sonarqube/build.gradle

buildscript {
  repositories {
    maven {
      url 'https://repox.jfrog.io/repox/plugins.gradle.org/'
    }
  }
  dependencies {
    // Ordered alphabeticly to avoid duplication
    classpath 'com.github.ben-manes:gradle-versions-plugin:0.21.0'
    classpath 'com.github.jengelman.gradle.plugins:shadow:5.0.0'
    classpath 'com.google.protobuf:protobuf-gradle-plugin:0.8.8'
    classpath 'com.moowork.gradle:gradle-node-plugin:1.2.0'
    classpath 'gradle.plugin.nl.javadude.gradle.plugins:license-gradle-plugin:0.14.0'
    classpath 'io.spring.gradle:dependency-management-plugin:1.0.4.RELEASE'
    classpath 'net.rdrei.android.buildtimetracker:gradle-plugin:0.11.0'
    classpath 'org.jfrog.buildinfo:build-info-extractor-gradle:4.7.5'
    classpath "org.owasp:dependency-check-gradle:4.0.2"
    classpath 'org.sonarsource.scanner.gradle:sonarqube-gradle-plugin:2.7.1'
  }
}

// display a summary of task durations at the end of the build
if (project.hasProperty('time-tracker')) {
  apply plugin: 'build-time-tracker'
  buildtimetracker {
    reporters {
      summary {
        ordered true
        threshold 1000
        barstyle 'ascii'
      }
    }
  }
}

// Analyze SonarQube with SonarQube!
ext.versionInSources = version
apply plugin: 'org.sonarqube'
sonarqube {
  properties {
    property 'sonar.projectName', projectTitle
    property 'sonar.projectVersion', versionInSources
    property 'sonar.buildString', version
  }
}


if (!JavaVersion.current().java11Compatible) {
  throw new GradleException("JDK 11+ is required to perform this build. It's currently " + System.getProperty("java.home") + ".")
}

allprojects {
  apply plugin: 'com.jfrog.artifactory'
  apply plugin: 'maven-publish'

  ext.buildNumber = System.getProperty("buildNumber")
  ext.versionWithoutBuildNumber = version
  // Replaces the version defined in sources, usually x.y-SNAPSHOT, by a version identifying the build.
  if (version.endsWith('-SNAPSHOT') && ext.buildNumber != null) {
    def versionSuffix = (version.toString().count('.') == 1 ? ".0.${ext.buildNumber}" : ".${ext.buildNumber}")
    version = version.replace('-SNAPSHOT', versionSuffix)
  }

  ext {
    release = project.hasProperty('release') && project.getProperty('release')
    official = project.hasProperty('official') && project.getProperty('official')
  }

  repositories {
    def repository = project.hasProperty('qa') ? 'sonarsource-qa' : 'sonarsource'
    maven {
      url "https://repox.jfrog.io/repox/${repository}"
      // The environment variables ARTIFACTORY_PRIVATE_USERNAME and ARTIFACTORY_PRIVATE_PASSWORD are used on QA env (Jenkins)
      // On local box, please add artifactoryUsername and artifactoryPassword to ~/.gradle/gradle.properties
      def artifactoryUsername = System.env.'ARTIFACTORY_PRIVATE_USERNAME' ?: (project.hasProperty('artifactoryUsername') ? project.getProperty('artifactoryUsername') : '')
      def artifactoryPassword = System.env.'ARTIFACTORY_PRIVATE_PASSWORD' ?: (project.hasProperty('artifactoryPassword') ? project.getProperty('artifactoryPassword') : '')
      if (artifactoryUsername && artifactoryPassword) {
        credentials {
          username artifactoryUsername
          password artifactoryPassword
        }
      }
    }
  }
}

subprojects {
  apply plugin: 'com.github.hierynomus.license'
  apply plugin: 'io.spring.dependency-management'
  apply plugin: 'jacoco'
  apply plugin: 'java'
  apply plugin: 'idea'
  apply plugin: 'org.owasp.dependencycheck'

