-
Notifications
You must be signed in to change notification settings - Fork 272
/
.cirrus.yml
141 lines (132 loc) · 4.47 KB
/
.cirrus.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
#
# ENV VARIABLES
#
env:
### Shared variables
ARTIFACTORY_URL: VAULT[development/kv/data/repox data.url]
ARTIFACTORY_PRIVATE_USERNAME: vault-${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-private-reader
ARTIFACTORY_PRIVATE_PASSWORD: VAULT[development/artifactory/token/SonarSource-sonar-scanner-jenkins-private-reader access_token]
ARTIFACTORY_ACCESS_TOKEN: VAULT[development/artifactory/token/SonarSource-sonar-scanner-jenkins-private-reader access_token]
ARTIFACTORY_DEPLOY_USERNAME: vault-${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-qa-deployer
ARTIFACTORY_DEPLOY_PASSWORD: VAULT[development/artifactory/token/SonarSource-sonar-scanner-jenkins-qa-deployer access_token]
ARTIFACTORY_DEPLOY_REPO: sonarsource-public-qa
ARTIFACTORY_PROMOTE_ACCESS_TOKEN: VAULT[development/artifactory/token/${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-promoter access_token]
### Project variables
DEPLOY_PULL_REQUEST: true
ARTIFACTS: org.jenkins-ci.plugins:sonar:hpi
NIGHTLY_CRON: 'nightly-cron'
#
# RE-USABLE CONFIGS
#
docker_build_container_template: &CONTAINER_TEMPLATE
dockerfile: its/docker/Dockerfile
docker_arguments:
CIRRUS_AWS_ACCOUNT: ${CIRRUS_AWS_ACCOUNT}
cluster_name: ${CIRRUS_CLUSTER_NAME}
builder_role: cirrus-builder
builder_image: docker-builder-v*
builder_instance_type: t2.small
builder_subnet_id: ${CIRRUS_AWS_SUBNET}
region: eu-central-1
namespace: default
cpu: 3
memory: 8G
container_template: &STD_CONTAINER_TEMPLATE
image: ${CIRRUS_AWS_ACCOUNT}.dkr.ecr.eu-central-1.amazonaws.com/base:j17-m3-latest
cluster_name: ${CIRRUS_CLUSTER_NAME}
region: eu-central-1
namespace: default
cpu: 2
memory: 3G
only_qa: &ONLY_QA
only_if: $CIRRUS_PR != "" || $CIRRUS_BRANCH == "master"
except_nightly_cron: &EXCEPT_ON_NIGHTLY_CRON
only_if: $CIRRUS_CRON != $NIGHTLY_CRON
#
# TASKS
#
build_task:
eks_container:
<<: *STD_CONTAINER_TEMPLATE
env:
SONAR_TOKEN: VAULT[development/kv/data/next data.token]
SONAR_HOST_URL: VAULT[development/kv/data/next data.url]
maven_cache:
folder: ${CIRRUS_WORKING_DIR}/.m2/repository
script:
- source cirrus-env BUILD
- regular_mvn_build_deploy_analyze
cleanup_before_cache_script:
- cleanup_maven_repository
linux_qa_task:
depends_on:
- build
<<: *ONLY_QA
eks_container: *CONTAINER_TEMPLATE
env:
BROWSER: chrome
matrix:
# If updating the JENKINS_VERSION, make sure that all installed plugins are compatible. See com.sonar.it.jenkins.SonarPluginTest
# https://www.jenkins.io/doc/developer/plugin-development/choosing-jenkins-baseline/
- SQ_VERSION: LATEST_RELEASE[9.9]
JENKINS_VERSION: 2.462.3
VERSION_OVERRIDES: git-server=99.va_0826a_b_cdfa_d,sshd=3.312.v1c601b_c83b_0e
- SQ_VERSION: DEV
JENKINS_VERSION: 2.462.3
VERSION_OVERRIDES: git-server=99.va_0826a_b_cdfa_d,sshd=3.312.v1c601b_c83b_0e
maven_cache:
folder: ${CIRRUS_WORKING_DIR}/.m2/repository
qa_script:
- ./cirrus/cirrus-qa.sh
cleanup_before_cache_script:
- cleanup_maven_repository
on_failure:
reports_artifacts:
path: "**/target/**/logs/*"
test_reports_artifacts:
path: "**/target/surefire-reports/*"
junit_artifacts:
path: "**/target/surefire-reports/*.xml"
format: junit
mend_scan_task:
depends_on:
- build
only_if: $CIRRUS_USER_COLLABORATOR == 'true' && $CIRRUS_TAG == "" && ($CIRRUS_BRANCH == "master" || $CIRRUS_BRANCH =~ "branch-.*" || $CIRRUS_BRANCH =~ "mend-.*")
eks_container:
image: ${CIRRUS_AWS_ACCOUNT}.dkr.ecr.eu-central-1.amazonaws.com/base:j21-latest
region: eu-central-1
cluster_name: ${CIRRUS_CLUSTER_NAME}
namespace: default
cpu: 4
memory: 2G
env:
WS_APIKEY: VAULT[development/kv/data/mend data.apikey]
maven_cache:
folder: ${CIRRUS_WORKING_DIR}/.m2/repository
mend_script:
- source cirrus-env QA
- source set_maven_build_version $BUILD_NUMBER
- mvn clean install -DskipTests -B
- source ws_scan.sh
cleanup_before_cache_script: cleanup_maven_repository
allow_failures: "true"
always:
ws_scan_artifacts:
path: "whitesource/**/*"
promote_task:
depends_on:
- linux_qa
<<: *ONLY_QA
<<: *EXCEPT_ON_NIGHTLY_CRON
eks_container:
<<: *STD_CONTAINER_TEMPLATE
cpu: 0.5
memory: 500M
env:
GITHUB_TOKEN: VAULT[development/github/token/SonarSource-sonar-scanner-jenkins-promotion token]
maven_cache:
folder: $CIRRUS_WORKING_DIR/.m2/repository
script:
- cirrus_promote_maven
cleanup_before_cache_script:
- cleanup_maven_repository