Skip to content

BUILD-8735 refactor: modularize build functions and remove dead code #35

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
mikolaj-matuszny-ext-sonarsource merged 3 commits into from
Aug 1, 2025
Merged

BUILD-8735 refactor: modularize build functions and remove dead code #35

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
5d8ea0d
refactor: modularize build functions and remove dead code
mikolaj-matuszny-ext-sonarsource Aug 1, 2025
56f8e4a
feat: Validations, spec
mikolaj-matuszny-ext-sonarsource Aug 1, 2025
02766b7
docs: Organize variables
mikolaj-matuszny-ext-sonarsource Aug 1, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,3 +7,4 @@ package.json
.DS_Store
yarn.lock
CLAUDE.md
.claude/
2 changes: 1 addition & 1 deletion README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -501,7 +501,7 @@ jobs:
- `artifactory-reader-role`: Suffix for the Artifactory reader role in Vault -
defaults to `public-reader` or `private-reader` based on repository visibility (optional)
- `artifactory-deployer-role`: Suffix for the Artifactory deployer role in Vault -
defaults to `public-deployer` or `qa-deployer` based on repository visibility (optional)
defaults to `public-deployer` or `qa-deployer` based on repository visibility (optional)
- `artifactory-deploy-repo`: Name of deployment repository (optional)
- `deploy-pull-request`: Whether to deploy pull request artifacts (default: `false`)
- `skip-tests`: Whether to skip running tests (default: `false`)
Expand Down
53 changes: 31 additions & 22 deletions build-gradle/build.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,42 +1,51 @@
#!/bin/bash
#
# Build script for SonarSource Gradle projects.
# Supports building, testing, SonarQube analysis, and Artifactory deployment.
#
# Environment variables:
# - ARTIFACTORY_URL: URL to Artifactory repository
# - ARTIFACTORY_DEPLOY_REPO: name of deployment repository
# - ARTIFACTORY_DEPLOY_USERNAME: login to deploy to Artifactory
# - ARTIFACTORY_DEPLOY_PASSWORD: password to deploy to Artifactory
# - DEFAULT_BRANCH: Default branch (e.g. main)
# - PULL_REQUEST: Pull request number (e.g. 1234), if applicable.
# - PULL_REQUEST_SHA: Pull request base SHA, if applicable.
# - GITHUB_REF_NAME: Short ref name of the branch or tag (e.g. main, branch-123, dogfood-on-123)
# - BUILD_NUMBER: Build number (e.g. 42)
# - GITHUB_RUN_ID: GitHub workflow run ID. Unique per workflow run, but unchanged on re-runs.
# - GITHUB_EVENT_NAME: Event name (e.g. push, pull_request)
# - GITHUB_SHA: Git commit SHA
# - GITHUB_REPOSITORY: Repository name (e.g. sonarsource/sonar-dummy-gradle)
# Required inputs (must be explicitly provided):
# - BUILD_NUMBER: Build number for versioning
# - SONAR_HOST_URL: URL of SonarQube server
# - SONAR_TOKEN: access token to send analysis reports to SonarQube
# - SONAR_TOKEN: Access token to send analysis reports to SonarQube
# - ARTIFACTORY_URL: URL to Artifactory repository
# - ARTIFACTORY_DEPLOY_REPO: Name of deployment repository
# - ARTIFACTORY_DEPLOY_USERNAME: Username to deploy to Artifactory
# - ARTIFACTORY_DEPLOY_PASSWORD: Password to deploy to Artifactory
# - ORG_GRADLE_PROJECT_signingKey: OpenPGP key for signing artifacts (private key content)
# - ORG_GRADLE_PROJECT_signingPassword: passphrase of the signing key
# - ORG_GRADLE_PROJECT_signingPassword: Passphrase of the signing key
# - ORG_GRADLE_PROJECT_signingKeyId: OpenPGP subkey id
# - DEPLOY_PULL_REQUEST: whether to deploy pull request artifacts (default: false)
# - SKIP_TESTS: whether to skip running tests (default: false)
# - GRADLE_ARGS: additional arguments to pass to Gradle
# - DEFAULT_BRANCH: Default branch name (e.g. main)
# - PULL_REQUEST: Pull request number (e.g. 1234) or empty string
# - PULL_REQUEST_SHA: Pull request base SHA or empty string
#
# GitHub Actions auto-provided:
# - GITHUB_REF_NAME: Git branch name
# - GITHUB_SHA: Git commit SHA
# - GITHUB_REPOSITORY: Repository name (e.g. sonarsource/sonar-dummy-gradle)
# - GITHUB_RUN_ID: GitHub workflow run ID
# - GITHUB_EVENT_NAME: Event name (e.g. push, pull_request)
# - GITHUB_OUTPUT: Path to GitHub Actions output file
# - GITHUB_BASE_REF: Base branch for pull requests (only during pull_request events)
#
# Optional user customization:
# - DEPLOY_PULL_REQUEST: Whether to deploy pull request artifacts (default: false)
# - SKIP_TESTS: Whether to skip running tests (default: false)
# - GRADLE_ARGS: Additional arguments to pass to Gradle
#
# Auto-derived by script:
# - PROJECT: Project name derived from GITHUB_REPOSITORY
# shellcheck source-path=SCRIPTDIR

