mirrors
/
sonarqube
mirror of https://github.com/SonarSource/sonarqube.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 237 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
33514 Commits
59 Branches
Tree: 10.1.0.734
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '10.1.0.734'
${ noResults }
sonarqube/.cirrus.yml

.cirrus.yml 24KB
Raw Permalink Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754 
  1. env:

  2.   GRADLE_OPTS: -Dorg.gradle.jvmargs="-XX:+PrintFlagsFinal -XshowSettings:vm -XX:+HeapDumpOnOutOfMemoryError -XX:+UnlockExperimentalVMOptions -Djava.security.egd=file:/dev/./urandom -Dfile.encoding=UTF8 -Duser.language=en -Duser.country=US"

  3.   # to be replaced by other credentials

  4.   ARTIFACTORY_PRIVATE_USERNAME: vault-${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-private-reader

  5.   ARTIFACTORY_PRIVATE_PASSWORD: VAULT[development/artifactory/token/${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-private-reader access_token]

  6.   ARTIFACTORY_DEPLOY_USERNAME: vault-${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-qa-deployer

  7.   ARTIFACTORY_DEPLOY_PASSWORD: VAULT[development/artifactory/token/${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-qa-deployer access_token]

  8.   ARTIFACTORY_ACCESS_TOKEN: VAULT[development/artifactory/token/${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-private-reader access_token]

  9.   ARTIFACTORY_PROMOTE_ACCESS_TOKEN: VAULT[development/artifactory/token/${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-promoter access_token]

  10.   # download licenses for testing commercial editions

  11.   GITHUB_TOKEN: VAULT[development/github/token/licenses-ro token]

  12.   # notifications to burgr

  13.   BURGR_URL: VAULT[development/kv/data/burgr data.url]

  14.   BURGR_USERNAME: VAULT[development/kv/data/burgr data.cirrus_username]

  15.   BURGR_PASSWORD: VAULT[development/kv/data/burgr data.cirrus_password]

  16.   # analysis on next.sonarqube.com

  17.   SONARQUBE_NEXT_TOKEN: VAULT[development/kv/data/next data.token]

  18.   # to trigger docs deployment

  19.   ELASTIC_PWD: VAULT[development/team/sonarqube/kv/data/elasticsearch-cloud data.password]

  20.   CIRRUS_LOG_TIMESTAMP: true

  21.   BRANCH_MAIN: "master"

  22.   BRANCH_NIGHTLY: "branch-nightly-build"

  23.   BRANCH_PATTERN_MAINTENANCE: "branch-.*"

  24.   BRANCH_PATTERN_PUBLIC: "public_.*"

  25. 

  26. auto_cancellation: $CIRRUS_BRANCH != $BRANCH_MAIN && $CIRRUS_BRANCH !=~ $BRANCH_PATTERN_MAINTENANCE

  27. 

  28. skip_public_branches_template: &SKIP_PUBLIC_BRANCHES_TEMPLATE

  29.   skip: $CIRRUS_BRANCH =~ $BRANCH_PATTERN_PUBLIC

  30. 

  31. cache_dependencies_dependant_task_template: &CACHE_DEPENDENCIES_DEPENDANT_TASK_TEMPLATE

  32.   depends_on: cache_dependencies

  33. 

  34. build_dependant_task_template: &BUILD_DEPENDANT_TASK_TEMPLATE

  35.   depends_on: build

  36. 

  37. nightly_task_template: &NIGHTLY_TASK_TEMPLATE

  38.   only_if: $CIRRUS_BRANCH == $BRANCH_NIGHTLY

  39. 

  40. master_and_nightly_task_template: &MASTER_AND_NIGHTLY_TASK_TEMPLATE

  41.   only_if: $CIRRUS_BRANCH == $BRANCH_NIGHTLY || $CIRRUS_BRANCH == $BRANCH_MAIN

  42. 

  43. master_or_nightly_or_maintenance_task_template: &MASTER_OR_NIGHTLY_OR_MAINTENANCE_TASK_TEMPLATE

  44.   only_if: $CIRRUS_BRANCH == $BRANCH_NIGHTLY || $CIRRUS_BRANCH == $BRANCH_MAIN || $CIRRUS_BRANCH =~ $BRANCH_PATTERN_MAINTENANCE

  45. 

  46. except_nightly_task_template: &EXCEPT_ON_NIGHTLY_TASK_TEMPLATE

  47.   only_if: $CIRRUS_BRANCH != $BRANCH_NIGHTLY

  48. 

  49. database_related_task_template: &DATABASE_RELATED_TASK_TEMPLATE

  50.   only_if: >-

  51.     $CIRRUS_BRANCH == $BRANCH_MAIN || $CIRRUS_BRANCH =~ $BRANCH_PATTERN_MAINTENANCE || $CIRRUS_BRANCH == $BRANCH_NIGHTLY ||

  52.     changesInclude('server/sonar-db-dao/**/*Mapper.xml', 'server/sonar-db-migration/**/DbVersion*.java', 'server/sonar-db-dao/**/*Dao.java', 'server/sonar-db-core/src/main/java/org/sonar/db/*.java')

  53. 

