mirrors
/
sonarqube
mirror of https://github.com/SonarSource/sonarqube.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 237 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
34731 Commits
59 Branches
Tree: 6cb1c5332f
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '6cb1c5332f'
${ noResults }
sonarqube/.cirrus.yml

.cirrus.yml 26KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781 
  1. env:

  2.   GRADLE_OPTS: -Dorg.gradle.jvmargs="-XX:+PrintFlagsFinal -XshowSettings:vm -XX:+HeapDumpOnOutOfMemoryError -XX:+UnlockExperimentalVMOptions -Djava.security.egd=file:/dev/./urandom -Dfile.encoding=UTF8 -Duser.language=en -Duser.country=US"

  3.   # to be replaced by other credentials

  4.   ARTIFACTORY_PRIVATE_USERNAME: vault-${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-private-reader

  5.   ARTIFACTORY_PRIVATE_PASSWORD: VAULT[development/artifactory/token/${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-private-reader access_token]

  6.   ARTIFACTORY_DEPLOY_USERNAME: vault-${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-qa-deployer

  7.   ARTIFACTORY_DEPLOY_PASSWORD: VAULT[development/artifactory/token/${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-qa-deployer access_token]

  8.   ARTIFACTORY_ACCESS_TOKEN: VAULT[development/artifactory/token/${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-private-reader access_token]

  9.   ARTIFACTORY_PROMOTE_ACCESS_TOKEN: VAULT[development/artifactory/token/${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-promoter access_token]

  10.   # download licenses for testing commercial editions

  11.   GITHUB_TOKEN: VAULT[development/github/token/licenses-ro token]

  12.   # notifications to burgr

  13.   BURGR_URL: VAULT[development/kv/data/burgr data.url]

  14.   BURGR_USERNAME: VAULT[development/kv/data/burgr data.cirrus_username]

  15.   BURGR_PASSWORD: VAULT[development/kv/data/burgr data.cirrus_password]

  16.   # analysis on next.sonarqube.com

  17.   SONARQUBE_NEXT_TOKEN: VAULT[development/kv/data/next data.token]

  18.   # to trigger docs deployment

  19.   ELASTIC_PWD: VAULT[development/team/sonarqube/kv/data/elasticsearch-cloud data.password]

  20.   CIRRUS_LOG_TIMESTAMP: true

  21.   BRANCH_MAIN: "master"

  22.   BRANCH_NIGHTLY: "branch-nightly-build"

  23.   BRANCH_PATTERN_MAINTENANCE: "branch-.*"

  24.   BRANCH_PATTERN_PUBLIC: "public_.*"

  25. 

  26. auto_cancellation: $CIRRUS_BRANCH != $BRANCH_MAIN && $CIRRUS_BRANCH !=~ $BRANCH_PATTERN_MAINTENANCE

  27. 

  28. skip_public_branches_template: &SKIP_PUBLIC_BRANCHES_TEMPLATE

  29.   skip: $CIRRUS_BRANCH =~ $BRANCH_PATTERN_PUBLIC

  30. 

  31. cache_dependencies_dependant_task_template:

  32.   &CACHE_DEPENDENCIES_DEPENDANT_TASK_TEMPLATE

  33.   depends_on: cache_dependencies

  34. 

  35. build_dependant_task_template: &BUILD_DEPENDANT_TASK_TEMPLATE

  36.   depends_on: build

  37. 

  38. master_and_nightly_task_template: &MASTER_AND_NIGHTLY_TASK_TEMPLATE

  39.   only_if: $CIRRUS_BRANCH == $BRANCH_NIGHTLY || $CIRRUS_BRANCH == $BRANCH_MAIN

  40. 

  41. master_or_nightly_or_maintenance_task_template:

  42.   &MASTER_OR_NIGHTLY_OR_MAINTENANCE_TASK_TEMPLATE

  43.   only_if: $CIRRUS_BRANCH == $BRANCH_NIGHTLY || $CIRRUS_BRANCH == $BRANCH_MAIN || $CIRRUS_BRANCH =~ $BRANCH_PATTERN_MAINTENANCE

  44. 

  45. except_nightly_task_template: &EXCEPT_ON_NIGHTLY_TASK_TEMPLATE

  46.   only_if: $CIRRUS_BRANCH != $BRANCH_NIGHTLY

  47. 

  48. database_related_task_template: &DATABASE_RELATED_TASK_TEMPLATE

  49.   only_if: >-

  50.     $CIRRUS_BRANCH == $BRANCH_MAIN || $CIRRUS_BRANCH =~ $BRANCH_PATTERN_MAINTENANCE || $CIRRUS_BRANCH == $BRANCH_NIGHTLY ||

  51.     changesInclude('server/sonar-db-dao/**/*Mapper.xml', 'server/sonar-db-migration/**/DbVersion*.java', 'server/sonar-db-dao/**/*Dao.java', 'server/sonar-db-core/src/main/java/org/sonar/db/*.java')

  52. 

  53. saml_task_template: &SAML_TASK_TEMPLATE

  54.   only_if: >-

  55.     $CIRRUS_BRANCH == $BRANCH_MAIN || $CIRRUS_BRANCH =~ $BRANCH_PATTERN_MAINTENANCE || $CIRRUS_BRANCH == $BRANCH_NIGHTLY ||

  56.     changesInclude('server/sonar-auth-saml/src/main/java/**/*.java', 'server/sonar-auth-saml/src/main/resources/**/*', 'server/sonar-db-dao/src/main/**/SAML*.java', 'private/it-core/src/test/java/org/sonarqube/tests/saml/*.java', 'server/sonar-webserver-webapi/src/main/java/org/sonar/server/saml/**/*.java')

  57. 

