|
1 | | -env: |
2 | | - CIRRUS_CLONE_DEPTH: 20 |
3 | | - ARTIFACTORY_URL: VAULT[development/kv/data/repox data.url] |
4 | | - ARTIFACTORY_PRIVATE_USERNAME: VAULT[development/artifactory/token/${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-private-reader username] |
5 | | - ARTIFACTORY_PRIVATE_PASSWORD: VAULT[development/artifactory/token/${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-private-reader access_token] |
6 | | - ARTIFACTORY_DEPLOY_USERNAME: vault-${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-qa-deployer |
7 | | - ARTIFACTORY_DEPLOY_PASSWORD: VAULT[development/artifactory/token/${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-qa-deployer access_token] |
8 | | - #Possible values for ARTIFACTORY_DEPLOY_REPO: sonarsource-private-qa, sonarsource-public-qa |
9 | | - ARTIFACTORY_DEPLOY_REPO: sonarsource-public-qa |
10 | | - ARTIFACTORY_ACCESS_TOKEN: VAULT[development/artifactory/token/${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-private-reader access_token] |
11 | | - # Use bash (instead of sh on linux or cmd.exe on windows) |
12 | | - CIRRUS_SHELL: bash |
13 | | - |
14 | | -container_definition: &CONTAINER_DEFINITION |
15 | | - image: "${CIRRUS_AWS_ACCOUNT}.dkr.ecr.eu-central-1.amazonaws.com/base:j23-latest" |
16 | | - cluster_name: ${CIRRUS_CLUSTER_NAME} |
17 | | - region: eu-central-1 |
18 | | - namespace: default |
19 | | - |
20 | | -orchestrator_cache_preparation_definition: &ORCHESTRATOR_CACHE_PREPARATION_DEFINITION |
21 | | - set_orchestrator_home_script: | |
22 | | - export TODAY=$(date '+%Y-%m-%d') |
23 | | - echo "TODAY=${TODAY}" >> $CIRRUS_ENV |
24 | | - echo "ORCHESTRATOR_HOME=${CIRRUS_WORKING_DIR}/orchestrator/${TODAY}" >> $CIRRUS_ENV |
25 | | - mkdir_orchestrator_home_script: | |
26 | | - echo "Create dir ${ORCHESTRATOR_HOME} if needed" |
27 | | - mkdir -p ${ORCHESTRATOR_HOME} |
28 | | -
|
29 | | -orchestrator_cache_elements_definition: &ORCHESTRATOR_CACHE_ELEMENTS_DEFINITION |
30 | | - folder: ${ORCHESTRATOR_HOME} |
31 | | - fingerprint_script: echo ${TODAY} |
32 | | - reupload_on_changes: "true" |
33 | | - |
34 | | -only_sonarsource_qa: &ONLY_SONARSOURCE_QA |
35 | | - only_if: ${CIRRUS_USER_COLLABORATOR} == 'true' && ${CIRRUS_TAG} == "" && (${CIRRUS_PR} != "" || ${CIRRUS_BRANCH} == "master" || ${CIRRUS_BRANCH} =~ "branch-.*" || ${CIRRUS_BRANCH} =~ "dogfood-on-.*") |
36 | | - |
37 | | -build_task: |
38 | | - eks_container: |
39 | | - <<: *CONTAINER_DEFINITION |
40 | | - cpu: 4 |
41 | | - memory: 4G |
42 | | - env: |
43 | | - # analysis on next |
44 | | - SONAR_TOKEN: VAULT[development/kv/data/next data.token] |
45 | | - SONAR_HOST_URL: https://next.sonarqube.com/sonarqube |
46 | | - #allow deployment of pull request artifacts to repox |
47 | | - DEPLOY_PULL_REQUEST: true |
48 | | - # signing artifacts |
49 | | - SIGN_KEY: VAULT[development/kv/data/sign data.key] |
50 | | - PGP_PASSPHRASE: VAULT[development/kv/data/sign data.passphrase] |
51 | | - maven_cache: |
52 | | - folder: ${CIRRUS_WORKING_DIR}/.m2/repository |
53 | | - build_script: |
54 | | - - source cirrus-env BUILD |
55 | | - - regular_mvn_build_deploy_analyze |
56 | | - cleanup_before_cache_script: cleanup_maven_repository |
57 | | - |
58 | | -sonar_shadow_scan_and_issue_replication_task: |
59 | | - depends_on: |
60 | | - - build |
61 | | - # Only run when triggered by the cirrus-ci cron job named "nightly" |
62 | | - only_if: $CIRRUS_CRON == "nightly" |
63 | | - eks_container: |
64 | | - <<: *CONTAINER_DEFINITION |
65 | | - cpu: 4 |
66 | | - memory: 4G |
67 | | - env: |
68 | | - SONAR_PROJECT_KEY: "org.sonarsource.java:sonar-java-symbolic-execution" |