  // do not deploy to Artifactory by default
  artifactoryPublish.skip = true

  ext {
    protobufVersion = '3.7.0'
  }

  sonarqube {
    properties {
      property 'sonar.moduleKey', project.group + ':' + project.name
    }
  }

  // Central place for definition dependency versions and exclusions.
  dependencyManagement {
    dependencies {
      // please keep this list alphabetically ordered
      dependencySet(group: 'ch.qos.logback', version: '1.2.3') {
        entry 'logback-access'
        entry 'logback-classic'
        entry 'logback-core'
      }
      dependency('commons-beanutils:commons-beanutils:1.8.3') {
        exclude 'commons-logging:commons-logging'
      }
      dependency 'commons-codec:commons-codec:1.12'
      dependency 'commons-dbutils:commons-dbutils:1.5'
      dependency 'commons-io:commons-io:2.6'
      dependency 'commons-lang:commons-lang:2.6'
      dependencySet(group: 'com.fasterxml.jackson.core', version: '2.9.8') {
        entry 'jackson-core'
        entry 'jackson-databind'
        entry 'jackson-annotations'
      }
      dependency 'com.eclipsesource.minimal-json:minimal-json:0.9.5'
      dependency 'com.github.kevinsawicki:http-request:5.4.1'
      dependency 'com.googlecode.java-diff-utils:diffutils:1.2'
      dependency('com.googlecode.json-simple:json-simple:1.1.1') {
        exclude 'junit:junit'
      }
      dependency 'com.google.code.findbugs:jsr305:3.0.2'
      dependency 'com.google.code.gson:gson:2.8.4'
      dependency 'com.google.guava:guava:18.0'
      dependency "com.google.protobuf:protobuf-java:${protobufVersion}"
      dependency 'com.h2database:h2:1.3.176'
      dependencySet(group: 'com.hazelcast', version: '3.8.6') {
        entry 'hazelcast'
        entry 'hazelcast-client'
      }
      dependency 'com.ibm.icu:icu4j:3.4.4'
      dependency 'com.microsoft.sqlserver:mssql-jdbc:7.2.2.jre11'
      dependency 'com.oracle.jdbc:ojdbc8:19.3'
      dependencySet(group: 'com.squareup.okhttp3', version: '3.14.2') {
        entry 'okhttp'
        entry 'mockwebserver'
      }
      dependency 'com.tngtech.java:junit-dataprovider:1.9.2'
      dependency 'info.picocli:picocli:3.6.1'
      dependency 'io.jsonwebtoken:jjwt-api:0.10.5'
      dependency 'io.jsonwebtoken:jjwt-impl:0.10.5'
      dependency 'io.jsonwebtoken:jjwt-jackson:0.10.5'
      dependency 'io.netty:netty-all:4.0.51.Final'
      dependency 'com.sun.mail:javax.mail:1.5.6'
      dependency 'javax.annotation:javax.annotation-api:1.3.1'
      dependency 'javax.servlet:javax.servlet-api:3.0.1'
      dependency 'javax.xml.bind:jaxb-api:2.3.0'
      dependency 'junit:junit:4.12'
      dependency 'net.jpountz.lz4:lz4:1.3.0'
      dependency 'net.lightbody.bmp:littleproxy:1.1.0-beta-bmp-17'
      dependency 'org.awaitility:awaitility:3.1.6'
      dependency 'org.apache.commons:commons-csv:1.4'
      dependency 'org.apache.commons:commons-email:1.5'
      dependency 'org.apache.commons:commons-dbcp2:2.5.0'
      dependency('org.apache.httpcomponents:httpclient:4.5.2'){
        exclude 'commons-logging:commons-logging'
      }
      // Be aware that Log4j is used by Elasticsearch client