  58. ldap_task_template: &LDAP_TASK_TEMPLATE

  59.   only_if: >-

  60.     $CIRRUS_BRANCH == $BRANCH_MAIN || $CIRRUS_BRANCH =~ $BRANCH_PATTERN_MAINTENANCE || $CIRRUS_BRANCH == $BRANCH_NIGHTLY ||

  61.     changesInclude('server/sonar-auth-ldap/src/main/java/**/*.java', 'server/sonar-webserver-auth/src/main/java/org/sonar/server/authentication/LdapCredentialsAuthentication.java', 'private/it-core/src/test/java/org/sonarqube/tests/ldap/*.java')

  62. 

  63. github_task_template: &GITHUB_TASK_TEMPLATE

  64.   only_if: >-

  65.     $CIRRUS_BRANCH == $BRANCH_MAIN || $CIRRUS_BRANCH =~ $BRANCH_PATTERN_MAINTENANCE || $CIRRUS_BRANCH == $BRANCH_NIGHTLY ||

  66.     changesInclude('private/core-extension-developer-server/src/main/java/com/sonarsource/branch/pr/github/**/*.java',

  67.     'private/core-extension-developer-server/src/main/java/com/sonarsource/github/**/*.java',

  68.     'private/it-branch/it-tests/src/test/java/com/sonarsource/branch/it/suite/pr/github/**/*.java')

  69. 

  70. gitlab_task_template: &GITLAB_TASK_TEMPLATE

  71.   only_if: >-

  72.     $CIRRUS_BRANCH == $BRANCH_MAIN || $CIRRUS_BRANCH =~ $BRANCH_PATTERN_MAINTENANCE || $CIRRUS_BRANCH == $BRANCH_NIGHTLY ||

  73.     changesInclude('private/core-extension-developer-server/src/main/java/com/sonarsource/branch/pr/gitlab/**/*.java', 'private/it-branch/it-tests/src/test/java/com/sonarsource/branch/it/suite/pr/gitlab/**/*.java')

  74. 

  75. azure_task_template: &AZURE_TASK_TEMPLATE

  76.   only_if: >-

  77.     $CIRRUS_BRANCH == $BRANCH_MAIN || $CIRRUS_BRANCH =~ $BRANCH_PATTERN_MAINTENANCE || $CIRRUS_BRANCH == $BRANCH_NIGHTLY ||

  78.     changesInclude('private/core-extension-developer-server/src/main/java/com/sonarsource/branch/pr/azuredevops/**/*.java', 'private/it-branch/it-tests/src/test/java/com/sonarsource/branch/it/suite/pr/azure/**/*.java')

  79. 

  80. bitbucket_server_task_template: &BITBUCKET_SERVER_TASK_TEMPLATE

  81.   only_if: >-

  82.     $CIRRUS_BRANCH == $BRANCH_MAIN || $CIRRUS_BRANCH =~ $BRANCH_PATTERN_MAINTENANCE || $CIRRUS_BRANCH == $BRANCH_NIGHTLY ||

  83.     changesInclude('private/core-extension-developer-server/src/main/java/com/sonarsource/branch/pr/bitbucketserver/**/*.java', 'private/it-branch/it-tests/src/test/java/com/sonarsource/branch/it/suite/pr/bitbucketserver/**/*.java')

  84. 

  85. bitbucket_cloud_task_template: &BITBUCKET_CLOUD_TASK_TEMPLATE

  86.   only_if: >-

  87.     $CIRRUS_BRANCH == $BRANCH_MAIN || $CIRRUS_BRANCH =~ $BRANCH_PATTERN_MAINTENANCE || $CIRRUS_BRANCH == $BRANCH_NIGHTLY ||

  88.     changesInclude('private/core-extension-developer-server/src/main/java/com/sonarsource/branch/pr/bitbucket/**/*.java', 'private/it-branch/it-tests/src/test/java/com/sonarsource/branch/it/suite/pr/bitbucketcloud/**/*.java')

  89. 

  90. docker_build_container_template: &CONTAINER_TEMPLATE

  91.   region: eu-central-1

  92.   cluster_name: ${CIRRUS_CLUSTER_NAME}

  93.   namespace: default

  94.   builder_subnet_id: ${CIRRUS_AWS_SUBNET}

  95.   builder_role: cirrus-builder

  96.   builder_image: docker-builder-v*

  97.   builder_instance_type: t2.small

  98.   dockerfile: private/docker/Dockerfile-build

  99.   docker_arguments:

  100.     CIRRUS_AWS_ACCOUNT: ${CIRRUS_AWS_ACCOUNT}

  101.   cpu: 1

  102.   memory: 2Gb

  103. 

  104. vm_instance_template: &VM_TEMPLATE

  105.   experimental: true # see https://github.com/cirruslabs/cirrus-ci-docs/issues/1051

  106.   image: docker-builder-v*

  107.   type: t2.small

  108.   region: eu-central-1

  109.   subnet_id: ${CIRRUS_AWS_SUBNET}

  110.   disk: 10

  111.   cpu: 4

  112.   memory: 8G

  113. 

  114. oracle_additional_container_template: &ORACLE_ADDITIONAL_CONTAINER_TEMPLATE

  115.   name: oracle

  116.   image: gvenzl/oracle-xe:21-faststart

  117.   port: 1521

  118.   cpu: 2

  119.   memory: 5Gb

  120.   env:

  121.     ORACLE_PASSWORD: sonarqube

  122.     APP_USER: sonarqube

  123.     APP_USER_PASSWORD: sonarqube

  124. 

  125. postgres_additional_container_template: &POSTGRES_ADDITIONAL_CONTAINER_TEMPLATE

  126.   name: postgres

  127.   image: public.ecr.aws/docker/library/postgres:15

  128.   port: 5432

  129.   cpu: 1

  130.   memory: 1Gb

  131.   env:

  132.     POSTGRES_USER: postgres

  133.     POSTGRES_PASSWORD: postgres

  134. 

