aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJulien Carsique <julien.carsique@sonarsource.com>2023-12-27 19:01:16 +0100
committersonartech <sonartech@sonarsource.com>2024-01-23 20:04:15 +0000
commitd26c2ca7db6af4b2cfc24d3f560e5354d0692f9e (patch)
treea97d938a49630b8ed3c61ccc22dbb8eb52978deb
parent29f0fde0bf04408dd3c35d5122bacda8289e6926 (diff)
downloadsonarqube-d26c2ca7db6af4b2cfc24d3f560e5354d0692f9e.tar.gz
sonarqube-d26c2ca7db6af4b2cfc24d3f560e5354d0692f9e.zip
BUILD-3755 migrate Travis to Cirrus CI
-rw-r--r--.cirrus.star20
-rw-r--r--.cirrus.yml1118
-rw-r--r--.cirrus/.cirrus.yml183
-rw-r--r--.cirrus/Dockerfile51
-rwxr-xr-x.cirrus/cirrus-build.sh20
-rwxr-xr-x.cirrus/cirrus-cache-dependencies.sh13
-rw-r--r--.cirrus/cirrus-env11
-rwxr-xr-x.cirrus/cirrus-junit.sh7
-rwxr-xr-x.cirrus/cirrus-sq-analysis.sh22
-rwxr-xr-x.cirrus/cirrus-yarn-lint-report.sh7
-rwxr-xr-x.cirrus/cirrus-yarn-validate-ci.sh7
-rw-r--r--.dockerignore1
-rw-r--r--.travis.yml42
-rwxr-xr-x.travis/run_iris.sh29
-rwxr-xr-x.travis/setup_environment.sh21
-rwxr-xr-x.travis/setup_ramdisk.sh22
-rw-r--r--README.md2
-rwxr-xr-xtravis.sh93
18 files changed, 342 insertions, 1327 deletions
diff --git a/.cirrus.star b/.cirrus.star
index 28b17b70fc3..ae0a6b69209 100644
--- a/.cirrus.star
+++ b/.cirrus.star
@@ -1,4 +1,22 @@
load("github.com/SonarSource/cirrus-modules@v2", "load_features")
+load("cirrus", "env", "fs", "yaml")
+
def main(ctx):
- return load_features(ctx)
+ if env.get("CIRRUS_REPO_FULL_NAME") == 'SonarSource/sonar-enterprise':
+ features = yaml.dumps(load_features(ctx, only_if=dict()))
+ doc = fs.read("private/.cirrus.yml")
+ else:
+ if env.get("CIRRUS_USER_PERMISSION") in ["write", "admin"]:
+ features = yaml.dumps(load_features(ctx, features=["build_number"]))
+ else:
+ # workaround for BUILD-4413 (build number on public CI)
+ features = yaml.dumps(
+ {
+ 'env': {
+ 'CI_BUILD_NUMBER': env.get("CIRRUS_PR", "1")
+ },
+ }
+ )
+ doc = fs.read(".cirrus/.cirrus.yml")
+ return features + doc
diff --git a/.cirrus.yml b/.cirrus.yml
deleted file mode 100644
index a9477a8cc7a..00000000000
--- a/.cirrus.yml
+++ /dev/null
@@ -1,1118 +0,0 @@
-env:
- GRADLE_OPTS: -Dorg.gradle.jvmargs="-XX:+PrintFlagsFinal -XshowSettings:vm -XX:+HeapDumpOnOutOfMemoryError -XX:+UnlockExperimentalVMOptions -Djava.security.egd=file:/dev/./urandom -Dfile.encoding=UTF8 -Duser.language=en -Duser.country=US"
- # to be replaced by other credentials
- ARTIFACTORY_PRIVATE_USERNAME: vault-${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-private-reader
- ARTIFACTORY_PRIVATE_PASSWORD: VAULT[development/artifactory/token/${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-private-reader access_token]
- ARTIFACTORY_DEPLOY_USERNAME: vault-${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-qa-deployer
- ARTIFACTORY_DEPLOY_PASSWORD: VAULT[development/artifactory/token/${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-qa-deployer access_token]
- ARTIFACTORY_ACCESS_TOKEN: VAULT[development/artifactory/token/${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-private-reader access_token]
- ARTIFACTORY_PROMOTE_ACCESS_TOKEN: VAULT[development/artifactory/token/${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-promoter access_token]
- ARTIFACTORY_URL: "https://repox.jfrog.io/repox"
- ARTIFACTORY_DEPLOY_REPO: "sonarsource-public-qa"
- ARTIFACTORY_DEPLOY_REPO_PRIVATE: "sonarsource-private-qa"
- # download licenses for testing commercial editions
- GITHUB_TOKEN: VAULT[development/github/token/licenses-ro token]
- # notifications to burgr
- BURGR_URL: VAULT[development/kv/data/burgr data.url]
- BURGR_USERNAME: VAULT[development/kv/data/burgr data.cirrus_username]
- BURGR_PASSWORD: VAULT[development/kv/data/burgr data.cirrus_password]
- # analysis on next.sonarqube.com
- SONARQUBE_NEXT_TOKEN: VAULT[development/kv/data/next data.token]
- # to trigger docs deployment
- ELASTIC_PWD: VAULT[development/team/sonarqube/kv/data/elasticsearch-cloud data.password]
- DATADOG_APIKEY: VAULT[development/team/sonarqube/kv/data/sq-datadog data.apikey]
- CIRRUS_LOG_TIMESTAMP: true
- BRANCH_MAIN: "master"
- BRANCH_NIGHTLY: "branch-nightly-build"
- BRANCH_PATTERN_MAINTENANCE: "branch-.*"
- BRANCH_PATTERN_PUBLIC: "public_.*"
- CRON_DATABASE_JOB_NAME: "master-weekly"
- GRADLE_ENTERPRISE_USERNAME: VAULT[development/team/sonarqube/kv/data/gradle-enterprise data.username]
- GRADLE_ENTERPRISE_PASSWORD: VAULT[development/team/sonarqube/kv/data/gradle-enterprise data.password]
- GRADLE_ENTERPRISE_URL: VAULT[development/team/sonarqube/kv/data/gradle-enterprise data.url]
- GRADLE_ENTERPRISE_KEY: VAULT[development/team/sonarqube/kv/data/gradle-enterprise data.access-key]
-
-bitbucket_cloud_environment_template: &BITBUCKET_CLOUD_ENVIRONMENT_VARIABLES
- BBC_CLIENT_ID: VAULT[development/team/sonarqube/kv/data/bitbucket-cloud data.client_id]
- BBC_CLIENT_SECRET: VAULT[development/team/sonarqube/kv/data/bitbucket-cloud data.client_secret]
- BBC_USERNAME: VAULT[development/kv/data/bitbucket/sonarqube-its data.username]
- BBC_READ_REPOS_APP_PASSWORD: VAULT[development/kv/data/bitbucket/sonarqube-its data.password]
-
-gitlab_cloud_environment_template: &GITLAB_CLOUD_ENVIRONMENT_VARIABLES
- GITLAB_API_TOKEN: VAULT[development/team/sonarqube/kv/data/gitlab-cloud data.api_token]
- GITLAB_READ_ONLY_TOKEN: VAULT[development/team/sonarqube/kv/data/gitlab-cloud data.api_token_ro]
- GITLAB_ADMIN_USERNAME: VAULT[development/team/sonarqube/kv/data/gitlab-cloud data.username]
- GITLAB_ADMIN_PASSWORD: VAULT[development/team/sonarqube/kv/data/gitlab-cloud data.password]
-
-azure_cloud_environment_template: &AZURE_CLOUD_ENVIRONMENT_VARIABLES
- AZURE_USERNAME_LOGIN: VAULT[development/team/sonarqube/kv/data/azure-instance data.username]
- AZURE_CODE_READ_AND_WRITE_TOKEN: VAULT[development/team/sonarqube/kv/data/azure-instance data.token_code_read_write]
- AZURE_FULL_ACCESS_TOKEN: VAULT[development/team/sonarqube/kv/data/azure-instance data.token_full_access]
-
-auto_cancellation: $CIRRUS_BRANCH != $BRANCH_MAIN && $CIRRUS_BRANCH !=~ $BRANCH_PATTERN_MAINTENANCE
-
-cache_dependencies_dependant_task_template:
- &CACHE_DEPENDENCIES_DEPENDANT_TASK_TEMPLATE
- depends_on: cache_dependencies
-
-build_dependant_task_template: &BUILD_DEPENDANT_TASK_TEMPLATE
- depends_on: build
-
-master_task_template: &IS_BRANCH_MASTER
- $CIRRUS_BRANCH == $BRANCH_MAIN
-
-master_and_nightly_task_template: &IS_BRANCH_MASTER_OR_NIGHTLY
- $CIRRUS_BRANCH == $BRANCH_NIGHTLY || $CIRRUS_BRANCH == $BRANCH_MAIN
-
-master_or_nightly_or_maintenance_task_template: &IS_BRANCH_MASTER_OR_NIGHTLY_OR_MAINTENANCE
- $CIRRUS_BRANCH == $BRANCH_NIGHTLY || $CIRRUS_BRANCH == $BRANCH_MAIN || $CIRRUS_BRANCH =~ $BRANCH_PATTERN_MAINTENANCE
-
-is_weekly_job: &IS_WEEKLY_JOB
- $CIRRUS_CRON == $CRON_DATABASE_JOB_NAME
-
-is_old_commit: &IS_OLD_COMMIT
- $CIRRUS_CRON == $CRON_DATABASE_JOB_NAME || $CIRRUS_BRANCH == $BRANCH_NIGHTLY
-
-is_branch_public: &IS_BRANCH_PUBLIC
- $CIRRUS_BRANCH =~ $BRANCH_PATTERN_PUBLIC
-
-is_old_commit_or_public_branch: &IS_OLD_COMMIT_OR_BRANCH_PUBLIC
- $CIRRUS_CRON == $CRON_DATABASE_JOB_NAME || $CIRRUS_BRANCH == $BRANCH_NIGHTLY || $CIRRUS_BRANCH =~ $BRANCH_PATTERN_PUBLIC
-
-database_related_task_template: &IS_DB_TASK_NEEDED >-
- $CIRRUS_BRANCH == $BRANCH_MAIN || $CIRRUS_BRANCH =~ $BRANCH_PATTERN_MAINTENANCE || $CIRRUS_BRANCH == $BRANCH_NIGHTLY ||
- changesInclude('server/sonar-db-dao/**/*Mapper.xml', 'server/sonar-db-migration/**/DbVersion*.java', 'server/sonar-db-dao/**/*Dao.java', 'server/sonar-db-core/src/main/java/org/sonar/db/*.java')
-
-saml_task_template: &IS_SAML_TASK_NEEDED >-
- $CIRRUS_BRANCH == $BRANCH_MAIN || $CIRRUS_BRANCH =~ $BRANCH_PATTERN_MAINTENANCE || $CIRRUS_BRANCH == $BRANCH_NIGHTLY ||
