|
| 1 | +env: |
| 2 | + # see https://github.com/SonarSource/re-terraform-aws-vault/blob/master/orders/bubble-cfamily.yaml |
| 3 | + CIRRUS_VAULT_URL: https://vault.sonar.build:8200 |
| 4 | + CIRRUS_VAULT_AUTH_PATH: jwt-cirrusci |
| 5 | + CIRRUS_VAULT_ROLE: cirrusci-${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME} |
| 6 | + |
| 7 | + DOCKER_USERNAME: VAULT[development/kv/data/docker/sonardockerrw data.username] |
| 8 | + DOCKER_PASSWORD: VAULT[development/kv/data/docker/sonardockerrw data.access_token_rwd] |
| 9 | + DOCKER_GCLOUD_SA_KEY: VAULT[development/team/sonarqube/kv/data/gcp-marketplace-registry-staging data.key] |
| 10 | + |
| 11 | + WS_PRODUCTNAME: SonarSource/docker-sonarqube |
| 12 | + STAGING_IMAGE_NAME: sonarsource/sonarqube |
| 13 | + PUBLIC_IMAGE_NAME: sonarqube |
| 14 | + GCLOUD_REGISTRY: gcr.io/sonarqube-marketplace-provider |
| 15 | + GCLOUD_PRODUCT_NAME: sonarqube-dce |
| 16 | + CURRENT_LTS_VERSION: 9.9.4 |
| 17 | + CURRENT_VERSION: 10.4.1 |
| 18 | + NEXT_VERSION: 10.5.0 |
| 19 | + |
| 20 | + |
| 21 | +vm_instance_template: &VM_TEMPLATE |
| 22 | + image: docker-builder-v* |
| 23 | + type: t2.small |
| 24 | + region: eu-central-1 |
| 25 | + subnet_id: ${CIRRUS_AWS_SUBNET} |
| 26 | + |
| 27 | +multi_arch_build_gcp_task: |
| 28 | + only_if: $CIRRUS_CRON == 'nightly-mend-scan' |
| 29 | + ec2_instance: |
| 30 | + <<: *VM_TEMPLATE |
| 31 | + pull_public_images_script: |
| 32 | + - echo "Pull the ${PUBLIC_IMAGE_NAME} datacenter public images" |
| 33 | + - docker pull "${PUBLIC_IMAGE_NAME}:${CURRENT_VERSION}-datacenter-app" |
| 34 | + - docker pull "${PUBLIC_IMAGE_NAME}:${CURRENT_VERSION}-datacenter-search" |
| 35 | + login_to_gcr_script: |
| 36 | + - export DOCKER_GCLOUD_PASSWORD=$(echo ${DOCKER_GCLOUD_SA_KEY} | base64 -d) |
| 37 | + - docker login -u _json_key -p "$DOCKER_GCLOUD_PASSWORD" https://${GCLOUD_REGISTRY} |
| 38 | + tag_and_promote_script: |
| 39 | + - export CURRENT_MINOR_VERSION=$(echo ${CURRENT_VERSION} | cut -d '.' -f 1,2) |
| 40 | + - echo "Promote the ${PUBLIC_IMAGE_NAME}:${CURRENT_VERSION}-datacenter-app images supporting two architectures (linux/amd64 and linux/arm64) to the GCP registry ${GCLOUD_REGISTRY}" |
| 41 | + - docker tag "${PUBLIC_IMAGE_NAME}:${CURRENT_VERSION}-datacenter-app" "${GCLOUD_REGISTRY}/${GCLOUD_PRODUCT_NAME}:${CURRENT_VERSION}" |
| 42 | + - docker tag "${PUBLIC_IMAGE_NAME}:${CURRENT_VERSION}-datacenter-app" "${GCLOUD_REGISTRY}/${GCLOUD_PRODUCT_NAME}:${CURRENT_MINOR_VERSION}" |
| 43 | + - docker push "${GCLOUD_REGISTRY}/${GCLOUD_PRODUCT_NAME}:${CURRENT_VERSION}" |
| 44 | + - docker push "${GCLOUD_REGISTRY}/${GCLOUD_PRODUCT_NAME}:${CURRENT_MINOR_VERSION}" |
| 45 | + - echo "Promote the ${PUBLIC_IMAGE_NAME}:${CURRENT_VERSION}-datacenter-search images supporting two architectures (linux/amd64 and linux/arm64) to the GCP registry ${GCLOUD_REGISTRY}" |
| 46 | + - docker tag "${PUBLIC_IMAGE_NAME}:${CURRENT_VERSION}-datacenter-search" "${GCLOUD_REGISTRY}/${GCLOUD_PRODUCT_NAME}/sonarqube-dce-search:${CURRENT_VERSION}" |
| 47 | + - docker tag "${PUBLIC_IMAGE_NAME}:${CURRENT_VERSION}-datacenter-search" "${GCLOUD_REGISTRY}/${GCLOUD_PRODUCT_NAME}/sonarqube-dce-search:${CURRENT_MINOR_VERSION}" |
| 48 | + - docker push "${GCLOUD_REGISTRY}/${GCLOUD_PRODUCT_NAME}/sonarqube-dce-search:${CURRENT_VERSION}" |
