diff options
author | Julien Carsique <julien.carsique@sonarsource.com> | 2023-12-27 19:01:16 +0100 |
---|---|---|
committer | sonartech <sonartech@sonarsource.com> | 2024-01-23 20:04:15 +0000 |
commit | d26c2ca7db6af4b2cfc24d3f560e5354d0692f9e (patch) | |
tree | a97d938a49630b8ed3c61ccc22dbb8eb52978deb | |
parent | 29f0fde0bf04408dd3c35d5122bacda8289e6926 (diff) | |
download | sonarqube-d26c2ca7db6af4b2cfc24d3f560e5354d0692f9e.tar.gz sonarqube-d26c2ca7db6af4b2cfc24d3f560e5354d0692f9e.zip |
BUILD-3755 migrate Travis to Cirrus CI
-rw-r--r-- | .cirrus.star | 20 | ||||
-rw-r--r-- | .cirrus.yml | 1118 | ||||
-rw-r--r-- | .cirrus/.cirrus.yml | 183 | ||||
-rw-r--r-- | .cirrus/Dockerfile | 51 | ||||
-rwxr-xr-x | .cirrus/cirrus-build.sh | 20 | ||||
-rwxr-xr-x | .cirrus/cirrus-cache-dependencies.sh | 13 | ||||
-rw-r--r-- | .cirrus/cirrus-env | 11 | ||||
-rwxr-xr-x | .cirrus/cirrus-junit.sh | 7 | ||||
-rwxr-xr-x | .cirrus/cirrus-sq-analysis.sh | 22 | ||||
-rwxr-xr-x | .cirrus/cirrus-yarn-lint-report.sh | 7 | ||||
-rwxr-xr-x | .cirrus/cirrus-yarn-validate-ci.sh | 7 | ||||
-rw-r--r-- | .dockerignore | 1 | ||||
-rw-r--r-- | .travis.yml | 42 | ||||
-rwxr-xr-x | .travis/run_iris.sh | 29 | ||||
-rwxr-xr-x | .travis/setup_environment.sh | 21 | ||||
-rwxr-xr-x | .travis/setup_ramdisk.sh | 22 | ||||
-rw-r--r-- | README.md | 2 | ||||
-rwxr-xr-x | travis.sh | 93 |
18 files changed, 342 insertions, 1327 deletions
diff --git a/.cirrus.star b/.cirrus.star index 28b17b70fc3..ae0a6b69209 100644 --- a/.cirrus.star +++ b/.cirrus.star @@ -1,4 +1,22 @@ load("github.com/SonarSource/cirrus-modules@v2", "load_features") +load("cirrus", "env", "fs", "yaml") + def main(ctx): - return load_features(ctx) + if env.get("CIRRUS_REPO_FULL_NAME") == 'SonarSource/sonar-enterprise': + features = yaml.dumps(load_features(ctx, only_if=dict())) + doc = fs.read("private/.cirrus.yml") + else: + if env.get("CIRRUS_USER_PERMISSION") in ["write", "admin"]: + features = yaml.dumps(load_features(ctx, features=["build_number"])) + else: + # workaround for BUILD-4413 (build number on public CI) + features = yaml.dumps( + { + 'env': { + 'CI_BUILD_NUMBER': env.get("CIRRUS_PR", "1") + }, + } + ) + doc = fs.read(".cirrus/.cirrus.yml") + return features + doc diff --git a/.cirrus.yml b/.cirrus.yml deleted file mode 100644 index a9477a8cc7a..00000000000 --- a/.cirrus.yml +++ /dev/null @@ -1,1118 +0,0 @@ -env: - GRADLE_OPTS: -Dorg.gradle.jvmargs="-XX:+PrintFlagsFinal -XshowSettings:vm -XX:+HeapDumpOnOutOfMemoryError -XX:+UnlockExperimentalVMOptions -Djava.security.egd=file:/dev/./urandom -Dfile.encoding=UTF8 -Duser.language=en -Duser.country=US" - # to be replaced by other credentials - ARTIFACTORY_PRIVATE_USERNAME: vault-${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-private-reader - ARTIFACTORY_PRIVATE_PASSWORD: VAULT[development/artifactory/token/${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-private-reader access_token] - ARTIFACTORY_DEPLOY_USERNAME: vault-${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-qa-deployer - ARTIFACTORY_DEPLOY_PASSWORD: VAULT[development/artifactory/token/${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-qa-deployer access_token] - ARTIFACTORY_ACCESS_TOKEN: VAULT[development/artifactory/token/${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-private-reader access_token] - ARTIFACTORY_PROMOTE_ACCESS_TOKEN: VAULT[development/artifactory/token/${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-promoter access_token] - ARTIFACTORY_URL: "https://repox.jfrog.io/repox" - ARTIFACTORY_DEPLOY_REPO: "sonarsource-public-qa" - ARTIFACTORY_DEPLOY_REPO_PRIVATE: "sonarsource-private-qa" - # download licenses for testing commercial editions - GITHUB_TOKEN: VAULT[development/github/token/licenses-ro token] - # notifications to burgr - BURGR_URL: VAULT[development/kv/data/burgr data.url] - BURGR_USERNAME: VAULT[development/kv/data/burgr data.cirrus_username] - BURGR_PASSWORD: VAULT[development/kv/data/burgr data.cirrus_password] - # analysis on next.sonarqube.com - SONARQUBE_NEXT_TOKEN: VAULT[development/kv/data/next data.token] - # to trigger docs deployment - ELASTIC_PWD: VAULT[development/team/sonarqube/kv/data/elasticsearch-cloud data.password] - DATADOG_APIKEY: VAULT[development/team/sonarqube/kv/data/sq-datadog data.apikey] - CIRRUS_LOG_TIMESTAMP: true - BRANCH_MAIN: "master" - BRANCH_NIGHTLY: "branch-nightly-build" - BRANCH_PATTERN_MAINTENANCE: "branch-.*" - BRANCH_PATTERN_PUBLIC: "public_.*" - CRON_DATABASE_JOB_NAME: "master-weekly" - GRADLE_ENTERPRISE_USERNAME: VAULT[development/team/sonarqube/kv/data/gradle-enterprise data.username] - GRADLE_ENTERPRISE_PASSWORD: VAULT[development/team/sonarqube/kv/data/gradle-enterprise data.password] - GRADLE_ENTERPRISE_URL: VAULT[development/team/sonarqube/kv/data/gradle-enterprise data.url] - GRADLE_ENTERPRISE_KEY: VAULT[development/team/sonarqube/kv/data/gradle-enterprise data.access-key] - -bitbucket_cloud_environment_template: &BITBUCKET_CLOUD_ENVIRONMENT_VARIABLES - BBC_CLIENT_ID: VAULT[development/team/sonarqube/kv/data/bitbucket-cloud data.client_id] - BBC_CLIENT_SECRET: VAULT[development/team/sonarqube/kv/data/bitbucket-cloud data.client_secret] - BBC_USERNAME: VAULT[development/kv/data/bitbucket/sonarqube-its data.username] - BBC_READ_REPOS_APP_PASSWORD: VAULT[development/kv/data/bitbucket/sonarqube-its data.password] - -gitlab_cloud_environment_template: &GITLAB_CLOUD_ENVIRONMENT_VARIABLES - GITLAB_API_TOKEN: VAULT[development/team/sonarqube/kv/data/gitlab-cloud data.api_token] - GITLAB_READ_ONLY_TOKEN: VAULT[development/team/sonarqube/kv/data/gitlab-cloud data.api_token_ro] - GITLAB_ADMIN_USERNAME: VAULT[development/team/sonarqube/kv/data/gitlab-cloud data.username] - GITLAB_ADMIN_PASSWORD: VAULT[development/team/sonarqube/kv/data/gitlab-cloud data.password] - -azure_cloud_environment_template: &AZURE_CLOUD_ENVIRONMENT_VARIABLES - AZURE_USERNAME_LOGIN: VAULT[development/team/sonarqube/kv/data/azure-instance data.username] - AZURE_CODE_READ_AND_WRITE_TOKEN: VAULT[development/team/sonarqube/kv/data/azure-instance data.token_code_read_write] - AZURE_FULL_ACCESS_TOKEN: VAULT[development/team/sonarqube/kv/data/azure-instance data.token_full_access] - -auto_cancellation: $CIRRUS_BRANCH != $BRANCH_MAIN && $CIRRUS_BRANCH !=~ $BRANCH_PATTERN_MAINTENANCE - -cache_dependencies_dependant_task_template: - &CACHE_DEPENDENCIES_DEPENDANT_TASK_TEMPLATE - depends_on: cache_dependencies - -build_dependant_task_template: &BUILD_DEPENDANT_TASK_TEMPLATE - depends_on: build - -master_task_template: &IS_BRANCH_MASTER - $CIRRUS_BRANCH == $BRANCH_MAIN - -master_and_nightly_task_template: &IS_BRANCH_MASTER_OR_NIGHTLY - $CIRRUS_BRANCH == $BRANCH_NIGHTLY || $CIRRUS_BRANCH == $BRANCH_MAIN - -master_or_nightly_or_maintenance_task_template: &IS_BRANCH_MASTER_OR_NIGHTLY_OR_MAINTENANCE - $CIRRUS_BRANCH == $BRANCH_NIGHTLY || $CIRRUS_BRANCH == $BRANCH_MAIN || $CIRRUS_BRANCH =~ $BRANCH_PATTERN_MAINTENANCE - -is_weekly_job: &IS_WEEKLY_JOB - $CIRRUS_CRON == $CRON_DATABASE_JOB_NAME - -is_old_commit: &IS_OLD_COMMIT - $CIRRUS_CRON == $CRON_DATABASE_JOB_NAME || $CIRRUS_BRANCH == $BRANCH_NIGHTLY - -is_branch_public: &IS_BRANCH_PUBLIC - $CIRRUS_BRANCH =~ $BRANCH_PATTERN_PUBLIC - -is_old_commit_or_public_branch: &IS_OLD_COMMIT_OR_BRANCH_PUBLIC - $CIRRUS_CRON == $CRON_DATABASE_JOB_NAME || $CIRRUS_BRANCH == $BRANCH_NIGHTLY || $CIRRUS_BRANCH =~ $BRANCH_PATTERN_PUBLIC - -database_related_task_template: &IS_DB_TASK_NEEDED >- - $CIRRUS_BRANCH == $BRANCH_MAIN || $CIRRUS_BRANCH =~ $BRANCH_PATTERN_MAINTENANCE || $CIRRUS_BRANCH == $BRANCH_NIGHTLY || - changesInclude('server/sonar-db-dao/**/*Mapper.xml', 'server/sonar-db-migration/**/DbVersion*.java', 'server/sonar-db-dao/**/*Dao.java', 'server/sonar-db-core/src/main/java/org/sonar/db/*.java') - -saml_task_template: &IS_SAML_TASK_NEEDED >- - $CIRRUS_BRANCH == $BRANCH_MAIN || $CIRRUS_BRANCH =~ $BRANCH_PATTERN_MAINTENANCE || $CIRRUS_BRANCH == $BRANCH_NIGHTLY || - changesInclude('server/sonar-auth-saml/src/main/java/**/*.java', 'server/sonar-auth-saml/src/main/resources/**/*', 'server/sonar-db-dao/src/main/**/SAML*.java', 'private/it-core/src/test/java/org/sonarqube/tests/saml/*.java', 'server/sonar-webserver-webapi/src/main/java/org/sonar/server/saml/**/*.java') - -ldap_task_template: &IS_LDAP_TASK_NEEDED >- - $CIRRUS_BRANCH == $BRANCH_MAIN || $CIRRUS_BRANCH =~ $BRANCH_PATTERN_MAINTENANCE || $CIRRUS_BRANCH == $BRANCH_NIGHTLY || - changesInclude('server/sonar-auth-ldap/src/main/java/**/*.java', 'server/sonar-webserver-auth/src/main/java/org/sonar/server/authentication/LdapCredentialsAuthentication.java', 'private/it-core/src/test/java/org/sonarqube/tests/ldap/*.java') - -github_task_template: &IS_GITHUB_TASK_NEEDED >- - $CIRRUS_BRANCH == $BRANCH_MAIN || $CIRRUS_BRANCH =~ $BRANCH_PATTERN_MAINTENANCE || $CIRRUS_BRANCH == $BRANCH_NIGHTLY || - changesInclude( - 'private/core-extension-developer-server/src/main/java/com/sonarsource/branch/pr/github/**/*.java', - 'private/core-extension-developer-server/src/main/java/com/sonarsource/branch/pr/github/*.java', - 'private/it-branch/it-tests/src/test/java/com/sonarsource/branch/it/suite/pr/github/**/*.java', - 'private/it-branch/it-tests/src/test/java/com/sonarsource/branch/it/suite/pr/github/*.java', - 'private/it-branch/it-tests/src/test/java/com/sonarsource/provisioning/github/*.java', - 'private/it-branch/it-tests/src/test/java/com/sonarsource/onboarding/github/*.java', - 'private/core-extension-github-provisioning/**/*') - -gitlab_task_template: &IS_GITLAB_TASK_NEEDED >- - $CIRRUS_BRANCH == $BRANCH_MAIN || $CIRRUS_BRANCH =~ $BRANCH_PATTERN_MAINTENANCE || $CIRRUS_BRANCH == $BRANCH_NIGHTLY || - changesInclude( - 'private/core-extension-developer-server/src/main/java/com/sonarsource/branch/pr/gitlab/**/*.java', - 'private/core-extension-developer-server/src/main/java/com/sonarsource/branch/pr/gitlab/*.java', - 'private/it-branch/it-tests/src/test/java/com/sonarsource/branch/it/suite/pr/gitlab/**/*.java', - 'private/it-branch/it-tests/src/test/java/com/sonarsource/branch/it/suite/pr/gitlab/*.java', - 'private/core-extension-gitlab-vulnerability-report/src/main/**/*.java') - -gitlab_provisioning_task_template: &IS_GITLAB_PROVISIONING_TASK_NEEDED >- - $CIRRUS_BRANCH == $BRANCH_MAIN || $CIRRUS_BRANCH =~ $BRANCH_PATTERN_MAINTENANCE || $CIRRUS_BRANCH == $BRANCH_NIGHTLY || - changesInclude('private/core-extension-gitlab-provisioning/**/*.java') - -azure_task_template: &IS_AZURE_TASK_NEEDED >- - $CIRRUS_BRANCH == $BRANCH_MAIN || $CIRRUS_BRANCH =~ $BRANCH_PATTERN_MAINTENANCE || $CIRRUS_BRANCH == $BRANCH_NIGHTLY || - changesInclude( - 'private/core-extension-developer-server/src/main/java/com/sonarsource/branch/pr/azuredevops/**/*.java', - 'private/core-extension-developer-server/src/main/java/com/sonarsource/branch/pr/azuredevops/*.java', - 'private/it-branch/it-tests/src/test/java/com/sonarsource/branch/it/suite/pr/azure/**/*.java', - 'private/it-branch/it-tests/src/test/java/com/sonarsource/branch/it/suite/pr/azure/*.java') - -bitbucket_server_task_template: &IS_BITBUCKET_SERVER_TASK_NEEDED >- - $CIRRUS_BRANCH == $BRANCH_MAIN || $CIRRUS_BRANCH =~ $BRANCH_PATTERN_MAINTENANCE || $CIRRUS_BRANCH == $BRANCH_NIGHTLY || - changesInclude( - 'private/core-extension-developer-server/src/main/java/com/sonarsource/branch/pr/bitbucketserver/**/*.java', - 'private/core-extension-developer-server/src/main/java/com/sonarsource/branch/pr/bitbucketserver/*.java', - 'private/it-branch/it-tests/src/test/java/com/sonarsource/branch/it/suite/pr/bitbucketserver/**/*.java', - 'private/it-branch/it-tests/src/test/java/com/sonarsource/branch/it/suite/pr/bitbucketserver/*.java') - -bitbucket_cloud_task_template: &IS_BITBUCKET_CLOUD_TASK_NEEDED >- - $CIRRUS_BRANCH == $BRANCH_MAIN || $CIRRUS_BRANCH =~ $BRANCH_PATTERN_MAINTENANCE || $CIRRUS_BRANCH == $BRANCH_NIGHTLY || - changesInclude( - 'private/core-extension-developer-server/src/main/java/com/sonarsource/branch/pr/bitbucket/**/*.java', - 'private/core-extension-developer-server/src/main/java/com/sonarsource/branch/pr/bitbucket/*.java', - 'private/it-branch/it-tests/src/test/java/com/sonarsource/branch/it/suite/pr/bitbucketcloud/**/*.java', - 'private/it-branch/it-tests/src/test/java/com/sonarsource/branch/it/suite/pr/bitbucketcloud/*.java') - -docker_build_container_template: &CONTAINER_TEMPLATE - region: eu-central-1 - cluster_name: ${CIRRUS_CLUSTER_NAME} - namespace: default - builder_subnet_id: ${CIRRUS_AWS_SUBNET} - builder_role: cirrus-builder - builder_image: docker-builder-v* - builder_instance_type: t2.small - dockerfile: private/docker/Dockerfile-build - docker_arguments: - CIRRUS_AWS_ACCOUNT: ${CIRRUS_AWS_ACCOUNT} - cpu: 1 - memory: 2Gb - -vm_instance_template: &VM_TEMPLATE - experimental: true # see https://github.com/cirruslabs/cirrus-ci-docs/issues/1051 - image: docker-builder-v* - type: t2.small - region: eu-central-1 - subnet_id: ${CIRRUS_AWS_SUBNET} - disk: 10 - cpu: 4 - memory: 8G - -t2xlarge_node_selector: &T2XLARGE_NODE_SELECTOR - nodeSelectorTerms: - - matchExpressions: - - key: node.kubernetes.io/instance-type - operator: In - values: t2.xlarge - -mssql_additional_container_template: &MSSQL_ADDITIONAL_CONTAINER_TEMPLATE - name: mssql - image: mcr.microsoft.com/mssql/server:2022-latest - port: 1433 - cpu: 2 - memory: 5Gb - env: - MSSQL_PID: Developer # this is the default edition - ACCEPT_EULA: Y - SA_PASSWORD: sonarqube!1 - -oracle_additional_container_template: &ORACLE_ADDITIONAL_CONTAINER_TEMPLATE - name: oracle - image: gvenzl/oracle-xe:21-faststart - port: 1521 - cpu: 2 - memory: 5Gb - env: - ORACLE_PASSWORD: sonarqube - APP_USER: sonarqube - APP_USER_PASSWORD: sonarqube - -postgres_additional_container_template: &POSTGRES_ADDITIONAL_CONTAINER_TEMPLATE - name: postgres - image: public.ecr.aws/docker/library/postgres:15 - port: 5432 - cpu: 1 - memory: 1Gb - env: - POSTGRES_USER: postgres - POSTGRES_PASSWORD: postgres - -gitlab_container_template: &GITLAB_CONTAINER_TEMPLATE - name: gitlab - ports: - - 80 - - 443 - cpu: 2 - memory: 8Gb - image: ${CIRRUS_AWS_ACCOUNT}.dkr.ecr.eu-central-1.amazonaws.com/gitlab:${GITLAB_VERSION} - env: - - GITLAB_POST_RECONFIGURE_SCRIPT: |- - { cat >/tmp/setup.rb <<-'EOF' - token = User.find_by_username('root').personal_access_tokens.create(scopes: [:api], name: 'token'); - token.set_token('token-here-456'); - token.expires_at = Date.today+10.day - token.save!; - token_read = User.find_by_username('root').personal_access_tokens.create(scopes: [:read_user], name: 'token_read'); - token_read.set_token('token-read-123'); - token_read.expires_at = Date.today+10.day - token_read.save!; - user = User.find_by_username('root'); - user.password = 'eng-YTU1ydh6kyt7tjd'; - user.password_confirmation = 'eng-YTU1ydh6kyt7tjd'; - user.save!; - EOF - } && gitlab-rails runner /tmp/setup.rb && \ - echo 'from_file "/etc/gitlab/external_gitlab.rb"' >> /etc/gitlab/gitlab.rb && \ - gitlab-ctl reconfigure - -keycloak_container_template: &KEYCLOAK_CONTAINER_TEMPLATE - name: keycloak - image: quay.io/keycloak/keycloak:22.0.5 - port: 8080 - cpu: 1 - memory: 1Gb - command: "/opt/keycloak/bin/kc.sh start-dev --http-relative-path /auth" - env: - KEYCLOAK_ADMIN: admin - KEYCLOAK_ADMIN_PASSWORD: admin - -default_artifact_template: &DEFAULT_ARTIFACTS_TEMPLATE - on_failure: - jest_junit_cleanup_script: > - find . -type f -wholename "**/build/test-results/test-jest/junit.xml" -exec - xmlstarlet edit --inplace --delete '//testsuite[@errors=0 and @failures=0]' {} \; - junit_artifacts: - path: "**/build/test-results/**/*.xml" - type: "text/xml" - format: junit - reports_artifacts: - path: "**/build/reports/**/*" - screenshots_artifacts: - path: "**/build/screenshots/**/*" - log_artifacts: - path: "**/build/**/*.log" - always: - profile_artifacts: - path: "**/build/reports/profile/**/*" - -yarn_cache_template: &YARN_CACHE_TEMPLATE - yarn_cache: - folder: "~/.yarn/berry/cache" - fingerprint_script: | - cat \ - server/sonar-web/yarn.lock \ - private/core-extension-developer-server/yarn.lock \ - private/core-extension-enterprise-server/yarn.lock \ - private/core-extension-license/yarn.lock \ - private/core-extension-securityreport/yarn.lock - -gradle_cache_template: &GRADLE_CACHE_TEMPLATE - gradle_cache: - folder: "~/.gradle/caches" - fingerprint_script: find -type f \( -name "*.gradle*" -or -name "gradle*.properties" \) | sort | xargs cat - -jar_cache_template: &JAR_CACHE_TEMPLATE - jar_cache: - folder: "**/build/libs/*.jar" - fingerprint_key: jar-cache_$CIRRUS_BUILD_ID - -eslint_report_cache_template: &ESLINT_REPORT_CACHE_TEMPLATE - eslint_report_cache: - folders: - - server/sonar-web/eslint-report/ - - server/sonar-web/design-system/eslint-report/ - - private/core-extension-securityreport/eslint-report/ - - private/core-extension-license/eslint-report/ - - private/core-extension-enterprise-server/eslint-report/ - - private/core-extension-developer-server/eslint-report/ - fingerprint_script: echo $CIRRUS_BUILD_ID - -jest_report_cache_template: &JEST_REPORT_CACHE_TEMPLATE - jest_report_cache: - folders: - - server/sonar-web/coverage/ - - server/sonar-web/design-system/coverage/ - - private/core-extension-securityreport/coverage/ - - private/core-extension-license/coverage/ - - private/core-extension-enterprise-server/coverage/ - - private/core-extension-developer-server/coverage/ - fingerprint_script: echo $CIRRUS_BUILD_ID - -junit_report_cache_template: &JUNIT_REPORT_CACHE_TEMPLATE - junit_report_cache: - folders: - - "**/reports/jacoco" - - "**/test-results/test" - fingerprint_script: echo $CIRRUS_BUILD_ID - -default_template: &DEFAULT_TEMPLATE - skip: *IS_BRANCH_PUBLIC - clone_script: | - git init - git remote add origin https://x-access-token:${CIRRUS_REPO_CLONE_TOKEN}@github.com/${CIRRUS_REPO_FULL_NAME}.git - git fetch origin $CIRRUS_CHANGE_IN_REPO $FETCH_DEPTH - git reset --hard $CIRRUS_CHANGE_IN_REPO - env: - FETCH_DEPTH: --depth=1 - -cache_dependencies_task: - <<: *DEFAULT_TEMPLATE - <<: *GRADLE_CACHE_TEMPLATE - eks_container: - <<: *CONTAINER_TEMPLATE - cpu: 2 - memory: 4Gb - script: - - ./private/cirrus/cirrus-cache-dependencies.sh - <<: *DEFAULT_ARTIFACTS_TEMPLATE - -build_task: - <<: *DEFAULT_TEMPLATE - <<: *GRADLE_CACHE_TEMPLATE - <<: *YARN_CACHE_TEMPLATE - <<: *JAR_CACHE_TEMPLATE - <<: *CACHE_DEPENDENCIES_DEPENDANT_TASK_TEMPLATE - eks_container: - <<: *CONTAINER_TEMPLATE - cpu: 7.5 - memory: 8Gb - script: - - ./private/cirrus/cirrus-build.sh - <<: *DEFAULT_ARTIFACTS_TEMPLATE - -publish_task: - <<: *DEFAULT_TEMPLATE - <<: *GRADLE_CACHE_TEMPLATE - <<: *BUILD_DEPENDANT_TASK_TEMPLATE - skip: *IS_WEEKLY_JOB - eks_container: - <<: *CONTAINER_TEMPLATE - cpu: 4 - memory: 4Gb - env: - ORG_GRADLE_PROJECT_signingKey: VAULT[development/kv/data/sign data.key] - ORG_GRADLE_PROJECT_signingPassword: VAULT[development/kv/data/sign data.passphrase] - ORG_GRADLE_PROJECT_signingKeyId: VAULT[development/kv/data/sign data.key_id] - script: - - ./private/cirrus/cirrus-publish.sh - -yarn_lint_task: - <<: *DEFAULT_TEMPLATE - <<: *GRADLE_CACHE_TEMPLATE - <<: *YARN_CACHE_TEMPLATE - <<: *ESLINT_REPORT_CACHE_TEMPLATE - <<: *CACHE_DEPENDENCIES_DEPENDANT_TASK_TEMPLATE - skip: *IS_WEEKLY_JOB - eks_container: - <<: *CONTAINER_TEMPLATE - cpu: 3 - memory: 6Gb - script: - - ./private/cirrus/cirrus-yarn-lint-report.sh - <<: *DEFAULT_ARTIFACTS_TEMPLATE - -yarn_check_task: - <<: *DEFAULT_TEMPLATE - <<: *GRADLE_CACHE_TEMPLATE - <<: *YARN_CACHE_TEMPLATE - <<: *CACHE_DEPENDENCIES_DEPENDANT_TASK_TEMPLATE - skip: *IS_WEEKLY_JOB - eks_container: - <<: *CONTAINER_TEMPLATE - cpu: 3 - memory: 5Gb - script: | - source cirrus-env YARN - gradle yarn_check-ci --profile - <<: *DEFAULT_ARTIFACTS_TEMPLATE - -yarn_validate_task: - <<: *DEFAULT_TEMPLATE - <<: *GRADLE_CACHE_TEMPLATE - <<: *YARN_CACHE_TEMPLATE - <<: *JEST_REPORT_CACHE_TEMPLATE - <<: *CACHE_DEPENDENCIES_DEPENDANT_TASK_TEMPLATE - skip: *IS_WEEKLY_JOB - eks_container: - <<: *CONTAINER_TEMPLATE - cpu: 7.5 - memory: 25Gb - script: - - ./private/cirrus/cirrus-yarn-validate-ci.sh - <<: *DEFAULT_ARTIFACTS_TEMPLATE - -junit_task: - <<: *DEFAULT_TEMPLATE - <<: *GRADLE_CACHE_TEMPLATE - <<: *JUNIT_REPORT_CACHE_TEMPLATE - <<: *CACHE_DEPENDENCIES_DEPENDANT_TASK_TEMPLATE - skip: *IS_WEEKLY_JOB - eks_container: - <<: *CONTAINER_TEMPLATE - cpu: 7.5 - memory: 10Gb - script: - - ./private/cirrus/cirrus-junit.sh - <<: *DEFAULT_ARTIFACTS_TEMPLATE - -sq_analysis_task: - skip: *IS_OLD_COMMIT_OR_BRANCH_PUBLIC - <<: *GRADLE_CACHE_TEMPLATE - <<: *YARN_CACHE_TEMPLATE - <<: *JEST_REPORT_CACHE_TEMPLATE - <<: *ESLINT_REPORT_CACHE_TEMPLATE - <<: *JUNIT_REPORT_CACHE_TEMPLATE - depends_on: - - yarn_validate - - yarn_lint - - junit - eks_container: - <<: *CONTAINER_TEMPLATE - cpu: 7.5 - memory: 15Gb - script: - - ./private/cirrus/cirrus-sq-analysis.sh - <<: *DEFAULT_ARTIFACTS_TEMPLATE - -task: #bitbucket - <<: *DEFAULT_TEMPLATE - <<: *BUILD_DEPENDANT_TASK_TEMPLATE - <<: *JAR_CACHE_TEMPLATE - <<: *GRADLE_CACHE_TEMPLATE - only_if: *IS_BITBUCKET_SERVER_TASK_NEEDED - eks_container: - <<: *CONTAINER_TEMPLATE - cpu: 3 - memory: 10Gb - additional_containers: - - <<: *POSTGRES_ADDITIONAL_CONTAINER_TEMPLATE - maven_cache: - folder: ~/.m2 - env: - QA_CATEGORY: BITBUCKET - matrix: - - name: qa_bb_5.15.0 - bitbucket_background_script: ./private/cirrus/cirrus-start-bitbucket.sh 5.15.0 - - name: qa_bb_latest - bitbucket_background_script: ./private/cirrus/cirrus-start-bitbucket.sh LATEST - wait_for_bitbucket_to_boot_script: secs=3600; endTime=$(( $(date +%s) + secs )); while [[ "$(curl -s -o /dev/null -w ''%{http_code}'' localhost:7990/bitbucket/status)" != "200" ]] || [ $(date +%s) -gt $endTime ]; do sleep 5; done - script: - - ./private/cirrus/cirrus-qa.sh postgres - <<: *DEFAULT_ARTIFACTS_TEMPLATE - -qa_bb_cloud_task: - <<: *DEFAULT_TEMPLATE - <<: *BUILD_DEPENDANT_TASK_TEMPLATE - <<: *JAR_CACHE_TEMPLATE - <<: *GRADLE_CACHE_TEMPLATE - only_if: *IS_BITBUCKET_CLOUD_TASK_NEEDED - eks_container: - <<: *CONTAINER_TEMPLATE - cpu: 2.4 - memory: 7Gb - env: - QA_CATEGORY: BITBUCKET_CLOUD - <<: *BITBUCKET_CLOUD_ENVIRONMENT_VARIABLES - script: - - ./private/cirrus/cirrus-qa.sh h2 - <<: *DEFAULT_ARTIFACTS_TEMPLATE - -qa_ha_cluster_task: - <<: *DEFAULT_TEMPLATE - <<: *BUILD_DEPENDANT_TASK_TEMPLATE - only_if: *IS_BRANCH_MASTER_OR_NIGHTLY_OR_MAINTENANCE - <<: *JAR_CACHE_TEMPLATE - <<: *GRADLE_CACHE_TEMPLATE - eks_container: - <<: *CONTAINER_TEMPLATE - cpu: 3 - memory: 10Gb - additional_containers: - - <<: *POSTGRES_ADDITIONAL_CONTAINER_TEMPLATE - <<: *T2XLARGE_NODE_SELECTOR - env: - QA_CATEGORY: HA_CLUSTER - script: - - ./private/cirrus/cirrus-qa.sh postgres - <<: *DEFAULT_ARTIFACTS_TEMPLATE - -qa_ha_elasticsearch_task: - <<: *DEFAULT_TEMPLATE - <<: *BUILD_DEPENDANT_TASK_TEMPLATE - only_if: *IS_BRANCH_MASTER_OR_NIGHTLY_OR_MAINTENANCE - <<: *JAR_CACHE_TEMPLATE - <<: *GRADLE_CACHE_TEMPLATE - eks_container: - <<: *CONTAINER_TEMPLATE - cpu: 2.4 - memory: 10Gb - additional_containers: - - <<: *POSTGRES_ADDITIONAL_CONTAINER_TEMPLATE - <<: *T2XLARGE_NODE_SELECTOR - env: - QA_CATEGORY: HA_ELASTICSEARCH - script: - - ./private/cirrus/cirrus-qa.sh postgres - <<: *DEFAULT_ARTIFACTS_TEMPLATE - -qa_performance_task: - <<: *DEFAULT_TEMPLATE - <<: *BUILD_DEPENDANT_TASK_TEMPLATE - only_if: *IS_BRANCH_MASTER_OR_NIGHTLY - <<: *JAR_CACHE_TEMPLATE - <<: *GRADLE_CACHE_TEMPLATE - eks_container: - <<: *CONTAINER_TEMPLATE - cpu: 2.4 - memory: 10Gb - additional_containers: - - <<: *POSTGRES_ADDITIONAL_CONTAINER_TEMPLATE - env: - QA_CATEGORY: AnalysisPerformance - script: - - ./private/cirrus/cirrus-qa.sh postgres - <<: *DEFAULT_ARTIFACTS_TEMPLATE - -# GitLab QA is executed in a dedicated task in order to not slow down the pipeline, as a GitLab on-prem server docker image is required. -qa_gitlab_task: - <<: *DEFAULT_TEMPLATE - <<: *BUILD_DEPENDANT_TASK_TEMPLATE - <<: *JAR_CACHE_TEMPLATE - <<: *GRADLE_CACHE_TEMPLATE - only_if: *IS_GITLAB_TASK_NEEDED - depends_on: - - build - env: - QA_CATEGORY: GITLAB - matrix: - - name: qa_gitlab_latest - env: - - GITLAB_VERSION: latest - - name: qa_gitlab_oldest - env: - - GITLAB_VERSION: 15.6.2-ce.0 - eks_container: - <<: *CONTAINER_TEMPLATE - cpu: 2.4 - memory: 7Gb - use_in_memory_disk: true - additional_containers: - - <<: *GITLAB_CONTAINER_TEMPLATE - - script: - - ./private/cirrus/cirrus-qa.sh h2 - <<: *DEFAULT_ARTIFACTS_TEMPLATE - -qa_gitlab_cloud_task: - <<: *DEFAULT_TEMPLATE - <<: *BUILD_DEPENDANT_TASK_TEMPLATE - <<: *JAR_CACHE_TEMPLATE - <<: *GRADLE_CACHE_TEMPLATE - only_if: *IS_GITLAB_TASK_NEEDED - eks_container: - <<: *CONTAINER_TEMPLATE - cpu: 2.4 - memory: 7Gb - use_in_memory_disk: true - env: - QA_CATEGORY: GITLAB_CLOUD - <<: *GITLAB_CLOUD_ENVIRONMENT_VARIABLES - script: - - ./private/cirrus/cirrus-qa.sh h2 - <<: *DEFAULT_ARTIFACTS_TEMPLATE - -# Azure QA is executed in a dedicated task in order to not slow down the pipeline. -qa_azure_task: - <<: *DEFAULT_TEMPLATE - <<: *BUILD_DEPENDANT_TASK_TEMPLATE - <<: *JAR_CACHE_TEMPLATE - <<: *GRADLE_CACHE_TEMPLATE - only_if: *IS_AZURE_TASK_NEEDED - eks_container: - <<: *CONTAINER_TEMPLATE - cpu: 2.4 - memory: 7Gb - env: - QA_CATEGORY: AZURE - <<: *AZURE_CLOUD_ENVIRONMENT_VARIABLES - script: - - ./private/cirrus/cirrus-qa.sh h2 - <<: *DEFAULT_ARTIFACTS_TEMPLATE - -qa_github_task: - <<: *DEFAULT_TEMPLATE - <<: *BUILD_DEPENDANT_TASK_TEMPLATE - only_if: *IS_GITHUB_TASK_NEEDED - <<: *JAR_CACHE_TEMPLATE - <<: *GRADLE_CACHE_TEMPLATE - eks_container: - <<: *CONTAINER_TEMPLATE - cpu: 4 - memory: 7Gb - env: - QA_CATEGORY: GITHUB - script: - - ./private/cirrus/cirrus-qa.sh h2 - <<: *DEFAULT_ARTIFACTS_TEMPLATE - -qa_github_provisioning_task: - <<: *DEFAULT_TEMPLATE - <<: *BUILD_DEPENDANT_TASK_TEMPLATE - only_if: *IS_GITHUB_TASK_NEEDED - <<: *JAR_CACHE_TEMPLATE - <<: *GRADLE_CACHE_TEMPLATE - eks_container: - <<: *CONTAINER_TEMPLATE - cpu: 4 - memory: 7Gb - env: - QA_CATEGORY: GITHUB_PROVISIONING - script: - - ./private/cirrus/cirrus-qa.sh h2 - <<: *DEFAULT_ARTIFACTS_TEMPLATE - -qa_gitlab_provisioning_task: - <<: *DEFAULT_TEMPLATE - <<: *BUILD_DEPENDANT_TASK_TEMPLATE - <<: *JAR_CACHE_TEMPLATE - <<: *GRADLE_CACHE_TEMPLATE - only_if: *IS_GITLAB_PROVISIONING_TASK_NEEDED - env: - QA_CATEGORY: GITLAB_PROVISIONING - matrix: - - name: qa_gitlab_provisioning_latest - env: - - GITLAB_VERSION: latest - - name: qa_gitlab_provisioning_oldest - env: - - GITLAB_VERSION: 15.6.2-ce.0 - eks_container: - <<: *CONTAINER_TEMPLATE - cpu: 2.4 - memory: 7Gb - use_in_memory_disk: true - additional_containers: - - <<: *GITLAB_CONTAINER_TEMPLATE - script: - - ./private/cirrus/cirrus-qa.sh h2 - <<: *DEFAULT_ARTIFACTS_TEMPLATE - -qa_github_slow_task: - <<: *DEFAULT_TEMPLATE - <<: *BUILD_DEPENDANT_TASK_TEMPLATE - only_if: *IS_GITHUB_TASK_NEEDED - skip: *IS_BRANCH_MASTER - <<: *JAR_CACHE_TEMPLATE - <<: *GRADLE_CACHE_TEMPLATE - eks_container: - <<: *CONTAINER_TEMPLATE - cpu: 4 - memory: 7Gb - env: - QA_CATEGORY: GITHUB_SLOW_TESTS - GITHUB_COM_CODE_SCANNING_ALERTS_TECHNICAL_USER_USERNAME: QA-task - GITHUB_COM_CODE_SCANNING_ALERTS_TECHNICAL_USER_TOKEN: VAULT[development/github/token/SonarSource-sonar-enterprise-code-scanning token] - script: - - ./private/cirrus/cirrus-qa.sh h2 - <<: *DEFAULT_ARTIFACTS_TEMPLATE - -# SAML QA is executed in a dedicated task in order to not slow down the pipeline, as a Keycloak server docker image is required. -qa_saml_task: - <<: *DEFAULT_TEMPLATE - <<: *BUILD_DEPENDANT_TASK_TEMPLATE - only_if: *IS_SAML_TASK_NEEDED - <<: *JAR_CACHE_TEMPLATE - <<: *GRADLE_CACHE_TEMPLATE - eks_container: - <<: *CONTAINER_TEMPLATE - cpu: 2.4 - memory: 10Gb - additional_containers: - - <<: *KEYCLOAK_CONTAINER_TEMPLATE - env: - QA_CATEGORY: SAML - script: - - ./private/cirrus/cirrus-qa.sh h2 - <<: *DEFAULT_ARTIFACTS_TEMPLATE - -# LDAP QA is executed in a dedicated task in order to not slow down the pipeline, as a LDAP server and SonarQube server are re-started on each test. -qa_ldap_task: - <<: *DEFAULT_TEMPLATE - <<: *BUILD_DEPENDANT_TASK_TEMPLATE - only_if: *IS_LDAP_TASK_NEEDED - <<: *JAR_CACHE_TEMPLATE - <<: *GRADLE_CACHE_TEMPLATE - eks_container: - <<: *CONTAINER_TEMPLATE - cpu: 2.4 - memory: 10Gb - env: - QA_CATEGORY: LDAP - script: - - ./private/cirrus/cirrus-qa.sh h2 - <<: *DEFAULT_ARTIFACTS_TEMPLATE - -promote_task: - <<: *DEFAULT_TEMPLATE - skip: *IS_OLD_COMMIT - depends_on: - - build - - sq_analysis - - qa - - qa_saml - - qa_ldap - - publish - eks_container: - <<: *CONTAINER_TEMPLATE - memory: 512M - stateful: true - script: - - ./private/cirrus/cirrus-promote.sh - -package_docker_task: - <<: *DEFAULT_TEMPLATE - only_if: *IS_BRANCH_MASTER - skip: *IS_OLD_COMMIT - depends_on: promote - ec2_instance: - <<: *VM_TEMPLATE - clone_script: | - git clone --recursive --branch=$CIRRUS_BRANCH https://x-access-token:${CIRRUS_REPO_CLONE_TOKEN}@github.com/${CIRRUS_REPO_FULL_NAME}.git $CIRRUS_WORKING_DIR --depth=1 - git fetch origin $CIRRUS_CHANGE_IN_REPO --depth=1 - git reset --hard $CIRRUS_CHANGE_IN_REPO - install_tooling_script: - - ./private/cirrus/cirrus-tooling-for-package-docker.sh - package_script: - - ./private/cirrus/cirrus-package-docker.sh - -sql_mssql_task: - <<: *DEFAULT_TEMPLATE - <<: *BUILD_DEPENDANT_TASK_TEMPLATE - only_if: *IS_DB_TASK_NEEDED - <<: *GRADLE_CACHE_TEMPLATE - eks_container: - <<: *CONTAINER_TEMPLATE - memory: 5Gb - additional_containers: - - name: mssql - image: mcr.microsoft.com/mssql/server:2019-GA-ubuntu-16.04 - port: 1433 - cpu: 2 - memory: 5Gb - env: - MSSQL_PID: Developer # this is the default edition - ACCEPT_EULA: Y - SA_PASSWORD: sonarqube!1 - script: - - ./private/cirrus/cirrus-db-unit-test.sh mssql - <<: *DEFAULT_ARTIFACTS_TEMPLATE - -sql_postgres_task: - <<: *DEFAULT_TEMPLATE - <<: *BUILD_DEPENDANT_TASK_TEMPLATE - only_if: *IS_DB_TASK_NEEDED - <<: *GRADLE_CACHE_TEMPLATE - eks_container: - <<: *CONTAINER_TEMPLATE - memory: 5Gb - additional_containers: - - <<: *POSTGRES_ADDITIONAL_CONTAINER_TEMPLATE - script: - - ./private/cirrus/cirrus-db-unit-test.sh postgres - <<: *DEFAULT_ARTIFACTS_TEMPLATE - -# this is the oldest compatible version of PostgreSQL -sql_postgres11_task: - <<: *DEFAULT_TEMPLATE - <<: *BUILD_DEPENDANT_TASK_TEMPLATE - only_if: *IS_DB_TASK_NEEDED - <<: *GRADLE_CACHE_TEMPLATE - eks_container: - <<: *CONTAINER_TEMPLATE - memory: 5Gb - additional_containers: - - <<: *POSTGRES_ADDITIONAL_CONTAINER_TEMPLATE - image: public.ecr.aws/docker/library/postgres:11 - script: - - ./private/cirrus/cirrus-db-unit-test.sh postgres - <<: *DEFAULT_ARTIFACTS_TEMPLATE - -sql_oracle21_task: - <<: *DEFAULT_TEMPLATE - <<: *BUILD_DEPENDANT_TASK_TEMPLATE - only_if: *IS_DB_TASK_NEEDED - <<: *GRADLE_CACHE_TEMPLATE - eks_container: - <<: *CONTAINER_TEMPLATE - memory: 5Gb - additional_containers: - - <<: *ORACLE_ADDITIONAL_CONTAINER_TEMPLATE - script: - - ./private/cirrus/cirrus-db-unit-test.sh oracle21 - <<: *DEFAULT_ARTIFACTS_TEMPLATE - -upgd_mssql_task: - <<: *DEFAULT_TEMPLATE - <<: *BUILD_DEPENDANT_TASK_TEMPLATE - only_if: *IS_DB_TASK_NEEDED - <<: *JAR_CACHE_TEMPLATE - <<: *GRADLE_CACHE_TEMPLATE - eks_container: - <<: *CONTAINER_TEMPLATE - cpu: 1.5 - memory: 6Gb - additional_containers: - - <<: *MSSQL_ADDITIONAL_CONTAINER_TEMPLATE - env: - QA_CATEGORY: Upgrade - script: - - ./private/cirrus/cirrus-qa.sh mssql - <<: *DEFAULT_ARTIFACTS_TEMPLATE - -upgd_oracle21_task: - <<: *DEFAULT_TEMPLATE - <<: *BUILD_DEPENDANT_TASK_TEMPLATE - only_if: *IS_DB_TASK_NEEDED - <<: *JAR_CACHE_TEMPLATE - <<: *GRADLE_CACHE_TEMPLATE - eks_container: - <<: *CONTAINER_TEMPLATE - cpu: 1.5 - memory: 6Gb - additional_containers: - - <<: *ORACLE_ADDITIONAL_CONTAINER_TEMPLATE - env: - QA_CATEGORY: Upgrade - script: - - ./private/cirrus/cirrus-qa.sh oracle21 - <<: *DEFAULT_ARTIFACTS_TEMPLATE - -mend_scan_task: - <<: *DEFAULT_TEMPLATE - <<: *BUILD_DEPENDANT_TASK_TEMPLATE - only_if: *IS_BRANCH_MASTER_OR_NIGHTLY_OR_MAINTENANCE - <<: *YARN_CACHE_TEMPLATE - <<: *GRADLE_CACHE_TEMPLATE - timeout_in: 30m - eks_container: - <<: *CONTAINER_TEMPLATE - cpu: 2 - memory: 4Gb - env: - WS_APIKEY: VAULT[development/kv/data/mend data.apikey] - WS_WSS_URL: VAULT[development/kv/data/mend data.url] - WS_USERKEY: VAULT[development/kv/data/mend data.userKey] - SLACK_WEBHOOK_SQ: VAULT[development/kv/data/slack data.webhook] - mend_script: - - ./private/cirrus/cirrus-mend-scan.sh - allow_failures: "true" - on_failure: - slack_notification_script: - - ./private/cirrus/cirrus-mend-notifications.sh - always: - ws_artifacts: - path: "whitesource/**/*" - -qa_task: - <<: *DEFAULT_TEMPLATE - <<: *BUILD_DEPENDANT_TASK_TEMPLATE - <<: *CACHE_DEPENDENCIES_DEPENDANT_TASK_TEMPLATE - <<: *GRADLE_CACHE_TEMPLATE - <<: *JAR_CACHE_TEMPLATE - skip: *IS_WEEKLY_JOB - eks_container: - <<: *CONTAINER_TEMPLATE - cpu: 3 - memory: 7Gb - additional_containers: - - <<: *POSTGRES_ADDITIONAL_CONTAINER_TEMPLATE - name: QA $QA_CATEGORY - alias: qa - env: - matrix: - # QA name should not exceed 13 characters to be properly reported on wallboard by burgr - # QA name cannot contain "_" - - QA_CATEGORY: Cat1 - - QA_CATEGORY: Cat2 - - QA_CATEGORY: Cat3 - - QA_CATEGORY: Cat4 - - QA_CATEGORY: Cat5 - - QA_CATEGORY: Cat6 - - QA_CATEGORY: Analysis - - QA_CATEGORY: Authorization - - QA_CATEGORY: Auth - - QA_CATEGORY: Branch1 - - QA_CATEGORY: Branch2 - - QA_CATEGORY: CE1 - - QA_CATEGORY: CE2 - - QA_CATEGORY: ComputeEngine - - QA_CATEGORY: DE1 - - QA_CATEGORY: DE2 - - QA_CATEGORY: EE1 - - QA_CATEGORY: EE2 - - QA_CATEGORY: Issues1 - - QA_CATEGORY: Issues2 - - QA_CATEGORY: License1 - - QA_CATEGORY: License2 - - QA_CATEGORY: Plugins - - QA_CATEGORY: Project - - QA_CATEGORY: QP - - QA_CATEGORY: Upgrade - script: - - ./private/cirrus/cirrus-qa.sh postgres - <<: *DEFAULT_ARTIFACTS_TEMPLATE - -weekly_postgres_task: - <<: *DEFAULT_TEMPLATE - <<: *BUILD_DEPENDANT_TASK_TEMPLATE - <<: *CACHE_DEPENDENCIES_DEPENDANT_TASK_TEMPLATE - <<: *GRADLE_CACHE_TEMPLATE - <<: *JAR_CACHE_TEMPLATE - only_if: *IS_WEEKLY_JOB - eks_container: - <<: *CONTAINER_TEMPLATE - cpu: 3 - memory: 7Gb - additional_containers: - - <<: *POSTGRES_ADDITIONAL_CONTAINER_TEMPLATE - alias: weekly-qa - env: - GITLAB_VERSION: latest - <<: *BITBUCKET_CLOUD_ENVIRONMENT_VARIABLES - <<: *GITLAB_CLOUD_ENVIRONMENT_VARIABLES - <<: *AZURE_CLOUD_ENVIRONMENT_VARIABLES - matrix: - # QA name should not exceed 13 characters to be properly reported on wallboard by burgr - # QA name cannot contain "_" - - QA_CATEGORY: Cat1 - - QA_CATEGORY: Cat2 - - QA_CATEGORY: Cat3 - - QA_CATEGORY: Cat4 - - QA_CATEGORY: Cat5 - - QA_CATEGORY: Cat6 - - QA_CATEGORY: Analysis - - QA_CATEGORY: Authorization - - QA_CATEGORY: Auth - - QA_CATEGORY: Branch1 - - QA_CATEGORY: Branch2 - - QA_CATEGORY: CE1 - - QA_CATEGORY: CE2 - - QA_CATEGORY: ComputeEngine - - QA_CATEGORY: DE1 - - QA_CATEGORY: DE2 - - QA_CATEGORY: EE1 - - QA_CATEGORY: EE2 - - QA_CATEGORY: Issues1 - - QA_CATEGORY: Issues2 - - QA_CATEGORY: License1 - - QA_CATEGORY: License2 - - QA_CATEGORY: Plugins - - QA_CATEGORY: Project - - QA_CATEGORY: QP - - QA_CATEGORY: Upgrade - - QA_CATEGORY: AnalysisPerformance - - QA_CATEGORY: LDAP - - QA_CATEGORY: BITBUCKET_CLOUD - - QA_CATEGORY: GITLAB_CLOUD - - QA_CATEGORY: AZURE - - QA_CATEGORY: MIGRATION - #- QA_CATEGORY: GITHUB needs to be disabled because the tests in this package fail when running a scanner - #- QA_CATEGORY: GITHUB_PROVISIONING needs to be disabled because tests fail with dangling connection problem - #- QA_CATEGORY: HA needs to be disabled because otherwise we would be assigning big container to each category - maven_cache: - folder: ~/.m2 - name: Postgres 15 $QA_CATEGORY - script: ./private/cirrus/cirrus-qa.sh postgres - <<: *DEFAULT_ARTIFACTS_TEMPLATE - - -weekly_oracle_task: - <<: *DEFAULT_TEMPLATE - <<: *BUILD_DEPENDANT_TASK_TEMPLATE - <<: *CACHE_DEPENDENCIES_DEPENDANT_TASK_TEMPLATE - <<: *GRADLE_CACHE_TEMPLATE - <<: *JAR_CACHE_TEMPLATE - only_if: *IS_WEEKLY_JOB - eks_container: - <<: *CONTAINER_TEMPLATE - cpu: 3 - memory: 7Gb - additional_containers: - - <<: *ORACLE_ADDITIONAL_CONTAINER_TEMPLATE - alias: weekly-qa - env: - GITLAB_VERSION: latest - <<: *BITBUCKET_CLOUD_ENVIRONMENT_VARIABLES - <<: *GITLAB_CLOUD_ENVIRONMENT_VARIABLES - <<: *AZURE_CLOUD_ENVIRONMENT_VARIABLES - matrix: - # QA name should not exceed 13 characters to be properly reported on wallboard by burgr - # QA name cannot contain "_" - - QA_CATEGORY: Cat1 - - QA_CATEGORY: Cat2 - - QA_CATEGORY: Cat3 - - QA_CATEGORY: Cat4 - - QA_CATEGORY: Cat5 - - QA_CATEGORY: Cat6 - - QA_CATEGORY: Analysis - - QA_CATEGORY: Authorization - - QA_CATEGORY: Auth - - QA_CATEGORY: Branch1 - - QA_CATEGORY: Branch2 - - QA_CATEGORY: CE1 - #- QA_CATEGORY: CE2 needs to be disabled because the tests in SonarLintServerPushTest are very slow on Oracle SONAR-21036 - - QA_CATEGORY: ComputeEngine - - QA_CATEGORY: DE1 - - QA_CATEGORY: DE2 - - QA_CATEGORY: EE1 - - QA_CATEGORY: EE2 - - QA_CATEGORY: Issues1 - - QA_CATEGORY: Issues2 - - QA_CATEGORY: License1 - - QA_CATEGORY: License2 - - QA_CATEGORY: Plugins - - QA_CATEGORY: Project - - QA_CATEGORY: QP - - QA_CATEGORY: Upgrade - - QA_CATEGORY: AnalysisPerformance - - QA_CATEGORY: LDAP - - QA_CATEGORY: BITBUCKET_CLOUD - - QA_CATEGORY: GITLAB_CLOUD - - QA_CATEGORY: AZURE - - QA_CATEGORY: MIGRATION - #- QA_CATEGORY: GITHUB needs to be disabled because the tests in this package fail when running a scanner - #- QA_CATEGORY: GITHUB_PROVISIONING needs to be disabled because tests fail with dangling connection problem - #- QA_CATEGORY: HA needs to be disabled because otherwise we would be assigning big container to each category - maven_cache: - folder: ~/.m2 - name: Oracle 21 XE $QA_CATEGORY - script: ./private/cirrus/cirrus-qa.sh oracle21 - <<: *DEFAULT_ARTIFACTS_TEMPLATE - -weekly_mssql_task: - <<: *DEFAULT_TEMPLATE - <<: *BUILD_DEPENDANT_TASK_TEMPLATE - <<: *CACHE_DEPENDENCIES_DEPENDANT_TASK_TEMPLATE - <<: *GRADLE_CACHE_TEMPLATE - <<: *JAR_CACHE_TEMPLATE - only_if: *IS_WEEKLY_JOB - eks_container: - <<: *CONTAINER_TEMPLATE - cpu: 3 - memory: 7Gb - additional_containers: - - <<: *MSSQL_ADDITIONAL_CONTAINER_TEMPLATE - alias: weekly-qa - env: - GITLAB_VERSION: latest - <<: *BITBUCKET_CLOUD_ENVIRONMENT_VARIABLES - <<: *GITLAB_CLOUD_ENVIRONMENT_VARIABLES - <<: *AZURE_CLOUD_ENVIRONMENT_VARIABLES - matrix: - # QA name should not exceed 13 characters to be properly reported on wallboard by burgr - # QA name cannot contain "_" - - QA_CATEGORY: Cat1 - - QA_CATEGORY: Cat2 - - QA_CATEGORY: Cat3 - - QA_CATEGORY: Cat4 - - QA_CATEGORY: Cat5 - - QA_CATEGORY: Cat6 - - QA_CATEGORY: Analysis - - QA_CATEGORY: Authorization - - QA_CATEGORY: Auth - - QA_CATEGORY: Branch1 - - QA_CATEGORY: Branch2 - - QA_CATEGORY: CE1 - - QA_CATEGORY: CE2 - - QA_CATEGORY: ComputeEngine - - QA_CATEGORY: DE1 - - QA_CATEGORY: DE2 - - QA_CATEGORY: EE1 - - QA_CATEGORY: EE2 - - QA_CATEGORY: Issues1 - - QA_CATEGORY: Issues2 - - QA_CATEGORY: License1 - - QA_CATEGORY: License2 - - QA_CATEGORY: Plugins - - QA_CATEGORY: Project - - QA_CATEGORY: QP - - QA_CATEGORY: Upgrade - - QA_CATEGORY: AnalysisPerformance - - QA_CATEGORY: LDAP - - QA_CATEGORY: BITBUCKET_CLOUD - - QA_CATEGORY: GITLAB_CLOUD - - QA_CATEGORY: AZURE - - QA_CATEGORY: MIGRATION - #- QA_CATEGORY: GITHUB needs to be disabled because the tests in this package fail when running a scanner - #- QA_CATEGORY: GITHUB_PROVISIONING needs to be disabled because tests fail with dangling connection problem - #- QA_CATEGORY: HA needs to be disabled because otherwise we would be assigning big container to each category - maven_cache: - folder: ~/.m2 - name: MSSQL 2022 $QA_CATEGORY - script: ./private/cirrus/cirrus-qa.sh mssql - <<: *DEFAULT_ARTIFACTS_TEMPLATE diff --git a/.cirrus/.cirrus.yml b/.cirrus/.cirrus.yml new file mode 100644 index 00000000000..14ca811439f --- /dev/null +++ b/.cirrus/.cirrus.yml @@ -0,0 +1,183 @@ +only_if: $CIRRUS_TAG == "" && ($CIRRUS_PR != "" || $CIRRUS_BRANCH == $CIRRUS_DEFAULT_BRANCH || $CIRRUS_BRANCH =~ "branch-.*" || $CIRRUS_BUILD_SOURCE == 'api' ) +skip: $CIRRUS_BRANCH == "public_master" || $CIRRUS_BRANCH =~ "dogfood/.*" + +env: + CIRRUS_SHELL: bash + CIRRUS_CLONE_DEPTH: 0 + GRADLE_USER_HOME: ${CIRRUS_WORKING_DIR}/.gradle + FETCH_DEPTH: --depth=1 + +default_artifact_template: &DEFAULT_ARTIFACTS_TEMPLATE + on_failure: + jest_junit_cleanup_script: > + find . -type f -wholename "**/build/test-results/test-jest/junit.xml" -exec + xmlstarlet edit --inplace --delete '//testsuite[@errors=0 and @failures=0]' {} \; + junit_artifacts: + path: "**/build/test-results/**/*.xml" + type: "text/xml" + format: junit + reports_artifacts: + path: "**/build/reports/**/*" + screenshots_artifacts: + path: "**/build/screenshots/**/*" + log_artifacts: + path: "**/build/**/*.log" + +default_template: &DEFAULT_TEMPLATE + clone_script: | + git init + git remote add origin https://x-access-token:${CIRRUS_REPO_CLONE_TOKEN}@github.com/${CIRRUS_REPO_FULL_NAME}.git + git fetch origin $CIRRUS_CHANGE_IN_REPO $FETCH_DEPTH + git reset --hard $CIRRUS_CHANGE_IN_REPO + +gradle_cache_template: &GRADLE_CACHE_TEMPLATE + gradle_cache: + folder: ${GRADLE_USER_HOME}/caches + fingerprint_script: find -type f \( -name "*.gradle*" -or -name "gradle*.properties" \) | sort | xargs cat + populate_script: mkdir -p ${GRADLE_USER_HOME}/caches + +cleanup_gradle_cache_script_template: &CLEANUP_GRADLE_CACHE_SCRIPT + cleanup_gradle_script: | + rm -rf "${GRADLE_USER_HOME}"/caches/7.*/ + rm -rf "${GRADLE_USER_HOME}"/daemon/ + rm -rf "${GRADLE_USER_HOME}"/caches/transforms-* + rm -rf "${GRADLE_USER_HOME}"/caches/journal-* + /usr/bin/find "${GRADLE_USER_HOME}"/caches/ -name "*.lock" -type f -delete + +yarn_cache_template: &YARN_CACHE_TEMPLATE + yarn_cache: + folder: "~/.yarn/berry/cache" + fingerprint_script: cat server/sonar-web/yarn.lock + +jar_cache_template: &JAR_CACHE_TEMPLATE + jar_cache: + folder: "**/build/libs/*.jar" + fingerprint_key: jar-cache_$CIRRUS_BUILD_ID + +eslint_report_cache_template: &ESLINT_REPORT_CACHE_TEMPLATE + eslint_report_cache: + folders: + - server/sonar-web/eslint-report/ + - server/sonar-web/design-system/eslint-report/ + fingerprint_script: echo $CIRRUS_BUILD_ID + +jest_report_cache_template: &JEST_REPORT_CACHE_TEMPLATE + jest_report_cache: + folders: + - server/sonar-web/coverage/ + - server/sonar-web/design-system/coverage/ + fingerprint_script: echo $CIRRUS_BUILD_ID + +junit_report_cache_template: &JUNIT_REPORT_CACHE_TEMPLATE + junit_report_cache: + folders: + - "**/reports/jacoco" + - "**/test-results/test" + fingerprint_script: echo $CIRRUS_BUILD_ID + +cache_dependencies_task: + container: + dockerfile: .cirrus/Dockerfile + cpu: 2 + memory: 4Gb + <<: *DEFAULT_TEMPLATE + <<: *GRADLE_CACHE_TEMPLATE + script: + - .cirrus/cirrus-cache-dependencies.sh + <<: *CLEANUP_GRADLE_CACHE_SCRIPT + <<: *DEFAULT_ARTIFACTS_TEMPLATE + +build_task: + depends_on: cache_dependencies + container: + dockerfile: .cirrus/Dockerfile + cpu: 8 + memory: 8Gb + <<: *DEFAULT_TEMPLATE + <<: *GRADLE_CACHE_TEMPLATE + <<: *YARN_CACHE_TEMPLATE + <<: *JAR_CACHE_TEMPLATE + build_script: .cirrus/cirrus-build.sh + <<: *CLEANUP_GRADLE_CACHE_SCRIPT + <<: *DEFAULT_ARTIFACTS_TEMPLATE + +yarn_lint_task: + depends_on: cache_dependencies + container: + dockerfile: .cirrus/Dockerfile + cpu: 3 + memory: 4Gb + <<: *DEFAULT_TEMPLATE + <<: *GRADLE_CACHE_TEMPLATE + <<: *YARN_CACHE_TEMPLATE + <<: *ESLINT_REPORT_CACHE_TEMPLATE + script: + - .cirrus/cirrus-yarn-lint-report.sh + <<: *CLEANUP_GRADLE_CACHE_SCRIPT + <<: *DEFAULT_ARTIFACTS_TEMPLATE + +yarn_check_task: + depends_on: cache_dependencies + container: + dockerfile: .cirrus/Dockerfile + cpu: 3 + memory: 4Gb + <<: *DEFAULT_TEMPLATE + <<: *GRADLE_CACHE_TEMPLATE + <<: *YARN_CACHE_TEMPLATE + script: | + source .cirrus/cirrus-env + ./gradlew yarn_check-ci + <<: *CLEANUP_GRADLE_CACHE_SCRIPT + <<: *DEFAULT_ARTIFACTS_TEMPLATE + +yarn_validate_task: + depends_on: cache_dependencies + container: + dockerfile: .cirrus/Dockerfile + cpu: 8 + memory: 15Gb + <<: *DEFAULT_TEMPLATE + <<: *GRADLE_CACHE_TEMPLATE + <<: *YARN_CACHE_TEMPLATE + <<: *JEST_REPORT_CACHE_TEMPLATE + script: + - .cirrus/cirrus-yarn-validate-ci.sh + <<: *CLEANUP_GRADLE_CACHE_SCRIPT + <<: *DEFAULT_ARTIFACTS_TEMPLATE + +junit_task: + depends_on: cache_dependencies + container: + dockerfile: .cirrus/Dockerfile + cpu: 8 + memory: 10Gb + <<: *DEFAULT_TEMPLATE + <<: *GRADLE_CACHE_TEMPLATE + <<: *JUNIT_REPORT_CACHE_TEMPLATE + script: + - .cirrus/cirrus-junit.sh + <<: *CLEANUP_GRADLE_CACHE_SCRIPT + <<: *DEFAULT_ARTIFACTS_TEMPLATE + +sq_analysis_task: + depends_on: + - yarn_lint + - yarn_validate + - junit + container: + dockerfile: .cirrus/Dockerfile + cpu: 7.5 + memory: 15Gb + env: + SONAR_HOST_URL: https://next.sonarqube.com/sonarqube + SONAR_TOKEN: ENCRYPTED[!b6fd814826c51e64ee61b0b6f3ae621551f6413383f7170f73580e2e141ac78c4b134b506f6288c74faa0dd564c05a29!] + <<: *GRADLE_CACHE_TEMPLATE + <<: *YARN_CACHE_TEMPLATE + <<: *JEST_REPORT_CACHE_TEMPLATE + <<: *ESLINT_REPORT_CACHE_TEMPLATE + <<: *JUNIT_REPORT_CACHE_TEMPLATE + script: + - .cirrus/cirrus-sq-analysis.sh + <<: *CLEANUP_GRADLE_CACHE_SCRIPT + <<: *DEFAULT_ARTIFACTS_TEMPLATE diff --git a/.cirrus/Dockerfile b/.cirrus/Dockerfile new file mode 100644 index 00000000000..5828cd2fd23 --- /dev/null +++ b/.cirrus/Dockerfile @@ -0,0 +1,51 @@ +ARG JDK_VERSION=17 +FROM eclipse-temurin:${JDK_VERSION}-jdk-jammy + +ENV DEBIAN_FRONTEND=noninteractive + +SHELL ["/bin/bash", "-o", "pipefail", "-c"] +RUN set -o errexit -o nounset \ + && groupadd --system --gid 1000 