- changesInclude('server/sonar-auth-saml/src/main/java/**/*.java', 'server/sonar-auth-saml/src/main/resources/**/*', 'server/sonar-db-dao/src/main/**/SAML*.java', 'private/it-core/src/test/java/org/sonarqube/tests/saml/*.java', 'server/sonar-webserver-webapi/src/main/java/org/sonar/server/saml/**/*.java')
-
-ldap_task_template: &IS_LDAP_TASK_NEEDED >-
- $CIRRUS_BRANCH == $BRANCH_MAIN || $CIRRUS_BRANCH =~ $BRANCH_PATTERN_MAINTENANCE || $CIRRUS_BRANCH == $BRANCH_NIGHTLY ||
- changesInclude('server/sonar-auth-ldap/src/main/java/**/*.java', 'server/sonar-webserver-auth/src/main/java/org/sonar/server/authentication/LdapCredentialsAuthentication.java', 'private/it-core/src/test/java/org/sonarqube/tests/ldap/*.java')
-
-github_task_template: &IS_GITHUB_TASK_NEEDED >-
- $CIRRUS_BRANCH == $BRANCH_MAIN || $CIRRUS_BRANCH =~ $BRANCH_PATTERN_MAINTENANCE || $CIRRUS_BRANCH == $BRANCH_NIGHTLY ||
- changesInclude(
- 'private/core-extension-developer-server/src/main/java/com/sonarsource/branch/pr/github/**/*.java',
- 'private/core-extension-developer-server/src/main/java/com/sonarsource/branch/pr/github/*.java',
- 'private/it-branch/it-tests/src/test/java/com/sonarsource/branch/it/suite/pr/github/**/*.java',
- 'private/it-branch/it-tests/src/test/java/com/sonarsource/branch/it/suite/pr/github/*.java',
- 'private/it-branch/it-tests/src/test/java/com/sonarsource/provisioning/github/*.java',
- 'private/it-branch/it-tests/src/test/java/com/sonarsource/onboarding/github/*.java',
- 'private/core-extension-github-provisioning/**/*')
-
-gitlab_task_template: &IS_GITLAB_TASK_NEEDED >-
- $CIRRUS_BRANCH == $BRANCH_MAIN || $CIRRUS_BRANCH =~ $BRANCH_PATTERN_MAINTENANCE || $CIRRUS_BRANCH == $BRANCH_NIGHTLY ||
- changesInclude(
- 'private/core-extension-developer-server/src/main/java/com/sonarsource/branch/pr/gitlab/**/*.java',
- 'private/core-extension-developer-server/src/main/java/com/sonarsource/branch/pr/gitlab/*.java',
- 'private/it-branch/it-tests/src/test/java/com/sonarsource/branch/it/suite/pr/gitlab/**/*.java',
- 'private/it-branch/it-tests/src/test/java/com/sonarsource/branch/it/suite/pr/gitlab/*.java',
- 'private/core-extension-gitlab-vulnerability-report/src/main/**/*.java')
-
-gitlab_provisioning_task_template: &IS_GITLAB_PROVISIONING_TASK_NEEDED >-
- $CIRRUS_BRANCH == $BRANCH_MAIN || $CIRRUS_BRANCH =~ $BRANCH_PATTERN_MAINTENANCE || $CIRRUS_BRANCH == $BRANCH_NIGHTLY ||
- changesInclude('private/core-extension-gitlab-provisioning/**/*.java')
-
-azure_task_template: &IS_AZURE_TASK_NEEDED >-
- $CIRRUS_BRANCH == $BRANCH_MAIN || $CIRRUS_BRANCH =~ $BRANCH_PATTERN_MAINTENANCE || $CIRRUS_BRANCH == $BRANCH_NIGHTLY ||
- changesInclude(
- 'private/core-extension-developer-server/src/main/java/com/sonarsource/branch/pr/azuredevops/**/*.java',
- 'private/core-extension-developer-server/src/main/java/com/sonarsource/branch/pr/azuredevops/*.java',
- 'private/it-branch/it-tests/src/test/java/com/sonarsource/branch/it/suite/pr/azure/**/*.java',
- 'private/it-branch/it-tests/src/test/java/com/sonarsource/branch/it/suite/pr/azure/*.java')
-
-bitbucket_server_task_template: &IS_BITBUCKET_SERVER_TASK_NEEDED >-
- $CIRRUS_BRANCH == $BRANCH_MAIN || $CIRRUS_BRANCH =~ $BRANCH_PATTERN_MAINTENANCE || $CIRRUS_BRANCH == $BRANCH_NIGHTLY ||
- changesInclude(
- 'private/core-extension-developer-server/src/main/java/com/sonarsource/branch/pr/bitbucketserver/**/*.java',
- 'private/core-extension-developer-server/src/main/java/com/sonarsource/branch/pr/bitbucketserver/*.java',
- 'private/it-branch/it-tests/src/test/java/com/sonarsource/branch/it/suite/pr/bitbucketserver/**/*.java',
- 'private/it-branch/it-tests/src/test/java/com/sonarsource/branch/it/suite/pr/bitbucketserver/*.java')
-
-bitbucket_cloud_task_template: &IS_BITBUCKET_CLOUD_TASK_NEEDED >-
- $CIRRUS_BRANCH == $BRANCH_MAIN || $CIRRUS_BRANCH =~ $BRANCH_PATTERN_MAINTENANCE || $CIRRUS_BRANCH == $BRANCH_NIGHTLY ||
- changesInclude(
- 'private/core-extension-developer-server/src/main/java/com/sonarsource/branch/pr/bitbucket/**/*.java',
- 'private/core-extension-developer-server/src/main/java/com/sonarsource/branch/pr/bitbucket/*.java',
- 'private/it-branch/it-tests/src/test/java/com/sonarsource/branch/it/suite/pr/bitbucketcloud/**/*.java',
- 'private/it-branch/it-tests/src/test/java/com/sonarsource/branch/it/suite/pr/bitbucketcloud/*.java')
-
-docker_build_container_template: &CONTAINER_TEMPLATE
- region: eu-central-1
- cluster_name: ${CIRRUS_CLUSTER_NAME}
- namespace: default
- builder_subnet_id: ${CIRRUS_AWS_SUBNET}
- builder_role: cirrus-builder
- builder_image: docker-builder-v*
- builder_instance_type: t2.small
- dockerfile: private/docker/Dockerfile-build
- docker_arguments:
- CIRRUS_AWS_ACCOUNT: ${CIRRUS_AWS_ACCOUNT}
- cpu: 1
- memory: 2Gb
-
-vm_instance_template: &VM_TEMPLATE
- experimental: true # see https://github.com/cirruslabs/cirrus-ci-docs/issues/1051
- image: docker-builder-v*
- type: t2.small
- region: eu-central-1
- subnet_id: ${CIRRUS_AWS_SUBNET}
- disk: 10
- cpu: 4
- memory: 8G
-
-t2xlarge_node_selector: &T2XLARGE_NODE_SELECTOR
- nodeSelectorTerms:
- - matchExpressions:
- - key: node.kubernetes.io/instance-type
- operator: In
- values: t2.xlarge
-
-mssql_additional_container_template: &MSSQL_ADDITIONAL_CONTAINER_TEMPLATE
- name: mssql
- image: mcr.microsoft.com/mssql/server:2022-latest
- port: 1433
- cpu: 2
- memory: 5Gb
- env:
- MSSQL_PID: Developer # this is the default edition
- ACCEPT_EULA: Y
- SA_PASSWORD: sonarqube!1
-
-oracle_additional_container_template: &ORACLE_ADDITIONAL_CONTAINER_TEMPLATE
- name: oracle
- image: gvenzl/oracle-xe:21-faststart
- port: 1521
- cpu: 2
- memory: 5Gb
- env:
- ORACLE_PASSWORD: sonarqube
- APP_USER: sonarqube
- APP_USER_PASSWORD: sonarqube
-
-postgres_additional_container_template: &POSTGRES_ADDITIONAL_CONTAINER_TEMPLATE
- name: postgres
- image: public.ecr.aws/docker/library/postgres:15
- port: 5432
- cpu: 1
- memory: 1Gb
- env:
- POSTGRES_USER: postgres
- POSTGRES_PASSWORD: postgres
-
-gitlab_container_template: &GITLAB_CONTAINER_TEMPLATE
- name: gitlab
- ports:
- - 80
- - 443
- cpu: 2
- memory: 8Gb
- image: ${CIRRUS_AWS_ACCOUNT}.dkr.ecr.eu-central-1.amazonaws.com/gitlab:${GITLAB_VERSION}
- env:
- - GITLAB_POST_RECONFIGURE_SCRIPT: |-
- { cat >/tmp/setup.rb <<-'EOF'
- token = User.find_by_username('root').personal_access_tokens.create(scopes: [:api], name: 'token');
- token.set_token('token-here-456');
- token.expires_at = Date.today+10.day
- token.save!;
- token_read = User.find_by_username('root').personal_access_tokens.create(scopes: [:read_user], name: 'token_read');
- token_read.set_token('token-read-123');
- token_read.expires_at = Date.today+10.day
- token_read.save!;
- user = User.find_by_username('root');
- user.password = 'eng-YTU1ydh6kyt7tjd';
- user.password_confirmation = 'eng-YTU1ydh6kyt7tjd';
- user.save!;
- EOF
- } && gitlab-rails runner /tmp/setup.rb && \
- echo 'from_file "/etc/gitlab/external_gitlab.rb"' >> /etc/gitlab/gitlab.rb && \
- gitlab-ctl reconfigure
-
-keycloak_container_template: &KEYCLOAK_CONTAINER_TEMPLATE
- name: keycloak
- image: quay.io/keycloak/keycloak:22.0.5
- port: 8080
- cpu: 1
- memory: 1Gb
- command: "/opt/keycloak/bin/kc.sh start-dev --http-relative-path /auth"
- env:
- KEYCLOAK_ADMIN: admin
- KEYCLOAK_ADMIN_PASSWORD: admin
-
-default_artifact_template: &DEFAULT_ARTIFACTS_TEMPLATE
- on_failure:
- jest_junit_cleanup_script: >
- find . -type f -wholename "**/build/test-results/test-jest/junit.xml" -exec
- xmlstarlet edit --inplace --delete '//testsuite[@errors=0 and @failures=0]' {} \;
- junit_artifacts:
- path: "**/build/test-results/**/*.xml"
- type: "text/xml"
- format: junit
- reports_artifacts:
- path: "**/build/reports/**/*"
- screenshots_artifacts:
- path: "**/build/screenshots/**/*"
- log_artifacts:
- path: "**/build/**/*.log"
- always:
- profile_artifacts:
- path: "**/build/reports/profile/**/*"
-
-yarn_cache_template: &YARN_CACHE_TEMPLATE
- yarn_cache:
- folder: "~/.yarn/berry/cache"
- fingerprint_script: |
- cat \
- server/sonar-web/yarn.lock \
- private/core-extension-developer-server/yarn.lock \
- private/core-extension-enterprise-server/yarn.lock \
- private/core-extension-license/yarn.lock \
- private/core-extension-securityreport/yarn.lock
-
-gradle_cache_template: &GRADLE_CACHE_TEMPLATE
- gradle_cache:
- folder: "~/.gradle/caches"
- fingerprint_script: find -type f \( -name "*.gradle*" -or -name "gradle*.properties" \) | sort | xargs cat
-
-jar_cache_template: &JAR_CACHE_TEMPLATE
- jar_cache:
- folder: "**/build/libs/*.jar"
- fingerprint_key: jar-cache_$CIRRUS_BUILD_ID
-
-eslint_report_cache_template: &ESLINT_REPORT_CACHE_TEMPLATE
- eslint_report_cache:
- folders:
- - server/sonar-web/eslint-report/
- - server/sonar-web/design-system/eslint-report/
- - private/core-extension-securityreport/eslint-report/
- - private/core-extension-license/eslint-report/
- - private/core-extension-enterprise-server/eslint-report/
- - private/core-extension-developer-server/eslint-report/
- fingerprint_script: echo $CIRRUS_BUILD_ID
-
-jest_report_cache_template: &JEST_REPORT_CACHE_TEMPLATE
- jest_report_cache:
- folders:
- - server/sonar-web/coverage/
- - server/sonar-web/design-system/coverage/
- - private/core-extension-securityreport/coverage/
- - private/core-extension-license/coverage/
- - private/core-extension-enterprise-server/coverage/
- - private/core-extension-developer-server/coverage/
- fingerprint_script: echo $CIRRUS_BUILD_ID
-
-junit_report_cache_template: &JUNIT_REPORT_CACHE_TEMPLATE
- junit_report_cache:
- folders:
- - "**/reports/jacoco"
- - "**/test-results/test"
- fingerprint_script: echo $CIRRUS_BUILD_ID
-
-default_template: &DEFAULT_TEMPLATE
- skip: *IS_BRANCH_PUBLIC
- clone_script: |
- git init
- git remote add origin https://x-access-token:${CIRRUS_REPO_CLONE_TOKEN}@github.com/${CIRRUS_REPO_FULL_NAME}.git
- git fetch origin $CIRRUS_CHANGE_IN_REPO $FETCH_DEPTH
- git reset --hard $CIRRUS_CHANGE_IN_REPO
- env:
- FETCH_DEPTH: --depth=1
-
-cache_dependencies_task:
- <<: *DEFAULT_TEMPLATE
- <<: *GRADLE_CACHE_TEMPLATE
- eks_container:
- <<: *CONTAINER_TEMPLATE
- cpu: 2
- memory: 4Gb
- script:
- - ./private/cirrus/cirrus-cache-dependencies.sh
- <<: *DEFAULT_ARTIFACTS_TEMPLATE
-
-build_task:
- <<: *DEFAULT_TEMPLATE
- <<: *GRADLE_CACHE_TEMPLATE
- <<: *YARN_CACHE_TEMPLATE
- <<: *JAR_CACHE_TEMPLATE
- <<: *CACHE_DEPENDENCIES_DEPENDANT_TASK_TEMPLATE
- eks_container:
- <<: *CONTAINER_TEMPLATE
- cpu: 7.5
- memory: 8Gb
- script:
- - ./private/cirrus/cirrus-build.sh
- <<: *DEFAULT_ARTIFACTS_TEMPLATE
-
-publish_task:
- <<: *DEFAULT_TEMPLATE
- <<: *GRADLE_CACHE_TEMPLATE
- <<: *BUILD_DEPENDANT_TASK_TEMPLATE
- skip: *IS_WEEKLY_JOB
- eks_container:
- <<: *CONTAINER_TEMPLATE
- cpu: 4
- memory: 4Gb
- env:
- ORG_GRADLE_PROJECT_signingKey: VAULT[development/kv/data/sign data.key]
- ORG_GRADLE_PROJECT_signingPassword: VAULT[development/kv/data/sign data.passphrase]
- ORG_GRADLE_PROJECT_signingKeyId: VAULT[development/kv/data/sign data.key_id]
- script:
- - ./private/cirrus/cirrus-publish.sh
-
-yarn_lint_task:
- <<: *DEFAULT_TEMPLATE
- <<: *GRADLE_CACHE_TEMPLATE
- <<: *YARN_CACHE_TEMPLATE
- <<: *ESLINT_REPORT_CACHE_TEMPLATE
- <<: *CACHE_DEPENDENCIES_DEPENDANT_TASK_TEMPLATE
- skip: *IS_WEEKLY_JOB
- eks_container:
- <<: *CONTAINER_TEMPLATE
- cpu: 3
- memory: 6Gb
- script:
- - ./private/cirrus/cirrus-yarn-lint-report.sh
- <<: *DEFAULT_ARTIFACTS_TEMPLATE
-
-yarn_check_task:
- <<: *DEFAULT_TEMPLATE
- <<: *GRADLE_CACHE_TEMPLATE
- <<: *YARN_CACHE_TEMPLATE
- <<: *CACHE_DEPENDENCIES_DEPENDANT_TASK_TEMPLATE
- skip: *IS_WEEKLY_JOB
- eks_container:
- <<: *CONTAINER_TEMPLATE
- cpu: 3
- memory: 5Gb
- script: |
- source cirrus-env YARN
- gradle yarn_check-ci --profile
- <<: *DEFAULT_ARTIFACTS_TEMPLATE
-
-yarn_validate_task:
- <<: *DEFAULT_TEMPLATE
- <<: *GRADLE_CACHE_TEMPLATE
- <<: *YARN_CACHE_TEMPLATE
- <<: *JEST_REPORT_CACHE_TEMPLATE
- <<: *CACHE_DEPENDENCIES_DEPENDANT_TASK_TEMPLATE
- skip: *IS_WEEKLY_JOB
- eks_container:
- <<: *CONTAINER_TEMPLATE
- cpu: 7.5
- memory: 25Gb
- script:
- - ./private/cirrus/cirrus-yarn-validate-ci.sh
- <<: *DEFAULT_ARTIFACTS_TEMPLATE
-
-junit_task:
- <<: *DEFAULT_TEMPLATE
- <<: *GRADLE_CACHE_TEMPLATE
- <<: *JUNIT_REPORT_CACHE_TEMPLATE
- <<: *CACHE_DEPENDENCIES_DEPENDANT_TASK_TEMPLATE
- skip: *IS_WEEKLY_JOB
- eks_container:
- <<: *CONTAINER_TEMPLATE
- cpu: 7.5
- memory: 10Gb
- script:
- - ./private/cirrus/cirrus-junit.sh
- <<: *DEFAULT_ARTIFACTS_TEMPLATE
-
-sq_analysis_task:
- skip: *IS_OLD_COMMIT_OR_BRANCH_PUBLIC
- <<: *GRADLE_CACHE_TEMPLATE
- <<: *YARN_CACHE_TEMPLATE
- <<: *JEST_REPORT_CACHE_TEMPLATE
- <<: *ESLINT_REPORT_CACHE_TEMPLATE
- <<: *JUNIT_REPORT_CACHE_TEMPLATE
- depends_on:
- - yarn_validate
- - yarn_lint
- - junit
- eks_container:
- <<: *CONTAINER_TEMPLATE
- cpu: 7.5
- memory: 15Gb
- script:
- - ./private/cirrus/cirrus-sq-analysis.sh
- <<: *DEFAULT_ARTIFACTS_TEMPLATE
-
-task: #bitbucket
- <<: *DEFAULT_TEMPLATE
- <<: *BUILD_DEPENDANT_TASK_TEMPLATE
- <<: *JAR_CACHE_TEMPLATE
- <<: *GRADLE_CACHE_TEMPLATE
- only_if: *IS_BITBUCKET_SERVER_TASK_NEEDED
- eks_container:
- <<: *CONTAINER_TEMPLATE
- cpu: 3
- memory: 10Gb
- additional_containers:
- - <<: *POSTGRES_ADDITIONAL_CONTAINER_TEMPLATE
- maven_cache:
- folder: ~/.m2
- env:
- QA_CATEGORY: BITBUCKET
- matrix:
- - name: qa_bb_5.15.0
- bitbucket_background_script: ./private/cirrus/cirrus-start-bitbucket.sh 5.15.0
- - name: qa_bb_latest
- bitbucket_background_script: ./private/cirrus/cirrus-start-bitbucket.sh LATEST
- wait_for_bitbucket_to_boot_script: secs=3600; endTime=$(( $(date +%s) + secs )); while [[ "$(curl -s -o /dev/null -w ''%{http_code}'' localhost:7990/bitbucket/status)" != "200" ]] || [ $(date +%s) -gt $endTime ]; do sleep 5; done
- script:
- - ./private/cirrus/cirrus-qa.sh postgres
- <<: *DEFAULT_ARTIFACTS_TEMPLATE
-
-qa_bb_cloud_task:
- <<: *DEFAULT_TEMPLATE
- <<: *BUILD_DEPENDANT_TASK_TEMPLATE
- <<: *JAR_CACHE_TEMPLATE
- <<: *GRADLE_CACHE_TEMPLATE
- only_if: *IS_BITBUCKET_CLOUD_TASK_NEEDED
- eks_container:
- <<: *CONTAINER_TEMPLATE
- cpu: 2.4
- memory: 7Gb
- env:
- QA_CATEGORY: BITBUCKET_CLOUD
- <<: *BITBUCKET_CLOUD_ENVIRONMENT_VARIABLES
- script:
- - ./private/cirrus/cirrus-qa.sh h2
- <<: *DEFAULT_ARTIFACTS_TEMPLATE
-
-qa_ha_cluster_task:
- <<: *DEFAULT_TEMPLATE
- <<: *BUILD_DEPENDANT_TASK_TEMPLATE
- only_if: *IS_BRANCH_MASTER_OR_NIGHTLY_OR_MAINTENANCE
- <<: *JAR_CACHE_TEMPLATE
- <<: *GRADLE_CACHE_TEMPLATE
- eks_container:
- <<: *CONTAINER_TEMPLATE
- cpu: 3
- memory: 10Gb
- additional_containers:
- - <<: *POSTGRES_ADDITIONAL_CONTAINER_TEMPLATE
- <<: *T2XLARGE_NODE_SELECTOR
- env:
- QA_CATEGORY: HA_CLUSTER
- script:
- - ./private/cirrus/cirrus-qa.sh postgres
- <<: *DEFAULT_ARTIFACTS_TEMPLATE
-
-qa_ha_elasticsearch_task:
- <<: *DEFAULT_TEMPLATE
- <<: *BUILD_DEPENDANT_TASK_TEMPLATE
- only_if: *IS_BRANCH_MASTER_OR_NIGHTLY_OR_MAINTENANCE
- <<: *JAR_CACHE_TEMPLATE
- <<: *GRADLE_CACHE_TEMPLATE
- eks_container:
- <<: *CONTAINER_TEMPLATE
- cpu: 2.4
- memory: 10Gb
- additional_containers:
- - <<: *POSTGRES_ADDITIONAL_CONTAINER_TEMPLATE
- <<: *T2XLARGE_NODE_SELECTOR
- env:
- QA_CATEGORY: HA_ELASTICSEARCH
- script:
- - ./private/cirrus/cirrus-qa.sh postgres
- <<: *DEFAULT_ARTIFACTS_TEMPLATE
-
-qa_performance_task:
- <<: *DEFAULT_TEMPLATE
- <<: *BUILD_DEPENDANT_TASK_TEMPLATE
- only_if: *IS_BRANCH_MASTER_OR_NIGHTLY
- <<: *JAR_CACHE_TEMPLATE
- <<: *GRADLE_CACHE_TEMPLATE
- eks_container:
- <<: *CONTAINER_TEMPLATE
- cpu: 2.4
- memory: 10Gb
- additional_containers:
- - <<: *POSTGRES_ADDITIONAL_CONTAINER_TEMPLATE
- env:
- QA_CATEGORY: AnalysisPerformance
- script:
- - ./private/cirrus/cirrus-qa.sh postgres
- <<: *DEFAULT_ARTIFACTS_TEMPLATE
-
-# GitLab QA is executed in a dedicated task in order to not slow down the pipeline, as a GitLab on-prem server docker image is required.
