#
# ENV VARIABLES
#
env:
  ### Shared variables
  CIRRUS_VAULT_AUTH_PATH: jwt-cirrusci
  CIRRUS_VAULT_ROLE: cirrusci-${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}
  CIRRUS_VAULT_URL: https://vault.sonar.build:8200
  ARTIFACTORY_URL: VAULT[development/kv/data/repox data.url]
  ARTIFACTORY_PRIVATE_USERNAME: vault-${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-private-reader
  ARTIFACTORY_PRIVATE_PASSWORD: VAULT[development/artifactory/token/SonarSource-sonar-scanner-cli-private-reader access_token]
  ARTIFACTORY_ACCESS_TOKEN: VAULT[development/artifactory/token/SonarSource-sonar-scanner-cli-private-reader access_token]
  ARTIFACTORY_DEPLOY_USERNAME: vault-${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-qa-deployer
  ARTIFACTORY_DEPLOY_PASSWORD: VAULT[development/artifactory/token/SonarSource-sonar-scanner-cli-qa-deployer access_token]
  ARTIFACTORY_DEPLOY_REPO: sonarsource-public-qa
  ARTIFACTORY_PROMOTE_ACCESS_TOKEN: VAULT[development/artifactory/token/${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-promoter access_token]

  ### Project variables
  DEPLOY_PULL_REQUEST: true
  NIGHTLY_CRON: 'nightly-cron'
#
# RE-USABLE CONFIGS
#
eks_container: &EKS_CONTAINER
  region: eu-central-1
  cluster_name: ${CIRRUS_CLUSTER_NAME}
  namespace: default
  image: ${CIRRUS_AWS_ACCOUNT}.dkr.ecr.eu-central-1.amazonaws.com/base:j17-m3-latest
  cpu: 1
  memory: 4G

ec2_instance: &EC2_INSTANCE_WINDOWS
  region: eu-central-1
  type: t2.2xlarge
  image: base-windows-jdk17-v*
  platform: windows

only_sonarsource_qa: &ONLY_SONARSOURCE_QA
  only_if: $CIRRUS_USER_COLLABORATOR == 'true' && $CIRRUS_TAG == "" && ($CIRRUS_PR != "" || $CIRRUS_BRANCH == $CIRRUS_DEFAULT_BRANCH || $CIRRUS_BRANCH =~ "branch-.*" || $CIRRUS_BUILD_SOURCE == 'api' )

except_nightly_cron: &ONLY_SONARSOURCE_QA_EXCEPT_ON_NIGHTLY_CRON
  only_if: $CIRRUS_USER_COLLABORATOR == 'true' && $CIRRUS_TAG == "" && ($CIRRUS_PR != "" || $CIRRUS_BRANCH == $CIRRUS_DEFAULT_BRANCH || $CIRRUS_BRANCH =~ "branch-.*" || $CIRRUS_BUILD_SOURCE == 'api' ) && $CIRRUS_CRON != $NIGHTLY_CRON

#
# TASKS
#
build_task:
  <<: *ONLY_SONARSOURCE_QA
  eks_container:
    <<: *EKS_CONTAINER
  env:
    SONAR_TOKEN: VAULT[development/kv/data/next data.token]
    SONAR_HOST_URL: VAULT[development/kv/data/next data.url]
    SIGN_KEY: VAULT[development/kv/data/sign data.key]
    PGP_PASSPHRASE: VAULT[development/kv/data/sign data.passphrase]
    # Fetch all commit history so that Sonar has exact blame information for issue auto-assignment
    CIRRUS_CLONE_DEPTH: "0"
  maven_cache:
    folder: ${CIRRUS_WORKING_DIR}/.m2/repository
  script:
    - source cirrus-env BUILD
    - regular_mvn_build_deploy_analyze -Pdist-linux-x64,dist-linux-aarch64,dist-windows-x64,dist-macosx-x64,dist-macosx-aarch64
  always:
    junit_artifacts:
      path: "**/surefire-reports/**.xml"
      type: text/xml
      format: junit
  cleanup_before_cache_script:
    - cleanup_maven_repository

mend_scan_task:
  depends_on:
    - build
  eks_container:
    <<: *EKS_CONTAINER
    cpu: 2
    memory: 2G
  # run only on master and long-term branches
  only_if: $CIRRUS_USER_COLLABORATOR == 'true' && $CIRRUS_TAG == "" && ($CIRRUS_BRANCH == $CIRRUS_DEFAULT_BRANCH || $CIRRUS_BRANCH =~ "branch-.*")
  env:
    WS_APIKEY: VAULT[development/kv/data/mend data.apikey]
  maven_cache:
    folder: ${CIRRUS_WORKING_DIR}/.m2/repository
  whitesource_script:
    - source cirrus-env QA
    - source set_maven_build_version $BUILD_NUMBER
    - mvn clean install -DskipTests --batch-mode
    - source ws_scan.sh
  cleanup_before_cache_script: cleanup_maven_repository
  allow_failures: "true"
  always:
    ws_artifacts:
      path: "whitesource/**/*"

linux_x64_qa_java17_task:
  depends_on:
    - build
  <<: *ONLY_SONARSOURCE_QA
  eks_container:
    <<: *EKS_CONTAINER
  env:
    matrix:
      - SQ_VERSION: LATEST_RELEASE[9.9]
      - SQ_VERSION: LATEST_RELEASE
      - SQ_VERSION: DEV
  maven_cache:
    folder: ${CIRRUS_WORKING_DIR}/.m2/repository
  qa_script:
    - nodeVersion=18.17.0
    - nodeName=node-v${nodeVersion}-linux-x64
    - wget https://nodejs.org/download/release/v${nodeVersion}/${nodeName}.tar.gz
    - tar xzf ${nodeName}.tar.gz -C /tmp
    - export PATH=$PATH:/tmp/${nodeName}/bin
    - source cirrus-env QA
    - source set_maven_build_version $BUILD_NUMBER
    - cd it
    - mvn -B -e -Dsonar.runtimeVersion="$SQ_VERSION" -Dmaven.test.redirectTestOutputToFile=false verify
  cleanup_before_cache_script:
    - cleanup_maven_repository

win_x64_qa_java17_task:
  depends_on:
    - build
  <<: *ONLY_SONARSOURCE_QA
  ec2_instance:
    <<: *EC2_INSTANCE_WINDOWS
  env:
    CIRRUS_SHELL: bash
    matrix:
      - SQ_VERSION: LATEST_RELEASE[9.9]
      - SQ_VERSION: LATEST_RELEASE
      - SQ_VERSION: DEV
  maven_cache:
    folder: ${CIRRUS_WORKING_DIR}/.m2/repository
  qa_script:
    - source cirrus-env QA
    - source set_maven_build_version $BUILD_NUMBER
    - cd it
    - mvn -B -e -Dsonar.runtimeVersion="$SQ_VERSION" -Dmaven.test.redirectTestOutputToFile=false verify
  cleanup_before_cache_script:
    - cleanup_maven_repository

promote_task:
  depends_on:
    - linux_x64_qa_java17
    - win_x64_qa_java17
  <<: *ONLY_SONARSOURCE_QA_EXCEPT_ON_NIGHTLY_CRON
  eks_container:
    <<: *EKS_CONTAINER
    cpu: 0.5
    memory: 500M
  env:
    GITHUB_TOKEN: VAULT[development/github/token/SonarSource-sonar-scanner-cli-promotion token]
  maven_cache:
    folder: $CIRRUS_WORKING_DIR/.m2/repository
  script:
    - cirrus_promote_maven
  cleanup_before_cache_script:
    - cleanup_maven_repository