aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJulien Carsique <julien.carsique@sonarsource.com>2022-10-14 10:18:52 +0200
committerGitHub <noreply@github.com>2022-10-14 10:18:52 +0200
commit5c518d6a6f1a30bed62836790c1233b3f2e763fd (patch)
tree97ff24c2201ca306327c33b2ebb426b50e997ea0
parent78653325d93f64d3c70aa22054b6912297edb457 (diff)
downloadsonar-scanner-cli-5c518d6a6f1a30bed62836790c1233b3f2e763fd.tar.gz
sonar-scanner-cli-5c518d6a6f1a30bed62836790c1233b3f2e763fd.zip
BUILD-1924 CirrusCI AWS (#133)
-rw-r--r--.cirrus.yml82
-rw-r--r--it/docker/Dockerfile21
-rw-r--r--it/docker/Dockerfile_1721
-rw-r--r--it/packer/README.md23
-rw-r--r--it/packer/setup.ps160
-rw-r--r--it/packer/sonar-scanner-cli-qa.json29
6 files changed, 29 insertions, 207 deletions
diff --git a/.cirrus.yml b/.cirrus.yml
index 109330d..1c2b4cb 100644
--- a/.cirrus.yml
+++ b/.cirrus.yml
@@ -1,5 +1,7 @@
-# content of service-account-credentials.json, used to access to Google Cloud Platform
-gcp_credentials: ENCRYPTED[!e5f7207bd8d02d383733bef47e18296ac32e3b7d22eb480354e8dd8fdc0004be45a8a4e72c797bd66ee94eb3340fa363!]
+aws_credentials:
+ role_arn: arn:aws:iam::275878209202:role/CirrusCI-prod
+ role_session_name: cirrus
+ region: eu-central-1
#
# ENV VARIABLES
@@ -31,11 +33,21 @@ env:
#
# RE-USABLE CONFIGS
#
-container_definition: &CONTAINER_DEFINITION
- image: us.gcr.io/sonarqube-team/base:j11-m3-latest
- cluster_name: cirrus-ci-cluster
- zone: us-central1-a
+eks_container: &EKS_CONTAINER
+ region: eu-central-1
+ cluster_name: CirrusCI-prod
namespace: default
+ image: 275878209202.dkr.ecr.eu-central-1.amazonaws.com/base:j11-m3-latest
+ cpu: 1
+ memory: 2G
+
+ec2_instance: &EC2_INSTANCE_WINDOWS
+ experimental: true # see https://github.com/cirruslabs/cirrus-ci-docs/issues/1051
+ region: eu-central-1
+ subnet_id: subnet-063c427f490da35b9
+ type: t2.2xlarge
+ image: lt-base-windows-jdk11-v*
+ platform: windows
only_sonarsource_qa: &ONLY_SONARSOURCE_QA
only_if: $CIRRUS_USER_COLLABORATOR == 'true' && ($CIRRUS_PR != "" || $CIRRUS_BRANCH == "master" || $CIRRUS_BRANCH =~ "branch-.*" || $CIRRUS_BRANCH =~ "dogfood-on-.*")
@@ -45,10 +57,8 @@ only_sonarsource_qa: &ONLY_SONARSOURCE_QA
# TASKS
#
build_task:
- gke_container:
- <<: *CONTAINER_DEFINITION
- cpu: 1
- memory: 2G
+ eks_container:
+ <<: *EKS_CONTAINER
env:
SONAR_TOKEN: ENCRYPTED[!b6fd814826c51e64ee61b0b6f3ae621551f6413383f7170f73580e2e141ac78c4b134b506f6288c74faa0dd564c05a29!]
