From 72322c12d6c976ac7302e0437a2e5e1a4323beff Mon Sep 17 00:00:00 2001 From: Peter Trifanov Date: Fri, 13 Dec 2024 17:10:50 +0100 Subject: [PATCH 1/5] SONARGO-82 Add "artifactory-configuration" to common Gradle modules --- .cirrus.yml | 1 + .gitmodules | 1 + build-logic | 2 +- build.gradle | 177 ----------------------------- build.gradle.kts | 50 ++++++++ sonar-go-plugin/build.gradle.kts | 17 ++- sonar-go-to-slang/build.gradle.kts | 7 ++ 7 files changed, 75 insertions(+), 180 deletions(-) delete mode 100644 build.gradle create mode 100644 build.gradle.kts diff --git a/.cirrus.yml b/.cirrus.yml index bd717c3b..8f15718d 100644 --- a/.cirrus.yml +++ b/.cirrus.yml @@ -87,6 +87,7 @@ build_task: SONAR_TOKEN: VAULT[development/kv/data/next data.token] SONAR_HOST_URL: VAULT[development/kv/data/next data.url] DEPLOY_PULL_REQUEST: "true" + FORCE_SIGNING: "true" build_script: - git submodule update --init --depth 1 -- build-logic - source cirrus-env BUILD diff --git a/.gitmodules b/.gitmodules index 73aed1c5..ab6b5ce7 100644 --- a/.gitmodules +++ b/.gitmodules @@ -13,3 +13,4 @@ [submodule "build-logic"] path = build-logic url = https://github.com/SonarSource/cloud-native-gradle-modules + branch = SONARGO-82 diff --git a/build-logic b/build-logic index 3a87c251..522ed404 160000 --- a/build-logic +++ b/build-logic @@ -1 +1 @@ -Subproject commit 3a87c2511f6809b708685b09c5170a2fc25a5349 +Subproject commit 522ed404ac5dc9dd6c7d47c11c5e48e7ae17e880 diff --git a/build.gradle b/build.gradle deleted file mode 100644 index f29ea2e8..00000000 --- a/build.gradle +++ /dev/null @@ -1,177 +0,0 @@ -/* - * SonarSource Go - * Copyright (C) 2018-2024 SonarSource SA - * mailto:info AT sonarsource DOT com - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the Sonar Source-Available License Version 1, as published by SonarSource SA. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. - * See the Sonar Source-Available License for more details. - * - * You should have received a copy of the Sonar Source-Available License - * along with this program; if not, see https://sonarsource.com/license/ssal/ - */ -import java.util.jar.JarInputStream - -plugins { - id("org.sonarsource.cloud-native.code-style-conventions") - id 'com.jfrog.artifactory' version '4.28.2' - id 'org.sonarqube' version '6.0.1.5171' - id 'de.thetaphi.forbiddenapis' version '3.0' apply false -} - -allprojects { - apply plugin: 'java' - apply plugin: 'com.jfrog.artifactory' - apply plugin: 'maven-publish' - apply plugin: 'signing' - - ext { - sonarLinksCi = 'https://cirrus-ci.com/github/SonarSource/sonar-go' - sonarLinksScm = 'https://github.com/SonarSource/sonar-go' - - artifactsToPublish = '' - artifactsToDownload = '' - } - - repositories { - mavenCentral() - def artifactoryBearerToken = System.getenv("ARTIFACTORY_PRIVATE_PASSWORD") ?: project.findProperty("artifactoryPassword") - if (artifactoryBearerToken) { - maven { - url "https://repox.jfrog.io/repox/sonarsource" - authentication { - header(HttpHeaderAuthentication) - } - credentials(HttpHeaderCredentials) { - name = "Authorization" - value = "Bearer $artifactoryBearerToken" - } - } - } - } -} - -subprojects { - // do not publish to Artifactory by default - artifactoryPublish.skip = true - - configurations { - // include compileOnly dependencies during test - testCompile.extendsFrom compileOnly - } - - tasks.withType(Test).configureEach { - def propKeys = System.properties.findAll { - it.key.startsWith("orchestrator") || it.key.startsWith("sonar") || it.key == "buildNumber" || it.key == "slangVersion" - }.collect { it.key } - systemProperties = System.properties.subMap(propKeys) - if (propKeys.contains("buildNumber") && !propKeys.contains("slangVersion")) { - systemProperties["slangVersion"] = version - } - } - - publishing { - publications { - mavenJava(MavenPublication) { - pom { - name = projectTitle - description = project.description - url = 'http://www.sonarqube.org/' - organization { - name = 'SonarSource' - url = 'http://www.sonarsource.com' - } - licenses { - license { - name = 'SSALv1' - url = 'https://sonarsource.com/license/ssal/' - distribution = 'repo' - } - } - scm { - url = 'https://github.com/SonarSource/sonar-go' - } - developers { - developer { - id = 'sonarsource-team' - name = 'SonarSource Team' - } - } - } - } - } - } - - signing { - def signingKeyId = findProperty("signingKeyId") - def signingKey = findProperty("signingKey") - def signingPassword = findProperty("signingPassword") - useInMemoryPgpKeys(signingKeyId, signingKey, signingPassword) - required { - def branch = System.getenv()["CIRRUS_BRANCH"] - return (branch == 'master' || branch ==~ 'branch-[\\d.]+') && - gradle.taskGraph.hasTask(":artifactoryPublish") - } - sign publishing.publications - } - - tasks.withType(Sign) { - onlyIf { - def branch = System.getenv()["CIRRUS_BRANCH"] - return !artifactoryPublish.skip && - (branch == 'master' || branch ==~ 'branch-[\\d.]+') && - gradle.taskGraph.hasTask(":artifactoryPublish") - } - } -} - -sonar { - properties { - property 'sonar.organization', 'sonarsource' - property 'sonar.projectKey', 'SonarSource_sonar-go' - property 'sonar.projectName', projectTitle - property 'sonar.links.ci', "${sonarLinksCi}" - property 'sonar.links.scm', "${sonarLinksScm}" - property 'sonar.links.issue', 'https://jira.sonarsource.com/browse/SONARGO' - property 'sonar.exclusions', '**/build/**/*' - } -} - -artifactory { - clientConfig.setIncludeEnvVars(true) - clientConfig.setEnvVarsExcludePatterns('*password*,*PASSWORD*,*secret*,*MAVEN_CMD_LINE_ARGS*,sun.java.command,*token*,*TOKEN*,*LOGIN*,*login*,*key*,*KEY*,*PASSPHRASE*,*signing*') - contextUrl = System.getenv('ARTIFACTORY_URL') - publish { - repository { - repoKey = System.getenv('ARTIFACTORY_DEPLOY_REPO') - username = System.getenv('ARTIFACTORY_DEPLOY_USERNAME') - password = System.getenv('ARTIFACTORY_DEPLOY_PASSWORD') - } - defaults { - properties = [ - 'build.name' : 'sonar-go', - 'build.number' : System.getenv('BUILD_NUMBER'), - 'pr.branch.target': System.getenv('PULL_REQUEST_BRANCH_TARGET'), - 'pr.number' : System.getenv('PULL_REQUEST_NUMBER'), - 'vcs.branch' : System.getenv('GIT_BRANCH'), - 'vcs.revision' : System.getenv('GIT_COMMIT'), - 'version' : version - ] - publications('mavenJava') - publishPom = true - publishIvy = false - } - } - - clientConfig.info.setBuildName('sonar-go') - clientConfig.info.setBuildNumber(System.getenv('BUILD_NUMBER')) - // Define the artifacts to be deployed to https://binaries.sonarsource.com on releases - clientConfig.info.addEnvironmentProperty('ARTIFACTS_TO_PUBLISH', artifactsToPublish) - clientConfig.info.addEnvironmentProperty('ARTIFACTS_TO_DOWNLOAD', artifactsToDownload) - // The name of this variable is important because it's used by the delivery process when extracting version from Artifactory build info. - clientConfig.info.addEnvironmentProperty('PROJECT_VERSION', "${version}") -} diff --git a/build.gradle.kts b/build.gradle.kts new file mode 100644 index 00000000..0f43c0a3 --- /dev/null +++ b/build.gradle.kts @@ -0,0 +1,50 @@ +/* + * SonarSource Go + * Copyright (C) 2018-2024 SonarSource SA + * mailto:info AT sonarsource DOT com + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the Sonar Source-Available License Version 1, as published by SonarSource SA. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + * See the Sonar Source-Available License for more details. + * + * You should have received a copy of the Sonar Source-Available License + * along with this program; if not, see https://sonarsource.com/license/ssal/ + */ +plugins { + id("org.sonarsource.cloud-native.code-style-conventions") + id("org.sonarsource.cloud-native.artifactory-configuration") + id("org.sonarqube") version "6.0.1.5171" +} + +artifactoryConfiguration { + buildName = "sonar-go" + artifactsToPublish = "org.sonarsource.slang:sonar-go-plugin:jar" + artifactsToDownload = "" + repoKeyEnv = "ARTIFACTORY_DEPLOY_REPO" + usernameEnv = "ARTIFACTORY_DEPLOY_USERNAME" + passwordEnv = "ARTIFACTORY_DEPLOY_PASSWORD" +} + +spotless { + java { + // no Java sources in the root project + target("") + } +} + +val projectTitle = properties["projectTitle"] as String +sonar { + properties { + property("sonar.organization", "sonarsource") + property("sonar.projectKey", "SonarSource_sonar-go") + property("sonar.projectName", projectTitle) + property("sonar.links.ci", "https://cirrus-ci.com/github/SonarSource/sonar-go") + property("sonar.links.scm", "https://github.com/SonarSource/sonar-go") + property("sonar.links.issue", "https://jira.sonarsource.com/browse/SONARGO") + property("sonar.exclusions", "**/build/**/*") + } +} diff --git a/sonar-go-plugin/build.gradle.kts b/sonar-go-plugin/build.gradle.kts index 1b00ad0a..c940d1fb 100644 --- a/sonar-go-plugin/build.gradle.kts +++ b/sonar-go-plugin/build.gradle.kts @@ -22,6 +22,7 @@ import java.util.jar.JarInputStream plugins { id("org.sonarsource.cloud-native.java-conventions") id("org.sonarsource.cloud-native.code-style-conventions") + id("org.sonarsource.cloud-native.artifactory-configuration") id("com.github.johnrengelman.shadow") version "7.1.0" } @@ -117,8 +118,20 @@ artifacts { archives(tasks.shadowJar) } -tasks.artifactoryPublish { - skip = false +artifactoryConfiguration { + pomName = properties["projectTitle"] as String + scmUrl = "https://github.com/SonarSource/sonar-go" + + license { + name = "SSALv1" + url = "https://sonarsource.com/license/ssal/" + distribution = "repo" + } + + buildName = "sonar-go" + repoKeyEnv = "ARTIFACTORY_DEPLOY_REPO" + usernameEnv = "ARTIFACTORY_DEPLOY_USERNAME" + passwordEnv = "ARTIFACTORY_DEPLOY_PASSWORD" } publishing { diff --git a/sonar-go-to-slang/build.gradle.kts b/sonar-go-to-slang/build.gradle.kts index 503354bf..155fedaa 100644 --- a/sonar-go-to-slang/build.gradle.kts +++ b/sonar-go-to-slang/build.gradle.kts @@ -68,6 +68,13 @@ tasks.build { dependsOn(generateTestReport) } +spotless { + java { + // No Java sources in this project + target("") + } +} + if (System.getenv("CI") == "true") { // spotless is enabled only for CI, because spotless relies on Go installation being available on the machine spotless { From e45c2d6f616e070c4872dd8e63537589b58f4a61 Mon Sep 17 00:00:00 2001 From: Peter Trifanov Date: Tue, 17 Dec 2024 13:23:45 +0100 Subject: [PATCH 2/5] Review notes --- .cirrus.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.cirrus.yml b/.cirrus.yml index 8f15718d..bd717c3b 100644 --- a/.cirrus.yml +++ b/.cirrus.yml @@ -87,7 +87,6 @@ build_task: SONAR_TOKEN: VAULT[development/kv/data/next data.token] SONAR_HOST_URL: VAULT[development/kv/data/next data.url] DEPLOY_PULL_REQUEST: "true" - FORCE_SIGNING: "true" build_script: - git submodule update --init --depth 1 -- build-logic - source cirrus-env BUILD From b8f47e87e7c04fe7cac6eca134646a3845580293 Mon Sep 17 00:00:00 2001 From: Peter Trifanov Date: Tue, 17 Dec 2024 13:24:14 +0100 Subject: [PATCH 3/5] SONARGO-82 Split artifactory configuration into artifactory and publishing --- .cirrus.yml | 11 +++-------- .gitmodules | 2 +- build-logic | 2 +- sonar-go-plugin/build.gradle.kts | 9 ++------- 4 files changed, 7 insertions(+), 17 deletions(-) diff --git a/.cirrus.yml b/.cirrus.yml index bd717c3b..4e9e894a 100644 --- a/.cirrus.yml +++ b/.cirrus.yml @@ -75,10 +75,8 @@ setup_gradle_cache_template: &SETUP_GRADLE_CACHE cleanup_gradle_cache_script_template: &CLEANUP_GRADLE_CACHE_SCRIPT cleanup_gradle_script: - - /usr/bin/find "${CIRRUS_WORKING_DIR}/.gradle/caches/" -name "*.lock" -type f -delete - - rm -rf "${CIRRUS_WORKING_DIR}/.gradle/caches/4.10.2/" - - rm -rf "${CIRRUS_WORKING_DIR}/.gradle/caches/journal-1/" - - rm -rf "${CIRRUS_WORKING_DIR}/.gradle/caches/build-cache-1/" + - rm -rf "${GRADLE_USER_HOME}/caches/journal-1/" + - find ${GRADLE_USER_HOME}/caches/ -name "*.lock" -type f -delete || true build_task: <<: *LINUX_4_CPU_6G @@ -90,9 +88,7 @@ build_task: build_script: - git submodule update --init --depth 1 -- build-logic - source cirrus-env BUILD - - function gradle(){ ./gradlew "$@"; }; export -f gradle - - gradle --version - - source set_gradle_build_version + - source .cirrus/use-gradle-wrapper.sh - regular_gradle_build_deploy_analyze <<: *ON_FAILURE <<: *CLEANUP_GRADLE_CACHE_SCRIPT @@ -116,7 +112,6 @@ gradle_its_template: &GRADLE_ITS_TEMPLATE "-Dsonar.runtimeVersion=${SQ_VERSION}" "-Dorchestrator.artifactory.accessToken=${ARTIFACTORY_ACCESS_TOKEN}" "-DbuildNumber=$BUILD_NUMBER" - -I "${GRADLE_HOME}/init.d/repoxAuth.init.gradle.kts" --info --stacktrace --console plain --no-daemon --build-cache <<: *CLEANUP_GRADLE_CACHE_SCRIPT diff --git a/.gitmodules b/.gitmodules index ab6b5ce7..01456717 100644 --- a/.gitmodules +++ b/.gitmodules @@ -13,4 +13,4 @@ [submodule "build-logic"] path = build-logic url = https://github.com/SonarSource/cloud-native-gradle-modules - branch = SONARGO-82 + branch = SONARGO-82-2 diff --git a/build-logic b/build-logic index 522ed404..ec190d64 160000 --- a/build-logic +++ b/build-logic @@ -1 +1 @@ -Subproject commit 522ed404ac5dc9dd6c7d47c11c5e48e7ae17e880 +Subproject commit ec190d64aa6460d07487a8a70f2180f16f84fd3d diff --git a/sonar-go-plugin/build.gradle.kts b/sonar-go-plugin/build.gradle.kts index c940d1fb..bc2c0fe1 100644 --- a/sonar-go-plugin/build.gradle.kts +++ b/sonar-go-plugin/build.gradle.kts @@ -22,7 +22,7 @@ import java.util.jar.JarInputStream plugins { id("org.sonarsource.cloud-native.java-conventions") id("org.sonarsource.cloud-native.code-style-conventions") - id("org.sonarsource.cloud-native.artifactory-configuration") + id("org.sonarsource.cloud-native.publishing-configuration") id("com.github.johnrengelman.shadow") version "7.1.0" } @@ -118,7 +118,7 @@ artifacts { archives(tasks.shadowJar) } -artifactoryConfiguration { +publishingConfiguration { pomName = properties["projectTitle"] as String scmUrl = "https://github.com/SonarSource/sonar-go" @@ -127,11 +127,6 @@ artifactoryConfiguration { url = "https://sonarsource.com/license/ssal/" distribution = "repo" } - - buildName = "sonar-go" - repoKeyEnv = "ARTIFACTORY_DEPLOY_REPO" - usernameEnv = "ARTIFACTORY_DEPLOY_USERNAME" - passwordEnv = "ARTIFACTORY_DEPLOY_PASSWORD" } publishing { From ea8e7f6ecb0981b57dfccee08809f48749e70f85 Mon Sep 17 00:00:00 2001 From: Peter Trifanov Date: Tue, 17 Dec 2024 15:23:37 +0100 Subject: [PATCH 4/5] Experiment with Cirrus cache --- .cirrus.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.cirrus.yml b/.cirrus.yml index 4e9e894a..e7a4068e 100644 --- a/.cirrus.yml +++ b/.cirrus.yml @@ -70,8 +70,8 @@ on_failure_template: &ON_FAILURE setup_gradle_cache_template: &SETUP_GRADLE_CACHE gradle_cache: folder: .gradle/caches - create_gradle_directory_script: - - mkdir -p "${CIRRUS_WORKING_DIR}/.gradle" + reupload_on_changes: "true" + populate_script: mkdir -p "${GRADLE_USER_HOME}" cleanup_gradle_cache_script_template: &CLEANUP_GRADLE_CACHE_SCRIPT cleanup_gradle_script: From 1faf31dbe1c8c8bd504899d3a5ef559d8e806821 Mon Sep 17 00:00:00 2001 From: Peter Trifanov Date: Tue, 17 Dec 2024 15:46:01 +0100 Subject: [PATCH 5/5] Update common Gradle modules --- .gitmodules | 1 - build-logic | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/.gitmodules b/.gitmodules index 01456717..73aed1c5 100644 --- a/.gitmodules +++ b/.gitmodules @@ -13,4 +13,3 @@ [submodule "build-logic"] path = build-logic url = https://github.com/SonarSource/cloud-native-gradle-modules - branch = SONARGO-82-2 diff --git a/build-logic b/build-logic index ec190d64..9243aeda 160000 --- a/build-logic +++ b/build-logic @@ -1 +1 @@ -Subproject commit ec190d64aa6460d07487a8a70f2180f16f84fd3d +Subproject commit 9243aeda28e01c2953f58504d6f3c0708a7753ba