  54. saml_task_template: &SAML_TASK_TEMPLATE

  55.   only_if: >-

  56.     $CIRRUS_BRANCH == $BRANCH_MAIN || $CIRRUS_BRANCH =~ $BRANCH_PATTERN_MAINTENANCE || $CIRRUS_BRANCH == $BRANCH_NIGHTLY ||

  57.     changesInclude('server/sonar-auth-saml/src/main/java/**/*.java', 'server/sonar-auth-saml/src/main/resources/**/*', 'server/sonar-db-dao/src/main/**/SAML*.java', 'private/it-core/src/test/java/org/sonarqube/tests/saml/*.java', 'server/sonar-webserver-webapi/src/main/java/org/sonar/server/saml/**/*.java')

  58. 

  59. ldap_task_template: &LDAP_TASK_TEMPLATE

  60.   only_if: >-

  61.     $CIRRUS_BRANCH == $BRANCH_MAIN || $CIRRUS_BRANCH =~ $BRANCH_PATTERN_MAINTENANCE || $CIRRUS_BRANCH == $BRANCH_NIGHTLY ||

  62.     changesInclude('server/sonar-auth-ldap/src/main/java/**/*.java', 'server/sonar-webserver-auth/src/main/java/org/sonar/server/authentication/LdapCredentialsAuthentication.java', 'private/it-core/src/test/java/org/sonarqube/tests/ldap/*.java')

  63. 

  64. github_task_template: &GITHUB_TASK_TEMPLATE

  65.   only_if: >-

  66.     $CIRRUS_BRANCH == $BRANCH_MAIN || $CIRRUS_BRANCH =~ $BRANCH_PATTERN_MAINTENANCE || $CIRRUS_BRANCH == $BRANCH_NIGHTLY ||

  67.     changesInclude('private/core-extension-developer-server/src/main/java/com/sonarsource/branch/pr/github/*.java', 'private/it-branch/it-tests/src/test/java/com/sonarsource/branch/it/suite/pr/github/*.java')

  68. 

  69. docker_build_container_template: &CONTAINER_TEMPLATE

  70.   region: eu-central-1

  71.   cluster_name: ${CIRRUS_CLUSTER_NAME}

  72.   namespace: default

  73.   builder_subnet_id: ${CIRRUS_AWS_SUBNET}

  74.   builder_role: cirrus-builder

  75.   builder_image: docker-builder-v*

  76.   builder_instance_type: t2.small

  77.   dockerfile: private/docker/Dockerfile-build

  78.   docker_arguments:

  79.     CIRRUS_AWS_ACCOUNT: ${CIRRUS_AWS_ACCOUNT}

  80.   cpu: 1

  81.   memory: 2Gb

  82. 

  83. vm_instance_template: &VM_TEMPLATE

  84.   experimental: true # see https://github.com/cirruslabs/cirrus-ci-docs/issues/1051

  85.   image: docker-builder-v*

  86.   type: t2.small

  87.   region: eu-central-1

  88.   subnet_id: ${CIRRUS_AWS_SUBNET}

  89.   disk: 10

  90.   cpu: 4

  91.   memory: 8G

  92. 

  93. oracle_additional_container_template: &ORACLE_ADDITIONAL_CONTAINER_TEMPLATE

  94.   name: oracle

  95.   image: gvenzl/oracle-xe:21-faststart

  96.   port: 1521

  97.   cpu: 2

  98.   memory: 5Gb

  99.   env:

  100.     ORACLE_PASSWORD: sonarqube

  101.     APP_USER: sonarqube

  102.     APP_USER_PASSWORD: sonarqube

  103. 

  104. postgres_additional_container_template: &POSTGRES_ADDITIONAL_CONTAINER_TEMPLATE

  105.   name: postgres

  106.   image: public.ecr.aws/docker/library/postgres:15

  107.   port: 5432

  108.   cpu: 1

  109.   memory: 1Gb

  110.   env:

  111.     POSTGRES_USER: postgres

  112.     POSTGRES_PASSWORD: postgres

  113. 

  114. default_artifact_template: &DEFAULT_ARTIFACTS_TEMPLATE

  115.   on_failure:

  116.     jest_junit_cleanup_script: >

  117.       find . -type f -wholename "**/build/test-results/test-jest/junit.xml" -exec

  118.       xmlstarlet edit --inplace --delete '//testsuite[@errors=0 and @failures=0]' {} \;

  119.     junit_artifacts:

  120.       path: "**/build/test-results/**/*.xml"

  121.       type: "text/xml"

  122.       format: junit

  123.     reports_artifacts:

  124.       path: "**/build/reports/**/*"

  125.     screenshots_artifacts:

  126.       path: "**/build/screenshots/**/*"

  127.   always:

  128.     profile_artifacts:

  129.       path: "**/build/reports/profile/**/*"

  130. 

  131. yarn_cache_template: &YARN_CACHE_TEMPLATE

  132.   yarn_cache:

  133.     folder: "~/.yarn/berry/cache"

  134.     fingerprint_script: |

  135.       cat \

  136.         server/sonar-web/yarn.lock \

  137.         private/core-extension-developer-server/yarn.lock \

  138.         private/core-extension-enterprise-server/yarn.lock \

  139.         private/core-extension-license/yarn.lock \

  140.         private/core-extension-securityreport/yarn.lock

  141. 

  142. gradle_cache_template: &GRADLE_CACHE_TEMPLATE

  143.   gradle_cache:

  144.     folder: "~/.gradle/caches"

  145.     fingerprint_script: find -type f \( -name "*.gradle*" -or -name "gradle*.properties" \) | sort | xargs cat

  146. 