sonarsource \ + && useradd --system --gid sonarsource --uid 1000 --shell /bin/bash --create-home sonarsource + +RUN echo 'Acquire::AllowReleaseInfoChange::Suite "true";' > /etc/apt/apt.conf.d/allow_release_info_change.conf + +# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863199#23 +RUN mkdir -p /usr/share/man/man1 \ + && apt-get update \ + && apt-get -y install --no-install-recommends \ + lsb-release \ + ca-certificates \ + curl \ + wget \ + gnupg \ + && apt-get clean \ + && rm -rf /var/lib/apt/lists/* + +ARG NODE_MAJOR=18 +RUN DISTRO="$(lsb_release -s -c)" \ + && curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | gpg --dearmor -o /etc/apt/keyrings/nodesource.gpg \ + && echo "deb [signed-by=/etc/apt/keyrings/nodesource.gpg] https://deb.nodesource.com/node_$NODE_MAJOR.x nodistro main" >> /etc/apt/sources.list.d/nodesource.list \ + && curl -sSL https://packages.atlassian.com/api/gpg/key/public | gpg --dearmor -o /etc/apt/keyrings/atlassian.gpg \ + && echo "deb [signed-by=/etc/apt/keyrings/atlassian.gpg] https://packages.atlassian.com/debian/atlassian-sdk-deb/ stable contrib" >> /etc/apt/sources.list.d/atlassian-sdk.list \ + && curl -sSL https://packages.adoptium.net/artifactory/api/gpg/key/public | gpg --dearmor -o /etc/apt/keyrings/adoptium-archive-keyring.gpg \ + && echo "deb [signed-by=/etc/apt/keyrings/adoptium-archive-keyring.gpg] https://packages.adoptium.net/artifactory/deb $DISTRO main" >> /etc/apt/sources.list.d/adoptopenjdk.list \ + && apt-get update \ + && apt-get -y install --no-install-recommends \ + git \ + unzip \ + nodejs="$NODE_MAJOR".* \ + jq \ + expect \ + atlassian-plugin-sdk \ + temurin-8-jdk \ + xmlstarlet \ + && apt-get clean \ + && rm -rf /var/lib/apt/lists/* \ + && npm install -g yarn + +# Avoiding JVM Delays Caused by Random Number Generation (https://docs.oracle.com/cd/E13209_01/wlcp/wlss30/configwlss/jvmrand.html) +RUN sed -i 's|securerandom.source=file:/dev/random|securerandom.source=file:/dev/urandom|g' "$JAVA_HOME/conf/security/java.security" + +USER sonarsource +WORKDIR /home/sonarsource diff --git a/.cirrus/cirrus-build.sh b/.cirrus/cirrus-build.sh new file mode 100755 index 00000000000..74362be0452 --- /dev/null +++ b/.cirrus/cirrus-build.sh @@ -0,0 +1,20 @@ +#!/bin/bash +set -euo pipefail + +source .cirrus/cirrus-env + +./gradlew build \ + -DbuildNumber="$BUILD_NUMBER" \ + -x test \ + --parallel --console plain --build-cache + +pushToCirrusCiCache() { + cd "${1}" + zipfile=$(ls -- *.zip) + echo "Uploading $zipfile to CirrusCI cache" + curl -s -X POST --data-binary @"$zipfile" "http://$CIRRUS_HTTP_CACHE_HOST/$zipfile" + echo "$zipfile successfully uploaded to CirrusCI cache" +} + +export -f pushToCirrusCiCache +pushToCirrusCiCache sonar-application/build/distributions diff --git a/.cirrus/cirrus-cache-dependencies.sh b/.cirrus/cirrus-cache-dependencies.sh new file mode 100755 index 00000000000..38359fa23f4 --- /dev/null +++ b/.cirrus/cirrus-cache-dependencies.sh @@ -0,0 +1,13 @@ +#!/bin/bash +set -euo pipefail + +source .cirrus/cirrus-env + +if [ -d "${GRADLE_USER_HOME?}/caches" ]; then + echo "gradle dependency cache already exists, bypassing dependencies loading" +else + ./gradlew cacheDependencies \ + --parallel --console plain --build-cache --info + ./gradlew cacheDependencies \ + --parallel --console plain --build-cache -Pqa --info +fi diff --git a/.cirrus/cirrus-env b/.cirrus/cirrus-env new file mode 100644 index 00000000000..84df2e8aee3 --- /dev/null +++ b/.cirrus/cirrus-env @@ -0,0 +1,11 @@ +#!/bin/bash +set -uo pipefail + +export GIT_SHA1=${CIRRUS_CHANGE_IN_REPO?} +export GITHUB_BASE_BRANCH=${CIRRUS_BASE_BRANCH:-} +export GITHUB_BRANCH=${CIRRUS_BRANCH?} +export GITHUB_REPO=${CIRRUS_REPO_FULL_NAME?} +export BUILD_NUMBER=${CI_BUILD_NUMBER?} +export PULL_REQUEST=${CIRRUS_PR:-false} +export PULL_REQUEST_SHA=${CIRRUS_BASE_SHA:-} +export PIPELINE_ID=${CIRRUS_BUILD_ID?} diff --git a/.cirrus/cirrus-junit.sh b/.cirrus/cirrus-junit.sh new file mode 100755 index 00000000000..13c103b0d22 --- /dev/null +++ b/.cirrus/cirrus-junit.sh @@ -0,0 +1,7 @@ +#!/bin/bash +set -euo pipefail + +source .cirrus/cirrus-env + +./gradlew cleanTest test jacocoTestReport \ + --parallel --configure-on-demand --console plain -Pqa diff --git a/.cirrus/cirrus-sq-analysis.sh b/.cirrus/cirrus-sq-analysis.sh new file mode 100755 index 00000000000..cfc020cc25d --- /dev/null +++ b/.cirrus/cirrus-sq-analysis.sh @@ -0,0 +1,22 @@ +#!/bin/bash +set -euo pipefail + +source .cirrus/cirrus-env + +: "${SONAR_HOST_URL?}" "${SONAR_TOKEN?}" + +git fetch --unshallow || true +if [ -n "${GITHUB_BASE_BRANCH:-}" ]; then + git fetch origin "${GITHUB_BASE_BRANCH}" +fi + +./gradlew sonar \ + -DbuildNumber="$BUILD_NUMBER" \ + -Dsonar.projectKey=sonarqube \ + -Dsonar.host.url="$SONAR_HOST_URL" \ + -Dsonar.token="$SONAR_TOKEN" \ + -Dsonar.analysis.buildNumber="$BUILD_NUMBER" \ + -Dsonar.analysis.pipeline="$PIPELINE_ID" \ + -Dsonar.analysis.repository="$GITHUB_REPO" \ + -Dsonar.analysis.sha1="$GIT_SHA1" \ + --parallel --configure-on-demand --console plain -Pqa diff --git a/.cirrus/cirrus-yarn-lint-report.sh b/.cirrus/cirrus-yarn-lint-report.sh new file mode 100755 index 00000000000..e6f32e50ae6 --- /dev/null +++ b/.cirrus/cirrus-yarn-lint-report.sh @@ -0,0 +1,7 @@ +#!/bin/bash +set -euo pipefail + +source .cirrus/cirrus-env + +./gradlew yarn_lint-report-ci \ + --parallel --configure-on-demand --console plain -Pqa diff --git a/.cirrus/cirrus-yarn-validate-ci.sh b/.cirrus/cirrus-yarn-validate-ci.sh new file mode 100755 index 00000000000..b3884ed5e2e --- /dev/null +++ b/.cirrus/cirrus-yarn-validate-ci.sh @@ -0,0 +1,7 @@ +#!/bin/bash +set -euo pipefail + +source .cirrus/cirrus-env + +./gradlew yarn_validate-ci \ + --parallel --configure-on-demand --console plain -Pqa diff --git a/.dockerignore b/.dockerignore index 8a17b89c022..06f56716808 100644 --- a/.dockerignore +++ b/.dockerignore @@ -1,2 +1,3 @@ * +!docker !private/docker diff --git a/.travis.yml b/.travis.yml deleted file mode 100644 index 5ba5ac03a6c..00000000000 --- a/.travis.yml +++ /dev/null @@ -1,42 +0,0 @@ -sudo: required -install: true -script: ./travis.sh -dist: jammy -jdk: openjdk17 - -branches: - except: - - /^dogfood\/.*$/ - - public_master - -matrix: - fast_finish: true - -cache: - directories: - - $HOME/.sonar - - $HOME/jvm - - $HOME/.gradle/caches/ - - $HOME/.gradle/wrapper/ - -before_cache: - - rm -f $HOME/.gradle/caches/modules-2/modules-2.lock - - rm -fr $HOME/.gradle/caches/*/plugin-resolution/ - - rm -fr $HOME/.gradle/caches/*/fileHashes/ - - rm -fr $HOME/.gradle/caches/*/scripts/ - -before_install: - - nvm install 18 - - nvm use 18 - -notifications: - email: false - webhooks: - - secure: "jxB1WXSY7zyW7un8mNtFuasV1ucEA5J3FvrlcOHVlaQaMPYV2/YjJNHdH4R0xzkmxy3D5pch2WZo4+sNB+8F3bQOCLQgYWVo0PrF635+6Bnah3tY7LX958WBuu3LPX9tlH+vRssi9gwj2SsqL0JAW+t1AbvHQsEhIfIudEc2VtxA2gHaKeNnvzbpCIs865k8OXkA7a2udlW0yIjri7VO9KJai2hAiKRIBojmrye8fY7Hin/4rA2yBwMMo8JmxIqLXqJOF0EYRyTnFVCxuRFvnDrgSP9pOLt4GQx37k2YPOzwxohziZ1xABMH2Hxx9tq/ynrqACJI0VlktKzCmNoeeSDknnd2erRvBH/n3i54RSP2GXbaB5XUt4l9i9/D4YqPSihrfnSRHk0ct8rcDGRW8nhCVJtsRX0w1Pde05YMshtHJCJXlmx5f6VJWbhBXjIjCbkN2k7guIGoK7cMsOQ5tPOadqYQ4JsXuD4/m2qH1uYvKQE+pplS9zGSBZFTi9Br3QfB5W1rsj4hLubUOd01kQiOIYAnHDfLVicbq3SSIT+H9YZQ80qxcx/ibDnLfhrX02jmswdfzc/hX7OdUh4l8QNS7LyxVe9y/0p5+9iQ0F62AZD6SBXGsZNtufqBruNX7qwT2vJ2tuDOP+zW0gnvNvLMnENw8JH2K2j4lv04pRw=" - slack: - secure: PCekbN71ZmuOt82JUFmlhzxlx3wrXucSIpvxxWdZn9lfsPYQAtXCoOESaHjIVIpggsC5HSAic3HiedsWbuDk/XojmPrDCrfjgYG2wiuSuQlAa60WvzTPqXdRmUXyMQgItaAQbRfZP7kN9No/v8TZDfg5kT3i9ewy0bsfExpjAuo= - on_start: always - -after_failure: - - source ./.travis/setup_environment.sh - - notify_burgr "build" "build" "$TRAVIS_JOB_WEB_URL" "$(cat /tmp/build_start_time)" "$(date --utc +%FT%TZ)" "failed" || true diff --git a/.travis/run_iris.sh b/.travis/run_iris.sh deleted file mode 100755 index d08dec56483..00000000000 --- a/.travis/run_iris.sh +++ /dev/null @@ -1,29 +0,0 @@ -#!