-qa_gitlab_task:
- <<: *DEFAULT_TEMPLATE
- <<: *BUILD_DEPENDANT_TASK_TEMPLATE
- <<: *JAR_CACHE_TEMPLATE
- <<: *GRADLE_CACHE_TEMPLATE
- only_if: *IS_GITLAB_TASK_NEEDED
- depends_on:
- - build
- env:
- QA_CATEGORY: GITLAB
- matrix:
- - name: qa_gitlab_latest
- env:
- - GITLAB_VERSION: latest
- - name: qa_gitlab_oldest
- env:
- - GITLAB_VERSION: 15.6.2-ce.0
- eks_container:
- <<: *CONTAINER_TEMPLATE
- cpu: 2.4
- memory: 7Gb
- use_in_memory_disk: true
- additional_containers:
- - <<: *GITLAB_CONTAINER_TEMPLATE
-
- script:
- - ./private/cirrus/cirrus-qa.sh h2
- <<: *DEFAULT_ARTIFACTS_TEMPLATE
-
-qa_gitlab_cloud_task:
- <<: *DEFAULT_TEMPLATE
- <<: *BUILD_DEPENDANT_TASK_TEMPLATE
- <<: *JAR_CACHE_TEMPLATE
- <<: *GRADLE_CACHE_TEMPLATE
- only_if: *IS_GITLAB_TASK_NEEDED
- eks_container:
- <<: *CONTAINER_TEMPLATE
- cpu: 2.4
- memory: 7Gb
- use_in_memory_disk: true
- env:
- QA_CATEGORY: GITLAB_CLOUD
- <<: *GITLAB_CLOUD_ENVIRONMENT_VARIABLES
- script:
- - ./private/cirrus/cirrus-qa.sh h2
- <<: *DEFAULT_ARTIFACTS_TEMPLATE
-
-# Azure QA is executed in a dedicated task in order to not slow down the pipeline.
-qa_azure_task:
- <<: *DEFAULT_TEMPLATE
- <<: *BUILD_DEPENDANT_TASK_TEMPLATE
- <<: *JAR_CACHE_TEMPLATE
- <<: *GRADLE_CACHE_TEMPLATE
- only_if: *IS_AZURE_TASK_NEEDED
- eks_container:
- <<: *CONTAINER_TEMPLATE
- cpu: 2.4
- memory: 7Gb
- env:
- QA_CATEGORY: AZURE
- <<: *AZURE_CLOUD_ENVIRONMENT_VARIABLES
- script:
- - ./private/cirrus/cirrus-qa.sh h2
- <<: *DEFAULT_ARTIFACTS_TEMPLATE
-
-qa_github_task:
- <<: *DEFAULT_TEMPLATE
- <<: *BUILD_DEPENDANT_TASK_TEMPLATE
- only_if: *IS_GITHUB_TASK_NEEDED
- <<: *JAR_CACHE_TEMPLATE
- <<: *GRADLE_CACHE_TEMPLATE
- eks_container:
- <<: *CONTAINER_TEMPLATE
- cpu: 4
- memory: 7Gb
- env:
- QA_CATEGORY: GITHUB
- script:
- - ./private/cirrus/cirrus-qa.sh h2
- <<: *DEFAULT_ARTIFACTS_TEMPLATE
-
-qa_github_provisioning_task:
- <<: *DEFAULT_TEMPLATE
- <<: *BUILD_DEPENDANT_TASK_TEMPLATE
- only_if: *IS_GITHUB_TASK_NEEDED
- <<: *JAR_CACHE_TEMPLATE
- <<: *GRADLE_CACHE_TEMPLATE
- eks_container:
- <<: *CONTAINER_TEMPLATE
- cpu: 4
- memory: 7Gb
- env:
- QA_CATEGORY: GITHUB_PROVISIONING
- script:
- - ./private/cirrus/cirrus-qa.sh h2
- <<: *DEFAULT_ARTIFACTS_TEMPLATE
-
-qa_gitlab_provisioning_task:
- <<: *DEFAULT_TEMPLATE
- <<: *BUILD_DEPENDANT_TASK_TEMPLATE
- <<: *JAR_CACHE_TEMPLATE
- <<: *GRADLE_CACHE_TEMPLATE
- only_if: *IS_GITLAB_PROVISIONING_TASK_NEEDED
- env:
- QA_CATEGORY: GITLAB_PROVISIONING
- matrix:
- - name: qa_gitlab_provisioning_latest
- env:
- - GITLAB_VERSION: latest
- - name: qa_gitlab_provisioning_oldest
- env:
- - GITLAB_VERSION: 15.6.2-ce.0
- eks_container:
- <<: *CONTAINER_TEMPLATE
- cpu: 2.4
- memory: 7Gb
- use_in_memory_disk: true
- additional_containers:
- - <<: *GITLAB_CONTAINER_TEMPLATE
- script:
- - ./private/cirrus/cirrus-qa.sh h2
- <<: *DEFAULT_ARTIFACTS_TEMPLATE
-
-qa_github_slow_task:
- <<: *DEFAULT_TEMPLATE
- <<: *BUILD_DEPENDANT_TASK_TEMPLATE
- only_if: *IS_GITHUB_TASK_NEEDED
- skip: *IS_BRANCH_MASTER
- <<: *JAR_CACHE_TEMPLATE
- <<: *GRADLE_CACHE_TEMPLATE
- eks_container:
- <<: *CONTAINER_TEMPLATE
- cpu: 4
- memory: 7Gb
- env:
- QA_CATEGORY: GITHUB_SLOW_TESTS
- GITHUB_COM_CODE_SCANNING_ALERTS_TECHNICAL_USER_USERNAME: QA-task
- GITHUB_COM_CODE_SCANNING_ALERTS_TECHNICAL_USER_TOKEN: VAULT[development/github/token/SonarSource-sonar-enterprise-code-scanning token]
- script:
- - ./private/cirrus/cirrus-qa.sh h2
- <<: *DEFAULT_ARTIFACTS_TEMPLATE
-
-# SAML QA is executed in a dedicated task in order to not slow down the pipeline, as a Keycloak server docker image is required.
-qa_saml_task:
- <<: *DEFAULT_TEMPLATE
- <<: *BUILD_DEPENDANT_TASK_TEMPLATE
- only_if: *IS_SAML_TASK_NEEDED
- <<: *JAR_CACHE_TEMPLATE
- <<: *GRADLE_CACHE_TEMPLATE
- eks_container:
- <<: *CONTAINER_TEMPLATE
- cpu: 2.4
- memory: 10Gb
- additional_containers:
- - <<: *KEYCLOAK_CONTAINER_TEMPLATE
- env:
- QA_CATEGORY: SAML
- script:
- - ./private/cirrus/cirrus-qa.sh h2
- <<: *DEFAULT_ARTIFACTS_TEMPLATE
-
-# LDAP QA is executed in a dedicated task in order to not slow down the pipeline, as a LDAP server and SonarQube server are re-started on each test.
-qa_ldap_task:
- <<: *DEFAULT_TEMPLATE
- <<: *BUILD_DEPENDANT_TASK_TEMPLATE
- only_if: *IS_LDAP_TASK_NEEDED
- <<: *JAR_CACHE_TEMPLATE
- <<: *GRADLE_CACHE_TEMPLATE
- eks_container:
- <<: *CONTAINER_TEMPLATE
- cpu: 2.4
- memory: 10Gb
- env:
- QA_CATEGORY: LDAP
- script:
- - ./private/cirrus/cirrus-qa.sh h2
- <<: *DEFAULT_ARTIFACTS_TEMPLATE
-
-promote_task:
- <<: *DEFAULT_TEMPLATE
- skip: *IS_OLD_COMMIT
- depends_on:
- - build
- - sq_analysis
- - qa
- - qa_saml
- - qa_ldap
- - publish
- eks_container:
- <<: *CONTAINER_TEMPLATE
- memory: 512M
- stateful: true
- script:
- - ./private/cirrus/cirrus-promote.sh
-
-package_docker_task:
- <<: *DEFAULT_TEMPLATE
- only_if: *IS_BRANCH_MASTER
- skip: *IS_OLD_COMMIT
- depends_on: promote
- ec2_instance:
- <<: *VM_TEMPLATE
- clone_script: |
- git clone --recursive --branch=$CIRRUS_BRANCH https://x-access-token:${CIRRUS_REPO_CLONE_TOKEN}@github.com/${CIRRUS_REPO_FULL_NAME}.git $CIRRUS_WORKING_DIR --depth=1
- git fetch origin $CIRRUS_CHANGE_IN_REPO --depth=1
- git reset --hard $CIRRUS_CHANGE_IN_REPO
- install_tooling_script:
- - ./private/cirrus/cirrus-tooling-for-package-docker.sh
- package_script:
- - ./private/cirrus/cirrus-package-docker.sh
-
-sql_mssql_task:
- <<: *DEFAULT_TEMPLATE
- <<: *BUILD_DEPENDANT_TASK_TEMPLATE
- only_if: *IS_DB_TASK_NEEDED
- <<: *GRADLE_CACHE_TEMPLATE
- eks_container:
- <<: *CONTAINER_TEMPLATE
- memory: 5Gb
- additional_containers:
- - name: mssql
- image: mcr.microsoft.com/mssql/server:2019-GA-ubuntu-16.04
- port: 1433
- cpu: 2
- memory: 5Gb
- env:
- MSSQL_PID: Developer # this is the default edition
- ACCEPT_EULA: Y
- SA_PASSWORD: sonarqube!1
- script:
- - ./private/cirrus/cirrus-db-unit-test.sh mssql
- <<: *DEFAULT_ARTIFACTS_TEMPLATE
-
-sql_postgres_task:
- <<: *DEFAULT_TEMPLATE
- <<: *BUILD_DEPENDANT_TASK_TEMPLATE
- only_if: *IS_DB_TASK_NEEDED
- <<: *GRADLE_CACHE_TEMPLATE
- eks_container:
- <<: *CONTAINER_TEMPLATE
- memory: 5Gb
- additional_containers:
- - <<: *POSTGRES_ADDITIONAL_CONTAINER_TEMPLATE
- script:
- - ./private/cirrus/cirrus-db-unit-test.sh postgres
- <<: *DEFAULT_ARTIFACTS_TEMPLATE
-
-# this is the oldest compatible version of PostgreSQL
-sql_postgres11_task:
- <<: *DEFAULT_TEMPLATE
- <<: *BUILD_DEPENDANT_TASK_TEMPLATE
- only_if: *IS_DB_TASK_NEEDED
- <<: *GRADLE_CACHE_TEMPLATE
- eks_container:
- <<: *CONTAINER_TEMPLATE
- memory: 5Gb
- additional_containers:
- - <<: *POSTGRES_ADDITIONAL_CONTAINER_TEMPLATE
- image: public.ecr.aws/docker/library/postgres:11
- script:
- - ./private/cirrus/cirrus-db-unit-test.sh postgres
- <<: *DEFAULT_ARTIFACTS_TEMPLATE
-
-sql_oracle21_task:
- <<: *DEFAULT_TEMPLATE
- <<: *BUILD_DEPENDANT_TASK_TEMPLATE
- only_if: *IS_DB_TASK_NEEDED
- <<: *GRADLE_CACHE_TEMPLATE
- eks_container:
- <<: *CONTAINER_TEMPLATE
- memory: 5Gb
- additional_containers:
- - <<: *ORACLE_ADDITIONAL_CONTAINER_TEMPLATE
