diff options
Diffstat (limited to '.cirrus.yml')
-rw-r--r-- | .cirrus.yml | 732 |
1 files changed, 0 insertions, 732 deletions
diff --git a/.cirrus.yml b/.cirrus.yml deleted file mode 100644 index bd3dfbe3d0d..00000000000 --- a/.cirrus.yml +++ /dev/null @@ -1,732 +0,0 @@ -env: - GRADLE_OPTS: -Dorg.gradle.jvmargs="-XX:+PrintFlagsFinal -XshowSettings:vm -XX:+HeapDumpOnOutOfMemoryError -XX:+UnlockExperimentalVMOptions -Djava.security.egd=file:/dev/./urandom -Dfile.encoding=UTF8 -Duser.language=en -Duser.country=US" - # to be replaced by other credentials - ARTIFACTORY_URL: VAULT[development/kv/data/repox data.url] - ARTIFACTORY_PRIVATE_USERNAME: vault-${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-private-reader - ARTIFACTORY_PRIVATE_PASSWORD: VAULT[development/artifactory/token/${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-private-reader access_token] - ARTIFACTORY_DEPLOY_USERNAME: vault-${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-qa-deployer - ARTIFACTORY_DEPLOY_PASSWORD: VAULT[development/artifactory/token/${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-qa-deployer access_token] - ARTIFACTORY_ACCESS_TOKEN: VAULT[development/artifactory/token/${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-private-reader access_token] - ARTIFACTORY_PROMOTE_ACCESS_TOKEN: VAULT[development/artifactory/token/${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-promoter access_token] - #NPM config - NPM_CONFIG_registry: https://repox.jfrog.io/artifactory/api/npm/npm - NPM_CONFIG_//repox.jfrog.io/artifactory/api/npm/:_authToken: VAULT[development/artifactory/token/${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-private-reader access_token] - # download licenses for testing commercial editions - GITHUB_TOKEN: VAULT[development/github/token/licenses-ro token] - # notifications to burgr - BURGR_URL: VAULT[development/kv/data/burgr data.url] - BURGR_USERNAME: VAULT[development/kv/data/burgr data.cirrus_username] - BURGR_PASSWORD: VAULT[development/kv/data/burgr data.cirrus_password] - # analysis on next.sonarqube.com - SONARQUBE_NEXT_TOKEN: VAULT[development/kv/data/next data.token] - # to trigger docs deployment - ELASTIC_PWD: VAULT[development/team/sonarqube/kv/data/elasticsearch-cloud data.password] - CIRRUS_LOG_TIMESTAMP: true - BRANCH_MAIN: 'master' - BRANCH_PATTERN_MAINTENANCE: 'branch-.*' - BRANCH_PATTERN_PUBLIC: 'public_.*' - NIGHTLY_99_CRON: '9-9-lts-nightly' - -auto_cancellation: $CIRRUS_BRANCH != $BRANCH_MAIN && $CIRRUS_BRANCH !=~ $BRANCH_PATTERN_MAINTENANCE - -skip_public_branches_template: &SKIP_PUBLIC_BRANCHES_TEMPLATE - skip: $CIRRUS_BRANCH =~ $BRANCH_PATTERN_PUBLIC - -build_dependant_task_template: &BUILD_DEPENDANT_TASK_TEMPLATE - depends_on: build - -nightly_task_template: &NIGHTLY_TASK_TEMPLATE - only_if: $CIRRUS_CRON == $NIGHTLY_99_CRON - -master_or_nightly_or_maintenance_task_template: &MASTER_OR_NIGHTLY_OR_MAINTENANCE_TASK_TEMPLATE - only_if: $CIRRUS_BRANCH == $BRANCH_NIGHTLY || $CIRRUS_BRANCH == $BRANCH_MAIN || $CIRRUS_BRANCH =~ $BRANCH_PATTERN_MAINTENANCE - -except_nightly_task_template: &EXCEPT_ON_NIGHTLY_TASK_TEMPLATE - only_if: $CIRRUS_CRON != $NIGHTLY_99_CRON - -database_related_task_template: &DATABASE_RELATED_TASK_TEMPLATE - only_if: >- - $CIRRUS_BRANCH == $BRANCH_MAIN || $CIRRUS_BRANCH =~ $BRANCH_PATTERN_MAINTENANCE || $CIRRUS_BRANCH == $BRANCH_NIGHTLY || - changesInclude('server/sonar-db-dao/**/*Mapper.xml', 'server/sonar-db-migration/**/DbVersion*.java', 'server/sonar-db-dao/**/*Dao.java', 'server/sonar-db-core/src/main/java/org/sonar/db/*.java') - -saml_task_template: &SAML_TASK_TEMPLATE - only_if: >- - $CIRRUS_BRANCH == $BRANCH_MAIN || $CIRRUS_BRANCH =~ $BRANCH_PATTERN_MAINTENANCE || $CIRRUS_BRANCH == $BRANCH_NIGHTLY || - changesInclude('server/sonar-auth-saml/src/main/java/**/*.java', 'server/sonar-auth-saml/src/main/resources/**/*', 'server/sonar-db-dao/src/main/**/SAML*.java', 'private/it-core/src/test/java/org/sonarqube/tests/saml/*.java', 'server/sonar-webserver-webapi/src/main/java/org/sonar/server/saml/**/*.java') - -ldap_task_template: &LDAP_TASK_TEMPLATE - only_if: >- - $CIRRUS_BRANCH == $BRANCH_MAIN || $CIRRUS_BRANCH =~ $BRANCH_PATTERN_MAINTENANCE || $CIRRUS_BRANCH == $BRANCH_NIGHTLY || - changesInclude('server/sonar-auth-ldap/src/main/java/**/*.java', 'server/sonar-webserver-auth/src/main/java/org/sonar/server/authentication/LdapCredentialsAuthentication.java', 'private/it-core/src/test/java/org/sonarqube/tests/ldap/*.java') - -github_task_template: &GITHUB_TASK_TEMPLATE - only_if: >- - $CIRRUS_BRANCH == $BRANCH_MAIN || $CIRRUS_BRANCH =~ $BRANCH_PATTERN_MAINTENANCE || $CIRRUS_BRANCH == $BRANCH_NIGHTLY || - changesInclude('private/core-extension-developer-server/src/main/java/com/sonarsource/branch/pr/github/*.java', 'private/it-branch/it-tests/src/test/java/com/sonarsource/branch/it/suite/pr/github/*.java') - -docker_build_container_template: &CONTAINER_TEMPLATE - region: eu-central-1 - cluster_name: ${CIRRUS_CLUSTER_NAME} - namespace: default - builder_subnet_id: ${CIRRUS_AWS_SUBNET} - builder_role: cirrus-builder - builder_image: docker-builder-v* - builder_instance_type: t2.small - dockerfile: private/docker/Dockerfile-build - docker_arguments: - CIRRUS_AWS_ACCOUNT: ${CIRRUS_AWS_ACCOUNT} - cpu: 1 - memory: 2Gb - -vm_instance_template: &VM_TEMPLATE - experimental: true # see https://github.com/cirruslabs/cirrus-ci-docs/issues/1051 - image: docker-builder-v* - type: t2.small - region: eu-central-1 - subnet_id: ${CIRRUS_AWS_SUBNET} - disk: 10 - cpu: 4 - memory: 8G - -oracle_additional_container_template: &ORACLE_ADDITIONAL_CONTAINER_TEMPLATE - name: oracle - image: gvenzl/oracle-xe:21-faststart - port: 1521 - cpu: 2 - memory: 5Gb - env: - ORACLE_PASSWORD: sonarqube - APP_USER: sonarqube - APP_USER_PASSWORD: sonarqube - -postgres_additional_container_template: &POSTGRES_ADDITIONAL_CONTAINER_TEMPLATE - name: postgres - image: public.ecr.aws/docker/library/postgres:15 - port: 5432 - cpu: 1 - memory: 1Gb - env: - POSTGRES_USER: postgres - POSTGRES_PASSWORD: postgres - -default_artifact_template: &DEFAULT_ARTIFACTS_TEMPLATE - on_failure: - jest_junit_cleanup_script: > - find . -type f -wholename "**/build/test-results/test-jest/junit.xml" -exec - xmlstarlet edit --inplace --delete '//testsuite[@errors=0 and @failures=0]' {} \; - junit_artifacts: - path: "**/build/test-results/**/*.xml" - type: "text/xml" - format: junit - reports_artifacts: - path: "**/build/reports/**/*" - screenshots_artifacts: - path: "**/build/screenshots/**/*" - always: - profile_artifacts: - path: "**/build/reports/profile/**/*" - -yarn_cache_template: &YARN_CACHE_TEMPLATE - yarn_cache: - folder: "~/.yarn/berry/cache" - fingerprint_script: | - cat \ - server/sonar-web/yarn.lock \ - private/core-extension-developer-server/yarn.lock \ - private/core-extension-enterprise-server/yarn.lock \ - private/core-extension-license/yarn.lock \ - private/core-extension-securityreport/yarn.lock - -gradle_cache_template: &GRADLE_CACHE_TEMPLATE - gradle_cache: - folder: "~/.gradle/caches" - fingerprint_script: find -type f \( -name "*.gradle*" -or -name "gradle*.properties" \) -exec cat {} + - -jar_cache_template: &JAR_CACHE_TEMPLATE - jar_cache: - folder: "**/build/libs/*.jar" - fingerprint_key: jar-cache_$CIRRUS_BUILD_ID - -eslint_report_cache_template: &ESLINT_REPORT_CACHE_TEMPLATE - eslint_report_cache: - folders: - - server/sonar-web/eslint-report/ - - private/core-extension-securityreport/eslint-report/ - - private/core-extension-license/eslint-report/ - - private/core-extension-enterprise-server/eslint-report/ - - private/core-extension-developer-server/eslint-report/ - fingerprint_script: echo $CIRRUS_BUILD_ID - -jest_report_cache_template: &JEST_REPORT_CACHE_TEMPLATE - jest_report_cache: - folders: - - server/sonar-web/coverage/ - - private/core-extension-securityreport/coverage/ - - private/core-extension-license/coverage/ - - private/core-extension-enterprise-server/coverage/ - - private/core-extension-developer-server/coverage/ - fingerprint_script: echo $CIRRUS_BUILD_ID - -junit_report_cache_template: &JUNIT_REPORT_CACHE_TEMPLATE - junit_report_cache: - folders: - - "**/reports/jacoco" - - "**/test-results/test" - fingerprint_script: echo $CIRRUS_BUILD_ID - -default_template: &DEFAULT_TEMPLATE - <<: *SKIP_PUBLIC_BRANCHES_TEMPLATE - clone_script: | - git init - git remote add origin https://x-access-token:${CIRRUS_REPO_CLONE_TOKEN}@github.com/${CIRRUS_REPO_FULL_NAME}.git - git fetch origin $CIRRUS_CHANGE_IN_REPO $FETCH_DEPTH - git reset --hard $CIRRUS_CHANGE_IN_REPO - env: - FETCH_DEPTH: --depth=1 - -build_task: - <<: *DEFAULT_TEMPLATE - <<: *GRADLE_CACHE_TEMPLATE - <<: *YARN_CACHE_TEMPLATE - <<: *JAR_CACHE_TEMPLATE - eks_container: - <<: *CONTAINER_TEMPLATE - cpu: 7.5 - memory: 8Gb - elasticsearch_distribution_cache: - folder: sonar-application/build/elasticsearch-**.tar.gz - script: - - ./private/cirrus/cirrus-build.sh - <<: *DEFAULT_ARTIFACTS_TEMPLATE - -publish_task: - <<: *DEFAULT_TEMPLATE - <<: *GRADLE_CACHE_TEMPLATE - <<: *BUILD_DEPENDANT_TASK_TEMPLATE - eks_container: - <<: *CONTAINER_TEMPLATE - cpu: 4 - memory: 4Gb - env: - ORG_GRADLE_PROJECT_signingKey: VAULT[development/kv/data/sign data.key] - ORG_GRADLE_PROJECT_signingPassword: VAULT[development/kv/data/sign data.passphrase] - ORG_GRADLE_PROJECT_signingKeyId: VAULT[development/kv/data/sign data.key_id] - script: - - ./private/cirrus/cirrus-publish.sh - -yarn_lint_task: - <<: *DEFAULT_TEMPLATE - <<: *GRADLE_CACHE_TEMPLATE - <<: *YARN_CACHE_TEMPLATE - <<: *ESLINT_REPORT_CACHE_TEMPLATE - eks_container: - <<: *CONTAINER_TEMPLATE - cpu: 3 - memory: 6Gb - script: - - ./private/cirrus/cirrus-yarn-lint-report.sh - <<: *DEFAULT_ARTIFACTS_TEMPLATE - -yarn_check_task: - <<: *DEFAULT_TEMPLATE - <<: *GRADLE_CACHE_TEMPLATE - <<: *YARN_CACHE_TEMPLATE - eks_container: - <<: *CONTAINER_TEMPLATE - cpu: 3 - memory: 4Gb - script: | - ./private/cirrus/cirrus-env.sh YARN - gradle yarn_check-ci --profile - <<: *DEFAULT_ARTIFACTS_TEMPLATE - -yarn_validate_task: - <<: *DEFAULT_TEMPLATE - <<: *GRADLE_CACHE_TEMPLATE - <<: *YARN_CACHE_TEMPLATE - <<: *JEST_REPORT_CACHE_TEMPLATE - eks_container: - <<: *CONTAINER_TEMPLATE - cpu: 7.5 - memory: 20Gb - script: - - ./private/cirrus/cirrus-yarn-validate-ci.sh - <<: *DEFAULT_ARTIFACTS_TEMPLATE - -junit_task: - <<: *DEFAULT_TEMPLATE - <<: *GRADLE_CACHE_TEMPLATE - <<: *JUNIT_REPORT_CACHE_TEMPLATE - eks_container: - <<: *CONTAINER_TEMPLATE - cpu: 7.5 - memory: 10Gb - script: - - ./private/cirrus/cirrus-junit.sh - <<: *DEFAULT_ARTIFACTS_TEMPLATE - -sq_analysis_task: - <<: *SKIP_PUBLIC_BRANCHES_TEMPLATE - <<: *EXCEPT_ON_NIGHTLY_TASK_TEMPLATE - <<: *GRADLE_CACHE_TEMPLATE - <<: *YARN_CACHE_TEMPLATE - <<: *JEST_REPORT_CACHE_TEMPLATE - <<: *ESLINT_REPORT_CACHE_TEMPLATE - <<: *JUNIT_REPORT_CACHE_TEMPLATE - depends_on: - - yarn_validate - - yarn_lint - - junit - eks_container: - <<: *CONTAINER_TEMPLATE - cpu: 7.5 - memory: 15Gb - script: - - ./private/cirrus/cirrus-sq-analysis.sh - <<: *DEFAULT_ARTIFACTS_TEMPLATE - -qa_task: - <<: *DEFAULT_TEMPLATE - <<: *BUILD_DEPENDANT_TASK_TEMPLATE - <<: *GRADLE_CACHE_TEMPLATE - <<: *JAR_CACHE_TEMPLATE - eks_container: - <<: *CONTAINER_TEMPLATE - cpu: 3 - memory: 7Gb - additional_containers: - - <<: *POSTGRES_ADDITIONAL_CONTAINER_TEMPLATE - env: - matrix: - # QA name should not exceed 13 characters to be properly reported on wallboard by burgr - # QA name cannot contain "_" - - QA_CATEGORY: Cat1 - - QA_CATEGORY: Cat2 - - QA_CATEGORY: Cat3 - - QA_CATEGORY: Cat4 - - QA_CATEGORY: Cat5 - - QA_CATEGORY: Cat6 - - QA_CATEGORY: Analysis - - QA_CATEGORY: Authorization - - QA_CATEGORY: Auth - - QA_CATEGORY: Branch1 - - QA_CATEGORY: Branch2 - - QA_CATEGORY: CE1 - - QA_CATEGORY: CE2 - - QA_CATEGORY: ComputeEngine - - QA_CATEGORY: DE1 - - QA_CATEGORY: DE2 - - QA_CATEGORY: EE1 - - QA_CATEGORY: EE2 - - QA_CATEGORY: Issues1 - - QA_CATEGORY: Issues2 - - QA_CATEGORY: License1 - - QA_CATEGORY: License2 - - QA_CATEGORY: Plugins - - QA_CATEGORY: Project - - QA_CATEGORY: QP - - QA_CATEGORY: Upgrade - script: - - ./private/cirrus/cirrus-qa.sh postgres - <<: *DEFAULT_ARTIFACTS_TEMPLATE - -task: #bitbucket - <<: *DEFAULT_TEMPLATE - <<: *BUILD_DEPENDANT_TASK_TEMPLATE - <<: *JAR_CACHE_TEMPLATE - <<: *GRADLE_CACHE_TEMPLATE - eks_container: - <<: *CONTAINER_TEMPLATE - cpu: 3 - memory: 10Gb - additional_containers: - - <<: *POSTGRES_ADDITIONAL_CONTAINER_TEMPLATE - maven_cache: - folder: ~/.m2 - env: - QA_CATEGORY: BITBUCKET - matrix: - - name: qa_bb_5.15.0 - bitbucket_background_script: ./private/cirrus/cirrus-start-bitbucket.sh 5.15.0 - - name: qa_bb_latest - bitbucket_background_script: ./private/cirrus/cirrus-start-bitbucket.sh LATEST - wait_for_bitbucket_to_boot_script: secs=3600; endTime=$(( $(date +%s) + secs )); while [[ "$(curl -s -o /dev/null -w ''%{http_code}'' localhost:7990/bitbucket/status)" != "200" ]] || [ $(date +%s) -gt $endTime ]; do sleep 5; done - script: - - ./private/cirrus/cirrus-qa.sh postgres - <<: *DEFAULT_ARTIFACTS_TEMPLATE - -qa_bb_cloud_task: - <<: *DEFAULT_TEMPLATE - <<: *BUILD_DEPENDANT_TASK_TEMPLATE - <<: *JAR_CACHE_TEMPLATE - <<: *GRADLE_CACHE_TEMPLATE - eks_container: - <<: *CONTAINER_TEMPLATE - cpu: 2.4 - memory: 5Gb - env: - QA_CATEGORY: BITBUCKET_CLOUD - BBC_CLIENT_ID: VAULT[development/team/sonarqube/kv/data/bitbucket-cloud data.client_id] - BBC_CLIENT_SECRET: VAULT[development/team/sonarqube/kv/data/bitbucket-cloud data.client_secret] - BBC_USERNAME: VAULT[development/kv/data/bitbucket/sonarqube-its data.username] - BBC_READ_REPOS_APP_PASSWORD: VAULT[development/kv/data/bitbucket/sonarqube-its data.password] - script: - - ./private/cirrus/cirrus-qa.sh h2 - <<: *DEFAULT_ARTIFACTS_TEMPLATE - -qa_ha_cluster_task: - <<: *DEFAULT_TEMPLATE - <<: *BUILD_DEPENDANT_TASK_TEMPLATE - <<: *MASTER_OR_NIGHTLY_OR_MAINTENANCE_TASK_TEMPLATE - <<: *JAR_CACHE_TEMPLATE - <<: *GRADLE_CACHE_TEMPLATE - eks_container: - <<: *CONTAINER_TEMPLATE - cpu: 2.4 - memory: 10Gb - additional_containers: - - <<: *POSTGRES_ADDITIONAL_CONTAINER_TEMPLATE - env: - QA_CATEGORY: HA_CLUSTER - script: - - ./private/cirrus/cirrus-qa.sh postgres - <<: *DEFAULT_ARTIFACTS_TEMPLATE - -qa_ha_elasticsearch_task: - <<: *DEFAULT_TEMPLATE - <<: *BUILD_DEPENDANT_TASK_TEMPLATE - <<: *MASTER_OR_NIGHTLY_OR_MAINTENANCE_TASK_TEMPLATE - <<: *JAR_CACHE_TEMPLATE - <<: *GRADLE_CACHE_TEMPLATE - eks_container: - <<: *CONTAINER_TEMPLATE - cpu: 2.4 - memory: 10Gb - additional_containers: - - <<: *POSTGRES_ADDITIONAL_CONTAINER_TEMPLATE - env: - QA_CATEGORY: HA_ELASTICSEARCH - script: - - ./private/cirrus/cirrus-qa.sh postgres - <<: *DEFAULT_ARTIFACTS_TEMPLATE - -# GitLab QA is executed in a dedicated task in order to not slow down the pipeline, as a GitLab on-prem server docker image is required. -qa_gitlab_task: - <<: *DEFAULT_TEMPLATE - <<: *JAR_CACHE_TEMPLATE - <<: *GRADLE_CACHE_TEMPLATE - depends_on: - - build - env: - QA_CATEGORY: GITLAB - matrix: - - name: qa_gitlab_latest - env: - - GITLAB_VERSION: latest - - name: qa_gitlab_oldest - env: - - GITLAB_VERSION: 15.6.2-ce.0 - eks_container: - <<: *CONTAINER_TEMPLATE - cpu: 2.4 - memory: 5Gb - use_in_memory_disk: true - additional_containers: - - name: gitlab - ports: - - 80 - - 443 - cpu: 2 - memory: 8Gb - image: ${CIRRUS_AWS_ACCOUNT}.dkr.ecr.eu-central-1.amazonaws.com/gitlab:${GITLAB_VERSION} - env: - - GITLAB_POST_RECONFIGURE_SCRIPT: |- - { cat >/tmp/setup.rb <<-'EOF' - token = User.find_by_username('root').personal_access_tokens.create(scopes: [:api], name: 'token'); - token.set_token('token-here-456'); - token.expires_at = Date.today+10.day - token.save!; - token_read = User.find_by_username('root').personal_access_tokens.create(scopes: [:read_user], name: 'token_read'); - token_read.set_token('token-read-123'); - token_read.expires_at = Date.today+10.day - token_read.save!; - user = User.find_by_username('root'); - user.password = 'eng-YTU1ydh6kyt7tjd'; - user.password_confirmation = 'eng-YTU1ydh6kyt7tjd'; - user.save!; - EOF - } && gitlab-rails runner /tmp/setup.rb && \ - echo 'from_file "/etc/gitlab/external_gitlab.rb"' >> /etc/gitlab/gitlab.rb && \ - gitlab-ctl reconfigure - script: - - ./private/cirrus/cirrus-qa.sh h2 - <<: *DEFAULT_ARTIFACTS_TEMPLATE - -qa_gitlab_cloud_task: - <<: *DEFAULT_TEMPLATE - <<: *BUILD_DEPENDANT_TASK_TEMPLATE - <<: *JAR_CACHE_TEMPLATE - <<: *GRADLE_CACHE_TEMPLATE - eks_container: - <<: *CONTAINER_TEMPLATE - cpu: 2.4 - memory: 5Gb - use_in_memory_disk: true - env: - QA_CATEGORY: GITLAB_CLOUD - GITLAB_API_TOKEN: VAULT[development/team/sonarqube/kv/data/gitlab-cloud data.api_token] - GITLAB_READ_ONLY_TOKEN: VAULT[development/team/sonarqube/kv/data/gitlab-cloud data.api_token_ro] - GITLAB_ADMIN_USERNAME: VAULT[development/team/sonarqube/kv/data/gitlab-cloud data.username] - GITLAB_ADMIN_PASSWORD: VAULT[development/team/sonarqube/kv/data/gitlab-cloud data.password] - script: - - ./private/cirrus/cirrus-qa.sh h2 - <<: *DEFAULT_ARTIFACTS_TEMPLATE - -# Azure QA is executed in a dedicated task in order to not slow down the pipeline. -qa_azure_task: - <<: *DEFAULT_TEMPLATE - <<: *BUILD_DEPENDANT_TASK_TEMPLATE - <<: *JAR_CACHE_TEMPLATE - <<: *GRADLE_CACHE_TEMPLATE - eks_container: - <<: *CONTAINER_TEMPLATE - cpu: 2.4 - memory: 5Gb - env: - QA_CATEGORY: AZURE - AZURE_USERNAME_LOGIN: VAULT[development/team/sonarqube/kv/data/azure-instance data.username] - AZURE_CODE_READ_AND_WRITE_TOKEN: VAULT[development/team/sonarqube/kv/data/azure-instance data.token_code_read_write] - AZURE_FULL_ACCESS_TOKEN: VAULT[development/team/sonarqube/kv/data/azure-instance data.token_full_access] - script: - - ./private/cirrus/cirrus-qa.sh h2 - <<: *DEFAULT_ARTIFACTS_TEMPLATE - -qa_github_task: - <<: *DEFAULT_TEMPLATE - <<: *BUILD_DEPENDANT_TASK_TEMPLATE - <<: *GITHUB_TASK_TEMPLATE - <<: *JAR_CACHE_TEMPLATE - <<: *GRADLE_CACHE_TEMPLATE - eks_container: - <<: *CONTAINER_TEMPLATE - cpu: 2.4 - memory: 5Gb - env: - QA_CATEGORY: GITHUB - GITHUB_COM_CODE_SCANNING_ALERTS_TECHNICAL_USER_USERNAME: QA-task - GITHUB_COM_CODE_SCANNING_ALERTS_TECHNICAL_USER_TOKEN: VAULT[development/github/token/SonarSource-sonar-enterprise-code-scanning token] - script: - - ./private/cirrus/cirrus-qa.sh h2 - <<: *DEFAULT_ARTIFACTS_TEMPLATE - -# SAML QA is executed in a dedicated task in order to not slow down the pipeline, as a Keycloak server docker image is required. -qa_saml_task: - <<: *DEFAULT_TEMPLATE - <<: *BUILD_DEPENDANT_TASK_TEMPLATE - <<: *SAML_TASK_TEMPLATE - <<: *JAR_CACHE_TEMPLATE - <<: *GRADLE_CACHE_TEMPLATE - eks_container: - <<: *CONTAINER_TEMPLATE - cpu: 2.4 - memory: 10Gb - additional_containers: - - name: keycloak - image: quay.io/keycloak/keycloak:17.0.1 - port: 8080 - cpu: 1 - memory: 1Gb - command: "/opt/keycloak/bin/kc.sh start-dev --http-relative-path /auth" - env: - KEYCLOAK_ADMIN: admin - KEYCLOAK_ADMIN_PASSWORD: admin - env: - QA_CATEGORY: SAML - script: - - ./private/cirrus/cirrus-qa.sh h2 - <<: *DEFAULT_ARTIFACTS_TEMPLATE - -# LDAP QA is executed in a dedicated task in order to not slow down the pipeline, as a LDAP server and SonarQube server are re-started on each test. -qa_ldap_task: - <<: *DEFAULT_TEMPLATE - <<: *BUILD_DEPENDANT_TASK_TEMPLATE - <<: *LDAP_TASK_TEMPLATE - <<: *JAR_CACHE_TEMPLATE - <<: *GRADLE_CACHE_TEMPLATE - eks_container: - <<: *CONTAINER_TEMPLATE - cpu: 2.4 - memory: 10Gb - env: - QA_CATEGORY: LDAP - script: - - ./private/cirrus/cirrus-qa.sh h2 - <<: *DEFAULT_ARTIFACTS_TEMPLATE - -promote_task: - <<: *DEFAULT_TEMPLATE - depends_on: - - build - - sq_analysis - - qa - - qa_saml - - qa_ldap - - publish - eks_container: - <<: *CONTAINER_TEMPLATE - memory: 512M - stateful: true - script: - - ./private/cirrus/cirrus-promote.sh - -package_docker_task: - <<: *DEFAULT_TEMPLATE - depends_on: promote - only_if: $CIRRUS_BRANCH == $BRANCH_MAIN - ec2_instance: - <<: *VM_TEMPLATE - clone_script: | - git clone --recursive --branch=$CIRRUS_BRANCH https://x-access-token:${CIRRUS_REPO_CLONE_TOKEN}@github.com/${CIRRUS_REPO_FULL_NAME}.git $CIRRUS_WORKING_DIR --depth=1 - git fetch origin $CIRRUS_CHANGE_IN_REPO --depth=1 - git reset --hard $CIRRUS_CHANGE_IN_REPO - install_tooling_script: - - ./private/cirrus/cirrus-tooling-for-package-docker.sh - package_script: - - ./private/cirrus/cirrus-package-docker.sh - -sql_mssql_task: - <<: *DEFAULT_TEMPLATE - <<: *BUILD_DEPENDANT_TASK_TEMPLATE - <<: *DATABASE_RELATED_TASK_TEMPLATE - <<: *GRADLE_CACHE_TEMPLATE - eks_container: - <<: *CONTAINER_TEMPLATE - memory: 5Gb - additional_containers: - - name: mssql - image: mcr.microsoft.com/mssql/server:2019-GA-ubuntu-16.04 - port: 1433 - cpu: 2 - memory: 5Gb - env: - MSSQL_PID: Developer # this is the default edition - ACCEPT_EULA: Y - SA_PASSWORD: sonarqube!1 - script: - - ./private/cirrus/cirrus-db-unit-test.sh mssql - <<: *DEFAULT_ARTIFACTS_TEMPLATE - -sql_postgres_task: - <<: *DEFAULT_TEMPLATE - <<: *BUILD_DEPENDANT_TASK_TEMPLATE - <<: *DATABASE_RELATED_TASK_TEMPLATE - <<: *GRADLE_CACHE_TEMPLATE - eks_container: - <<: *CONTAINER_TEMPLATE - memory: 5Gb - additional_containers: - - <<: *POSTGRES_ADDITIONAL_CONTAINER_TEMPLATE - script: - - ./private/cirrus/cirrus-db-unit-test.sh postgres - <<: *DEFAULT_ARTIFACTS_TEMPLATE - -# this is the oldest compatible version of PostgreSQL -sql_postgres11_task: - <<: *DEFAULT_TEMPLATE - <<: *BUILD_DEPENDANT_TASK_TEMPLATE - <<: *DATABASE_RELATED_TASK_TEMPLATE - <<: *GRADLE_CACHE_TEMPLATE - eks_container: - <<: *CONTAINER_TEMPLATE - memory: 5Gb - additional_containers: - - <<: *POSTGRES_ADDITIONAL_CONTAINER_TEMPLATE - image: public.ecr.aws/docker/library/postgres:11 - script: - - ./private/cirrus/cirrus-db-unit-test.sh postgres - <<: *DEFAULT_ARTIFACTS_TEMPLATE - -sql_oracle21_task: - <<: *DEFAULT_TEMPLATE - <<: *BUILD_DEPENDANT_TASK_TEMPLATE - <<: *DATABASE_RELATED_TASK_TEMPLATE - <<: *GRADLE_CACHE_TEMPLATE - eks_container: - <<: *CONTAINER_TEMPLATE - memory: 5Gb - additional_containers: - - <<: *ORACLE_ADDITIONAL_CONTAINER_TEMPLATE - script: - - ./private/cirrus/cirrus-db-unit-test.sh oracle21 - <<: *DEFAULT_ARTIFACTS_TEMPLATE - -upgd_mssql_task: - <<: *DEFAULT_TEMPLATE - <<: *BUILD_DEPENDANT_TASK_TEMPLATE - <<: *DATABASE_RELATED_TASK_TEMPLATE - <<: *JAR_CACHE_TEMPLATE - <<: *GRADLE_CACHE_TEMPLATE - eks_container: - <<: *CONTAINER_TEMPLATE - cpu: 1.5 - memory: 6Gb - additional_containers: - - name: mssql - image: mcr.microsoft.com/mssql/server:2022-latest - port: 1433 - cpu: 2 - memory: 5Gb - env: - MSSQL_PID: Developer # this is the default edition - ACCEPT_EULA: Y - SA_PASSWORD: sonarqube!1 - env: - QA_CATEGORY: Upgrade - script: - - ./private/cirrus/cirrus-qa.sh mssql - <<: *DEFAULT_ARTIFACTS_TEMPLATE - -upgd_oracle21_task: - <<: *DEFAULT_TEMPLATE - <<: *BUILD_DEPENDANT_TASK_TEMPLATE - <<: *DATABASE_RELATED_TASK_TEMPLATE - <<: *JAR_CACHE_TEMPLATE - <<: *GRADLE_CACHE_TEMPLATE - eks_container: - <<: *CONTAINER_TEMPLATE - cpu: 1.5 - memory: 6Gb - additional_containers: - - <<: *ORACLE_ADDITIONAL_CONTAINER_TEMPLATE - env: - QA_CATEGORY: Upgrade - script: - - ./private/cirrus/cirrus-qa.sh oracle21 - <<: *DEFAULT_ARTIFACTS_TEMPLATE - -mend_scan_task: - <<: *DEFAULT_TEMPLATE - <<: *BUILD_DEPENDANT_TASK_TEMPLATE - only_if: >- - $CIRRUS_BRANCH == $BRANCH_MAIN || ($CIRRUS_BRANCH =~ $BRANCH_PATTERN_MAINTENANCE && $CIRRUS_BRANCH != $BRANCH_NIGHTLY) - <<: *YARN_CACHE_TEMPLATE - <<: *GRADLE_CACHE_TEMPLATE - timeout_in: 30m - eks_container: - <<: *CONTAINER_TEMPLATE - cpu: 2 - memory: 4Gb - env: - WS_APIKEY: VAULT[development/kv/data/mend data.apikey] - WS_WSS_URL: VAULT[development/kv/data/mend data.url] - WS_USERKEY: VAULT[development/kv/data/mend data.userKey] - SLACK_WEBHOOK_SQ: VAULT[development/kv/data/slack data.webhook] - mend_script: - - ./private/cirrus/cirrus-mend-scan.sh - allow_failures: "true" - on_failure: - slack_notification_script: - - ./private/cirrus/cirrus-mend-notifications.sh - always: - ws_artifacts: - path: "whitesource/**/*" |