set -euo pipefail

: "${ARTIFACTORY_URL:?}"
: "${ARTIFACTORY_DEPLOY_REPO:?}" "${ARTIFACTORY_DEPLOY_USERNAME:?}" "${ARTIFACTORY_DEPLOY_PASSWORD:?}"
: "${GITHUB_REF_NAME:?}" "${BUILD_NUMBER:?}" "${GITHUB_RUN_ID:?}" "${GITHUB_REPOSITORY:?}" "${GITHUB_EVENT_NAME:?}"
: "${GITHUB_REF_NAME:?}" "${BUILD_NUMBER:?}" "${GITHUB_RUN_ID:?}" "${GITHUB_REPOSITORY:?}" "${GITHUB_EVENT_NAME:?}" "${GITHUB_SHA:?}"
: "${GITHUB_OUTPUT:?}"
: "${PULL_REQUEST?}" "${DEFAULT_BRANCH:?}"
: "${SONAR_HOST_URL:?}" "${SONAR_TOKEN:?}"
: "${ORG_GRADLE_PROJECT_signingKey:?}" "${ORG_GRADLE_PROJECT_signingPassword:?}" "${ORG_GRADLE_PROJECT_signingKeyId:?}"
: "${DEPLOY_PULL_REQUEST:=false}" "${SKIP_TESTS:=false}"
export ARTIFACTORY_URL DEPLOY_PULL_REQUEST SKIP_TESTS
export ARTIFACTORY_URL DEPLOY_PULL_REQUEST
: "${GRADLE_ARGS:=}"