- script:
- - ./private/cirrus/cirrus-db-unit-test.sh oracle21
- <<: *DEFAULT_ARTIFACTS_TEMPLATE
-
-upgd_mssql_task:
- <<: *DEFAULT_TEMPLATE
- <<: *BUILD_DEPENDANT_TASK_TEMPLATE
- only_if: *IS_DB_TASK_NEEDED
- <<: *JAR_CACHE_TEMPLATE
- <<: *GRADLE_CACHE_TEMPLATE
- eks_container:
- <<: *CONTAINER_TEMPLATE
- cpu: 1.5
- memory: 6Gb
- additional_containers:
- - <<: *MSSQL_ADDITIONAL_CONTAINER_TEMPLATE
- env:
- QA_CATEGORY: Upgrade
- script:
- - ./private/cirrus/cirrus-qa.sh mssql
- <<: *DEFAULT_ARTIFACTS_TEMPLATE
-
-upgd_oracle21_task:
- <<: *DEFAULT_TEMPLATE
- <<: *BUILD_DEPENDANT_TASK_TEMPLATE
- only_if: *IS_DB_TASK_NEEDED
- <<: *JAR_CACHE_TEMPLATE
- <<: *GRADLE_CACHE_TEMPLATE
- eks_container:
- <<: *CONTAINER_TEMPLATE
- cpu: 1.5
- memory: 6Gb
- additional_containers:
- - <<: *ORACLE_ADDITIONAL_CONTAINER_TEMPLATE
- env:
- QA_CATEGORY: Upgrade
- script:
- - ./private/cirrus/cirrus-qa.sh oracle21
- <<: *DEFAULT_ARTIFACTS_TEMPLATE
-
-mend_scan_task:
- <<: *DEFAULT_TEMPLATE
- <<: *BUILD_DEPENDANT_TASK_TEMPLATE
- only_if: *IS_BRANCH_MASTER_OR_NIGHTLY_OR_MAINTENANCE
- <<: *YARN_CACHE_TEMPLATE
- <<: *GRADLE_CACHE_TEMPLATE
- timeout_in: 30m
- eks_container:
- <<: *CONTAINER_TEMPLATE
- cpu: 2
- memory: 4Gb
- env:
- WS_APIKEY: VAULT[development/kv/data/mend data.apikey]
- WS_WSS_URL: VAULT[development/kv/data/mend data.url]
- WS_USERKEY: VAULT[development/kv/data/mend data.userKey]
- SLACK_WEBHOOK_SQ: VAULT[development/kv/data/slack data.webhook]
- mend_script:
- - ./private/cirrus/cirrus-mend-scan.sh
- allow_failures: "true"
- on_failure:
- slack_notification_script:
- - ./private/cirrus/cirrus-mend-notifications.sh
- always:
- ws_artifacts:
- path: "whitesource/**/*"
-
-qa_task:
- <<: *DEFAULT_TEMPLATE
- <<: *BUILD_DEPENDANT_TASK_TEMPLATE
- <<: *CACHE_DEPENDENCIES_DEPENDANT_TASK_TEMPLATE
- <<: *GRADLE_CACHE_TEMPLATE
- <<: *JAR_CACHE_TEMPLATE
- skip: *IS_WEEKLY_JOB
- eks_container:
- <<: *CONTAINER_TEMPLATE
- cpu: 3
- memory: 7Gb
- additional_containers:
- - <<: *POSTGRES_ADDITIONAL_CONTAINER_TEMPLATE
- name: QA $QA_CATEGORY
- alias: qa
- env:
- matrix:
- # QA name should not exceed 13 characters to be properly reported on wallboard by burgr
- # QA name cannot contain "_"
- - QA_CATEGORY: Cat1
- - QA_CATEGORY: Cat2
- - QA_CATEGORY: Cat3
- - QA_CATEGORY: Cat4
- - QA_CATEGORY: Cat5
- - QA_CATEGORY: Cat6
- - QA_CATEGORY: Analysis
- - QA_CATEGORY: Authorization
- - QA_CATEGORY: Auth
- - QA_CATEGORY: Branch1
- - QA_CATEGORY: Branch2
- - QA_CATEGORY: CE1
- - QA_CATEGORY: CE2
- - QA_CATEGORY: ComputeEngine
- - QA_CATEGORY: DE1
- - QA_CATEGORY: DE2
- - QA_CATEGORY: EE1
- - QA_CATEGORY: EE2
- - QA_CATEGORY: Issues1
- - QA_CATEGORY: Issues2
- - QA_CATEGORY: License1
- - QA_CATEGORY: License2
- - QA_CATEGORY: Plugins
- - QA_CATEGORY: Project
- - QA_CATEGORY: QP
- - QA_CATEGORY: Upgrade
- script:
- - ./private/cirrus/cirrus-qa.sh postgres
- <<: *DEFAULT_ARTIFACTS_TEMPLATE
-
-weekly_postgres_task:
- <<: *DEFAULT_TEMPLATE
- <<: *BUILD_DEPENDANT_TASK_TEMPLATE
- <<: *CACHE_DEPENDENCIES_DEPENDANT_TASK_TEMPLATE
- <<: *GRADLE_CACHE_TEMPLATE
- <<: *JAR_CACHE_TEMPLATE
- only_if: *IS_WEEKLY_JOB
- eks_container:
- <<: *CONTAINER_TEMPLATE
- cpu: 3
- memory: 7Gb
- additional_containers:
- - <<: *POSTGRES_ADDITIONAL_CONTAINER_TEMPLATE
- alias: weekly-qa
- env:
- GITLAB_VERSION: latest
- <<: *BITBUCKET_CLOUD_ENVIRONMENT_VARIABLES
- <<: *GITLAB_CLOUD_ENVIRONMENT_VARIABLES
- <<: *AZURE_CLOUD_ENVIRONMENT_VARIABLES
- matrix:
- # QA name should not exceed 13 characters to be properly reported on wallboard by burgr
- # QA name cannot contain "_"
- - QA_CATEGORY: Cat1
- - QA_CATEGORY: Cat2
- - QA_CATEGORY: Cat3
- - QA_CATEGORY: Cat4
- - QA_CATEGORY: Cat5
- - QA_CATEGORY: Cat6
- - QA_CATEGORY: Analysis
- - QA_CATEGORY: Authorization
- - QA_CATEGORY: Auth
- - QA_CATEGORY: Branch1
- - QA_CATEGORY: Branch2
- - QA_CATEGORY: CE1
- - QA_CATEGORY: CE2
- - QA_CATEGORY: ComputeEngine
- - QA_CATEGORY: DE1
- - QA_CATEGORY: DE2
- - QA_CATEGORY: EE1
- - QA_CATEGORY: EE2
- - QA_CATEGORY: Issues1
- - QA_CATEGORY: Issues2
- - QA_CATEGORY: License1
- - QA_CATEGORY: License2
- - QA_CATEGORY: Plugins
- - QA_CATEGORY: Project
- - QA_CATEGORY: QP
- - QA_CATEGORY: Upgrade
- - QA_CATEGORY: AnalysisPerformance
- - QA_CATEGORY: LDAP
- - QA_CATEGORY: BITBUCKET_CLOUD
- - QA_CATEGORY: GITLAB_CLOUD
- - QA_CATEGORY: AZURE
- - QA_CATEGORY: MIGRATION
- #- QA_CATEGORY: GITHUB needs to be disabled because the tests in this package fail when running a scanner
- #- QA_CATEGORY: GITHUB_PROVISIONING needs to be disabled because tests fail with dangling connection problem
- #- QA_CATEGORY: HA needs to be disabled because otherwise we would be assigning big container to each category
- maven_cache:
- folder: ~/.m2
- name: Postgres 15 $QA_CATEGORY
- script: ./private/cirrus/cirrus-qa.sh postgres
- <<: *DEFAULT_ARTIFACTS_TEMPLATE
-
-
-weekly_oracle_task:
- <<: *DEFAULT_TEMPLATE
- <<: *BUILD_DEPENDANT_TASK_TEMPLATE
- <<: *CACHE_DEPENDENCIES_DEPENDANT_TASK_TEMPLATE
- <<: *GRADLE_CACHE_TEMPLATE
- <<: *JAR_CACHE_TEMPLATE
- only_if: *IS_WEEKLY_JOB
- eks_container:
- <<: *CONTAINER_TEMPLATE
- cpu: 3
- memory: 7Gb
- additional_containers:
- - <<: *ORACLE_ADDITIONAL_CONTAINER_TEMPLATE
- alias: weekly-qa
- env:
- GITLAB_VERSION: latest
- <<: *BITBUCKET_CLOUD_ENVIRONMENT_VARIABLES
- <<: *GITLAB_CLOUD_ENVIRONMENT_VARIABLES
- <<: *AZURE_CLOUD_ENVIRONMENT_VARIABLES
- matrix:
- # QA name should not exceed 13 characters to be properly reported on wallboard by burgr
- # QA name cannot contain "_"
- - QA_CATEGORY: Cat1
- - QA_CATEGORY: Cat2
- - QA_CATEGORY: Cat3
- - QA_CATEGORY: Cat4
- - QA_CATEGORY: Cat5
- - QA_CATEGORY: Cat6
- - QA_CATEGORY: Analysis
- - QA_CATEGORY: Authorization
- - QA_CATEGORY: Auth
- - QA_CATEGORY: Branch1
- - QA_CATEGORY: Branch2
- - QA_CATEGORY: CE1
- #- QA_CATEGORY: CE2 needs to be disabled because the tests in SonarLintServerPushTest are very slow on Oracle SONAR-21036
- - QA_CATEGORY: ComputeEngine
- - QA_CATEGORY: DE1
- - QA_CATEGORY: DE2
- - QA_CATEGORY: EE1
- - QA_CATEGORY: EE2
- - QA_CATEGORY: Issues1
- - QA_CATEGORY: Issues2
- - QA_CATEGORY: License1
- - QA_CATEGORY: License2
- - QA_CATEGORY: Plugins
- - QA_CATEGORY: Project
- - QA_CATEGORY: QP
- - QA_CATEGORY: Upgrade
- - QA_CATEGORY: AnalysisPerformance
- - QA_CATEGORY: LDAP
- - QA_CATEGORY: BITBUCKET_CLOUD
- - QA_CATEGORY: GITLAB_CLOUD
- - QA_CATEGORY: AZURE
- - QA_CATEGORY: MIGRATION
- #- QA_CATEGORY: GITHUB needs to be disabled because the tests in this package fail when running a scanner
- #- QA_CATEGORY: GITHUB_PROVISIONING needs to be disabled because tests fail with dangling connection problem
- #- QA_CATEGORY: HA needs to be disabled because otherwise we would be assigning big container to each category
- maven_cache:
- folder: ~/.m2
- name: Oracle 21 XE $QA_CATEGORY
- script: ./private/cirrus/cirrus-qa.sh oracle21
- <<: *DEFAULT_ARTIFACTS_TEMPLATE
-
-weekly_mssql_task:
- <<: *DEFAULT_TEMPLATE
- <<: *BUILD_DEPENDANT_TASK_TEMPLATE