  135. default_artifact_template: &DEFAULT_ARTIFACTS_TEMPLATE

  136.   on_failure:

  137.     jest_junit_cleanup_script: >

  138.       find . -type f -wholename "**/build/test-results/test-jest/junit.xml" -exec

  139.       xmlstarlet edit --inplace --delete '//testsuite[@errors=0 and @failures=0]' {} \;

  140.     junit_artifacts:

  141.       path: "**/build/test-results/**/*.xml"

  142.       type: "text/xml"

  143.       format: junit

  144.     reports_artifacts:

  145.       path: "**/build/reports/**/*"

  146.     screenshots_artifacts:

  147.       path: "**/build/screenshots/**/*"

  148.   always:

  149.     profile_artifacts:

  150.       path: "**/build/reports/profile/**/*"

  151. 

  152. yarn_cache_template: &YARN_CACHE_TEMPLATE

  153.   yarn_cache:

  154.     folder: "~/.yarn/berry/cache"

  155.     fingerprint_script: |

  156.       cat \

  157.         server/sonar-web/yarn.lock \

  158.         private/core-extension-developer-server/yarn.lock \

  159.         private/core-extension-enterprise-server/yarn.lock \

  160.         private/core-extension-license/yarn.lock \

  161.         private/core-extension-securityreport/yarn.lock

  162. 

  163. gradle_cache_template: &GRADLE_CACHE_TEMPLATE

  164.   gradle_cache:

  165.     folder: "~/.gradle/caches"

  166.     fingerprint_script: find -type f \( -name "*.gradle*" -or -name "gradle*.properties" \) | sort | xargs cat

  167. 

  168. jar_cache_template: &JAR_CACHE_TEMPLATE

  169.   jar_cache:

  170.     folder: "**/build/libs/*.jar"

  171.     fingerprint_key: jar-cache_$CIRRUS_BUILD_ID

  172. 

  173. eslint_report_cache_template: &ESLINT_REPORT_CACHE_TEMPLATE

  174.   eslint_report_cache:

  175.     folders:

  176.       - server/sonar-web/eslint-report/

  177.       - server/sonar-web/design-system/eslint-report/

  178.       - private/core-extension-securityreport/eslint-report/

  179.       - private/core-extension-license/eslint-report/

  180.       - private/core-extension-enterprise-server/eslint-report/

  181.       - private/core-extension-developer-server/eslint-report/

  182.     fingerprint_script: echo $CIRRUS_BUILD_ID

  183. 

  184. jest_report_cache_template: &JEST_REPORT_CACHE_TEMPLATE

  185.   jest_report_cache:

  186.     folders:

  187.       - server/sonar-web/coverage/

  188.       - server/sonar-web/design-system/coverage/

  189.       - private/core-extension-securityreport/coverage/

  190.       - private/core-extension-license/coverage/

  191.       - private/core-extension-enterprise-server/coverage/

  192.       - private/core-extension-developer-server/coverage/

  193.     fingerprint_script: echo $CIRRUS_BUILD_ID

  194. 

  195. junit_report_cache_template: &JUNIT_REPORT_CACHE_TEMPLATE

  196.   junit_report_cache:

  197.     folders:

  198.       - "**/reports/jacoco"

  199.       - "**/test-results/test"

  200.     fingerprint_script: echo $CIRRUS_BUILD_ID

  201. 

  202. default_template: &DEFAULT_TEMPLATE

  203.   <<: *SKIP_PUBLIC_BRANCHES_TEMPLATE

  204.   clone_script: |

  205.     git init

  206.     git remote add origin https://x-access-token:${CIRRUS_REPO_CLONE_TOKEN}@github.com/${CIRRUS_REPO_FULL_NAME}.git

  207.     git fetch origin $CIRRUS_CHANGE_IN_REPO $FETCH_DEPTH

  208.     git reset --hard $CIRRUS_CHANGE_IN_REPO

  209.   env:

  210.     FETCH_DEPTH: --depth=1

  211. 

  212. cache_dependencies_task:

  213.   <<: *DEFAULT_TEMPLATE

  214.   <<: *GRADLE_CACHE_TEMPLATE

  215.   eks_container:

  216.     <<: *CONTAINER_TEMPLATE

  217.     cpu: 2

  218.     memory: 4Gb

  219.   script:

  220.     - ./private/cirrus/cirrus-cache-dependencies.sh

  221.   <<: *DEFAULT_ARTIFACTS_TEMPLATE

  222. 

  223. build_task:

  224.   <<: *DEFAULT_TEMPLATE

  225.   <<: *GRADLE_CACHE_TEMPLATE

  226.   <<: *YARN_CACHE_TEMPLATE

  227.   <<: *JAR_CACHE_TEMPLATE

  228.   <<: *CACHE_DEPENDENCIES_DEPENDANT_TASK_TEMPLATE

  229.   eks_container:

  230.     <<: *CONTAINER_TEMPLATE

  231.     cpu: 7.5

  232.     memory: 8Gb

  233.   script:

  234.     - ./private/cirrus/cirrus-build.sh

  235.   <<: *DEFAULT_ARTIFACTS_TEMPLATE

  236. 

  237. publish_task:

  238.   <<: *DEFAULT_TEMPLATE

  239.   <<: *GRADLE_CACHE_TEMPLATE

  240.   <<: *BUILD_DEPENDANT_TASK_TEMPLATE

  241.   eks_container:

  242.     <<: *CONTAINER_TEMPLATE

  243.     cpu: 4

  244.     memory: 4Gb

  245.   env:

  246.     ORG_GRADLE_PROJECT_signingKey: VAULT[development/kv/data/sign data.key]

  247.     ORG_GRADLE_PROJECT_signingPassword: VAULT[development/kv/data/sign data.passphrase]

  248.     ORG_GRADLE_PROJECT_signingKeyId: VAULT[development/kv/data/sign data.key_id]

  249.   script:

  250.     - ./private/cirrus/cirrus-publish.sh

  251. 