      dependencySet(group: 'org.apache.logging.log4j', version: '2.8.2') {
        entry 'log4j-api'
        entry 'log4j-to-slf4j'
        entry 'log4j-core'
      }
      dependencySet(group: 'org.apache.tomcat.embed', version: '8.5.38') {
        entry 'tomcat-embed-core'
        entry('tomcat-embed-jasper') {
          exclude 'org.eclipse.jdt.core.compiler:ecj'
        }
      }
      dependency 'org.assertj:assertj-core:3.12.2'
      dependency 'org.assertj:assertj-guava:3.2.1'
      dependency('org.codehaus.sonar:sonar-channel:4.1') {
        exclude 'org.slf4j:slf4j-api'
      }
      dependency 'org.codehaus.sonar:sonar-classloader:1.0'
      dependency('org.codehaus.woodstox:woodstox-core-lgpl:4.4.0') {
        exclude 'javax.xml.stream:stax-api'
      }
      dependency 'org.codehaus.sonar.runner:sonar-runner-api:2.4'
      dependency('org.codehaus.sonar:sonar-squid:4.1') {
        exclude 'org.codehaus.sonar:sonar-check-api'
      }
      dependency('org.codehaus.staxmate:staxmate:2.0.1') {
        exclude 'org.codehaus.woodstox:stax2-api'
        exclude 'stax:stax-api'
        exclude 'org.codehaus.woodstox:woodstox-core-asl'
      }
      dependency('org.codehaus.woodstox:stax2-api:3.1.4') {
        exclude 'stax:stax-api'
      }
      dependency('org.dbunit:dbunit:2.4.5') {
        exclude 'commons-lang:commons-lang'
        exclude 'xerces:xmlParserAPIs'
        exclude 'xerces:xercesImpl'
      }
      dependencySet(group: 'org.eclipse.jetty', version: '9.4.6.v20170531') {
        entry 'jetty-proxy'
        entry 'jetty-server'
        entry 'jetty-servlet'
      }
      dependency('org.elasticsearch.client:transport:6.8.0') {
        exclude 'org.elasticsearch.plugin:lang-mustache-client'
        exclude 'commons-logging:commons-logging'
        exclude 'org.elasticsearch.plugin:reindex-client'
        exclude 'org.elasticsearch.plugin:rank-eval-client'
      }
      dependency 'org.elasticsearch:mocksocket:1.0'
      dependency 'org.codelibs.elasticsearch.module:analysis-common:6.8.0'
      dependency 'org.freemarker:freemarker:2.3.20'
      dependency 'org.hamcrest:hamcrest-all:1.3'
      dependency 'org.jsoup:jsoup:1.11.3'
      dependency 'org.mindrot:jbcrypt:0.4'
      dependency('org.mockito:mockito-core:2.22.0') {
        exclude 'org.hamcrest:hamcrest-core'
      }
      dependency 'org.mybatis:mybatis:3.5.1'
      dependency 'org.nanohttpd:nanohttpd:2.3.0'
      dependency 'org.picocontainer:picocontainer:2.15'
      dependencySet(group: 'org.slf4j', version: '1.7.25') {
        entry 'jcl-over-slf4j'
        entry 'jul-to-slf4j'
        entry 'log4j-over-slf4j'
        entry 'slf4j-api'
      }
      dependency 'org.postgresql:postgresql:42.2.5'
      dependency 'org.reflections:reflections:0.9.9'
      dependency 'org.simpleframework:simple:4.1.21'
      dependency 'org.sonarsource.orchestrator:sonar-orchestrator:3.26.0.2111'
      dependency 'org.sonarsource.update-center:sonar-update-center-common:1.18.0.487'
      dependency 'org.subethamail:subethasmtp:3.1.7'
      dependency 'org.yaml:snakeyaml:1.17'
      dependency 'xml-apis:xml-apis:1.4.01'  