/bin/bash -set +x - -VERSION="\[RELEASE\]" -HTTP_CODE=$(\ - curl \ - --write-out '%{http_code}' \ - --location \ - --remote-name \ - --user "$ARTIFACTORY_PRIVATE_USERNAME:$ARTIFACTORY_API_KEY" \ - "$ARTIFACTORY_URL/sonarsource-private-releases/com/sonarsource/iris/iris/$VERSION/iris-$VERSION-jar-with-dependencies.jar"\ -) - -if [ "$HTTP_CODE" != "200" ]; then - echo "Download $VERSION failed -> $HTTP_CODE" - exit 1 -else - echo "Downloaded $VERSION" -fi - -java \ - -Diris.source.projectKey=org.sonarsource.sonarqube:sonarqube-private \ - -Diris.source.url=https://next.sonarqube.com/sonarqube \ - -Diris.source.token=$NEXT_TOKEN \ - -Diris.destination.projectKey=sonarqube \ - -Diris.destination.url=https://next.sonarqube.com/sonarqube \ - -Diris.destination.token=$NEXT_TOKEN \ - -Diris.maxcountposts=50 \ - -jar iris-\[RELEASE\]-jar-with-dependencies.jar diff --git a/.travis/setup_environment.sh b/.travis/setup_environment.sh deleted file mode 100755 index 2f11f417551..00000000000 --- a/.travis/setup_environment.sh +++ /dev/null @@ -1,21 +0,0 @@ -#!/bin/bash -# Sets up the environment to be able to send notifications to burgr -# use generic environments to remove coupling with Travis ; see setup_promote_environment - -export GITHUB_REPO=${TRAVIS_REPO_SLUG} -export BUILD_NUMBER=$TRAVIS_BUILD_NUMBER -export PIPELINE_ID=${BUILD_NUMBER} -if [ "$TRAVIS_PULL_REQUEST" == "false" ]; then - export GIT_SHA1=${TRAVIS_COMMIT} # $CIRRUS_CHANGE_IN_REPO - export GIT_BRANCH=$TRAVIS_BRANCH - export STAGE_TYPE="branch" - export STAGE_ID=${GIT_BRANCH} -else - export GIT_SHA1=${TRAVIS_PULL_REQUEST_SHA} - export GIT_BRANCH=$TRAVIS_PULL_REQUEST_BRANCH - export PULL_REQUEST_BASE_BRANCH=$TRAVIS_BRANCH - export PULL_REQUEST_NUMBER=$TRAVIS_PULL_REQUEST - export STAGE_TYPE="pr_number" - export STAGE_ID=${PULL_REQUEST_NUMBER} -fi -echo "======= SHA1 is ${GIT_SHA1} on branch '${GIT_BRANCH}'. Burgr stage '${STAGE_TYPE} with stage ID '${STAGE_ID} =======" diff --git a/.travis/setup_ramdisk.sh b/.travis/setup_ramdisk.sh deleted file mode 100755 index 75e2492d9cd..00000000000 --- a/.travis/setup_ramdisk.sh +++ /dev/null @@ -1,22 +0,0 @@ -#!/bin/bash -set -euo pipefail - -RED='\033[0;31m' -NC='\033[0m' # No Color -printf "${RED}SETUP RAMDISK${NC}\n" -printf "${RED}disk size before build${NC}\n" -df -h -du -sh $HOME -du -sh $TRAVIS_BUILD_DIR - -printf "${RED}move original TRAVIS_BUILD_DIR${NC}\n" -sudo mv $TRAVIS_BUILD_DIR $TRAVIS_BUILD_DIR.ori -printf "${RED}create ramdisk mount point${NC}\n" -sudo mkdir -p $TRAVIS_BUILD_DIR -printf "${RED}create ramdisk${NC}\n" -sudo mount -t tmpfs -o size=8192m tmps $TRAVIS_BUILD_DIR -printf "${RED}copy TRAVIS_BUILD_DIR to ramdisk${NC}\n" -time sudo cp -R $TRAVIS_BUILD_DIR.ori/. $TRAVIS_BUILD_DIR -printf "${RED}give permissions to travis on its TRAVIS_BUILD_DIR in ramdisk${NC}\n" -sudo chown -R travis:travis $TRAVIS_BUILD_DIR - diff --git a/README.md b/README.md index 4762a96e8b8..e959ed66c10 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -# SonarQube [![Build Status](https://app.travis-ci.com/SonarSource/sonarqube.svg?branch=master)](https://app.travis-ci.com/SonarSource/sonarqube) [![Quality Gate Status](https://next.sonarqube.com/sonarqube/api/project_badges/measure?project=sonarqube&metric=alert_status&token=d95182127dd5583f57578d769b511660601a8547)](https://next.sonarqube.com/sonarqube/dashboard?id=sonarqube) +# SonarQube [![Build Status](https://api.cirrus-ci.com/github/SonarSource/sonarqube.svg?branch=master)](https://cirrus-ci.com/github/SonarSource/sonarqube) [![Quality Gate Status](https://next.sonarqube.com/sonarqube/api/project_badges/measure?project=sonarqube&metric=alert_status&token=d95182127dd5583f57578d769b511660601a8547)](https://next.sonarqube.com/sonarqube/dashboard?id=sonarqube) ## Continuous Inspection diff --git a/travis.sh b/travis.sh deleted file mode 100755 index be566a23702..00000000000 --- a/travis.sh +++ /dev/null @@ -1,93 +0,0 @@ -#!/usr/bin/env bash -set -euo pipefail - -./.travis/setup_ramdisk.sh - -# -# Configure Maven settings and install some script utilities -# -configureTravis() { - mkdir -p ~/.local - curl -sSL https://github.com/SonarSource/travis-utils/tarball/v62 | tar zx --strip-components 1 -C ~/.local - # shellcheck disable=SC1090 - source ~/.local/bin/install -} -configureTravis - -# -# Travis fails on timeout when build does not print logs -# during 10 minutes. This aims to bypass this -# behavior when building the slow sonar-server sub-project. -# -keep_alive() { - while true; do - echo -en "\a" - sleep 60 - done -} -keep_alive & - -# When a pull request is open on the branch, then the job related -# to the branch does not need to be executed and should be canceled. -# It does not book slaves for nothing. -# @TravisCI please provide the feature natively, like at AppVeyor or CircleCI ;-) -cancel_branch_build_with_pr || if [[ $? -eq 1 ]]; then exit 0; fi - -# Used by Next -INITIAL_VERSION=$(grep version gradle.properties | awk -F= '{print $2}') -export INITIAL_VERSION - -source ./.travis/setup_environment.sh - -# Analyse SonarQube on NEXT -export SONAR_HOST_URL=https://next.sonarqube.com/sonarqube - -# Fetch all commit history so that SonarQube has exact blame information -# for issue auto-assignment -# This command can fail with "fatal: --unshallow on a complete repository does not make sense" -# if there are not enough commits in the Git repository (even if Travis executed git clone --depth 50). -# For this reason errors are ignored with "|| true" -git fetch --unshallow || true - -BUILD_START_DATETIME=$(date --utc +%FT%TZ) -echo "$BUILD_START_DATETIME" > /tmp/build_start_time -./gradlew build --warn --console plain - -# exclude external pull requests -if [[ -n "${NEXT_TOKEN-}" ]]; then - sonar_params=(-Dsonar.projectKey=sonarqube - -Dsonar.host.url="$SONAR_HOST_URL" - -Dsonar.token="$NEXT_TOKEN" - -Dsonar.analysis.buildNumber="$BUILD_NUMBER" - -Dsonar.analysis.pipeline="$BUILD_NUMBER" - -Dsonar.analysis.sha1="$GIT_SHA1" - -Dsonar.analysis.repository="$TRAVIS_REPO_SLUG") - - if [ "$TRAVIS_PULL_REQUEST" != "false" ]; then - echo '======= Analyze pull request' - ./gradlew jacocoTestReport yarn_validate-ci sonarqube --warn --console plain \ - "${sonar_params[@]}" \ - -Dsonar.analysis.prNumber="$PULL_REQUEST_NUMBER" \ - -Dsonar.pullrequest.branch="$GIT_BRANCH" \ - -Dsonar.pullrequest.base="$PULL_REQUEST_BASE_BRANCH" \ - -Dsonar.pullrequest.key="$PULL_REQUEST_NUMBER" - elif [ "${TRAVIS_BRANCH}" == "master" ]; then - echo '======= Analyze master' - ./gradlew jacocoTestReport yarn_validate-ci sonarqube --warn --console plain \ - "${sonar_params[@]}" \ - -Dsonar.projectVersion="$INITIAL_VERSION" - else - echo '======= Analyze branch' - ./gradlew jacocoTestReport yarn_validate-ci sonarqube --warn --console plain \ - "${sonar_params[@]}" \ - -Dsonar.branch.name="$GIT_BRANCH" \ - -Dsonar.projectVersion="$INITIAL_VERSION" - fi - - # Wait for 5mins, hopefully the report will be processed. - sleep 5m - ./.travis/run_iris.sh - - BUILD_END_DATETIME=$(date --utc +%FT%TZ) - notify_burgr "build" "build" "$TRAVIS_JOB_WEB_URL" "$BUILD_START_DATETIME" "$BUILD_END_DATETIME" || true -fi |