SONAR_HOST_URL: https://next.sonarqube.com/sonarqube
@@ -66,15 +76,8 @@ linux_qa_task:
depends_on:
- build
<<: *ONLY_SONARSOURCE_QA
- gke_container:
- dockerfile: it/docker/Dockerfile
- builder_image_project: sonarqube-team
- builder_image_name: docker-builder-v20200915
- cluster_name: cirrus-ci-cluster
- zone: us-central1-a
- namespace: default
- cpu: 1
- memory: 2G
+ eks_container:
+ <<: *EKS_CONTAINER
env:
matrix:
- SQ_VERSION: LATEST_RELEASE[7.9]
@@ -94,15 +97,9 @@ linux_qa_java17_task:
depends_on:
- build
<<: *ONLY_SONARSOURCE_QA
- gke_container:
- dockerfile: it/docker/Dockerfile_17
- builder_image_project: sonarqube-team
- builder_image_name: docker-builder-v20200915
- cluster_name: cirrus-ci-cluster
- zone: us-central1-a
- namespace: default
- cpu: 1
- memory: 2G
+ eks_container:
+ <<: *EKS_CONTAINER
+ image: 275878209202.dkr.ecr.eu-central-1.amazonaws.com/base:j17-m3-latest
env:
matrix:
- SQ_VERSION: LATEST_RELEASE[8.9]
@@ -117,33 +114,12 @@ linux_qa_java17_task:
cleanup_before_cache_script:
- cleanup_maven_repository
-create_win_vm_task:
- <<: *ONLY_SONARSOURCE_QA
- skip: "!changesInclude('it/packer/setup.ps1', 'it/packer/sonar-scanner-cli-qa.json')"
- gce_instance:
- image_project: sonarqube-team
- image_family: packer-builder
- zone: us-central1-a
- type: n1-standard-8
- use_ssd: true
- scopes:
- - cloud-platform
- build_script:
- - packer build -force it/packer/sonar-scanner-cli-qa.json
-
win_qa_task:
depends_on:
- - create_win_vm
- build
<<: *ONLY_SONARSOURCE_QA
- gce_instance:
- image_project: sonarqube-team
- # This VM is built using Packer, see "create_win_vm_task" above.
- image_name: sonar-scanner-cli-qa
- platform: windows
- zone: us-central1-a
- type: n1-standard-8
- use_ssd: true
+ ec2_instance:
+ <<: *EC2_INSTANCE_WINDOWS
env:
CIRRUS_SHELL: bash
matrix:
@@ -164,8 +140,8 @@ promote_task:
- linux_qa
- win_qa
<<: *ONLY_SONARSOURCE_QA
- gke_container:
- <<: *CONTAINER_DEFINITION
+ eks_container:
+ <<: *EKS_CONTAINER
cpu: 0.5
memory: 500M
maven_cache:
diff --git a/it/docker/Dockerfile b/it/docker/Dockerfile
deleted file mode 100644
index ae52d56..0000000
--- a/it/docker/Dockerfile
+++ /dev/null
@@ -1,21 +0,0 @@
-#------------------------------------------------------------------------------
-# Installs NodeJS, which is needed for running the Linux ITs.
-#
-# Build from the basedir:
-# docker build -f it/docker/Dockerfile-qa -t sonar-scanner-cli-qa it/docker
-#
-# Verify the content of the image by running a shell session in it:
-# docker run -it sonar-scanner-cli-qa bash
-#
-# CirrusCI builds the image when needed. No need to manually upload it to
-# Google Cloud Container Registry. See section "gke_container" of .cirrus.yml
-#------------------------------------------------------------------------------
-
-FROM us.gcr.io/sonarqube-team/base:j11-m3-latest
-
-USER root
-
-RUN curl -sL https://deb.nodesource.com/setup_10.x | bash -
-RUN apt-get install -y nodejs
-
-USER sonarsource
diff --git a/it/docker/Dockerfile_17 b/it/docker/Dockerfile_17
deleted file mode 100644
index 7f17f1e..0000000
--- a/it/docker/Dockerfile_17
+++ /dev/null
@@ -1,21 +0,0 @@
-#------------------------------------------------------------------------------
-# Installs NodeJS, which is needed for running the Linux ITs.
-#
-# Build from the basedir:
-# docker build -f it/docker/Dockerfile-qa -t sonar-scanner-cli-qa it/docker
-#
-# Verify the content of the image by running a shell session in it:
-# docker run -it sonar-scanner-cli-qa bash
-#
-# CirrusCI builds the image when needed. No need to manually upload it to
-# Google Cloud Container Registry. See section "gke_container" of .cirrus.yml
-#------------------------------------------------------------------------------
-
-FROM us.gcr.io/sonarqube-team/base:j17-m3-latest
-
-USER root
-
-RUN curl -sL https://deb.nodesource.com/setup_10.x | bash -
-RUN apt-get install -y nodejs
-
-USER sonarsource
diff --git a/it/packer/README.md b/it/packer/README.md
deleted file mode 100644
index f7c5da5..0000000
--- a/it/packer/README.md
+++ /dev/null
@@ -1,23 +0,0 @@
-Custom Windows VM image for sonar-scanner-cli Windows ITs
-=========================================================
-
-This defines a custom Windows image necessary for the ITs. It contains all [build tools helpers](https://github.com/SonarSource/buildTools/blob/docker/bin/), as well as Node JS, which is needed to scan the example projects.
-
-How to build this VM image
---------------------------
-
-*This isn't supposed to be built by hand.* We have a special image on our Google Cloud project, called *packer-builder-v1*. This image gets started up by Cirrus CI in the `create_win_vm_task` (see [`../../.cirrus.yml`](../../.cirrus.yml)), and will use [Packer](https://packer.io/) to create our custom VM image. The Packer instructions are contained in the `sonar-scanner-cli-qa.json` file.