      // please keep this list alphabetically ordered
    }
  }

  // global exclusions
  configurations.all {
    // do not conflict with com.sun.mail:javax.mail
    exclude group: 'javax.mail', module: 'mail'
  }

  tasks.withType(JavaCompile) {
    options.compilerArgs.addAll(['--release', '8'])
    options.encoding = 'UTF-8'
    // redudant, just for IDEs to set the correct language level
    sourceCompatibility = 1.8
    targetCompatibility = 1.8
  }

  tasks.withType(Javadoc) {
    options.addStringOption('Xdoclint:none', '-quiet')
    options.encoding = 'UTF-8'
    title = project.name + ' ' + versionWithoutBuildNumber
  }

  task sourcesJar(type: Jar, dependsOn: classes) {
    classifier = 'sources'
    from sourceSets.main.allSource
  }

  task javadocJar(type: Jar, dependsOn: javadoc) {
    classifier = 'javadoc'
    from javadoc.destinationDir
  }

  // generate code before opening project in IDE (Eclipse or Intellij)
  task ide() {
    // empty by default. Dependencies are added to the task
    // when needed (see protobuf modules for example)
  }

  jacocoTestReport {
    reports {
      xml.enabled true
      csv.enabled false
      html.enabled false
    }
  }

  normalization {
    runtimeClasspath {
      // Following classpath resources contain volatile data that changes in each CI build (build number, commit id, time),
      // so we exclude them from calculation of build cache key of test tasks:
      ignore 'META-INF/MANIFEST.MF'
      ignore 'sonar-api-version.txt'
      ignore 'sq-version.txt'
    }
  }
  test {
    jvmArgs '-Dfile.encoding=UTF8'
    maxHeapSize = '1G'
    systemProperty 'java.awt.headless', true
    testLogging {
      events "skipped", "failed" // verbose log for failed and skipped tests (by default the name of the tests are not logged)
      exceptionFormat 'full' // log the full stack trace (default is the 1st line of the stack trace)
    }
    jacoco {
      enabled = true // do not disable recording of code coverage, so that remote Gradle cache entry can be used locally
      includes = ['com.sonar.*', 'com.sonarsource.*', 'org.sonar.*', 'org.sonarqube.*', 'org.sonarsource.*', 'io.sonarcloud.*']
    }
    if (project.hasProperty('maxParallelTests')) {
      maxParallelForks = project.maxParallelTests as int
    }
    if (project.hasProperty('parallelTests')) {
      // See https://guides.gradle.org/performance/#parallel_test_execution
      maxParallelForks = Runtime.runtime.availableProcessors().intdiv(2) ?: 1
    }
  }

  def protoMainSrc = 'src/main/protobuf'
  def protoTestSrc = 'src/test/protobuf'
  if (file(protoMainSrc).exists() || file(protoTestSrc).exists()) {
    // protobuf must be applied after java
    apply plugin: 'com.google.protobuf'

    sourceSets.main.proto.srcDir protoMainSrc  // in addition to the default 'src/main/proto'
    sourceSets.test.proto.srcDir protoTestSrc  // in addition to the default 'src/test/proto'
    protobuf {
      protoc {
        artifact = "com.google.protobuf:protoc:3.5.1"
      }
    }
    jar {
      exclude('**/*.proto')
    }
    idea {
      module {
        sourceDirs += file("${protobuf.generatedFilesBaseDir}/main/java")
        testSourceDirs += file("${protobuf.generatedFilesBaseDir}/test/java")
        generatedSourceDirs += file("${protobuf.generatedFilesBaseDir}/main/java")
        generatedSourceDirs += file("${protobuf.generatedFilesBaseDir}/test/java")
      }
    }
    ide.dependsOn(['generateProto', 'generateTestProto'])
  }

  if (file('package.json').exists()) {
    apply plugin: 'com.moowork.node'

    node {
      version = '10.15.3'
      yarnVersion = '1.15.2'
      download = true
    }
  }

  if (official) {
    jar {
      // do not break incremental build on non official versions
      manifest {
        attributes(
          'Version': "${version}",
          'Implementation-Build': System.getenv('GIT_SHA1'),
          'Build-Time': new Date().format("yyyy-MM-dd'T'HH:mm:ssZ")
        )
      }
    }
  }

  license {
    header = rootProject.file('HEADER')
    strictCheck true
    mapping {
      java = 'SLASHSTAR_STYLE'
      js = 'SLASHSTAR_STYLE'
      ts = 'SLASHSTAR_STYLE'
      tsx = 'SLASHSTAR_STYLE'
      css = 'SLASHSTAR_STYLE'
    }
    includes(['**/*.java', '**/*.js', '**/*.ts', '**/*.tsx', '**/*.css'])
  }

