blob: ee3178c84095babea7da0a3fc05992cd5fc1e503 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
|
#
# ENV VARIABLES
#
env:
### Shared variables
CIRRUS_VAULT_AUTH_PATH: jwt-cirrusci
CIRRUS_VAULT_ROLE: cirrusci-${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}
CIRRUS_VAULT_URL: https://vault.sonar.build:8200
ARTIFACTORY_URL: VAULT[development/kv/data/repox data.url]
ARTIFACTORY_PRIVATE_USERNAME: vault-${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-private-reader
ARTIFACTORY_PRIVATE_PASSWORD: VAULT[development/artifactory/token/SonarSource-sonar-scanner-cli-private-reader access_token]
ARTIFACTORY_ACCESS_TOKEN: VAULT[development/artifactory/token/SonarSource-sonar-scanner-cli-private-reader access_token]
ARTIFACTORY_DEPLOY_USERNAME: vault-${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-qa-deployer
ARTIFACTORY_DEPLOY_PASSWORD: VAULT[development/artifactory/token/SonarSource-sonar-scanner-cli-qa-deployer access_token]
ARTIFACTORY_DEPLOY_REPO: sonarsource-public-qa
GCF_ACCESS_TOKEN: VAULT[development/kv/data/promote data.token]
PROMOTE_URL: VAULT[development/kv/data/promote data.url]
BURGR_URL: VAULT[development/kv/data/burgr data.url]
BURGR_USERNAME: VAULT[development/kv/data/burgr data.cirrus_username]
BURGR_PASSWORD: VAULT[development/kv/data/burgr data.cirrus_password]
### Project variables
DEPLOY_PULL_REQUEST: true
ARTIFACTS: org.sonarsource.scanner.cli:sonar-scanner-cli:jar
NIGHTLY_CRON: 'nightly-cron'
#
# RE-USABLE CONFIGS
#
eks_container: &EKS_CONTAINER
region: eu-central-1
cluster_name: ${CIRRUS_CLUSTER_NAME}
namespace: default
image: ${CIRRUS_AWS_ACCOUNT}.dkr.ecr.eu-central-1.amazonaws.com/base:j17-m3-latest
cpu: 1
memory: 2G
ec2_instance: &EC2_INSTANCE_WINDOWS
experimental: true # see https://github.com/cirruslabs/cirrus-ci-docs/issues/1051
region: eu-central-1
subnet_id: ${CIRRUS_AWS_SUBNET}
type: t2.2xlarge
image: base-windows-jdk17-v*
platform: windows
only_sonarsource_qa: &ONLY_SONARSOURCE_QA
only_if: $CIRRUS_USER_COLLABORATOR == 'true' && ($CIRRUS_PR != "" || $CIRRUS_BRANCH == "master" || $CIRRUS_BRANCH =~ "branch-.*" || $CIRRUS_BRANCH =~ "dogfood-on-.*")
except_nightly_cron: &EXCEPT_ON_NIGHTLY_CRON
only_if: $CIRRUS_CRON != $NIGHTLY_CRON
#
# TASKS
#
build_task:
eks_container:
<<: *EKS_CONTAINER
env:
SONAR_TOKEN: VAULT[development/kv/data/next data.token]
SONAR_HOST_URL: VAULT[development/kv/data/next data.url]
SIGN_KEY: VAULT[development/kv/data/sign data.key]
PGP_PASSPHRASE: VAULT[development/kv/data/sign data.passphrase]
maven_cache:
folder: ${CIRRUS_WORKING_DIR}/.m2/repository
script:
- source cirrus-env BUILD
- regular_mvn_build_deploy_analyze -Pdist-linux,dist-windows,dist-macosx
cleanup_before_cache_script:
- cleanup_maven_repository
linux_qa_java17_task:
depends_on:
- build
<<: *ONLY_SONARSOURCE_QA
eks_container:
<<: *EKS_CONTAINER
env:
matrix:
- SQ_VERSION: LATEST_RELEASE[8.9]
- SQ_VERSION: DEV
maven_cache:
folder: ${CIRRUS_WORKING_DIR}/.m2/repository
qa_script:
- source cirrus-env QA
- source set_maven_build_version $BUILD_NUMBER
- cd it
- mvn -B -e -Dsonar.runtimeVersion="$SQ_VERSION" -Dmaven.test.redirectTestOutputToFile=false verify
cleanup_before_cache_script:
- cleanup_maven_repository
win_qa_java17_task:
depends_on:
- build
<<: *ONLY_SONARSOURCE_QA
ec2_instance:
<<: *EC2_INSTANCE_WINDOWS
env:
CIRRUS_SHELL: bash
matrix:
- SQ_VERSION: LATEST_RELEASE[8.9]
- SQ_VERSION: DEV
maven_cache:
folder: ${CIRRUS_WORKING_DIR}/.m2/repository
qa_script:
- source cirrus-env QA
- source set_maven_build_version $BUILD_NUMBER
- cd it
- mvn -B -e -Dsonar.runtimeVersion="$SQ_VERSION" -Dmaven.test.redirectTestOutputToFile=false verify
cleanup_before_cache_script:
- cleanup_maven_repository
promote_task:
depends_on:
- linux_qa_java17
- win_qa_java17
<<: *ONLY_SONARSOURCE_QA
<<: *EXCEPT_ON_NIGHTLY_CRON
eks_container:
<<: *EKS_CONTAINER
cpu: 0.5
memory: 500M
env:
GITHUB_TOKEN: VAULT[development/github/token/SonarSource-sonar-scanner-cli-promotion token]
maven_cache:
folder: $CIRRUS_WORKING_DIR/.m2/repository
script:
- cirrus_promote_maven
cleanup_before_cache_script:
- cleanup_maven_repository
|