  252. yarn_lint_task:

  253.   <<: *DEFAULT_TEMPLATE

  254.   <<: *GRADLE_CACHE_TEMPLATE

  255.   <<: *YARN_CACHE_TEMPLATE

  256.   <<: *ESLINT_REPORT_CACHE_TEMPLATE

  257.   <<: *CACHE_DEPENDENCIES_DEPENDANT_TASK_TEMPLATE

  258.   eks_container:

  259.     <<: *CONTAINER_TEMPLATE

  260.     cpu: 3

  261.     memory: 6Gb

  262.   script:

  263.     - ./private/cirrus/cirrus-yarn-lint-report.sh

  264.   <<: *DEFAULT_ARTIFACTS_TEMPLATE

  265. 

  266. yarn_check_task:

  267.   <<: *DEFAULT_TEMPLATE

  268.   <<: *GRADLE_CACHE_TEMPLATE

  269.   <<: *YARN_CACHE_TEMPLATE

  270.   <<: *CACHE_DEPENDENCIES_DEPENDANT_TASK_TEMPLATE

  271.   eks_container:

  272.     <<: *CONTAINER_TEMPLATE

  273.     cpu: 3

  274.     memory: 4Gb

  275.   script: |

  276.     ./private/cirrus/cirrus-env.sh YARN

  277.     gradle yarn_check-ci --profile

  278.   <<: *DEFAULT_ARTIFACTS_TEMPLATE

  279. 

  280. yarn_validate_task:

  281.   <<: *DEFAULT_TEMPLATE

  282.   <<: *GRADLE_CACHE_TEMPLATE

  283.   <<: *YARN_CACHE_TEMPLATE

  284.   <<: *JEST_REPORT_CACHE_TEMPLATE

  285.   <<: *CACHE_DEPENDENCIES_DEPENDANT_TASK_TEMPLATE

  286.   eks_container:

  287.     <<: *CONTAINER_TEMPLATE

  288.     cpu: 7.5

  289.     memory: 25Gb

  290.   script:

  291.     - ./private/cirrus/cirrus-yarn-validate-ci.sh

  292.   <<: *DEFAULT_ARTIFACTS_TEMPLATE

  293. 

  294. junit_task:

  295.   <<: *DEFAULT_TEMPLATE

  296.   <<: *GRADLE_CACHE_TEMPLATE

  297.   <<: *JUNIT_REPORT_CACHE_TEMPLATE

  298.   <<: *CACHE_DEPENDENCIES_DEPENDANT_TASK_TEMPLATE

  299.   eks_container:

  300.     <<: *CONTAINER_TEMPLATE

  301.     cpu: 7.5

  302.     memory: 10Gb

  303.   script:

  304.     - ./private/cirrus/cirrus-junit.sh

  305.   <<: *DEFAULT_ARTIFACTS_TEMPLATE

  306. 

  307. sq_analysis_task:

  308.   <<: *SKIP_PUBLIC_BRANCHES_TEMPLATE

  309.   <<: *EXCEPT_ON_NIGHTLY_TASK_TEMPLATE

  310.   <<: *GRADLE_CACHE_TEMPLATE

  311.   <<: *YARN_CACHE_TEMPLATE

  312.   <<: *JEST_REPORT_CACHE_TEMPLATE

  313.   <<: *ESLINT_REPORT_CACHE_TEMPLATE

  314.   <<: *JUNIT_REPORT_CACHE_TEMPLATE

  315.   depends_on:

  316.     - yarn_validate

  317.     - yarn_lint

  318.     - junit

  319.   eks_container:

  320.     <<: *CONTAINER_TEMPLATE

  321.     cpu: 7.5

  322.     memory: 15Gb

  323.   script:

  324.     - ./private/cirrus/cirrus-sq-analysis.sh

  325.   <<: *DEFAULT_ARTIFACTS_TEMPLATE

  326. 

  327. qa_task:

  328.   <<: *DEFAULT_TEMPLATE

  329.   <<: *BUILD_DEPENDANT_TASK_TEMPLATE

  330.   <<: *CACHE_DEPENDENCIES_DEPENDANT_TASK_TEMPLATE

  331.   <<: *GRADLE_CACHE_TEMPLATE

  332.   <<: *JAR_CACHE_TEMPLATE

  333.   eks_container:

  334.     <<: *CONTAINER_TEMPLATE

  335.     cpu: 3

  336.     memory: 7Gb

  337.     additional_containers:

  338.       - <<: *POSTGRES_ADDITIONAL_CONTAINER_TEMPLATE

  339.   name: QA $QA_CATEGORY

  340.   alias: qa

  341.   env:

  342.     matrix:

  343.       # QA name should not exceed 13 characters to be properly reported on wallboard by burgr

  344.       # QA name cannot contain "_"