- <<: *CACHE_DEPENDENCIES_DEPENDANT_TASK_TEMPLATE
- <<: *GRADLE_CACHE_TEMPLATE
- <<: *JAR_CACHE_TEMPLATE
- only_if: *IS_WEEKLY_JOB
- eks_container:
- <<: *CONTAINER_TEMPLATE
- cpu: 3
- memory: 7Gb
- additional_containers:
- - <<: *MSSQL_ADDITIONAL_CONTAINER_TEMPLATE
- alias: weekly-qa
- env:
- GITLAB_VERSION: latest
- <<: *BITBUCKET_CLOUD_ENVIRONMENT_VARIABLES
- <<: *GITLAB_CLOUD_ENVIRONMENT_VARIABLES
- <<: *AZURE_CLOUD_ENVIRONMENT_VARIABLES
- matrix:
- # QA name should not exceed 13 characters to be properly reported on wallboard by burgr
- # QA name cannot contain "_"
- - QA_CATEGORY: Cat1
- - QA_CATEGORY: Cat2
- - QA_CATEGORY: Cat3
- - QA_CATEGORY: Cat4
- - QA_CATEGORY: Cat5
- - QA_CATEGORY: Cat6
- - QA_CATEGORY: Analysis
- - QA_CATEGORY: Authorization
- - QA_CATEGORY: Auth
- - QA_CATEGORY: Branch1
- - QA_CATEGORY: Branch2
- - QA_CATEGORY: CE1
- - QA_CATEGORY: CE2
- - QA_CATEGORY: ComputeEngine
- - QA_CATEGORY: DE1
- - QA_CATEGORY: DE2
- - QA_CATEGORY: EE1
- - QA_CATEGORY: EE2
- - QA_CATEGORY: Issues1
- - QA_CATEGORY: Issues2
- - QA_CATEGORY: License1
- - QA_CATEGORY: License2
- - QA_CATEGORY: Plugins
- - QA_CATEGORY: Project
- - QA_CATEGORY: QP
- - QA_CATEGORY: Upgrade
- - QA_CATEGORY: AnalysisPerformance
- - QA_CATEGORY: LDAP
- - QA_CATEGORY: BITBUCKET_CLOUD
- - QA_CATEGORY: GITLAB_CLOUD
- - QA_CATEGORY: AZURE
- - QA_CATEGORY: MIGRATION
- #- QA_CATEGORY: GITHUB needs to be disabled because the tests in this package fail when running a scanner
- #- QA_CATEGORY: GITHUB_PROVISIONING needs to be disabled because tests fail with dangling connection problem
- #- QA_CATEGORY: HA needs to be disabled because otherwise we would be assigning big container to each category
- maven_cache:
- folder: ~/.m2
- name: MSSQL 2022 $QA_CATEGORY
- script: ./private/cirrus/cirrus-qa.sh mssql
- <<: *DEFAULT_ARTIFACTS_TEMPLATE
diff --git a/.cirrus/.cirrus.yml b/.cirrus/.cirrus.yml
new file mode 100644
index 00000000000..14ca811439f
--- /dev/null
+++ b/.cirrus/.cirrus.yml
@@ -0,0 +1,183 @@
+only_if: $CIRRUS_TAG == "" && ($CIRRUS_PR != "" || $CIRRUS_BRANCH == $CIRRUS_DEFAULT_BRANCH || $CIRRUS_BRANCH =~ "branch-.*" || $CIRRUS_BUILD_SOURCE == 'api' )
+skip: $CIRRUS_BRANCH == "public_master" || $CIRRUS_BRANCH =~ "dogfood/.*"
+
+env:
+ CIRRUS_SHELL: bash
+ CIRRUS_CLONE_DEPTH: 0
+ GRADLE_USER_HOME: ${CIRRUS_WORKING_DIR}/.gradle
+ FETCH_DEPTH: --depth=1
+
+default_artifact_template: &DEFAULT_ARTIFACTS_TEMPLATE
+ on_failure:
+ jest_junit_cleanup_script: >
+ find . -type f -wholename "**/build/test-results/test-jest/junit.xml" -exec
+ xmlstarlet edit --inplace --delete '//testsuite[@errors=0 and @failures=0]' {} \;
+ junit_artifacts:
+ path: "**/build/test-results/**/*.xml"
+ type: "text/xml"
+ format: junit
+ reports_artifacts:
+ path: "**/build/reports/**/*"
+ screenshots_artifacts:
+ path: "**/build/screenshots/**/*"
+ log_artifacts:
+ path: "**/build/**/*.log"
+
+default_template: &DEFAULT_TEMPLATE
+ clone_script: |
+ git init
+ git remote add origin https://x-access-token:${CIRRUS_REPO_CLONE_TOKEN}@github.com/${CIRRUS_REPO_FULL_NAME}.git
+ git fetch origin $CIRRUS_CHANGE_IN_REPO $FETCH_DEPTH
+ git reset --hard $CIRRUS_CHANGE_IN_REPO
+
+gradle_cache_template: &GRADLE_CACHE_TEMPLATE
+ gradle_cache:
+ folder: ${GRADLE_USER_HOME}/caches
+ fingerprint_script: find -type f \( -name "*.gradle*" -or -name "gradle*.properties" \) | sort | xargs cat
+ populate_script: mkdir -p ${GRADLE_USER_HOME}/caches
+
+cleanup_gradle_cache_script_template: &CLEANUP_GRADLE_CACHE_SCRIPT
+ cleanup_gradle_script: |
+ rm -rf "${GRADLE_USER_HOME}"/caches/7.*/
+ rm -rf "${GRADLE_USER_HOME}"/daemon/
+ rm -rf "${GRADLE_USER_HOME}"/caches/transforms-*
+ rm -rf "${GRADLE_USER_HOME}"/caches/journal-*
+ /usr/bin/find "${GRADLE_USER_HOME}"/caches/ -name "*.lock" -type f -delete
+
+yarn_cache_template: &YARN_CACHE_TEMPLATE
+ yarn_cache:
+ folder: "~/.yarn/berry/cache"
+ fingerprint_script: cat server/sonar-web/yarn.lock
+
+jar_cache_template: &JAR_CACHE_TEMPLATE
+ jar_cache:
+ folder: "**/build/libs/*.jar"
+ fingerprint_key: jar-cache_$CIRRUS_BUILD_ID
+
+eslint_report_cache_template: &ESLINT_REPORT_CACHE_TEMPLATE
+ eslint_report_cache:
+ folders:
+ - server/sonar-web/eslint-report/
+ - server/sonar-web/design-system/eslint-report/
+ fingerprint_script: echo $CIRRUS_BUILD_ID
+
+jest_report_cache_template: &JEST_REPORT_CACHE_TEMPLATE
+ jest_report_cache:
+ folders:
+ - server/sonar-web/coverage/
+ - server/sonar-web/design-system/coverage/
+ fingerprint_script: echo $CIRRUS_BUILD_ID
+
+junit_report_cache_template: &JUNIT_REPORT_CACHE_TEMPLATE
+ junit_report_cache:
+ folders:
+ - "**/reports/jacoco"
+ - "**/test-results/test"
+ fingerprint_script: echo $CIRRUS_BUILD_ID
+
+cache_dependencies_task:
+ container:
+ dockerfile: .cirrus/Dockerfile
+ cpu: 2
+ memory: 4Gb
+ <<: *DEFAULT_TEMPLATE
+ <<: *GRADLE_CACHE_TEMPLATE
+ script:
+ - .cirrus/cirrus-cache-dependencies.sh
+ <<: *CLEANUP_GRADLE_CACHE_SCRIPT
+ <<: *DEFAULT_ARTIFACTS_TEMPLATE
+
+build_task:
+ depends_on: cache_dependencies
+ container:
+ dockerfile: .cirrus/Dockerfile
+ cpu: 8
+ memory: 8Gb
+ <<: *DEFAULT_TEMPLATE
+ <<: *GRADLE_CACHE_TEMPLATE
+ <<: *YARN_CACHE_TEMPLATE
+ <<: *JAR_CACHE_TEMPLATE
+ build_script: .cirrus/cirrus-build.sh
+ <<: *CLEANUP_GRADLE_CACHE_SCRIPT
+ <<: *DEFAULT_ARTIFACTS_TEMPLATE
+
+yarn_lint_task:
+ depends_on: cache_dependencies
+ container:
+ dockerfile: .cirrus/Dockerfile
+ cpu: 3
+ memory: 4Gb
+ <<: *DEFAULT_TEMPLATE
+ <<: *GRADLE_CACHE_TEMPLATE
+ <<: *YARN_CACHE_TEMPLATE
+ <<: *ESLINT_REPORT_CACHE_TEMPLATE
+ script:
+ - .cirrus/cirrus-yarn-lint-report.sh
+ <<: *CLEANUP_GRADLE_CACHE_SCRIPT
+ <<: *DEFAULT_ARTIFACTS_TEMPLATE
+
+yarn_check_task:
+ depends_on: cache_dependencies
+ container:
+ dockerfile: .cirrus/Dockerfile
+ cpu: 3
+ memory: 4Gb
+ <<: *DEFAULT_TEMPLATE
+ <<: *GRADLE_CACHE_TEMPLATE
+ <<: *YARN_CACHE_TEMPLATE
+ script: |
+ source .cirrus/cirrus-env
+ ./gradlew yarn_check-ci
+ <<: *CLEANUP_GRADLE_CACHE_SCRIPT
+ <<: *DEFAULT_ARTIFACTS_TEMPLATE
+
+yarn_validate_task:
+ depends_on: cache_dependencies
+ container:
+ dockerfile: .cirrus/Dockerfile
+ cpu: 8
+ memory: 15Gb
+ <<: *DEFAULT_TEMPLATE
+ <<: *GRADLE_CACHE_TEMPLATE
+ <<: *YARN_CACHE_TEMPLATE
+ <<: *JEST_REPORT_CACHE_TEMPLATE
+ script:
+ - .cirrus/cirrus-yarn-validate-ci.sh
+ <<: *CLEANUP_GRADLE_CACHE_SCRIPT
+ <<: *DEFAULT_ARTIFACTS_TEMPLATE
+
+junit_task:
+ depends_on: cache_dependencies
+ container:
+ dockerfile: .cirrus/Dockerfile
+ cpu: 8
+ memory: 10Gb
+ <<: *DEFAULT_TEMPLATE
+ <<: *GRADLE_CACHE_TEMPLATE
+ <<: *JUNIT_REPORT_CACHE_TEMPLATE
+ script:
+ - .cirrus/cirrus-junit.sh
+ <<: *CLEANUP_GRADLE_CACHE_SCRIPT
+ <<: *DEFAULT_ARTIFACTS_TEMPLATE
+
+sq_analysis_task:
+ depends_on:
+ - yarn_lint
+ - yarn_validate
+ - junit
+ container:
+ dockerfile: .cirrus/Dockerfile
+ cpu: 7.5
+ memory: 15Gb
+ env:
+ SONAR_HOST_URL: https://next.sonarqube.com/sonarqube
+ SONAR_TOKEN: ENCRYPTED[!b6fd814826c51e64ee61b0b6f3ae621551f6413383f7170f73580e2e141ac78c4b134b506f6288c74faa0dd564c05a29!]