69 | | - SHADOW_ORGANIZATION: "sonarsource" |
70 | | - SHADOW_PROJECT_KEY: "SonarSource_sonar-java-symbolic-execution" |
71 | | - # to replicate issue states from next |
72 | | - SONAR_TOKEN: VAULT[development/kv/data/next data.token] |
73 | | - SONAR_HOST_URL: https://next.sonarqube.com/sonarqube |
74 | | - matrix: |
75 | | - - name: "sonarcloud.io" |
76 | | - SHADOW_SONAR_TOKEN: VAULT[development/kv/data/sonarcloud data.token] |
77 | | - SHADOW_SONAR_HOST_URL: "https://sonarcloud.io" |
78 | | - - name: "sonarqube.us" |
79 | | - SHADOW_SONAR_TOKEN: VAULT[development/kv/data/sonarqube-us data.token] |
80 | | - SHADOW_SONAR_HOST_URL: "https://sonarqube.us" |
81 | | - maven_cache: |
82 | | - folder: ${CIRRUS_WORKING_DIR}/.m2/repository |
83 | | - build_and_shadow_scan_script: |
84 | | - - source cirrus-env BUILD |
85 | | - - ./shadow-scan-and-issue-replication.sh |
86 | | - cleanup_before_cache_script: cleanup_maven_repository |
87 | | - |
88 | | -ruling_task: |
89 | | - depends_on: |
90 | | - - build |
91 | | - <<: *ONLY_SONARSOURCE_QA |
92 | | - eks_container: |
93 | | - <<: *CONTAINER_DEFINITION |
94 | | - image: ${CIRRUS_AWS_ACCOUNT}.dkr.ecr.eu-central-1.amazonaws.com/base:j17-latest |
95 | | - cpu: 14 |
96 | | - memory: 8G |
97 | | - maven_cache: |
98 | | - folder: ${CIRRUS_WORKING_DIR}/.m2/repository |
99 | | - <<: *ORCHESTRATOR_CACHE_PREPARATION_DEFINITION |
100 | | - orchestrator_LATEST_RELEASE_cache: |
101 | | - <<: *ORCHESTRATOR_CACHE_ELEMENTS_DEFINITION |
102 | | - submodules_script: |
103 | | - - git submodule update --init --recursive |
104 | | - env: |
105 | | - MAVEN_OPTS: "-Xmx3g" |
106 | | - GITHUB_TOKEN: VAULT[development/github/token/licenses-ro token] |
107 | | - matrix: |
108 | | - # Supported values for JAVA_PLUGIN_VERSION: |
109 | | - # LATEST_RELEASE, LATEST_MASTER, LATEST_DOGFOOD, POM_PROPERTY or a fixed version like 8.15.0.39249 |
110 | | - - PROFILE: without-sonarqube-project |
111 | | - JAVA_PLUGIN_VERSION: LATEST_MASTER |
112 | | - - PROFILE: without-sonarqube-project |
113 | | - JAVA_PLUGIN_VERSION: POM_PROPERTY |
114 | | - - PROFILE: only-sonarqube-project |
115 | | - JAVA_PLUGIN_VERSION: LATEST_MASTER |
116 | | - ruling_script: |
117 | | - - source cirrus-env QA |
118 | | - - source set_maven_build_version $BUILD_NUMBER |
119 | | - - export SONAR_JAVA_VERSION="$(.github/scripts/resolve-sonar-java-plugin-version.sh "${JAVA_PLUGIN_VERSION}")" |
120 | | - - echo "Using SONAR_JAVA_VERSION=${SONAR_JAVA_VERSION}" |
121 | | - - cd its/ruling |
122 | | - - mvn package --batch-mode "-Pit-ruling,$PROFILE" -Dsonar.java.version="$SONAR_JAVA_VERSION" -Dsonar.runtimeVersion=LATEST_RELEASE -Dmaven.test.redirectTestOutputToFile=false -B -e -V -Dparallel=methods -DuseUnlimitedThreads=true |
123 | | - cleanup_before_cache_script: cleanup_maven_repository |
124 | | - on_failure: |
125 | | - actual_artifacts: |
126 | | - path: "${CIRRUS_WORKING_DIR}/its/ruling/target/actual/**/*" |
127 | | - |
128 | | -promote_task: |
129 | | - depends_on: |
130 | | - - build |
131 | | - - sonar_shadow_scan_and_issue_replication |
132 | | - - ruling |
133 | | - <<: *ONLY_SONARSOURCE_QA |
134 | | - eks_container: |
135 | | - <<: *CONTAINER_DEFINITION |
136 | | - cpu: 2 |
137 | | - memory: 1G |
138 | | - env: |
139 | | - ARTIFACTORY_PROMOTE_ACCESS_TOKEN: VAULT[development/artifactory/token/${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-promoter access_token] |
140 | | - maven_cache: |
141 | | - folder: ${CIRRUS_WORKING_DIR}/.m2/repository |
142 | | - main_script: cirrus_promote_maven |
143 | | - cleanup_before_cache_script: cleanup_maven_repository |
0 commit comments