  345.       - QA_CATEGORY: Cat1

  346.       - QA_CATEGORY: Cat2

  347.       - QA_CATEGORY: Cat3

  348.       - QA_CATEGORY: Cat4

  349.       - QA_CATEGORY: Cat5

  350.       - QA_CATEGORY: Cat6

  351.       - QA_CATEGORY: Analysis

  352.       - QA_CATEGORY: Authorization

  353.       - QA_CATEGORY: Auth

  354.       - QA_CATEGORY: Branch1

  355.       - QA_CATEGORY: Branch2

  356.       - QA_CATEGORY: CE1

  357.       - QA_CATEGORY: CE2

  358.       - QA_CATEGORY: ComputeEngine

  359.       - QA_CATEGORY: DE1

  360.       - QA_CATEGORY: DE2

  361.       - QA_CATEGORY: EE1

  362.       - QA_CATEGORY: EE2

  363.       - QA_CATEGORY: Issues1

  364.       - QA_CATEGORY: Issues2

  365.       - QA_CATEGORY: License1

  366.       - QA_CATEGORY: License2

  367.       - QA_CATEGORY: Plugins

  368.       - QA_CATEGORY: Project

  369.       - QA_CATEGORY: QP

  370.       - QA_CATEGORY: Upgrade

  371.   script:

  372.     - ./private/cirrus/cirrus-qa.sh postgres

  373.   <<: *DEFAULT_ARTIFACTS_TEMPLATE

  374. 

  375. task: #bitbucket

  376.   <<: *DEFAULT_TEMPLATE

  377.   <<: *BUILD_DEPENDANT_TASK_TEMPLATE

  378.   <<: *JAR_CACHE_TEMPLATE

  379.   <<: *GRADLE_CACHE_TEMPLATE

  380.   <<: *BITBUCKET_SERVER_TASK_TEMPLATE

  381.   eks_container:

  382.     <<: *CONTAINER_TEMPLATE

  383.     cpu: 3

  384.     memory: 10Gb

  385.     additional_containers:

  386.       - <<: *POSTGRES_ADDITIONAL_CONTAINER_TEMPLATE

  387.   maven_cache:

  388.     folder: ~/.m2

  389.   env:

  390.     QA_CATEGORY: BITBUCKET

  391.   matrix:

  392.     - name: qa_bb_5.15.0

  393.       bitbucket_background_script: ./private/cirrus/cirrus-start-bitbucket.sh 5.15.0

  394.     - name: qa_bb_latest

  395.       bitbucket_background_script: ./private/cirrus/cirrus-start-bitbucket.sh LATEST

  396.   wait_for_bitbucket_to_boot_script: secs=3600; endTime=$(( $(date +%s) + secs )); while [[ "$(curl -s -o /dev/null -w ''%{http_code}'' localhost:7990/bitbucket/status)" != "200" ]] || [ $(date +%s) -gt $endTime ]; do sleep 5; done

  397.   script:

  398.     - ./private/cirrus/cirrus-qa.sh postgres

  399.   <<: *DEFAULT_ARTIFACTS_TEMPLATE

  400. 

  401. qa_bb_cloud_task:

  402.   <<: *DEFAULT_TEMPLATE

  403.   <<: *BUILD_DEPENDANT_TASK_TEMPLATE

  404.   <<: *JAR_CACHE_TEMPLATE

  405.   <<: *GRADLE_CACHE_TEMPLATE

  406.   <<: *BITBUCKET_CLOUD_TASK_TEMPLATE

  407.   eks_container:

  408.     <<: *CONTAINER_TEMPLATE

  409.     cpu: 2.4

  410.     memory: 7Gb

  411.   env:

  412.     QA_CATEGORY: BITBUCKET_CLOUD

  413.     BBC_CLIENT_ID: VAULT[development/team/sonarqube/kv/data/bitbucket-cloud data.client_id]

  414.     BBC_CLIENT_SECRET: VAULT[development/team/sonarqube/kv/data/bitbucket-cloud data.client_secret]

  415.     BBC_USERNAME: VAULT[development/kv/data/bitbucket/sonarqube-its data.username]

  416.     BBC_READ_REPOS_APP_PASSWORD: VAULT[development/kv/data/bitbucket/sonarqube-its data.password]

  417.   script:

  418.     - ./private/cirrus/cirrus-qa.sh h2

  419.   <<: *DEFAULT_ARTIFACTS_TEMPLATE

  420. 

  421. qa_ha_task:

  422.   <<: *DEFAULT_TEMPLATE

  423.   <<: *BUILD_DEPENDANT_TASK_TEMPLATE

  424.   <<: *MASTER_OR_NIGHTLY_OR_MAINTENANCE_TASK_TEMPLATE

  425.   <<: *JAR_CACHE_TEMPLATE

  426.   <<: *GRADLE_CACHE_TEMPLATE

  427.   eks_container:

  428.     <<: *CONTAINER_TEMPLATE

  429.     cpu: 2.4

  430.     memory: 10Gb

  431.     additional_containers:

  432.       - <<: *POSTGRES_ADDITIONAL_CONTAINER_TEMPLATE

  433.   env:

  434.     QA_CATEGORY: HA

  435.   script:

  436.     - ./private/cirrus/cirrus-qa.sh postgres

  437.   <<: *DEFAULT_ARTIFACTS_TEMPLATE

  438. 

  439. qa_performance_task:

  440.   <<: *DEFAULT_TEMPLATE

  441.   <<: *BUILD_DEPENDANT_TASK_TEMPLATE

  442.   <<: *MASTER_AND_NIGHTLY_TASK_TEMPLATE

  443.   <<: *JAR_CACHE_TEMPLATE

  444.   <<: *GRADLE_CACHE_TEMPLATE

  445.   eks_container:

  446.     <<: *CONTAINER_TEMPLATE

  447.     cpu: 2.4

  448.     memory: 10Gb

  449.     additional_containers:

  450.       - <<: *POSTGRES_ADDITIONAL_CONTAINER_TEMPLATE

  451.   env:

  452.     QA_CATEGORY: AnalysisPerformance

  453.   script:

  454.     - ./private/cirrus/cirrus-qa.sh postgres

  455.   <<: *DEFAULT_ARTIFACTS_TEMPLATE

  456. 