| 49 | + - docker push "${GCLOUD_REGISTRY}/${GCLOUD_PRODUCT_NAME}/sonarqube-dce-search:${CURRENT_MINOR_VERSION}" |
| 50 | + |
| 51 | +# multi_arch_build_task: |
| 52 | +# env: |
| 53 | +# matrix: |
| 54 | +# - version: 9/community |
| 55 | +# tag: $CURRENT_LTS_VERSION-community |
| 56 | +# - version: 9/developer |
| 57 | +# tag: $CURRENT_LTS_VERSION-developer |
| 58 | +# - version: 9/enterprise |
| 59 | +# tag: $CURRENT_LTS_VERSION-enterprise |
| 60 | +# - version: 9/datacenter/app |
| 61 | +# tag: $CURRENT_LTS_VERSION-datacenter-app |
| 62 | +# - version: 9/datacenter/search |
| 63 | +# tag: $CURRENT_LTS_VERSION-datacenter-search |
| 64 | +# - version: 10/community |
| 65 | +# tag: $NEXT_VERSION-community |
| 66 | +# - version: 10/developer |
| 67 | +# tag: $NEXT_VERSION-developer |
| 68 | +# - version: 10/enterprise |
| 69 | +# tag: $NEXT_VERSION-enterprise |
| 70 | +# - version: 10/datacenter/app |
| 71 | +# tag: $NEXT_VERSION-datacenter-app |
| 72 | +# - version: 10/datacenter/search |
| 73 | +# tag: $NEXT_VERSION-datacenter-search |
| 74 | +# ec2_instance: |
| 75 | +# <<: *VM_TEMPLATE |
| 76 | +# login_script: |
| 77 | +# - docker login --username $DOCKER_USERNAME --password $DOCKER_PASSWORD |
| 78 | +# setup_script: |
| 79 | +# - docker run -t --rm --privileged tonistiigi/binfmt --install all |
| 80 | +# - docker buildx create --name multibuilder --driver docker-container |
| 81 | +# - docker buildx use multibuilder |
| 82 | +# - docker buildx inspect --bootstrap |
| 83 | +# build_script: |
| 84 | +# - echo "Build the ${STAGING_IMAGE_NAME}:${tag} image supporting two architectures, linux/amd64 and linux/arm64" |
| 85 | +# - .cirrus/multi-arch-build.sh ${STAGING_IMAGE_NAME} ${tag} ${version} |
| 86 | + |
| 87 | +# private_scan_task: |
| 88 | +# env: |
| 89 | +# platform: amd64 |
| 90 | +# MEND_API_KEY: VAULT[development/kv/data/mend data.apikey] |
| 91 | +# WS_WSS_URL: https://saas-eu.whitesourcesoftware.com/agent |
| 92 | +# matrix: |
| 93 | +# - tag: $CURRENT_LTS_VERSION-datacenter-app |
| 94 | +# - tag: $NEXT_VERSION-datacenter-app |
| 95 | +# ec2_instance: |
| 96 | +# <<: *VM_TEMPLATE |
| 97 | +# login_script: |
| 98 | +# - docker login --username $DOCKER_USERNAME --password $DOCKER_PASSWORD |
| 99 | +# setup_script: |
| 100 | +# - /usr/bin/systemctl stop unattended-upgrades.service |
| 101 | +# - /usr/bin/pgrep apt | xargs -r kill -SIGINT || true |
| 102 | +# - /usr/bin/pgrep apt | xargs -r kill -SIGTERM || true |
| 103 | +# - /usr/bin/pgrep apt | xargs -r kill -SIGKILL || true ; /usr/bin/dpkg --configure -a |
| 104 | +# - apt-get remove -y unattended-upgrades |
| 105 | +# - apt-get update && apt-get install -y --no-install-recommends openjdk-17-jre |
| 106 | +# - curl -sSL https://unified-agent.s3.amazonaws.com/wss-unified-agent.jar -o wss-unified-agent.jar |
| 107 | +# - echo "docker.includes=${tag}" >> .cirrus/wss-unified-agent.config |
| 108 | +# scan_script: |
| 109 | +# - echo "Scan the ${STAGING_IMAGE_NAME}:${tag} image supporting linux/${platform}" |
| 110 | +# - .cirrus/pull.sh ${STAGING_IMAGE_NAME} ${tag} ${platform} |
| 111 | +# - java -jar wss-unified-agent.jar -c .cirrus/wss-unified-agent.config -apiKey $MEND_API_KEY -product ${WS_PRODUCTNAME} -project ${STAGING_IMAGE_NAME}:${tag} -wss.url ${WS_WSS_URL} -docker.scanImages true |
| 112 | +# depends_on: multi_arch_build |