  publishing {
    publications {
      mavenJava(MavenPublication) {
        pom {
          name = 'SonarQube'
          description = project.description
          url = 'http://www.sonarqube.org/'
          organization {
            name = 'SonarSource'
            url = 'http://www.sonarsource.com'
          }
          licenses {
            license {
              name = 'GNU LGPL 3'
              url = 'http://www.gnu.org/licenses/lgpl.txt'
              distribution = 'repo'
            }
          }
          scm {
            url = 'https://github.com/SonarSource/sonarqube'
          }
          developers {
            developer {
              id = 'sonarsource-team'
              name = 'SonarSource Team'
            }
          }
        }
      }
    }
  }
}


// Yarn doesn't support concurrent access to its global cache,
// i.e. parallel execution of several "yarn install" tasks,
// since these tasks are independent, we can establish arbitrary total order
// to prevent their concurrent execution:
def yarnInstallTasks = allprojects.findResults { it -> it.tasks.findByName('yarn') }
yarnInstallTasks.eachWithIndex { it, i -> if (i > 0) it.mustRunAfter(yarnInstallTasks.get(i - 1)) }


artifactory {
  clientConfig.setIncludeEnvVars(true)
  clientConfig.setEnvVarsExcludePatterns('*password*,*PASSWORD*,*secret*,*MAVEN_CMD_LINE_ARGS*,sun.java.command,*token*,*TOKEN*,*LOGIN*,*login*,*key*,*KEY*')
  contextUrl = System.getenv('ARTIFACTORY_URL')
  publish {
    repository {
      repoKey = System.getenv('ARTIFACTORY_DEPLOY_REPO')
      username = System.getenv('ARTIFACTORY_DEPLOY_USERNAME') ?: project.properties.artifactoryUsername
      password = System.getenv('ARTIFACTORY_DEPLOY_PASSWORD') ?: project.properties.artifactoryPaswword
    }
    defaults {
      properties = [
        'build.name': 'sonar-enterprise',
        'build.number': System.getenv('BUILD_NUMBER'),
        'pr.branch.target': System.getenv('GITHUB_BASE_BRANCH'),
        'pr.number': System.getenv('PULL_REQUEST'),
        'vcs.branch': System.getenv('GITHUB_BRANCH'),
        'vcs.revision': System.getenv('GIT_SHA1'),
        'version': version
      ]
      publications('mavenJava')
      publishPom = true
      publishIvy = false
    }
  }
  clientConfig.info.setBuildName('sonar-enterprise')
  clientConfig.info.setBuildNumber(System.getenv('BUILD_NUMBER'))
  // Define the artifacts to be deployed to https://binaries.sonarsource.com on releases
  clientConfig.info.addEnvironmentProperty('ARTIFACTS_TO_PUBLISH',
      "${project.group}:sonar-application:zip," +
      "com.sonarsource.sonarqube:sonarqube-developer:zip," +
      "com.sonarsource.sonarqube:sonarqube-datacenter:zip," +
      "com.sonarsource.sonarqube:sonarqube-enterprise:zip")
  // The name of this variable is important because it's used by the delivery process when extracting version from Artifactory build info.
  clientConfig.info.addEnvironmentProperty('PROJECT_VERSION', "${version}")
}

// https://github.com/ben-manes/gradle-versions-plugin
apply plugin: 'com.github.ben-manes.versions'
// Exclude dev versions from the list of dependency upgrades, for
// example to replace:
//   org.slf4j:log4j-over-slf4j [1.7.25 -> 1.8.0-beta4]
// by
//   org.slf4j:log4j-over-slf4j [1.7.25 -> 1.7.26]
dependencyUpdates.resolutionStrategy {
  componentSelection { rules ->
    rules.all { ComponentSelection selection ->
      boolean rejected = ['alpha', 'beta', 'rc', 'cr', 'm', 'preview'].any { qualifier ->
        selection.candidate.version ==~ /(?i).*[.-]${qualifier}[.\d-]*/
      }
      if (rejected) {
        selection.reject('Development version')
      }
    }
  }
}