  457. # GitLab QA is executed in a dedicated task in order to not slow down the pipeline, as a GitLab on-prem server docker image is required.

  458. qa_gitlab_task:

  459.   <<: *DEFAULT_TEMPLATE

  460.   <<: *BUILD_DEPENDANT_TASK_TEMPLATE

  461.   <<: *JAR_CACHE_TEMPLATE

  462.   <<: *GRADLE_CACHE_TEMPLATE

  463.   <<: *GITLAB_TASK_TEMPLATE

  464.   depends_on:

  465.     - build

  466.   env:

  467.     QA_CATEGORY: GITLAB

  468.   matrix:

  469.     - name: qa_gitlab_latest

  470.       env:

  471.         - GITLAB_VERSION: latest

  472.     - name: qa_gitlab_oldest

  473.       env:

  474.         - GITLAB_VERSION: 15.6.2-ce.0

  475.   eks_container:

  476.     <<: *CONTAINER_TEMPLATE

  477.     cpu: 2.4

  478.     memory: 7Gb

  479.     use_in_memory_disk: true

  480.     additional_containers:

  481.       - name: gitlab

  482.         ports:

  483.           - 80

  484.           - 443

  485.         cpu: 2

  486.         memory: 8Gb

  487.         image: ${CIRRUS_AWS_ACCOUNT}.dkr.ecr.eu-central-1.amazonaws.com/gitlab:${GITLAB_VERSION}

  488.         env:

  489.           - GITLAB_POST_RECONFIGURE_SCRIPT: |-

  490.               { cat >/tmp/setup.rb <<-'EOF'

  491.                 token = User.find_by_username('root').personal_access_tokens.create(scopes: [:api], name: 'token');

  492.                 token.set_token('token-here-456');

  493.                 token.expires_at = Date.today+10.day

  494.                 token.save!;

  495.                 token_read = User.find_by_username('root').personal_access_tokens.create(scopes: [:read_user], name: 'token_read');

  496.                 token_read.set_token('token-read-123');

  497.                 token_read.expires_at = Date.today+10.day

  498.                 token_read.save!;

  499.                 user = User.find_by_username('root');

  500.                 user.password = 'eng-YTU1ydh6kyt7tjd';

  501.                 user.password_confirmation = 'eng-YTU1ydh6kyt7tjd';

  502.                 user.save!;

  503.               EOF

  504.               } && gitlab-rails runner /tmp/setup.rb && \

  505.               echo 'from_file "/etc/gitlab/external_gitlab.rb"' >> /etc/gitlab/gitlab.rb && \

  506.               gitlab-ctl reconfigure

  507.   script:

  508.     - ./private/cirrus/cirrus-qa.sh h2

  509.   <<: *DEFAULT_ARTIFACTS_TEMPLATE

  510. 

  511. qa_gitlab_cloud_task:

  512.   <<: *DEFAULT_TEMPLATE

  513.   <<: *BUILD_DEPENDANT_TASK_TEMPLATE

  514.   <<: *JAR_CACHE_TEMPLATE

  515.   <<: *GRADLE_CACHE_TEMPLATE

  516.   <<: *GITLAB_TASK_TEMPLATE

  517.   eks_container:

  518.     <<: *CONTAINER_TEMPLATE

  519.     cpu: 2.4

  520.     memory: 7Gb

  521.     use_in_memory_disk: true

  522.   env:

  523.     QA_CATEGORY: GITLAB_CLOUD

  524.     GITLAB_API_TOKEN: VAULT[development/team/sonarqube/kv/data/gitlab-cloud data.api_token]

  525.     GITLAB_READ_ONLY_TOKEN: VAULT[development/team/sonarqube/kv/data/gitlab-cloud data.api_token_ro]

  526.     GITLAB_ADMIN_USERNAME: VAULT[development/team/sonarqube/kv/data/gitlab-cloud data.username]

  527.     GITLAB_ADMIN_PASSWORD: VAULT[development/team/sonarqube/kv/data/gitlab-cloud data.password]

  528.   script:

  529.     - ./private/cirrus/cirrus-qa.sh h2

  530.   <<: *DEFAULT_ARTIFACTS_TEMPLATE

  531. 

  532. # Azure QA is executed in a dedicated task in order to not slow down the pipeline.

  533. qa_azure_task:

  534.   <<: *DEFAULT_TEMPLATE

  535.   <<: *BUILD_DEPENDANT_TASK_TEMPLATE

  536.   <<: *JAR_CACHE_TEMPLATE

  537.   <<: *GRADLE_CACHE_TEMPLATE

  538.   <<: *AZURE_TASK_TEMPLATE

  539.   eks_container:

  540.     <<: *CONTAINER_TEMPLATE

  541.     cpu: 2.4

  542.     memory: 7Gb

  543.   env:

  544.     QA_CATEGORY: AZURE

  545.     AZURE_USERNAME_LOGIN: VAULT[development/team/sonarqube/kv/data/azure-instance data.username]

  546.     AZURE_CODE_READ_AND_WRITE_TOKEN: VAULT[development/team/sonarqube/kv/data/azure-instance data.token_code_read_write]

  547.     AZURE_FULL_ACCESS_TOKEN: VAULT[development/team/sonarqube/kv/data/azure-instance data.token_full_access]

  548.   script:

  549.     - ./private/cirrus/cirrus-qa.sh h2

  550.   <<: *DEFAULT_ARTIFACTS_TEMPLATE

  551. 