-
-Note that this image is rebuilt by Cirrus CI every time the `sonar-scanner-cli-qa.json` or `setup.ps1` files change (see the `create_win_vm_task`'s `skip` instruction in [`../../.cirrus.yml`](../../.cirrus.yml)). If no changes are detected, the build will be skipped, and the previously existing image will be used.
-
-How to debug this VM image
---------------------------
-
-1. Log on to [Google Cloud](http://console.cloud.google.com/)
-2. Go to our SonarQube project (`sonarqube-team`)
-3. Under *Compute Engine > Images*, you should see *packer-builder-v1*. Start a new VM with this image.
- This image is pre-configured for using Packer, as well as pushing new VM images to our SonarQube project.
-4. Once started, SSH into this VM (you can do this directly via the browser).
-5. `sudo su` to use the root user (which is configured to use the GCE service account).
- You can now add packer JSON files, and run the `packer build` command to test your new images. **Make sure you remove any test images from GCE.**
-
diff --git a/it/packer/setup.ps1 b/it/packer/setup.ps1
deleted file mode 100644
index bfaca02..0000000
--- a/it/packer/setup.ps1
+++ /dev/null
@@ -1,60 +0,0 @@
-$ErrorActionPreference = 'Stop'
-
-function Install-Chocolatey {
- # Run the installer.
- Set-ExecutionPolicy Bypass -Scope Process -Force; Invoke-Expression ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1'))
-}
-
-function Install-NodeJs {
- choco install -y nodejs
-}
-
-function Install-Buildtools {
- $path = "${env:Temp}\buildTools.zip"
-
- # Fetch the build tools archive.
- [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
- (New-Object System.Net.WebClient).DownloadFile('https://github.com/SonarSource/buildTools/archive/docker.zip', $path)
-
- # Extract the archive to the C drive.
- Add-Type -AssemblyName System.IO.Compression.FileSystem
- [System.IO.Compression.ZipFile]::ExtractToDirectory($path, 'C:\')
-
- # Update global PATH.
- $currentPath = (Get-ItemProperty -Path 'Registry::HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\Environment' -Name PATH).Path
- $updatedPath = $currentPath+';C:\buildTools-docker\bin'
- Set-ItemProperty -Path 'Registry::HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\Environment' -Name PATH -Value $updatedPath
-
- # Remove archive.
- del $path
-}
-
-function Install-Maven {
- choco install -y openjdk11 --version 11.0.4.11
- choco install -y maven --version 3.6.2
-}
-
-function Install-Git {
- # We use Git to enable Unix Tools. This will allow us to use Bash-style
- # commands in .cirrus.yml, like "source".
- choco install -y git --version 2.23.0 --package-parameters "/GitAndUnixToolsOnPath"
-}
-
-Write-Host "Install chocolatey"
-Install-Chocolatey
-
-Write-Host "Install Maven"
-Install-Maven
-
-Write-Host "Install NodeJs"
-Install-NodeJs
-
-Write-Host "Install Unix Tools"
-Install-Git
-
-Write-Host "Set up build tools"
-Install-Buildtools
-
-# Disable antivirus analysis on C drive.
-Write-Host "Finalize VM configuration"
-Set-MpPreference -ScanAvgCPULoadFactor 5 -ExclusionPath "C:\"
diff --git a/it/packer/sonar-scanner-cli-qa.json b/it/packer/sonar-scanner-cli-qa.json
deleted file mode 100644
index 215ee90..0000000
--- a/it/packer/sonar-scanner-cli-qa.json
+++ /dev/null
@@ -1,29 +0,0 @@
-{
- "builders": [
- {
- "type": "googlecompute",
- "project_id": "sonarqube-team",
- "source_image": "windows-server-1809-dc-core-v20200813",
- "image_name": "sonar-scanner-cli-qa",
- "disk_size": "50",
- "machine_type": "n1-standard-1",
- "communicator": "winrm",
- "winrm_username": "packer_user",
- "winrm_insecure": true,
- "winrm_use_ssl": true,
- "metadata": {
- "windows-startup-script-cmd": "winrm quickconfig -quiet & net user /add packer_user & net localgroup administrators packer_user /add & winrm set winrm/config/service/auth @{Basic=\"true\"}"
- },
- "zone": "us-central1-a",
- "tags": ["packer"]
- }
- ],
- "provisioners": [
- {
- "type": "powershell",
- "scripts": [
- "{{template_dir}}/setup.ps1"
- ]
- }
- ]
-}