| 113 | + |
| 114 | +# public_scan_task: |
| 115 | +# only_if: $CIRRUS_CRON == 'nightly-mend-scan' |
| 116 | +# env: |
| 117 | +# platform: amd64 |
| 118 | +# MEND_API_KEY: VAULT[development/kv/data/mend data.apikey] |
| 119 | +# WS_WSS_URL: https://saas-eu.whitesourcesoftware.com/agent |
| 120 | +# matrix: |
| 121 | +# - tag: $CURRENT_LTS_VERSION-datacenter-app |
| 122 | +# - tag: $CURRENT_VERSION-datacenter-app |
| 123 | +# ec2_instance: |
| 124 | +# <<: *VM_TEMPLATE |
| 125 | +# setup_script: |
| 126 | +# - /usr/bin/systemctl stop unattended-upgrades.service |
| 127 | +# - /usr/bin/pgrep apt | xargs -r kill -SIGINT || true |
| 128 | +# - /usr/bin/pgrep apt | xargs -r kill -SIGTERM || true |
| 129 | +# - /usr/bin/pgrep apt | xargs -r kill -SIGKILL || true ; /usr/bin/dpkg --configure -a |
| 130 | +# - apt-get remove -y unattended-upgrades |
| 131 | +# - apt-get update && apt-get install -y --no-install-recommends openjdk-17-jre |
| 132 | +# - curl -sSL https://unified-agent.s3.amazonaws.com/wss-unified-agent.jar -o wss-unified-agent.jar |
| 133 | +# - echo "docker.includes=${tag}" >> .cirrus/wss-unified-agent.config |
| 134 | +# scan_script: |
| 135 | +# - echo "Scan the ${PUBLIC_IMAGE_NAME}:${tag} image" |
| 136 | +# - docker pull "${PUBLIC_IMAGE_NAME}:${tag}" |
| 137 | +# - .cirrus/pull.sh ${PUBLIC_IMAGE_NAME} ${tag} ${platform} |
| 138 | +# - java -jar wss-unified-agent.jar -c .cirrus/wss-unified-agent.config -apiKey $MEND_API_KEY -product ${WS_PRODUCTNAME} -project ${PUBLIC_IMAGE_NAME}:${tag} -wss.url ${WS_WSS_URL} -docker.scanImages true |
| 139 | + |
| 140 | +# multi_arch_test_task: |
| 141 | +# matrix: |
| 142 | +# - env: |
| 143 | +# CIRRUS_ARCH: arm64 |
| 144 | +# INSTANCE_TYPE: t4g.large |
| 145 | +# AMI_NAME: docker-builder-arm64-v* |
| 146 | +# - env: |
| 147 | +# CIRRUS_ARCH: amd64 |
| 148 | +# INSTANCE_TYPE: t3.large |
| 149 | +# AMI_NAME: docker-builder-v* |
| 150 | +# env: |
| 151 | +# matrix: |
| 152 | +# - test_name: docker |
| 153 | +# tag: $CURRENT_LTS_VERSION-community |
| 154 | +# - test_name: docker |
| 155 | +# tag: $CURRENT_LTS_VERSION-developer |
| 156 | +# - test_name: docker |
| 157 | +# tag: $CURRENT_LTS_VERSION-enterprise |
| 158 | +# - test_name: docker-compose |
| 159 | +# tag: $CURRENT_LTS_VERSION-datacenter |
| 160 | +# - test_name: docker |
| 161 | +# tag: $NEXT_VERSION-community |
| 162 | +# - test_name: docker |
| 163 | +# tag: $NEXT_VERSION-developer |
| 164 | +# - test_name: docker |
| 165 | +# tag: $NEXT_VERSION-enterprise |
| 166 | +# - test_name: docker-compose |
| 167 | +# tag: $NEXT_VERSION-datacenter |
| 168 | +# ec2_instance: |
| 169 | +# <<: *VM_TEMPLATE |
| 170 | +# image: ${AMI_NAME} |
| 171 | +# type: ${INSTANCE_TYPE} |
| 172 | +# architecture: ${CIRRUS_ARCH} |
| 173 | +# login_script: |
| 174 | +# - docker login --username $DOCKER_USERNAME --password $DOCKER_PASSWORD |
| 175 | +# test_script: |
| 176 | +# - echo "Test the ${STAGING_IMAGE_NAME}:${tag} image supporting linux/${CIRRUS_ARCH}" |
| 177 | +# - sysctl -w vm.max_map_count=524288 # set the recommended memory for ES |
| 178 | +# - ulimit -n 131072 # set the recommended number of opened file descriptors for ES |
| 179 | +# - ./run-tests.sh "${STAGING_IMAGE_NAME}:${tag}" "${test_name}" |
| 180 | +# depends_on: multi_arch_build |
| 181 | + |
0 commit comments