  552. qa_github_task:

  553.   <<: *DEFAULT_TEMPLATE

  554.   <<: *BUILD_DEPENDANT_TASK_TEMPLATE

  555.   <<: *GITHUB_TASK_TEMPLATE

  556.   <<: *JAR_CACHE_TEMPLATE

  557.   <<: *GRADLE_CACHE_TEMPLATE

  558.   eks_container:

  559.     <<: *CONTAINER_TEMPLATE

  560.     cpu: 2.4

  561.     memory: 7Gb

  562.   env:

  563.     QA_CATEGORY: GITHUB

  564.     GITHUB_COM_CODE_SCANNING_ALERTS_TECHNICAL_USER_USERNAME: QA-task

  565.     GITHUB_COM_CODE_SCANNING_ALERTS_TECHNICAL_USER_TOKEN: VAULT[development/github/token/SonarSource-sonar-enterprise-code-scanning token]

  566.   script:

  567.     - ./private/cirrus/cirrus-qa.sh h2

  568.   <<: *DEFAULT_ARTIFACTS_TEMPLATE

  569. 

  570. # SAML QA is executed in a dedicated task in order to not slow down the pipeline, as a Keycloak server docker image is required.

  571. qa_saml_task:

  572.   <<: *DEFAULT_TEMPLATE

  573.   <<: *BUILD_DEPENDANT_TASK_TEMPLATE

  574.   <<: *SAML_TASK_TEMPLATE

  575.   <<: *JAR_CACHE_TEMPLATE

  576.   <<: *GRADLE_CACHE_TEMPLATE

  577.   eks_container:

  578.     <<: *CONTAINER_TEMPLATE

  579.     cpu: 2.4

  580.     memory: 10Gb

  581.     additional_containers:

  582.       - name: keycloak

  583.         image: quay.io/keycloak/keycloak:21.1.1

  584.         port: 8080

  585.         cpu: 1

  586.         memory: 1Gb

  587.         command: "/opt/keycloak/bin/kc.sh start-dev --http-relative-path /auth"

  588.         env:

  589.           KEYCLOAK_ADMIN: admin

  590.           KEYCLOAK_ADMIN_PASSWORD: admin

  591.   env:

  592.     QA_CATEGORY: SAML

  593.   script:

  594.     - ./private/cirrus/cirrus-qa.sh h2

  595.   <<: *DEFAULT_ARTIFACTS_TEMPLATE

  596. 

  597. # LDAP QA is executed in a dedicated task in order to not slow down the pipeline, as a LDAP server and SonarQube server are re-started on each test.

  598. qa_ldap_task:

  599.   <<: *DEFAULT_TEMPLATE

  600.   <<: *BUILD_DEPENDANT_TASK_TEMPLATE

  601.   <<: *LDAP_TASK_TEMPLATE

  602.   <<: *JAR_CACHE_TEMPLATE

  603.   <<: *GRADLE_CACHE_TEMPLATE

  604.   eks_container:

  605.     <<: *CONTAINER_TEMPLATE

  606.     cpu: 2.4

  607.     memory: 10Gb

  608.   env:

  609.     QA_CATEGORY: LDAP

  610.   script:

  611.     - ./private/cirrus/cirrus-qa.sh h2

  612.   <<: *DEFAULT_ARTIFACTS_TEMPLATE

  613. 

  614. promote_task:

  615.   <<: *DEFAULT_TEMPLATE

  616.   <<: *EXCEPT_ON_NIGHTLY_TASK_TEMPLATE

  617.   depends_on:

  618.     - build

  619.     - sq_analysis

  620.     - qa

  621.     - qa_saml

  622.     - qa_ldap

  623.     - publish

  624.   eks_container:

  625.     <<: *CONTAINER_TEMPLATE

  626.     memory: 512M

  627.   stateful: true

  628.   script:

  629.     - ./private/cirrus/cirrus-promote.sh

  630. 

  631. package_docker_task:

  632.   <<: *DEFAULT_TEMPLATE

  633.   depends_on: promote

  634.   only_if: $CIRRUS_BRANCH == $BRANCH_MAIN

  635.   ec2_instance:

  636.     <<: *VM_TEMPLATE

  637.   clone_script: |

  638.     git clone --recursive --branch=$CIRRUS_BRANCH https://x-access-token:${CIRRUS_REPO_CLONE_TOKEN}@github.com/${CIRRUS_REPO_FULL_NAME}.git $CIRRUS_WORKING_DIR --depth=1

  639.     git fetch origin $CIRRUS_CHANGE_IN_REPO --depth=1

  640.     git reset --hard $CIRRUS_CHANGE_IN_REPO

  641.   install_tooling_script:

  642.     - ./private/cirrus/cirrus-tooling-for-package-docker.sh

  643.   package_script:

  644.     - ./private/cirrus/cirrus-package-docker.sh

  645. 

  646. sql_mssql_task:

  647.   <<: *DEFAULT_TEMPLATE

  648.   <<: *BUILD_DEPENDANT_TASK_TEMPLATE

  649.   <<: *DATABASE_RELATED_TASK_TEMPLATE

  650.   <<: *GRADLE_CACHE_TEMPLATE

  651.   eks_container:

  652.     <<: *CONTAINER_TEMPLATE

  653.     memory: 5Gb

  654.     additional_containers:

  655.       - name: mssql

  656.         image: mcr.microsoft.com/mssql/server:2019-GA-ubuntu-16.04

  657.         port: 1433

  658.         cpu: 2

  659.         memory: 5Gb

  660.         env:

  661.           MSSQL_PID: Developer # this is the default edition

  662.           ACCEPT_EULA: Y

  663.           SA_PASSWORD: sonarqube!1

  664.   script:

  665.     - ./private/cirrus/cirrus-db-unit-test.sh mssql

  666.   <<: *DEFAULT_ARTIFACTS_TEMPLATE

  667. 