  147. jar_cache_template: &JAR_CACHE_TEMPLATE

  148.   jar_cache:

  149.     folder: "**/build/libs/*.jar"

  150.     fingerprint_key: jar-cache_$CIRRUS_BUILD_ID

  151. 

  152. eslint_report_cache_template: &ESLINT_REPORT_CACHE_TEMPLATE

  153.   eslint_report_cache:

  154.     folders:

  155.       - server/sonar-web/eslint-report/

  156.       - server/sonar-web/design-system/eslint-report/

  157.       - private/core-extension-securityreport/eslint-report/

  158.       - private/core-extension-license/eslint-report/

  159.       - private/core-extension-enterprise-server/eslint-report/

  160.       - private/core-extension-developer-server/eslint-report/

  161.     fingerprint_script: echo $CIRRUS_BUILD_ID

  162. 

  163. jest_report_cache_template: &JEST_REPORT_CACHE_TEMPLATE

  164.   jest_report_cache:

  165.     folders:

  166.       - server/sonar-web/coverage/

  167.       - server/sonar-web/design-system/coverage/

  168.       - private/core-extension-securityreport/coverage/

  169.       - private/core-extension-license/coverage/

  170.       - private/core-extension-enterprise-server/coverage/

  171.       - private/core-extension-developer-server/coverage/

  172.     fingerprint_script: echo $CIRRUS_BUILD_ID

  173. 

  174. junit_report_cache_template: &JUNIT_REPORT_CACHE_TEMPLATE

  175.   junit_report_cache:

  176.     folders:

  177.       - "**/reports/jacoco"

  178.       - "**/test-results/test"

  179.     fingerprint_script: echo $CIRRUS_BUILD_ID

  180. 

  181. default_template: &DEFAULT_TEMPLATE

  182.   <<: *SKIP_PUBLIC_BRANCHES_TEMPLATE

  183.   clone_script: |

  184.     git init

  185.     git remote add origin https://x-access-token:${CIRRUS_REPO_CLONE_TOKEN}@github.com/${CIRRUS_REPO_FULL_NAME}.git

  186.     git fetch origin $CIRRUS_CHANGE_IN_REPO $FETCH_DEPTH

  187.     git reset --hard $CIRRUS_CHANGE_IN_REPO

  188.   env:

  189.     FETCH_DEPTH: --depth=1

  190. 

  191. cache_dependencies_task:

  192.   <<: *DEFAULT_TEMPLATE

  193.   <<: *GRADLE_CACHE_TEMPLATE

  194.   eks_container:

  195.     <<: *CONTAINER_TEMPLATE

  196.     cpu: 7.5

  197.     memory: 8Gb

  198.   script:

  199.     - ./private/cirrus/cirrus-cache-dependencies.sh

  200.   <<: *DEFAULT_ARTIFACTS_TEMPLATE

  201. 

  202. build_task:

  203.   <<: *DEFAULT_TEMPLATE

  204.   <<: *GRADLE_CACHE_TEMPLATE

  205.   <<: *YARN_CACHE_TEMPLATE

  206.   <<: *JAR_CACHE_TEMPLATE

  207.   <<: *CACHE_DEPENDENCIES_DEPENDANT_TASK_TEMPLATE

  208.   eks_container:

  209.     <<: *CONTAINER_TEMPLATE

  210.     cpu: 7.5

  211.     memory: 8Gb

  212.   script:

  213.     - ./private/cirrus/cirrus-build.sh

  214.   <<: *DEFAULT_ARTIFACTS_TEMPLATE

  215. 

  216. publish_task:

  217.   <<: *DEFAULT_TEMPLATE

  218.   <<: *GRADLE_CACHE_TEMPLATE

  219.   <<: *BUILD_DEPENDANT_TASK_TEMPLATE

  220.   eks_container:

  221.     <<: *CONTAINER_TEMPLATE

  222.     cpu: 4

  223.     memory: 4Gb

  224.   env:

  225.     ORG_GRADLE_PROJECT_signingKey: VAULT[development/kv/data/sign data.key]

  226.     ORG_GRADLE_PROJECT_signingPassword: VAULT[development/kv/data/sign data.passphrase]

  227.     ORG_GRADLE_PROJECT_signingKeyId: VAULT[development/kv/data/sign data.key_id]

  228.   script:

  229.     - ./private/cirrus/cirrus-publish.sh

  230. 

  231. yarn_lint_task:

  232.   <<: *DEFAULT_TEMPLATE

  233.   <<: *GRADLE_CACHE_TEMPLATE

  234.   <<: *YARN_CACHE_TEMPLATE

  235.   <<: *ESLINT_REPORT_CACHE_TEMPLATE

  236.   <<: *CACHE_DEPENDENCIES_DEPENDANT_TASK_TEMPLATE

  237.   eks_container:

  238.     <<: *CONTAINER_TEMPLATE

  239.     cpu: 3

  240.     memory: 6Gb

  241.   script:

  242.     - ./private/cirrus/cirrus-yarn-lint-report.sh

  243.   <<: *DEFAULT_ARTIFACTS_TEMPLATE

  244. 

