SONARFLEX-201 Unify Platform Dogfooding

.cirrus.yml

@@ -16,19 +16,46 @@
   ARTIFACTORY_ACCESS_TOKEN: VAULT[development/artifactory/token/${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-private-reader access_token]
 
 container_definition: &CONTAINER_DEFINITION
-  image: ${CIRRUS_AWS_ACCOUNT}.dkr.ecr.eu-central-1.amazonaws.com/base:j17-latest
-  cluster_name: ${CIRRUS_CLUSTER_NAME}
-  region: eu-central-1
-  namespace: default
+  eks_container:
+    image: ${CIRRUS_AWS_ACCOUNT}.dkr.ecr.eu-central-1.amazonaws.com/base:j17-latest
+    cluster_name: ${CIRRUS_CLUSTER_NAME}
+    region: eu-central-1
+    namespace: default
+    cpu: 2
+    memory: 2G
 
 only_sonarsource_qa: &ONLY_SONARSOURCE_QA
   only_if: $CIRRUS_USER_COLLABORATOR == 'true' && $CIRRUS_TAG == "" && ($CIRRUS_PR != "" || $CIRRUS_BRANCH == "master" || $CIRRUS_BRANCH =~ "branch-.*" || $CIRRUS_BRANCH =~ "dogfood-on-.*")
 
+maven_cache_definition: &MAVEN_CACHE
+  maven_cache:
+    folder: ${CIRRUS_WORKING_DIR}/.m2/repository
+    fingerprint_script: |
+      if [ "$CIRRUS_OS" = "windows" ]; then
+        powershell.exe -NoLogo -Command "Get-ChildItem -Path . -Filter "pom.xml" -Recurse -ErrorAction SilentlyContinue -Force | cat"
+      fi
+      if [ "$CIRRUS_OS" = "linux" ]; then
+        find . -name pom.xml -exec cat {} \+
+      fi
+
+java_coverage_cache_definition: &JAVA_COVERAGE_CACHE
+  java_coverage_cache:
+    folder: ${CIRRUS_WORKING_DIR}/coverage/java
+    fingerprint_script: echo "JAVA$(git rev-parse HEAD)"
+    reupload_on_changes: 'true'
+
+analyze_definition: &ANALYZE_DEFINITION
+  <<: *CONTAINER_DEFINITION
+  depends_on:
+    - build
+  <<: *MAVEN_CACHE
+  <<: *JAVA_COVERAGE_CACHE
+  analyze_script:
+    - source cirrus-env BUILD
+    - PULL_REQUEST_SHA=$GIT_SHA1 regular_mvn_build_deploy_analyze -P-deploy-sonarsource,-release,-sign -Dsonar.organization=sonarsource -Dsonar.projectKey="${SONAR_PROJECT_KEY}" -Dcommercial -Dmaven.shade.skip=true -Dmaven.install.skip=true -Dmaven.deploy.skip=true -DskipTests
+
 build_task:
-  eks_container:
-    <<: *CONTAINER_DEFINITION
-    cpu: 2
-    memory: 2G
+  <<: *CONTAINER_DEFINITION
   env:
     # analysis on next
     SONAR_TOKEN: VAULT[development/kv/data/next data.token]
@@ -37,20 +64,60 @@
     PGP_PASSPHRASE: VAULT[development/kv/data/sign data.passphrase]
     #allow deployment of pull request artifacts to repox
     DEPLOY_PULL_REQUEST: true
-  maven_cache:
-    folder: ${CIRRUS_WORKING_DIR}/.m2/repository
+  <<: *MAVEN_CACHE
   build_script:
     - source cirrus-env BUILD
-    - regular_mvn_build_deploy_analyze
+    - regular_mvn_build_deploy_analyze -Dsonar.skip=true -Pcoverage-report
   cleanup_before_cache_script: cleanup_maven_repository
 