  668. sql_postgres_task:

  669.   <<: *DEFAULT_TEMPLATE

  670.   <<: *BUILD_DEPENDANT_TASK_TEMPLATE

  671.   <<: *DATABASE_RELATED_TASK_TEMPLATE

  672.   <<: *GRADLE_CACHE_TEMPLATE

  673.   eks_container:

  674.     <<: *CONTAINER_TEMPLATE

  675.     memory: 5Gb

  676.     additional_containers:

  677.       - <<: *POSTGRES_ADDITIONAL_CONTAINER_TEMPLATE

  678.   script:

  679.     - ./private/cirrus/cirrus-db-unit-test.sh postgres

  680.   <<: *DEFAULT_ARTIFACTS_TEMPLATE

  681. 

  682. # this is the oldest compatible version of PostgreSQL

  683. sql_postgres11_task:

  684.   <<: *DEFAULT_TEMPLATE

  685.   <<: *BUILD_DEPENDANT_TASK_TEMPLATE

  686.   <<: *DATABASE_RELATED_TASK_TEMPLATE

  687.   <<: *GRADLE_CACHE_TEMPLATE

  688.   eks_container:

  689.     <<: *CONTAINER_TEMPLATE

  690.     memory: 5Gb

  691.     additional_containers:

  692.       - <<: *POSTGRES_ADDITIONAL_CONTAINER_TEMPLATE

  693.         image: public.ecr.aws/docker/library/postgres:11

  694.   script:

  695.     - ./private/cirrus/cirrus-db-unit-test.sh postgres

  696.   <<: *DEFAULT_ARTIFACTS_TEMPLATE

  697. 

  698. sql_oracle21_task:

  699.   <<: *DEFAULT_TEMPLATE

  700.   <<: *BUILD_DEPENDANT_TASK_TEMPLATE

  701.   <<: *DATABASE_RELATED_TASK_TEMPLATE

  702.   <<: *GRADLE_CACHE_TEMPLATE

  703.   eks_container:

  704.     <<: *CONTAINER_TEMPLATE

  705.     memory: 5Gb

  706.     additional_containers:

  707.       - <<: *ORACLE_ADDITIONAL_CONTAINER_TEMPLATE

  708.   script:

  709.     - ./private/cirrus/cirrus-db-unit-test.sh oracle21

  710.   <<: *DEFAULT_ARTIFACTS_TEMPLATE

  711. 

  712. upgd_mssql_task:

  713.   <<: *DEFAULT_TEMPLATE

  714.   <<: *BUILD_DEPENDANT_TASK_TEMPLATE

  715.   <<: *DATABASE_RELATED_TASK_TEMPLATE

  716.   <<: *JAR_CACHE_TEMPLATE

  717.   <<: *GRADLE_CACHE_TEMPLATE

  718.   eks_container:

  719.     <<: *CONTAINER_TEMPLATE

  720.     cpu: 1.5

  721.     memory: 6Gb

  722.     additional_containers:

  723.       - name: mssql

  724.         image: mcr.microsoft.com/mssql/server:2022-latest

  725.         port: 1433

  726.         cpu: 2

  727.         memory: 5Gb

  728.         env:

  729.           MSSQL_PID: Developer # this is the default edition

  730.           ACCEPT_EULA: Y

  731.           SA_PASSWORD: sonarqube!1

  732.   env:

  733.     QA_CATEGORY: Upgrade

  734.   script:

  735.     - ./private/cirrus/cirrus-qa.sh mssql

  736.   <<: *DEFAULT_ARTIFACTS_TEMPLATE

  737. 

  738. upgd_oracle21_task:

  739.   <<: *DEFAULT_TEMPLATE

  740.   <<: *BUILD_DEPENDANT_TASK_TEMPLATE

  741.   <<: *DATABASE_RELATED_TASK_TEMPLATE

  742.   <<: *JAR_CACHE_TEMPLATE

  743.   <<: *GRADLE_CACHE_TEMPLATE

  744.   eks_container:

  745.     <<: *CONTAINER_TEMPLATE

  746.     cpu: 1.5

  747.     memory: 6Gb

  748.     additional_containers:

  749.       - <<: *ORACLE_ADDITIONAL_CONTAINER_TEMPLATE

  750.   env:

  751.     QA_CATEGORY: Upgrade

  752.   script:

  753.     - ./private/cirrus/cirrus-qa.sh oracle21

  754.   <<: *DEFAULT_ARTIFACTS_TEMPLATE

  755. 

  756. mend_scan_task:

  757.   <<: *DEFAULT_TEMPLATE

  758.   <<: *BUILD_DEPENDANT_TASK_TEMPLATE

  759.   only_if: >-

  760.     $CIRRUS_BRANCH == $BRANCH_MAIN || ($CIRRUS_BRANCH =~ $BRANCH_PATTERN_MAINTENANCE && $CIRRUS_BRANCH != $BRANCH_NIGHTLY)

  761.   <<: *YARN_CACHE_TEMPLATE

  762.   <<: *GRADLE_CACHE_TEMPLATE

  763.   timeout_in: 30m

  764.   eks_container:

  765.     <<: *CONTAINER_TEMPLATE

  766.     cpu: 2

  767.     memory: 4Gb

  768.   env:

  769.     WS_APIKEY: VAULT[development/kv/data/mend data.apikey]

  770.     WS_WSS_URL: VAULT[development/kv/data/mend data.url]

  771.     WS_USERKEY: VAULT[development/kv/data/mend data.userKey]

  772.     SLACK_WEBHOOK_SQ: VAULT[development/kv/data/slack data.webhook]

  773.   mend_script:

  774.     - ./private/cirrus/cirrus-mend-scan.sh

  775.   allow_failures: "true"

  776.   on_failure:

  777.     slack_notification_script:

  778.       - ./private/cirrus/cirrus-mend-notifications.sh

  779.   always:

  780.     ws_artifacts:

  781.       path: "whitesource/**/*"