+ <<: *GRADLE_CACHE_TEMPLATE
+ <<: *YARN_CACHE_TEMPLATE
+ <<: *JEST_REPORT_CACHE_TEMPLATE
+ <<: *ESLINT_REPORT_CACHE_TEMPLATE
+ <<: *JUNIT_REPORT_CACHE_TEMPLATE
+ script:
+ - .cirrus/cirrus-sq-analysis.sh
+ <<: *CLEANUP_GRADLE_CACHE_SCRIPT
+ <<: *DEFAULT_ARTIFACTS_TEMPLATE
diff --git a/.cirrus/Dockerfile b/.cirrus/Dockerfile
new file mode 100644
index 00000000000..5828cd2fd23
--- /dev/null
+++ b/.cirrus/Dockerfile
@@ -0,0 +1,51 @@
+ARG JDK_VERSION=17
+FROM eclipse-temurin:${JDK_VERSION}-jdk-jammy
+
+ENV DEBIAN_FRONTEND=noninteractive
+
+SHELL ["/bin/bash", "-o", "pipefail", "-c"]
+RUN set -o errexit -o nounset \
+ && groupadd --system --gid 1000 sonarsource \
+ && useradd --system --gid sonarsource --uid 1000 --shell /bin/bash --create-home sonarsource
+
+RUN echo 'Acquire::AllowReleaseInfoChange::Suite "true";' > /etc/apt/apt.conf.d/allow_release_info_change.conf
+
+# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863199#23
+RUN mkdir -p /usr/share/man/man1 \
+ && apt-get update \
+ && apt-get -y install --no-install-recommends \
+ lsb-release \
+ ca-certificates \
+ curl \
+ wget \
+ gnupg \
+ && apt-get clean \
+ && rm -rf /var/lib/apt/lists/*
+
+ARG NODE_MAJOR=18
+RUN DISTRO="$(lsb_release -s -c)" \
+ && curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | gpg --dearmor -o /etc/apt/keyrings/nodesource.gpg \
+ && echo "deb [signed-by=/etc/apt/keyrings/nodesource.gpg] https://deb.nodesource.com/node_$NODE_MAJOR.x nodistro main" >> /etc/apt/sources.list.d/nodesource.list \
+ && curl -sSL https://packages.atlassian.com/api/gpg/key/public | gpg --dearmor -o /etc/apt/keyrings/atlassian.gpg \
+ && echo "deb [signed-by=/etc/apt/keyrings/atlassian.gpg] https://packages.atlassian.com/debian/atlassian-sdk-deb/ stable contrib" >> /etc/apt/sources.list.d/atlassian-sdk.list \
+ && curl -sSL https://packages.adoptium.net/artifactory/api/gpg/key/public | gpg --dearmor -o /etc/apt/keyrings/adoptium-archive-keyring.gpg \
+ && echo "deb [signed-by=/etc/apt/keyrings/adoptium-archive-keyring.gpg] https://packages.adoptium.net/artifactory/deb $DISTRO main" >> /etc/apt/sources.list.d/adoptopenjdk.list \
+ && apt-get update \
+ && apt-get -y install --no-install-recommends \
+ git \
+ unzip \
+ nodejs="$NODE_MAJOR".* \
+ jq \
+ expect \
+ atlassian-plugin-sdk \
+ temurin-8-jdk \
+ xmlstarlet \
+ && apt-get clean \
+ && rm -rf /var/lib/apt/lists/* \
+ && npm install -g yarn
+
+# Avoiding JVM Delays Caused by Random Number Generation (https://docs.oracle.com/cd/E13209_01/wlcp/wlss30/configwlss/jvmrand.html)
+RUN sed -i 's|securerandom.source=file:/dev/random|securerandom.source=file:/dev/urandom|g' "$JAVA_HOME/conf/security/java.security"
+
+USER sonarsource
+WORKDIR /home/sonarsource
diff --git a/.cirrus/cirrus-build.sh b/.cirrus/cirrus-build.sh
new file mode 100755
index 00000000000..74362be0452
--- /dev/null
+++ b/.cirrus/cirrus-build.sh
@@ -0,0 +1,20 @@
+#!/bin/bash
+set -euo pipefail
+
+source .cirrus/cirrus-env
+
+./gradlew build \
+ -DbuildNumber="$BUILD_NUMBER" \
+ -x test \
+ --parallel --console plain --build-cache
+
+pushToCirrusCiCache() {
+ cd "${1}"
+ zipfile=$(ls -- *.zip)
+ echo "Uploading $zipfile to CirrusCI cache"
+ curl -s -X POST --data-binary @"$zipfile" "http://$CIRRUS_HTTP_CACHE_HOST/$zipfile"
+ echo "$zipfile successfully uploaded to CirrusCI cache"
+}
+
+export -f pushToCirrusCiCache
+pushToCirrusCiCache sonar-application/build/distributions
diff --git a/.cirrus/cirrus-cache-dependencies.sh b/.cirrus/cirrus-cache-dependencies.sh
new file mode 100755
index 00000000000..38359fa23f4
--- /dev/null
+++ b/.cirrus/cirrus-cache-dependencies.sh
@@ -0,0 +1,13 @@
+#!/bin/bash
+set -euo pipefail
+
+source .cirrus/cirrus-env
+
+if [ -d "${GRADLE_USER_HOME?}/caches" ]; then
+ echo "gradle dependency cache already exists, bypassing dependencies loading"
+else
+ ./gradlew cacheDependencies \
+ --parallel --console plain --build-cache --info
+ ./gradlew cacheDependencies \
+ --parallel --console plain --build-cache -Pqa --info
+fi
diff --git a/.cirrus/cirrus-env b/.cirrus/cirrus-env
new file mode 100644
index 00000000000..84df2e8aee3
--- /dev/null
+++ b/.cirrus/cirrus-env
@@ -0,0 +1,11 @@
+#!/bin/bash
+set -uo pipefail
+
+export GIT_SHA1=${CIRRUS_CHANGE_IN_REPO?}
+export GITHUB_BASE_BRANCH=${CIRRUS_BASE_BRANCH:-}
+export GITHUB_BRANCH=${CIRRUS_BRANCH?}
+export GITHUB_REPO=${CIRRUS_REPO_FULL_NAME?}
+export BUILD_NUMBER=${CI_BUILD_NUMBER?}
+export PULL_REQUEST=${CIRRUS_PR:-false}
+export PULL_REQUEST_SHA=${CIRRUS_BASE_SHA:-}
+export PIPELINE_ID=${CIRRUS_BUILD_ID?}
diff --git a/.cirrus/cirrus-junit.sh b/.cirrus/cirrus-junit.sh
new file mode 100755
index 00000000000..13c103b0d22
--- /dev/null
+++ b/.cirrus/cirrus-junit.sh
@@ -0,0 +1,7 @@
+#!/bin/bash
+set -euo pipefail
+
+source .cirrus/cirrus-env
+
+./gradlew cleanTest test jacocoTestReport \
+ --parallel --configure-on-demand --console plain -Pqa
diff --git a/.cirrus/cirrus-sq-analysis.sh b/.cirrus/cirrus-sq-analysis.sh
new file mode 100755
index 00000000000..cfc020cc25d
--- /dev/null
+++ b/.cirrus/cirrus-sq-analysis.sh
@@ -0,0 +1,22 @@
+#!/bin/bash
+set -euo pipefail
+
+source .cirrus/cirrus-env
+
+: "${SONAR_HOST_URL?}" "${SONAR_TOKEN?}"
+
+git fetch --unshallow || true
+if [ -n "${GITHUB_BASE_BRANCH:-}" ]; then
+ git fetch origin "${GITHUB_BASE_BRANCH}"
+fi
+
+./gradlew sonar \
+ -DbuildNumber="$BUILD_NUMBER" \
+ -Dsonar.projectKey=sonarqube \
+ -Dsonar.host.url="$SONAR_HOST_URL" \
+ -Dsonar.token="$SONAR_TOKEN" \
+ -Dsonar.analysis.buildNumber="$BUILD_NUMBER" \
+ -Dsonar.analysis.pipeline="$PIPELINE_ID" \
+ -Dsonar.analysis.repository="$GITHUB_REPO" \
+ -Dsonar.analysis.sha1="$GIT_SHA1" \
+ --parallel --configure-on-demand --console plain -Pqa
diff --git a/.cirrus/cirrus-yarn-lint-report.sh b/.cirrus/cirrus-yarn-lint-report.sh
new file mode 100755
index 00000000000..e6f32e50ae6
--- /dev/null
+++ b/.cirrus/cirrus-yarn-lint-report.sh
@@ -0,0 +1,7 @@
+#!/bin/bash
+set -euo pipefail
+
+source .cirrus/cirrus-env
+
+./gradlew yarn_lint-report-ci \
+ --parallel --configure-on-demand --console plain -Pqa
diff --git a/.cirrus/cirrus-yarn-validate-ci.sh b/.cirrus/cirrus-yarn-validate-ci.sh
new file mode 100755
index 00000000000..b3884ed5e2e
--- /dev/null
+++ b/.cirrus/cirrus-yarn-validate-ci.sh
@@ -0,0 +1,7 @@
+#!/bin/bash
+set -euo pipefail
+
+source .cirrus/cirrus-env
+
+./gradlew yarn_validate-ci \
+ --parallel --configure-on-demand --console plain -Pqa
diff --git a/.dockerignore b/.dockerignore
index 8a17b89c022..06f56716808 100644
--- a/.dockerignore
+++ b/.dockerignore
@@ -1,2 +1,3 @@
*
+!docker
!private/docker
diff --git a/.travis.yml b/.travis.yml
deleted file mode 100644
index 5ba5ac03a6c..00000000000
--- a/.travis.yml
+++ /dev/null
@@ -1,42 +0,0 @@
-sudo: required
-install: true
-script: ./travis.sh
-dist: jammy
-jdk: openjdk17
-
-branches:
- except:
- - /^dogfood\/.*$/
- - public_master
-
-matrix:
- fast_finish: true
-
-cache:
- directories:
- - $HOME/.sonar
- - $HOME/jvm
- - $HOME/.gradle/caches/
- - $HOME/.gradle/wrapper/
-
-before_cache:
- - rm -f $HOME/.gradle/caches/modules-2/modules-2.lock
- - rm -fr $HOME/.gradle/caches/*/plugin-resolution/
- - rm -fr $HOME/.gradle/caches/*/fileHashes/
- - rm -fr $HOME/.gradle/caches/*/scripts/
-
-before_install:
- - nvm install 18
- - nvm use 18
-
-notifications:
- email: false
- webhooks:
- - secure: "jxB1WXSY7zyW7un8mNtFuasV1ucEA5J3FvrlcOHVlaQaMPYV2/YjJNHdH4R0xzkmxy3D5pch2WZo4+sNB+8F3bQOCLQgYWVo0PrF635+6Bnah3tY7LX958WBuu3LPX9tlH+vRssi9gwj2SsqL0JAW+t1AbvHQsEhIfIudEc2VtxA2gHaKeNnvzbpCIs865k8OXkA7a2udlW0yIjri7VO9KJai2hAiKRIBojmrye8fY7Hin/4rA2yBwMMo8JmxIqLXqJOF0EYRyTnFVCxuRFvnDrgSP9pOLt4GQx37k2YPOzwxohziZ1xABMH2Hxx9tq/ynrqACJI0VlktKzCmNoeeSDknnd2erRvBH/n3i54RSP2GXbaB5XUt4l9i9/D4YqPSihrfnSRHk0ct8rcDGRW8nhCVJtsRX0w1Pde05YMshtHJCJXlmx5f6VJWbhBXjIjCbkN2k7guIGoK7cMsOQ5tPOadqYQ4JsXuD4/m2qH1uYvKQE+pplS9zGSBZFTi9Br3QfB5W1rsj4hLubUOd01kQiOIYAnHDfLVicbq3SSIT+H9YZQ80qxcx/ibDnLfhrX02jmswdfzc/hX7OdUh4l8QNS7LyxVe9y/0p5+9iQ0F62AZD6SBXGsZNtufqBruNX7qwT2vJ2tuDOP+zW0gnvNvLMnENw8JH2K2j4lv04pRw="