  245. yarn_check_task:

  246.   <<: *DEFAULT_TEMPLATE

  247.   <<: *GRADLE_CACHE_TEMPLATE

  248.   <<: *YARN_CACHE_TEMPLATE

  249.   <<: *CACHE_DEPENDENCIES_DEPENDANT_TASK_TEMPLATE

  250.   eks_container:

  251.     <<: *CONTAINER_TEMPLATE

  252.     cpu: 3

  253.     memory: 4Gb

  254.   script: |

  255.     ./private/cirrus/cirrus-env.sh YARN

  256.     gradle yarn_check-ci --profile

  257.   <<: *DEFAULT_ARTIFACTS_TEMPLATE

  258. 

  259. yarn_validate_task:

  260.   <<: *DEFAULT_TEMPLATE

  261.   <<: *GRADLE_CACHE_TEMPLATE

  262.   <<: *YARN_CACHE_TEMPLATE

  263.   <<: *JEST_REPORT_CACHE_TEMPLATE

  264.   <<: *CACHE_DEPENDENCIES_DEPENDANT_TASK_TEMPLATE

  265.   eks_container:

  266.     <<: *CONTAINER_TEMPLATE

  267.     cpu: 7.5

  268.     memory: 20Gb

  269.   script:

  270.     - ./private/cirrus/cirrus-yarn-validate-ci.sh

  271.   <<: *DEFAULT_ARTIFACTS_TEMPLATE

  272. 

  273. junit_task:

  274.   <<: *DEFAULT_TEMPLATE

  275.   <<: *GRADLE_CACHE_TEMPLATE

  276.   <<: *JUNIT_REPORT_CACHE_TEMPLATE

  277.   <<: *CACHE_DEPENDENCIES_DEPENDANT_TASK_TEMPLATE

  278.   eks_container:

  279.     <<: *CONTAINER_TEMPLATE

  280.     cpu: 7.5

  281.     memory: 10Gb

  282.   script:

  283.     - ./private/cirrus/cirrus-junit.sh

  284.   <<: *DEFAULT_ARTIFACTS_TEMPLATE

  285. 

  286. sq_analysis_task:

  287.   <<: *SKIP_PUBLIC_BRANCHES_TEMPLATE

  288.   <<: *EXCEPT_ON_NIGHTLY_TASK_TEMPLATE

  289.   <<: *GRADLE_CACHE_TEMPLATE

  290.   <<: *YARN_CACHE_TEMPLATE

  291.   <<: *JEST_REPORT_CACHE_TEMPLATE

  292.   <<: *ESLINT_REPORT_CACHE_TEMPLATE

  293.   <<: *JUNIT_REPORT_CACHE_TEMPLATE

  294.   depends_on:

  295.     - yarn_validate

  296.     - yarn_lint

  297.     - junit

  298.   eks_container:

  299.     <<: *CONTAINER_TEMPLATE

  300.     cpu: 7.5

  301.     memory: 15Gb

  302.   script:

  303.     - ./private/cirrus/cirrus-sq-analysis.sh

  304.   <<: *DEFAULT_ARTIFACTS_TEMPLATE

  305. 

  306. qa_task:

  307.   <<: *DEFAULT_TEMPLATE

  308.   <<: *BUILD_DEPENDANT_TASK_TEMPLATE

  309.   <<: *CACHE_DEPENDENCIES_DEPENDANT_TASK_TEMPLATE

  310.   <<: *GRADLE_CACHE_TEMPLATE

  311.   <<: *JAR_CACHE_TEMPLATE

  312.   eks_container:

  313.     <<: *CONTAINER_TEMPLATE

  314.     cpu: 3

  315.     memory: 7Gb

  316.     additional_containers:

  317.       - <<: *POSTGRES_ADDITIONAL_CONTAINER_TEMPLATE

  318.   name: QA $QA_CATEGORY

  319.   alias: qa

  320.   env:

  321.     matrix:

  322.       # QA name should not exceed 13 characters to be properly reported on wallboard by burgr

  323.       # QA name cannot contain "_"

  324.       - QA_CATEGORY: Cat1

  325.       - QA_CATEGORY: Cat2

  326.       - QA_CATEGORY: Cat3

  327.       - QA_CATEGORY: Cat4

  328.       - QA_CATEGORY: Cat5

  329.       - QA_CATEGORY: Cat6

  330.       - QA_CATEGORY: Analysis

  331.       - QA_CATEGORY: Authorization

  332.       - QA_CATEGORY: Auth

  333.       - QA_CATEGORY: Branch1

  334.       - QA_CATEGORY: Branch2

  335.       - QA_CATEGORY: CE1

  336.       - QA_CATEGORY: CE2

  337.       - QA_CATEGORY: ComputeEngine

  338.       - QA_CATEGORY: DE1

  339.       - QA_CATEGORY: DE2

  340.       - QA_CATEGORY: EE1

  341.       - QA_CATEGORY: EE2

  342.       - QA_CATEGORY: Issues1

  343.       - QA_CATEGORY: Issues2

  344.       - QA_CATEGORY: License1

  345.       - QA_CATEGORY: License2

  346.       - QA_CATEGORY: Plugins

  347.       - QA_CATEGORY: Project

  348.       - QA_CATEGORY: QP

  349.       - QA_CATEGORY: Upgrade

  350.   script:

  351.     - ./private/cirrus/cirrus-qa.sh postgres

  352.   <<: *DEFAULT_ARTIFACTS_TEMPLATE

  353. 

