aboutsummaryrefslogtreecommitdiffstats
path: root/.cirrus.yml
blob: f8aee162fe1e5d0446fb197f19d0279286656dc2 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
#
# ENV VARIABLES
#
env:
  ### Shared variables
  CIRRUS_VAULT_AUTH_PATH: jwt-cirrusci
  CIRRUS_VAULT_ROLE: cirrusci-${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}
  CIRRUS_VAULT_URL: https://vault.sonar.build:8200
  ARTIFACTORY_URL: VAULT[development/kv/data/repox data.url]
  ARTIFACTORY_PRIVATE_USERNAME: vault-${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-private-reader
  ARTIFACTORY_PRIVATE_PASSWORD: VAULT[development/artifactory/token/SonarSource-sonar-scanner-cli-private-reader access_token]
  ARTIFACTORY_ACCESS_TOKEN: VAULT[development/artifactory/token/SonarSource-sonar-scanner-cli-private-reader access_token]
  ARTIFACTORY_DEPLOY_USERNAME: vault-${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-qa-deployer
  ARTIFACTORY_DEPLOY_PASSWORD: VAULT[development/artifactory/token/SonarSource-sonar-scanner-cli-qa-deployer access_token]
  ARTIFACTORY_DEPLOY_REPO: sonarsource-public-qa

  GCF_ACCESS_TOKEN: VAULT[development/kv/data/promote data.token]
  PROMOTE_URL: VAULT[development/kv/data/promote data.url]

  BURGR_URL: VAULT[development/kv/data/burgr data.url]
  BURGR_USERNAME: VAULT[development/kv/data/burgr data.cirrus_username]
  BURGR_PASSWORD: VAULT[development/kv/data/burgr data.cirrus_password]

  ### Project variables
  DEPLOY_PULL_REQUEST: true
  ARTIFACTS: org.sonarsource.scanner.cli:sonar-scanner-cli:jar

#
# RE-USABLE CONFIGS
#
eks_container: &EKS_CONTAINER
  region: eu-central-1
  cluster_name: ${CIRRUS_CLUSTER_NAME}
  namespace: default
  image: ${CIRRUS_AWS_ACCOUNT}.dkr.ecr.eu-central-1.amazonaws.com/base:j11-m3-latest
  cpu: 1
  memory: 2G

ec2_instance: &EC2_INSTANCE_WINDOWS
  experimental: true # see https://github.com/cirruslabs/cirrus-ci-docs/issues/1051
  region: eu-central-1
  subnet_id: ${CIRRUS_AWS_SUBNET}
  type: t2.2xlarge
  image: base-windows-jdk11-v*
  platform: windows

only_sonarsource_qa: &ONLY_SONARSOURCE_QA
  only_if: $CIRRUS_USER_COLLABORATOR == 'true' && ($CIRRUS_PR != "" || $CIRRUS_BRANCH == "master" || $CIRRUS_BRANCH =~ "branch-.*" || $CIRRUS_BRANCH =~ "dogfood-on-.*")

#
# TASKS
#
build_task:
  eks_container:
    <<: *EKS_CONTAINER
  env:
    SONAR_TOKEN: VAULT[development/kv/data/next data.token]
    SONAR_HOST_URL: VAULT[development/kv/data/next data.url]
    SIGN_KEY: VAULT[development/kv/data/sign data.key]
    PGP_PASSPHRASE: VAULT[development/kv/data/sign data.passphrase]
  maven_cache:
    folder: ${CIRRUS_WORKING_DIR}/.m2/repository
  script:
    - source cirrus-env BUILD
    - regular_mvn_build_deploy_analyze -Pdist-linux,dist-windows,dist-macosx
  cleanup_before_cache_script:
    - cleanup_maven_repository

linux_qa_java11_task:
  depends_on:
    - build
  <<: *ONLY_SONARSOURCE_QA
  eks_container:
    <<: *EKS_CONTAINER
  env:
    SQ_VERSION: LATEST_RELEASE[8.9]
  maven_cache:
    folder: ${CIRRUS_WORKING_DIR}/.m2/repository
  qa_script:
    - source cirrus-env QA
    - source set_maven_build_version $BUILD_NUMBER
    - cd it
    - mvn -B -e -Dsonar.runtimeVersion="$SQ_VERSION" -Dmaven.test.redirectTestOutputToFile=false verify
  cleanup_before_cache_script:
    - cleanup_maven_repository

linux_qa_java17_task:
  depends_on:
    - build
  <<: *ONLY_SONARSOURCE_QA
  eks_container:
    <<: *EKS_CONTAINER
    image: ${CIRRUS_AWS_ACCOUNT}.dkr.ecr.eu-central-1.amazonaws.com/base:j17-m3-latest
  env:
    matrix:
      - SQ_VERSION: LATEST_RELEASE[8.9]
      - SQ_VERSION: DEV
  maven_cache:
    folder: ${CIRRUS_WORKING_DIR}/.m2/repository
  qa_script:
    - source cirrus-env QA
    - source set_maven_build_version $BUILD_NUMBER
    - cd it
    - mvn -B -e -Dsonar.runtimeVersion="$SQ_VERSION" -Dmaven.test.redirectTestOutputToFile=false verify
  cleanup_before_cache_script:
    - cleanup_maven_repository

win_qa_java11_task:
  depends_on:
    - build
  <<: *ONLY_SONARSOURCE_QA
  ec2_instance:
    <<: *EC2_INSTANCE_WINDOWS
  env:
    CIRRUS_SHELL: bash
    SQ_VERSION: LATEST_RELEASE[8.9]
  maven_cache:
    folder: ${CIRRUS_WORKING_DIR}/.m2/repository
  qa_script:
    - source cirrus-env QA
    - source set_maven_build_version $BUILD_NUMBER
    - cd it
    - mvn -B -e -Dsonar.runtimeVersion="$SQ_VERSION" -Dmaven.test.redirectTestOutputToFile=false verify
  cleanup_before_cache_script:
    - cleanup_maven_repository

win_qa_java17_task:
  depends_on:
    - build
  <<: *ONLY_SONARSOURCE_QA
  ec2_instance:
    <<: *EC2_INSTANCE_WINDOWS
    image: base-windows-jdk17-v*
  env:
    CIRRUS_SHELL: bash
    matrix:
      - SQ_VERSION: LATEST_RELEASE[8.9]
      - SQ_VERSION: DEV
  maven_cache:
    folder: ${CIRRUS_WORKING_DIR}/.m2/repository
  qa_script:
    - source cirrus-env QA
    - source set_maven_build_version $BUILD_NUMBER
    - cd it
    - mvn -B -e -Dsonar.runtimeVersion="$SQ_VERSION" -Dmaven.test.redirectTestOutputToFile=false verify
  cleanup_before_cache_script:
    - cleanup_maven_repository

promote_task:
  depends_on:
    - linux_qa_java11
    - linux_qa_java17
    - win_qa_java11
    - win_qa_java17
  <<: *ONLY_SONARSOURCE_QA
  eks_container:
    <<: *EKS_CONTAINER
    cpu: 0.5
    memory: 500M
  env:
    GITHUB_TOKEN: VAULT[development/github/token/SonarSource-sonar-scanner-cli-promotion token]
  maven_cache:
    folder: $CIRRUS_WORKING_DIR/.m2/repository
  script:
    - cirrus_promote_maven
  cleanup_before_cache_script:
    - cleanup_maven_repository