- slack:
- secure: PCekbN71ZmuOt82JUFmlhzxlx3wrXucSIpvxxWdZn9lfsPYQAtXCoOESaHjIVIpggsC5HSAic3HiedsWbuDk/XojmPrDCrfjgYG2wiuSuQlAa60WvzTPqXdRmUXyMQgItaAQbRfZP7kN9No/v8TZDfg5kT3i9ewy0bsfExpjAuo=
- on_start: always
-
-after_failure:
- - source ./.travis/setup_environment.sh
- - notify_burgr "build" "build" "$TRAVIS_JOB_WEB_URL" "$(cat /tmp/build_start_time)" "$(date --utc +%FT%TZ)" "failed" || true
diff --git a/.travis/run_iris.sh b/.travis/run_iris.sh
deleted file mode 100755
index d08dec56483..00000000000
--- a/.travis/run_iris.sh
+++ /dev/null
@@ -1,29 +0,0 @@
-#!/bin/bash
-set +x
-
-VERSION="\[RELEASE\]"
-HTTP_CODE=$(\
- curl \
- --write-out '%{http_code}' \
- --location \
- --remote-name \
- --user "$ARTIFACTORY_PRIVATE_USERNAME:$ARTIFACTORY_API_KEY" \
- "$ARTIFACTORY_URL/sonarsource-private-releases/com/sonarsource/iris/iris/$VERSION/iris-$VERSION-jar-with-dependencies.jar"\
-)
-
-if [ "$HTTP_CODE" != "200" ]; then
- echo "Download $VERSION failed -> $HTTP_CODE"
- exit 1
-else
- echo "Downloaded $VERSION"
-fi
-
-java \
- -Diris.source.projectKey=org.sonarsource.sonarqube:sonarqube-private \
- -Diris.source.url=https://next.sonarqube.com/sonarqube \
- -Diris.source.token=$NEXT_TOKEN \
- -Diris.destination.projectKey=sonarqube \
- -Diris.destination.url=https://next.sonarqube.com/sonarqube \
- -Diris.destination.token=$NEXT_TOKEN \
- -Diris.maxcountposts=50 \
- -jar iris-\[RELEASE\]-jar-with-dependencies.jar
diff --git a/.travis/setup_environment.sh b/.travis/setup_environment.sh
deleted file mode 100755
index 2f11f417551..00000000000
--- a/.travis/setup_environment.sh
+++ /dev/null
@@ -1,21 +0,0 @@
-#!/bin/bash
-# Sets up the environment to be able to send notifications to burgr
-# use generic environments to remove coupling with Travis ; see setup_promote_environment
-
-export GITHUB_REPO=${TRAVIS_REPO_SLUG}
-export BUILD_NUMBER=$TRAVIS_BUILD_NUMBER
-export PIPELINE_ID=${BUILD_NUMBER}
-if [ "$TRAVIS_PULL_REQUEST" == "false" ]; then
- export GIT_SHA1=${TRAVIS_COMMIT} # $CIRRUS_CHANGE_IN_REPO
- export GIT_BRANCH=$TRAVIS_BRANCH
- export STAGE_TYPE="branch"
- export STAGE_ID=${GIT_BRANCH}
-else
- export GIT_SHA1=${TRAVIS_PULL_REQUEST_SHA}
- export GIT_BRANCH=$TRAVIS_PULL_REQUEST_BRANCH
- export PULL_REQUEST_BASE_BRANCH=$TRAVIS_BRANCH
- export PULL_REQUEST_NUMBER=$TRAVIS_PULL_REQUEST
- export STAGE_TYPE="pr_number"
- export STAGE_ID=${PULL_REQUEST_NUMBER}
-fi
-echo "======= SHA1 is ${GIT_SHA1} on branch '${GIT_BRANCH}'. Burgr stage '${STAGE_TYPE} with stage ID '${STAGE_ID} ======="
diff --git a/.travis/setup_ramdisk.sh b/.travis/setup_ramdisk.sh
deleted file mode 100755
index 75e2492d9cd..00000000000
--- a/.travis/setup_ramdisk.sh
+++ /dev/null
@@ -1,22 +0,0 @@
-#!/bin/bash
-set -euo pipefail
-
-RED='\033[0;31m'
-NC='\033[0m' # No Color
-printf "${RED}SETUP RAMDISK${NC}\n"
-printf "${RED}disk size before build${NC}\n"
-df -h
-du -sh $HOME
-du -sh $TRAVIS_BUILD_DIR
-
-printf "${RED}move original TRAVIS_BUILD_DIR${NC}\n"
-sudo mv $TRAVIS_BUILD_DIR $TRAVIS_BUILD_DIR.ori
-printf "${RED}create ramdisk mount point${NC}\n"
-sudo mkdir -p $TRAVIS_BUILD_DIR
-printf "${RED}create ramdisk${NC}\n"
-sudo mount -t tmpfs -o size=8192m tmps $TRAVIS_BUILD_DIR
-printf "${RED}copy TRAVIS_BUILD_DIR to ramdisk${NC}\n"
-time sudo cp -R $TRAVIS_BUILD_DIR.ori/. $TRAVIS_BUILD_DIR
-printf "${RED}give permissions to travis on its TRAVIS_BUILD_DIR in ramdisk${NC}\n"
-sudo chown -R travis:travis $TRAVIS_BUILD_DIR
-
diff --git a/README.md b/README.md
index 4762a96e8b8..e959ed66c10 100644
--- a/README.md
+++ b/README.md
@@ -1,4 +1,4 @@
-# SonarQube [![Build Status](https://app.travis-ci.com/SonarSource/sonarqube.svg?branch=master)](https://app.travis-ci.com/SonarSource/sonarqube) [![Quality Gate Status](https://next.sonarqube.com/sonarqube/api/project_badges/measure?project=sonarqube&metric=alert_status&token=d95182127dd5583f57578d769b511660601a8547)](https://next.sonarqube.com/sonarqube/dashboard?id=sonarqube)
+# SonarQube [![Build Status](https://api.cirrus-ci.com/github/SonarSource/sonarqube.svg?branch=master)](https://cirrus-ci.com/github/SonarSource/sonarqube) [![Quality Gate Status](https://next.sonarqube.com/sonarqube/api/project_badges/measure?project=sonarqube&metric=alert_status&token=d95182127dd5583f57578d769b511660601a8547)](https://next.sonarqube.com/sonarqube/dashboard?id=sonarqube)
## Continuous Inspection
diff --git a/travis.sh b/travis.sh
deleted file mode 100755
index be566a23702..00000000000
--- a/travis.sh
+++ /dev/null
@@ -1,93 +0,0 @@
-#!/usr/bin/env bash
-set -euo pipefail
-
-./.travis/setup_ramdisk.sh
-
-#
-# Configure Maven settings and install some script utilities
-#
-configureTravis() {
- mkdir -p ~/.local
- curl -sSL https://github.com/SonarSource/travis-utils/tarball/v62 | tar zx --strip-components 1 -C ~/.local
- # shellcheck disable=SC1090
- source ~/.local/bin/install
-}
-configureTravis
-
-#
-# Travis fails on timeout when build does not print logs
-# during 10 minutes. This aims to bypass this
-# behavior when building the slow sonar-server sub-project.
-#
-keep_alive() {
- while true; do
- echo -en "\a"
- sleep 60
- done
-}
-keep_alive &
-
-# When a pull request is open on the branch, then the job related
-# to the branch does not need to be executed and should be canceled.
-# It does not book slaves for nothing.
-# @TravisCI please provide the feature natively, like at AppVeyor or CircleCI ;-)
-cancel_branch_build_with_pr || if [[ $? -eq 1 ]]; then exit 0; fi
-
-# Used by Next
-INITIAL_VERSION=$(grep version gradle.properties | awk -F= '{print $2}')
-export INITIAL_VERSION
-
-source ./.travis/setup_environment.sh
-
-# Analyse SonarQube on NEXT
-export SONAR_HOST_URL=https://next.sonarqube.com/sonarqube
-
-# Fetch all commit history so that SonarQube has exact blame information
-# for issue auto-assignment
-# This command can fail with "fatal: --unshallow on a complete repository does not make sense"
-# if there are not enough commits in the Git repository (even if Travis executed git clone --depth 50).
-# For this reason errors are ignored with "|| true"
-git fetch --unshallow || true
-
-BUILD_START_DATETIME=$(date --utc +%FT%TZ)
-echo "$BUILD_START_DATETIME" > /tmp/build_start_time
-./gradlew build --warn --console plain
-
-# exclude external pull requests
-if [[ -n "${NEXT_TOKEN-}" ]]; then
- sonar_params=(-Dsonar.projectKey=sonarqube
- -Dsonar.host.url="$SONAR_HOST_URL"
- -Dsonar.token="$NEXT_TOKEN"
- -Dsonar.analysis.buildNumber="$BUILD_NUMBER"
- -Dsonar.analysis.pipeline="$BUILD_NUMBER"
- -Dsonar.analysis.sha1="$GIT_SHA1"
- -Dsonar.analysis.repository="$TRAVIS_REPO_SLUG")
-
- if [ "$TRAVIS_PULL_REQUEST" != "false" ]; then
- echo '======= Analyze pull request'
- ./gradlew jacocoTestReport yarn_validate-ci sonarqube --warn --console plain \
- "${sonar_params[@]}" \
- -Dsonar.analysis.prNumber="$PULL_REQUEST_NUMBER" \
- -Dsonar.pullrequest.branch="$GIT_BRANCH" \
- -Dsonar.pullrequest.base="$PULL_REQUEST_BASE_BRANCH" \
- -Dsonar.pullrequest.key="$PULL_REQUEST_NUMBER"
- elif [ "${TRAVIS_BRANCH}" == "master" ]; then
- echo '======= Analyze master'
- ./gradlew jacocoTestReport yarn_validate-ci sonarqube --warn --console plain \
- "${sonar_params[@]}" \
- -Dsonar.projectVersion="$INITIAL_VERSION"
- else
- echo '======= Analyze branch'
- ./gradlew jacocoTestReport yarn_validate-ci sonarqube --warn --console plain \
- "${sonar_params[@]}" \
- -Dsonar.branch.name="$GIT_BRANCH" \
- -Dsonar.projectVersion="$INITIAL_VERSION"
- fi
-
- # Wait for 5mins, hopefully the report will be processed.
- sleep 5m
- ./.travis/run_iris.sh
-
- BUILD_END_DATETIME=$(date --utc +%FT%TZ)
- notify_burgr "build" "build" "$TRAVIS_JOB_WEB_URL" "$BUILD_START_DATETIME" "$BUILD_END_DATETIME" || true
-fi