  354. task: #bitbucket

  355.   <<: *DEFAULT_TEMPLATE

  356.   <<: *BUILD_DEPENDANT_TASK_TEMPLATE

  357.   <<: *JAR_CACHE_TEMPLATE

  358.   <<: *GRADLE_CACHE_TEMPLATE

  359.   eks_container:

  360.     <<: *CONTAINER_TEMPLATE

  361.     cpu: 3

  362.     memory: 10Gb

  363.     additional_containers:

  364.       - <<: *POSTGRES_ADDITIONAL_CONTAINER_TEMPLATE

  365.   maven_cache:

  366.     folder: ~/.m2

  367.   env:

  368.     QA_CATEGORY: BITBUCKET

  369.   matrix:

  370.     - name: qa_bb_5.15.0

  371.       bitbucket_background_script: ./private/cirrus/cirrus-start-bitbucket.sh 5.15.0

  372.     - name: qa_bb_latest

  373.       bitbucket_background_script: ./private/cirrus/cirrus-start-bitbucket.sh LATEST

  374.   wait_for_bitbucket_to_boot_script: secs=3600; endTime=$(( $(date +%s) + secs )); while [[ "$(curl -s -o /dev/null -w ''%{http_code}'' localhost:7990/bitbucket/status)" != "200" ]] || [ $(date +%s) -gt $endTime ]; do sleep 5; done

  375.   script:

  376.     - ./private/cirrus/cirrus-qa.sh postgres

  377.   <<: *DEFAULT_ARTIFACTS_TEMPLATE

  378. 

  379. qa_bb_cloud_task:

  380.   <<: *DEFAULT_TEMPLATE

  381.   <<: *BUILD_DEPENDANT_TASK_TEMPLATE

  382.   <<: *JAR_CACHE_TEMPLATE

  383.   <<: *GRADLE_CACHE_TEMPLATE

  384.   eks_container:

  385.     <<: *CONTAINER_TEMPLATE

  386.     cpu: 2.4

  387.     memory: 7Gb

  388.   env:

  389.     QA_CATEGORY: BITBUCKET_CLOUD

  390.     BBC_CLIENT_ID: VAULT[development/team/sonarqube/kv/data/bitbucket-cloud data.client_id]

  391.     BBC_CLIENT_SECRET: VAULT[development/team/sonarqube/kv/data/bitbucket-cloud data.client_secret]

  392.     BBC_USERNAME: VAULT[development/kv/data/bitbucket/sonarqube-its data.username]

  393.     BBC_READ_REPOS_APP_PASSWORD: VAULT[development/kv/data/bitbucket/sonarqube-its data.password]

  394.   script:

  395.     - ./private/cirrus/cirrus-qa.sh h2

  396.   <<: *DEFAULT_ARTIFACTS_TEMPLATE

  397. 

  398. qa_ha_task:

  399.   <<: *DEFAULT_TEMPLATE

  400.   <<: *BUILD_DEPENDANT_TASK_TEMPLATE

  401.   <<: *MASTER_OR_NIGHTLY_OR_MAINTENANCE_TASK_TEMPLATE

  402.   <<: *JAR_CACHE_TEMPLATE

  403.   <<: *GRADLE_CACHE_TEMPLATE

  404.   eks_container:

  405.     <<: *CONTAINER_TEMPLATE

  406.     cpu: 2.4

  407.     memory: 10Gb

  408.     additional_containers:

  409.       - <<: *POSTGRES_ADDITIONAL_CONTAINER_TEMPLATE

  410.   env:

  411.     QA_CATEGORY: HA

  412.   script:

  413.     - ./private/cirrus/cirrus-qa.sh postgres

  414.   <<: *DEFAULT_ARTIFACTS_TEMPLATE

  415. 

  416. qa_performance_task:

  417.   <<: *DEFAULT_TEMPLATE

  418.   <<: *BUILD_DEPENDANT_TASK_TEMPLATE

  419.   <<: *MASTER_AND_NIGHTLY_TASK_TEMPLATE

  420.   <<: *JAR_CACHE_TEMPLATE

  421.   <<: *GRADLE_CACHE_TEMPLATE

  422.   eks_container:

  423.     <<: *CONTAINER_TEMPLATE

  424.     cpu: 2.4

  425.     memory: 10Gb

  426.     additional_containers:

  427.       - <<: *POSTGRES_ADDITIONAL_CONTAINER_TEMPLATE

  428.   env:

  429.     QA_CATEGORY: AnalysisPerformance

  430.   script:

  431.     - ./private/cirrus/cirrus-qa.sh postgres

  432.   <<: *DEFAULT_ARTIFACTS_TEMPLATE

  433. 

  434. # GitLab QA is executed in a dedicated task in order to not slow down the pipeline, as a GitLab on-prem server docker image is required.

