: *TASK_ONLY_NIGHTLY_DEPENDING_ON_BUILD_TEMPLATE

  199.   gke_container:

  200.     <<: *GKE_CONTAINER_TEMPLATE

  201.     memory: 5Gb

  202.     additional_containers:

  203.       - name: mssql

  204.         image: mcr.microsoft.com/mssql/server:2017-GA-ubuntu

  205.         port: 1433

  206.         cpu: 2

  207.         memory: 5Gb

  208.         env:

  209.           MSSQL_PID: Developer # this is the default edition

  210.           ACCEPT_EULA: Y

  211.           SA_PASSWORD: sonarqube!1

  212.   gradle_cache:

  213.     folder: ~/.gradle/caches

  214.   script:

  215.     - ./private/cirrus/cirrus-db-unit-test.sh mssql2017

  216.   cleanup_before_cache_script:

  217.     - ./private/cirrus/cleanup-gradle-cache.sh

  218.   on_failure:

  219.     <<: *REPORTS_JUNIT_ON_FAILURE_TEMPLATE

  220. 

  221. 

  222. # this is the oldest compatible version of PostgreSQL

  223. sql_postgres93_task:

  224.   <<: *TASK_ONLY_NIGHTLY_DEPENDING_ON_BUILD_TEMPLATE

  225.   gke_container:

  226.     <<: *GKE_CONTAINER_TEMPLATE

  227.     memory: 5Gb

  228.     additional_containers:

  229.       - <<: *POSTGRES_ADDITIONAL_CONTAINER_TEMPLATE

  230.         image: postgres:9.3

  231.   gradle_cache:

  232.     folder: ~/.gradle/caches

  233.   script:

  234.     - ./private/cirrus/cirrus-db-unit-test.sh postgres93

  235.   cleanup_before_cache_script:

  236.     - ./private/cirrus/cleanup-gradle-cache.sh

  237.   on_failure:

  238.     <<: *REPORTS_JUNIT_ON_FAILURE_TEMPLATE

  239. 

  240. sql_oracle12_task:

  241.   <<: *TASK_ONLY_NIGHTLY_DEPENDING_ON_BUILD_TEMPLATE

  242.   gke_container:

  243.     <<: *GKE_CONTAINER_TEMPLATE

  244.     memory: 5Gb

  245.     additional_containers:

  246.       - <<: *ORACLE_ADDITIONAL_CONTAINER_TEMPLATE

  247.   script:

  248.     - ./private/cirrus/cirrus-db-unit-test.sh oracle12

  249.   cleanup_before_cache_script:

  250.     - ./private/cirrus/cleanup-gradle-cache.sh

  251.   on_failure:

  252.     <<: *REPORTS_JUNIT_ON_FAILURE_TEMPLATE

  253. 

  254. upgd_mssql2017_task:

  255.   <<: *TASK_ONLY_NIGHTLY_DEPENDING_ON_BUILD_TEMPLATE

  256.   gke_container:

  257.     <<: *GKE_CONTAINER_TEMPLATE

  258.     cpu: 1.5

  259.     memory: 6Gb

  260.     additional_containers:

  261.       - name: mssql

  262.         image: mcr.microsoft.com/mssql/server:2017-GA-ubuntu

  263.         port: 1433

  264.         cpu: 2

  265.         memory: 5Gb

  266.         env:

  267.           MSSQL_PID: Developer # this is the default edition

  268.           ACCEPT_EULA: Y

  269.           SA_PASSWORD: sonarqube!1

  270.   env:

  271.     # No need to clone the full history.

  272.     # Depth of 1 is not enough because it would fail the build in case of consecutive pushes

  273.     # (example of error: "Hard resetting to c968ecaf7a1942dacecd78480b3751ac74d53c33...Failed to force reset to c968ecaf7a1942dacecd78480b3751ac74d53c33: object not found!")

  274.     CIRRUS_CLONE_DEPTH: 50

  275.     matrix:

  276.       QA_CATEGORY: Upgrade

  277.   gradle_cache:

  278.     folder: ~/.gradle/caches

  279.   script:

  280.     - ./private/cirrus/cirrus-qa.sh mssql2017

  281.   cleanup_before_cache_script:

  282.     - ./private/cirrus/cleanup-gradle-cache.sh

  283.   on_failure:

  284.     <<: *REPORTS_JUNIT_ON_FAILURE_TEMPLATE

  285. 

  286. 

  287. upgd_oracle12_task:

  288.   <<: *TASK_ONLY_NIGHTLY_DEPENDING_ON_BUILD_TEMPLATE

  289.   gke_container:

  290.     <<: *GKE_CONTAINER_TEMPLATE

  291.     cpu: 1.5

  292.     memory: 6Gb

  293.     additional_containers:

  294.       - <<: *ORACLE_ADDITIONAL_CONTAINER_TEMPLATE

  295.   env:

  296.     # No need to clone the full history.

  297.     # Depth of 1 is not enough because it would fail the build in case of consecutive pushes

  298.     # (example of error: "Hard resetting to c968ecaf7a1942dacecd78480b3751ac74d53c33...Failed to force reset to c968ecaf7a1942dacecd78480b3751ac74d53c33: object not found!")

  299.     CIRRUS_CLONE_DEPTH: 50

  300.     matrix:

  301.       QA_CATEGORY: Upgrade

  302.   gradle_cache:

  303.     folder: ~/.gradle/caches

  304.   script:

  305.     - ./private/cirrus/cirrus-qa.sh oracle12

  306.   cleanup_before_cache_script:

  307.     - ./private/cirrus/cleanup-gradle-cache.sh

  308.   on_failure:

  309.     <<: *REPORTS_JUNIT_ON_FAILURE_TEMPLATE

  310. 

  311. # Software Composition Analysis (SCA): check potential vulnerabilities in dependencies.

  312. # Note that license compliance of dependencies is not checked for now.

  313. owasp_check_task:

  314.   only_if: >-

  315.            $CIRRUS_CRON == "nightly" ||

  316.            $CIRRUS_CRON == "weekly-lts"

  317.   timeout_in: 30m

  318.   gke_container:

  319.     <<: *GKE_CONTAINER_TEMPLATE

  320.     cpu: 1.7

  321.     memory: 4Gb

  322.   environment:

  323.     # No need to clone the full history.

  324.     # Depth of 1 is not enough because it would fail the build in case of consecutive pushes

  325.     # (example of error: "Hard resetting to c968ecaf7a1942dacecd78480b3751ac74d53c33...Failed to force reset to c968ecaf7a1942dacecd78480b3751ac74d53c33: object not found!")

  326.     CIRRUS_CLONE_DEPTH: 50

  327.     SLACK_WEBHOOK_SQ: ENCRYPTED[dec8e4350cbea3b94d63098558bcb3ae9e79b71c2b6286fcfb9eb80c0953b6448b10f7271b07b5e75e52f362c25d7a8f]

  328.   nvd_cache:

  329.     # The NVD repository of vulnerabilities is big and should be cached so

  330.     # that consecutive runs download only changes, but not the whole repository.

  331.     folder: ~/.gradle/dependency-check-data

  332.     reupload_on_changes: true

  333.   script:

  334.     - gradle dependencyCheckAggregate

  335.   on_failure:

  336.     slack_notification_script:

  337.       - ./private/cirrus/cirrus-owasp-notification.sh

  338.   always:

  339.     reports_artifacts:

  340.       path: "build/reports/*"