+analyze_next_task:
+  <<: *ANALYZE_DEFINITION
+  env:
+    # analysis on next
+    SONAR_TOKEN: VAULT[development/kv/data/next data.token]
+    SONAR_HOST_URL: https://next.sonarqube.com/sonarqube
+    SONAR_PROJECT_KEY: org.sonarsource.flex:flex
+
+analyze_SQC_EU_shadow_task:
+  <<: *ANALYZE_DEFINITION
+  #only_if: $CIRRUS_CRON == "nightly"
+  env:
+    SONAR_TOKEN: VAULT[development/kv/data/sonarcloud data.token]
+    SONAR_HOST_URL: https://sonarcloud.io
+    SONAR_PROJECT_KEY: SonarSource_sonar-flex
+
+analyze_SQC_US_shadow_task:
+  <<: *ANALYZE_DEFINITION
+  #only_if: $CIRRUS_CRON == "nightly"
+  env:
+    SONAR_TOKEN: VAULT[development/kv/data/sonarqube-us data.token]
+    SONAR_HOST_URL: https://sonarqube.us
+    SONAR_PROJECT_KEY: SonarSource_sonar-flex
+
+run_iris_task:
+  <<: *CONTAINER_DEFINITION
+  #only_if: $CIRRUS_CRON == "nightly"
+  depends_on:
+    - analyze_SQC_EU_shadow
+    - analyze_SQC_US_shadow
+  env:
+    SONAR_SOURCE_IRIS_TOKEN: VAULT[development/kv/data/iris data.next]
+  matrix:
+    - name: 'IRIS SQ NEXT -> Sonarcloud.io'
+      env:
+        SONAR_TARGET_URL: https://sonarcloud.io
+        SONAR_TARGET_IRIS_TOKEN: VAULT[development/kv/data/iris data.sqc-eu]
+    - name: 'IRIS SQ NEXT -> SonarQube.us'
+      env:
+        SONAR_TARGET_URL: https://sonarqube.us
+        SONAR_TARGET_IRIS_TOKEN: VAULT[development/kv/data/iris data.sqc-us]
+  script:
+    - source .cirrus/run-iris.sh
+
 ws_scan_task:
+  <<: *CONTAINER_DEFINITION
   depends_on:
     - build
-  eks_container:
-    <<: *CONTAINER_DEFINITION
-    cpu: 2
-    memory: 2G
   # run only on master and long-term branches
   only_if: $CIRRUS_USER_COLLABORATOR == 'true' && ($CIRRUS_BRANCH == "master" || $CIRRUS_BRANCH =~ "branch-.*")
   env:
@@ -86,8 +153,8 @@
   depends_on:
     - build
   <<: *ONLY_SONARSOURCE_QA
+  <<: *CONTAINER_DEFINITION
   eks_container:
-    <<: *CONTAINER_DEFINITION
     cpu: 3
     memory: 8G
   env:
@@ -108,8 +175,8 @@
   depends_on:
     - build
   <<: *ONLY_SONARSOURCE_QA
+  <<: *CONTAINER_DEFINITION
   eks_container:
-    <<: *CONTAINER_DEFINITION
     cpu: 4
     memory: 8G
   env:
@@ -125,14 +192,14 @@
     - mvn verify -Pit-ruling -Dsonar.runtimeVersion=LATEST_RELEASE -Dmaven.test.redirectTestOutputToFile=false -B -e -V
   cleanup_before_cache_script: cleanup_maven_repository
 
 promote_task:
   depends_on:
     - ws_scan
     - ruling
     - plugin_qa
   <<: *ONLY_SONARSOURCE_QA
+  <<: *CONTAINER_DEFINITION
   eks_container:
-    <<: *CONTAINER_DEFINITION
     cpu: 0.5
     memory: 500M
   env:

.cirrus/run-iris.sh

@@ -0,0 +1,47 @@
+#!/bin/bash
+set -euo pipefail
+
+: "${ARTIFACTORY_PRIVATE_USERNAME?}" "${ARTIFACTORY_ACCESS_TOKEN?}" "${ARTIFACTORY_URL?}"
+: "${SONAR_SOURCE_IRIS_TOKEN?}" "${SONAR_TARGET_IRIS_TOKEN?}" "${SONAR_TARGET_URL?}"
+
+function run_iris () {
+  java \
+    -Diris.source.projectKey="org.sonarsource.flex:flex" \
+    -Diris.source.organization="sonarsource" \
+    -Diris.source.url="https://next.sonarqube.com/sonarqube" \
+    -Diris.source.token="$SONAR_SOURCE_IRIS_TOKEN" \
+    -Diris.destination.projectKey="SonarSource_sonar-flex" \
+    -Diris.destination.organization="sonarsource" \
+    -Diris.destination.url="$SONAR_TARGET_URL" \
+    -Diris.destination.token="$SONAR_TARGET_IRIS_TOKEN" \
+    -Diris.dryrun=$1 \
+    -jar iris-\[RELEASE\]-jar-with-dependencies.jar
+}
+
+VERSION="\[RELEASE\]"
+HTTP_CODE=$(\
+  curl \
+    --write-out '%{http_code}' \
+    --location \
+    --remote-name \
+    --user "$ARTIFACTORY_PRIVATE_USERNAME:$ARTIFACTORY_ACCESS_TOKEN" \
+    "$ARTIFACTORY_URL/sonarsource-private-releases/com/sonarsource/iris/iris/$VERSION/iris-$VERSION-jar-with-dependencies.jar"\
+)
+
+if [ "$HTTP_CODE" != "200" ]; then
+  echo "Download $VERSION failed -> $HTTP_CODE"
+  exit 1
+else
+  echo "Downloaded $VERSION"
+fi
+
+echo "===== Execute IRIS as dry-run"
+run_iris "true"
+STATUS=$?
+if [ $STATUS -ne 0 ]; then
+  echo "===== Failed to run IRIS dry-run"
+  exit 1
+else
+  echo "===== Successful IRIS dry-run - executing IRIS for real."
+  run_iris "false"
+fi

.gitignore

@@ -30,3 +30,5 @@ Icon?
 Thumbs.db
 # Folder config file
 Desktop.ini
+
+coverage/

coverage-report/pom.xml

@@ -0,0 +1,84 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+  <modelVersion>4.0.0</modelVersion>
+
+  <parent>
+    <groupId>org.sonarsource.flex</groupId>
+    <artifactId>flex</artifactId>
+    <version>2.15.0-SNAPSHOT</version>
+  </parent>
+
+  <artifactId>coverage-report</artifactId>
+  <name>Coverage Report</name>
+  <description>Aggregate Coverage Report</description>
+  <packaging>pom</packaging>
+
+  <dependencies>
+    <dependency>
+      <groupId>${project.groupId}</groupId>
+      <artifactId>flex-checks</artifactId>
+      <version>${project.version}</version>
+    </dependency>
+    <dependency>
+      <groupId>${project.groupId}</groupId>
+      <artifactId>flex-squid</artifactId>
+      <version>${project.version}</version>
+    </dependency>
+    <dependency>
+      <groupId>${project.groupId}</groupId>
+      <artifactId>sonar-flex-plugin</artifactId>
+      <version>${project.version}</version>
+    </dependency>
+    <dependency>
+      <groupId>${project.groupId}</groupId>
+      <artifactId>sslr-flex-toolkit</artifactId>
+      <version>${project.version}</version>
+    </dependency>
+  </dependencies>
+  <build>
+    <plugins>
+      <plugin>
+        <groupId>org.jacoco</groupId>
+        <artifactId>jacoco-maven-plugin</artifactId>
+        <configuration>
+          <formats>XML</formats>
+          <outputDirectory>${maven.multiModuleProjectDirectory}/coverage/java</outputDirectory>
+        </configuration>
+        <executions>
+          <execution>
+            <id>report-aggregate</id>
+            <phase>verify</phase>
+            <goals>
+              <goal>report-aggregate</goal>
+            </goals>
+          </execution>
+        </executions>
+      </plugin>
+      <plugin>
+      <groupId>org.codehaus.mojo</groupId>
+        <artifactId>exec-maven-plugin</artifactId>
+        <version>3.5.1</version>
+        <executions>
+          <execution>
+            <id>Clean the Java Coverage folder</id>
+            <phase>clean</phase>
+            <goals>
+              <goal>exec</goal>
+            </goals>
+            <configuration>
+              <executable>rm</executable>
+              <workingDirectory>../..</workingDirectory>
+              <arguments>
+                <argument>-rf</argument>
+                <argument>coverage/java</argument>
+              </arguments>
+            </configuration>
+          </execution>
+        </executions>
+      </plugin>
+    </plugins>
+  </build>
+
+</project>

pom.xml

@@ -237,6 +237,12 @@
         <maven.compiler.release>8</maven.compiler.release>
       </properties>
     </profile>
+    <profile>
+      <id>coverage-report</id>
+      <modules>
+        <module>coverage-report</module>
+      </modules>
+    </profile>
   </profiles>
 
 </project>