command_exists() {
Expand Down
49 changes: 31 additions & 18 deletions build-maven/build.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,25 +1,36 @@
#!/bin/bash
# Build and deploy a Maven project.
# Environment variables:
# - ARTIFACTORY_URL: Repox URL.
# - ARTIFACTORY_DEPLOY_REPO: Deployment repository (sonarsource-public-qa or sonarsource-private-qa)
# Supports building, testing, SonarQube analysis, and Maven deployment to Artifactory.
#
# Required inputs (must be explicitly provided):
# - BUILD_NUMBER: Build number for versioning
# - SONAR_HOST_URL: URL of SonarQube server
# - SONAR_TOKEN: Access token to send analysis reports to SonarQube
# - ARTIFACTORY_URL: Artifactory repository URL
# - ARTIFACTORY_DEPLOY_REPO: Deployment repository name
# - ARTIFACTORY_DEPLOY_PASSWORD: Access token to deploy to the repository
# - ARTIFACTORY_ACCESS_TOKEN: Access token to access the private repository
# - ARTIFACTORY_DEPLOY_USERNAME: used by artifactory-maven-plugin
# - DEFAULT_BRANCH: Default branch (e.g. main)
# - PULL_REQUEST: Pull request number (e.g. 1234), if applicable.
# - GITHUB_REF_NAME: Short ref name of the branch or tag (e.g. main, branch-123, dogfood-on-123)
# - GITHUB_BASE_REF: Base branch of the pull request (e.g. main, branch-123), if applicable.
# - BUILD_NUMBER: Build number (e.g. 42)
# - GITHUB_RUN_ID: GitHub workflow run ID. Unique per workflow run, but unchanged on re-runs.
# - GITHUB_EVENT_NAME: Event name (e.g. push, pull_request)
# - ARTIFACTORY_DEPLOY_USERNAME: Username used by artifactory-maven-plugin
# - DEFAULT_BRANCH: Default branch name (e.g. main)
# - PULL_REQUEST: Pull request number (e.g. 1234) or empty string
#
# GitHub Actions auto-provided:
# - GITHUB_REF_NAME: Git branch name
# - GITHUB_SHA: Git commit SHA
# - GITHUB_REPOSITORY: Repository name (e.g. sonarsource/sonar-dummy-maven)
# - MAVEN_OPTS: Optional JVM options for Maven (e.g. -Xmx1536m -Xms128m)
# - SONAR_SCANNER_JAVA_OPTS: Optional JVM options for SonarQube scanner (e.g. -Xmx512m)
# - DEPLOY_PULL_REQUEST: whether to deploy pull request artifacts (default: false)
# - SONAR_HOST_URL: URL of SonarQube server
# - SONAR_TOKEN: access token to send analysis reports to SonarQube
# - ARTIFACTORY_PUBLISH_ARTIFACTS: NOT IMPLEMENTED
# - GITHUB_RUN_ID: GitHub workflow run ID
# - GITHUB_EVENT_NAME: Event name (e.g. push, pull_request)
# - GITHUB_OUTPUT: Path to GitHub Actions output file
# - GITHUB_BASE_REF: Base branch for pull requests (only during pull_request events)
# - GITHUB_HEAD_REF: Head branch for pull requests (only during pull_request events)
#
# Optional user customization:
# - DEPLOY_PULL_REQUEST: Whether to deploy pull request artifacts (default: false)
# - MAVEN_LOCAL_REPOSITORY: Path to Maven local repository (default: $HOME/.m2/repository)
# - MAVEN_SETTINGS: Path to Maven settings.xml (default: $HOME/.m2/settings.xml)
# - MAVEN_OPTS: JVM options for Maven (e.g. -Xmx1536m -Xms128m)
# - SONAR_SCANNER_JAVA_OPTS: JVM options for SonarQube scanner (e.g. -Xmx512m)
# - SCANNER_VERSION: SonarQube Maven plugin version (default: 5.1.0.4751)
# shellcheck source-path=SCRIPTDIR

set -euo pipefail
Expand All @@ -28,11 +39,13 @@ set -euo pipefail
# Required by maven-enforcer-plugin in SonarSource parent POM
: "${ARTIFACTORY_DEPLOY_REPO:?}" "${ARTIFACTORY_DEPLOY_USERNAME:?}" "${ARTIFACTORY_DEPLOY_PASSWORD:?}" "${ARTIFACTORY_ACCESS_TOKEN:?}"
: "${GITHUB_REF_NAME:?}" "${BUILD_NUMBER:?}" "${GITHUB_RUN_ID:?}" "${GITHUB_REPOSITORY:?}" "${GITHUB_EVENT_NAME:?}"
: "${GITHUB_SHA:?}"
: "${GITHUB_OUTPUT:?}"
: "${PULL_REQUEST?}" "${DEFAULT_BRANCH:?}"
: "${SONAR_HOST_URL:?}" "${SONAR_TOKEN:?}"
: "${MAVEN_LOCAL_REPOSITORY:=$HOME/.m2/repository}"
: "${DEPLOY_PULL_REQUEST:=false}"
export ARTIFACTORY_URL DEPLOY_PULL_REQUEST
export ARTIFACTORY_URL DEPLOY_PULL_REQUEST MAVEN_LOCAL_REPOSITORY
: "${MAVEN_SETTINGS:=$HOME/.m2/settings.xml}"

# FIXME Workaround for SonarSource parent POM; it can be removed after releases of parent 73+ and parent-oss 84+
Expand Down
Loading