  435. qa_gitlab_task:

  436.   <<: *DEFAULT_TEMPLATE

  437.   <<: *BUILD_DEPENDANT_TASK_TEMPLATE

  438.   <<: *JAR_CACHE_TEMPLATE

  439.   <<: *GRADLE_CACHE_TEMPLATE

  440.   depends_on:

  441.     - build

  442.   env:

  443.     QA_CATEGORY: GITLAB

  444.   matrix:

  445.     - name: qa_gitlab_latest

  446.       env:

  447.         - GITLAB_VERSION: latest

  448.     - name: qa_gitlab_oldest

  449.       env:

  450.         - GITLAB_VERSION: 15.6.2-ce.0

  451.   eks_container:

  452.     <<: *CONTAINER_TEMPLATE

  453.     cpu: 2.4

  454.     memory: 7Gb

  455.     use_in_memory_disk: true

  456.     additional_containers:

  457.       - name: gitlab

  458.         ports:

  459.           - 80

  460.           - 443

  461.         cpu: 2

  462.         memory: 5Gb

  463.         image: ${CIRRUS_AWS_ACCOUNT}.dkr.ecr.eu-central-1.amazonaws.com/gitlab:${GITLAB_VERSION}

  464.         env:

  465.           - GITLAB_POST_RECONFIGURE_SCRIPT: |-

  466.               { cat >/tmp/setup.rb <<-'EOF'

  467.                 token = User.find_by_username('root').personal_access_tokens.create(scopes: [:api], name: 'token');

  468.                 token.set_token('token-here-456');

  469.                 token.save!;

  470.                 token_read = User.find_by_username('root').personal_access_tokens.create(scopes: [:read_user], name: 'token_read');

  471.                 token_read.set_token('token-read-123');

  472.                 token_read.save!;

  473.                 user = User.find_by_username('root');

  474.                 user.password = 'eng-YTU1ydh6kyt7tjd';

  475.                 user.password_confirmation = 'eng-YTU1ydh6kyt7tjd';

  476.                 user.save!;

  477.               EOF

  478.               } && gitlab-rails runner /tmp/setup.rb && \

  479.               echo 'from_file "/etc/gitlab/external_gitlab.rb"' >> /etc/gitlab/gitlab.rb && \

  480.               gitlab-ctl reconfigure

  481.   script:

  482.     - ./private/cirrus/cirrus-qa.sh h2

  483.   <<: *DEFAULT_ARTIFACTS_TEMPLATE

  484. 

  485. qa_gitlab_cloud_task:

  486.   <<: *DEFAULT_TEMPLATE

  487.   <<: *BUILD_DEPENDANT_TASK_TEMPLATE

  488.   <<: *JAR_CACHE_TEMPLATE

  489.   <<: *GRADLE_CACHE_TEMPLATE

  490.   eks_container:

  491.     <<: *CONTAINER_TEMPLATE

  492.     cpu: 2.4

  493.     memory: 7Gb

  494.     use_in_memory_disk: true

  495.   env:

  496.     QA_CATEGORY: GITLAB_CLOUD

  497.     GITLAB_API_TOKEN: VAULT[development/team/sonarqube/kv/data/gitlab-cloud data.api_token]

  498.     GITLAB_READ_ONLY_TOKEN: VAULT[development/team/sonarqube/kv/data/gitlab-cloud data.api_token_ro]

  499.     GITLAB_ADMIN_USERNAME: VAULT[development/team/sonarqube/kv/data/gitlab-cloud data.username]

  500.     GITLAB_ADMIN_PASSWORD: VAULT[development/team/sonarqube/kv/data/gitlab-cloud data.password]

  501.   script:

  502.     - ./private/cirrus/cirrus-qa.sh h2

  503.   <<: *DEFAULT_ARTIFACTS_TEMPLATE

  504. 

  505. # Azure QA is executed in a dedicated task in order to not slow down the pipeline.

  506. qa_azure_task:

  507.   <<: *DEFAULT_TEMPLATE

  508.   <<: *BUILD_DEPENDANT_TASK_TEMPLATE

  509.   <<: *JAR_CACHE_TEMPLATE

  510.   <<: *GRADLE_CACHE_TEMPLATE

  511.   eks_container:

  512.     <<: *CONTAINER_TEMPLATE

  513.     cpu: 2.4

  514.     memory: 7Gb

  515.   env:

  516.     QA_CATEGORY: AZURE

  517.     AZURE_USERNAME_LOGIN: VAULT[development/team/sonarqube/kv/data/azure-instance data.username]

  518.     AZURE_CODE_READ_AND_WRITE_TOKEN: VAULT[development/team/sonarqube/kv/data/azure-instance data.token_code_read_write]

  519.     AZURE_FULL_ACCESS_TOKEN: VAULT[development/team/sonarqube/kv/data/azure-instance data.token_full_access]

  520.   script:

  521.     - ./private/cirrus/cirrus-qa.sh h2

  522.   <<: *DEFAULT_ARTIFACTS_TEMPLATE

  523. 

  524. qa_github_task:

  525.   <<: *DEFAULT_TEMPLATE

  526.   <<: *BUILD_DEPENDANT_TASK_TEMPLATE

  527.   <<: *GITHUB_TASK_TEMPLATE

  528.   <<: *JAR_CACHE_TEMPLATE

  529.   <<: *GRADLE_CACHE_TEMPLATE

  530.   eks_container:

  531.     <<: *CONTAINER_TEMPLATE

  532.     cpu: 2.4

  533.     memory: 7Gb

  534.   env:

  535.     QA_CATEGORY: GITHUB

  536.     GITHUB_COM_CODE_SCANNING_ALERTS_TECHNICAL_USER_USERNAME: QA-task

  537.     GITHUB_COM_CODE_SCANNING_ALERTS_TECHNICAL_USER_TOKEN: VAULT[development/github/token/SonarSource-sonar-enterprise-code-scanning token]

  538.   script:

  539.     - ./private/cirrus/cirrus-qa.sh h2

  540.   <<: *DEFAULT_ARTIFACTS_TEMPLATE

  541. 

  542. # SAML QA is executed in a dedicated task in order to not slow down the pipeline, as a Keycloak server docker image is required.

  543. qa_saml_task:

  544.   <<: *DEFAULT_TEMPLATE

  545.   <<: *BUILD_DEPENDANT_TASK_TEMPLATE

  546.   <<: *SAML_TASK_TEMPLATE

  547.   <<: *JAR_CACHE_TEMPLATE

  548.   <<: *GRADLE_CACHE_TEMPLATE

  549.   eks_container:

  550.     <<: *CONTAINER_TEMPLATE

  551.     cpu: 2.4

  552.     memory: 10Gb

  553.     additional_containers:

  554.       - name: keycloak

  555.         image: quay.io/keycloak/keycloak:21.0.2

  556.         port: 8080

  557.         cpu: 1

  558.         memory: 1Gb

  559.         command: "/opt/keycloak/bin/kc.sh start-dev --http-relative-path /auth"

  560.         env:

  561.           KEYCLOAK_ADMIN: admin

  562.           KEYCLOAK_ADMIN_PASSWORD: admin

  563.   env:

  564.     QA_CATEGORY: SAML

  565.   script:

  566.     - ./private/cirrus/cirrus-qa.sh h2

  567.   <<: *DEFAULT_ARTIFACTS_TEMPLATE

  568. 

  569. # LDAP QA is executed in a dedicated task in order to not slow down the pipeline, as a LDAP server and SonarQube server are re-started on each test.

  570. qa_ldap_task:

  571.   <<: *DEFAULT_TEMPLATE

  572.   <<: *BUILD_DEPENDANT_TASK_TEMPLATE

  573.   <<: *LDAP_TASK_TEMPLATE

  574.   <<: *JAR_CACHE_TEMPLATE

  575.   <<: *GRADLE_CACHE_TEMPLATE

  576.   eks_container:

  577.     <<: *CONTAINER_TEMPLATE

  578.     cpu: 2.4

  579.     memory: 10Gb

  580.   env:

  581.     QA_CATEGORY: LDAP

  582.   script:

  583.     - ./private/cirrus/cirrus-qa.sh h2

  584.   <<: *DEFAULT_ARTIFACTS_TEMPLATE

  585. 

  586. promote_task:

  587.   <<: *DEFAULT_TEMPLATE

  588.   <<: *EXCEPT_ON_NIGHTLY_TASK_TEMPLATE

  589.   depends_on:

  590.     - build

  591.     - sq_analysis

  592.     - qa

  593.     - qa_saml

  594.     - qa_ldap

  595.     - publish

  596.   eks_container:

  597.     <<: *CONTAINER_TEMPLATE

  598.     memory: 512M

  599.   stateful: true

  600.   script:

  601.     - ./private/cirrus/cirrus-promote.sh

  602. 

  603. package_docker_task:

  604.   <<: *DEFAULT_TEMPLATE

  605.   depends_on: promote

  606.   only_if: $CIRRUS_BRANCH == $BRANCH_MAIN

  607.   ec2_instance:

  608.     <<: *VM_TEMPLATE

  609.   clone_script: |

  610.     git clone --recursive --branch=$CIRRUS_BRANCH https://x-access-token:${CIRRUS_REPO_CLONE_TOKEN}@github.com/${CIRRUS_REPO_FULL_NAME}.git $CIRRUS_WORKING_DIR --depth=1

  611.     git fetch origin $CIRRUS_CHANGE_IN_REPO --depth=1

  612.     git reset --hard $CIRRUS_CHANGE_IN_REPO

  613.   install_tooling_script:

  614.     - ./private/cirrus/cirrus-tooling-for-package-docker.sh

  615.   package_script:

  616.     - ./private/cirrus/cirrus-package-docker.sh

  617. 

  618. sql_mssql_task:

  619.   <<: *DEFAULT_TEMPLATE

  620.   <<: *BUILD_DEPENDANT_TASK_TEMPLATE

  621.   <<: *DATABASE_RELATED_TASK_TEMPLATE

  622.   <<: *GRADLE_CACHE_TEMPLATE

  623.   eks_container:

  624.     <<: *CONTAINER_TEMPLATE

  625.     memory: 5Gb

  626.     additional_containers:

  627.       - name: mssql

  628.         image: mcr.microsoft.com/mssql/server:2019-GA-ubuntu-16.04

  629.         port: 1433

  630.         cpu: 2

  631.         memory: 5Gb

  632.         env:

  633.           MSSQL_PID: Developer # this is the default edition

  634.           ACCEPT_EULA: Y

  635.           SA_PASSWORD: sonarqube!1

  636.   script:

  637.     - ./private/cirrus/cirrus-db-unit-test.sh mssql

  638.   <<: *DEFAULT_ARTIFACTS_TEMPLATE

  639. 

  640. sql_postgres_task:

  641.   <<: *DEFAULT_TEMPLATE

  642.   <<: *BUILD_DEPENDANT_TASK_TEMPLATE

  643.   <<: *DATABASE_RELATED_TASK_TEMPLATE

  644.   <<: *GRADLE_CACHE_TEMPLATE

  645.   eks_container:

  646.     <<: *CONTAINER_TEMPLATE

  647.     memory: 5Gb

  648.     additional_containers:

  649.       - <<: *POSTGRES_ADDITIONAL_CONTAINER_TEMPLATE

  650.   script:

  651.     - ./private/cirrus/cirrus-db-unit-test.sh postgres

  652.   <<: *DEFAULT_ARTIFACTS_TEMPLATE

  653. 

  654. # this is the oldest compatible version of PostgreSQL

  655. sql_postgres11_task:

  656.   <<: *DEFAULT_TEMPLATE

  657.   <<: *BUILD_DEPENDANT_TASK_TEMPLATE

  658.   <<: *DATABASE_RELATED_TASK_TEMPLATE

  659.   <<: *GRADLE_CACHE_TEMPLATE

  660.   eks_container:

  661.     <<: *CONTAINER_TEMPLATE

  662.     memory: 5Gb

  663.     additional_containers:

  664.       - <<: *POSTGRES_ADDITIONAL_CONTAINER_TEMPLATE

  665.         image: public.ecr.aws/docker/library/postgres:11

  666.   script:

  667.     - ./private/cirrus/cirrus-db-unit-test.sh postgres

  668.   <<: *DEFAULT_ARTIFACTS_TEMPLATE

  669. 

  670. sql_oracle21_task:

  671.   <<: *DEFAULT_TEMPLATE

  672.   <<: *BUILD_DEPENDANT_TASK_TEMPLATE

  673.   <<: *DATABASE_RELATED_TASK_TEMPLATE

  674.   <<: *GRADLE_CACHE_TEMPLATE

  675.   eks_container:

  676.     <<: *CONTAINER_TEMPLATE

  677.     memory: 5Gb

  678.     additional_containers:

  679.       - <<: *ORACLE_ADDITIONAL_CONTAINER_TEMPLATE

  680.   script:

  681.     - ./private/cirrus/cirrus-db-unit-test.sh oracle21

  682.   <<: *DEFAULT_ARTIFACTS_TEMPLATE

  683. 

  684. upgd_mssql_task:

  685.   <<: *DEFAULT_TEMPLATE

  686.   <<: *BUILD_DEPENDANT_TASK_TEMPLATE

  687.   <<: *DATABASE_RELATED_TASK_TEMPLATE

  688.   <<: *JAR_CACHE_TEMPLATE

  689.   <<: *GRADLE_CACHE_TEMPLATE

  690.   eks_container:

  691.     <<: *CONTAINER_TEMPLATE

  692.     cpu: 1.5

  693.     memory: 6Gb

  694.     additional_containers:

  695.       - name: mssql

  696.         image: mcr.microsoft.com/mssql/server:2022-latest

  697.         port: 1433

  698.         cpu: 2

  699.         memory: 5Gb

  700.         env:

  701.           MSSQL_PID: Developer # this is the default edition

  702.           ACCEPT_EULA: Y

  703.           SA_PASSWORD: sonarqube!1

  704.   env:

  705.     QA_CATEGORY: Upgrade

  706.   script:

  707.     - ./private/cirrus/cirrus-qa.sh mssql

  708.   <<: *DEFAULT_ARTIFACTS_TEMPLATE

  709. 

  710. upgd_oracle21_task:

  711.   <<: *DEFAULT_TEMPLATE

  712.   <<: *BUILD_DEPENDANT_TASK_TEMPLATE

  713.   <<: *DATABASE_RELATED_TASK_TEMPLATE

  714.   <<: *JAR_CACHE_TEMPLATE

  715.   <<: *GRADLE_CACHE_TEMPLATE

  716.   eks_container:

  717.     <<: *CONTAINER_TEMPLATE

  718.     cpu: 1.5

  719.     memory: 6Gb

  720.     additional_containers:

  721.       - <<: *ORACLE_ADDITIONAL_CONTAINER_TEMPLATE

  722.   env:

  723.     QA_CATEGORY: Upgrade

  724.   script:

  725.     - ./private/cirrus/cirrus-qa.sh oracle21

  726.   <<: *DEFAULT_ARTIFACTS_TEMPLATE

  727. 

  728. ws_scan_task:

  729.   <<: *DEFAULT_TEMPLATE

  730.   <<: *BUILD_DEPENDANT_TASK_TEMPLATE

  731.   only_if: >-

  732.     $CIRRUS_BRANCH == $BRANCH_MAIN ||

  733.     ($CIRRUS_BRANCH =~ $BRANCH_PATTERN_MAINTENANCE && $CIRRUS_BRANCH != $BRANCH_NIGHTLY)

  734.   <<: *YARN_CACHE_TEMPLATE

  735.   <<: *GRADLE_CACHE_TEMPLATE

  736.   timeout_in: 30m

  737.   eks_container:

  738.     <<: *CONTAINER_TEMPLATE

  739.     cpu: 2

  740.     memory: 4Gb

  741.   env:

  742.     WS_APIKEY: VAULT[development/kv/data/mend data.apikey]

  743.     WS_WSS_URL: VAULT[development/kv/data/mend data.url]

  744.     WS_USERKEY: VAULT[development/kv/data/mend data.userKey]

  745.     SLACK_WEBHOOK_SQ: VAULT[development/kv/data/slack data.webhook]

  746.   whitesource_script:

  747.     - ./private/cirrus/cirrus-whitesource-scan.sh

  748.   allow_failures: "true"

  749.   on_failure:

  750.     slack_notification_script:

  751.       - ./private/cirrus/cirrus-whitesource-notifications.sh

  752.   always:

  753.     ws_artifacts:

  754.       path: "whitesource/**/*"