Permalink
Comparing changes
Choose two branches to see what’s changed or to start a new pull request.
If you need to, you can also .
Open a pull request
Create a new pull request by comparing changes across two branches. If you need to, you can also .
- 2 commits
- 25 files changed
- 0 comments
- 2 contributors
Commits on Jul 02, 2021
Commits on Jul 28, 2021
Unified
Split
Showing
with
1,175 additions
and 11 deletions.
- +27 −4 .github/workflows/qa.yml
- +1 −1 8/community/Dockerfile
- +1 −1 8/datacenter/app/Dockerfile
- +1 −1 8/datacenter/search/Dockerfile
- +1 −1 8/developer/Dockerfile
- +1 −1 8/enterprise/Dockerfile
- +137 −0 9/community/Dockerfile
- +58 −0 9/community/run.sh
- +2 −0 9/community/sonar.sh
- +139 −0 9/datacenter/app/Dockerfile
- +78 −0 9/datacenter/app/run.sh
- +2 −0 9/datacenter/app/sonar.sh
- +138 −0 9/datacenter/search/Dockerfile
- +81 −0 9/datacenter/search/run.sh
- +2 −0 9/datacenter/search/sonar.sh
- +137 −0 9/developer/Dockerfile
- +58 −0 9/developer/run.sh
- +2 −0 9/developer/sonar.sh
- +137 −0 9/enterprise/Dockerfile
- +58 −0 9/enterprise/run.sh
- +2 −0 9/enterprise/sonar.sh
- +6 −2 run-tests.sh
- 0 tests/{ → 8}/dce-compose-test/docker-compose.yml
- +57 −0 tests/9/dce-compose-test/docker-compose.yml
- +49 −0 update.sh
| @@ -22,7 +22,7 @@ jobs: | ||
| strategy: | ||
| fail-fast: false | ||
| matrix: | ||
| version: [7/community, 8/community, 8/developer, 8/enterprise] | ||
| version: [7/community, 8/community, 8/developer, 8/enterprise, 9/community, 9/developer, 9/enterprise] | ||
| include: | ||
| - version: 7/community | ||
| tag: 7-community | ||
| @@ -32,6 +32,12 @@ jobs: | ||
| tag: 8-developer | ||
| - version: 8/enterprise | ||
| tag: 8-enterprise | ||
| - version: 9/community | ||
| tag: 9-community | ||
| - version: 9/developer | ||
| tag: 9-developer | ||
| - version: 9/enterprise | ||
| tag: 9-enterprise | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - uses: actions/checkout@v2 | ||
| @@ -52,20 +58,27 @@ jobs: | ||
| build_and_test_dce: | ||
| strategy: | ||
| fail-fast: false | ||
| matrix: | ||
| version: [8/datacenter, 9/datacenter] | ||
| include: | ||
| - version: 8/datacenter | ||
| tag: 8-datacenter | ||
| - version: 9/datacenter | ||
| tag: 9-datacenter | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - uses: actions/checkout@v2 | ||
| - name: Build image | ||
| run: docker build -t "sonarqube:8-datacenter-app" "8/datacenter/app" && docker build -t "sonarqube:8-datacenter-search" "8/datacenter/search" | ||
| run: docker build -t "sonarqube:${{ matrix.tag }}-app" "${{ matrix.version }}/app" && docker build -t "sonarqube:${{ matrix.tag }}-search" "${{ matrix.version }}/search" | ||
| - name: Test image | ||
| run: ./run-tests.sh "sonarqube:8-datacenter-app" "docker-compose" | ||
| run: ./run-tests.sh "sonarqube:${{ matrix.tag }}-app" "docker-compose" | ||
|
|
||
| snyk_on_pr: | ||
| if: github.event_name == 'pull_request' | ||
| strategy: | ||
| fail-fast: false | ||
| matrix: | ||
| version: [7/community, 8/community, 8/developer, 8/enterprise, 8/datacenter/app, 8/datacenter/search] | ||
| version: [7/community, 8/community, 8/developer, 8/enterprise, 8/datacenter/app, 8/datacenter/search, 9/community, 9/developer, 9/enterprise, 9/datacenter/app, 9/datacenter/search] | ||
| include: | ||
| - version: 7/community | ||
| tag: 7-community | ||
| @@ -79,6 +92,16 @@ jobs: | ||
| tag: 8-datacenter-app | ||
| - version: 8/datacenter/search | ||
| tag: 8-datacenter-search | ||
| - version: 9/community | ||
| tag: 9-community | ||
| - version: 9/developer | ||
| tag: 9-developer | ||
| - version: 9/enterprise | ||
| tag: 9-enterprise | ||
| - version: 9/datacenter/app | ||
| tag: 9-datacenter-app | ||
| - version: 9/datacenter/search | ||
| tag: 9-datacenter-search | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - uses: actions/checkout@v2 | ||
| @@ -86,7 +86,7 @@ RUN set -eux; \ | ||
| # | ||
| # SonarQube setup | ||
| # | ||
| ARG SONARQUBE_VERSION=8.9.1.44547 | ||
| ARG SONARQUBE_VERSION=8.9.2.46101 | ||
| ARG SONARQUBE_ZIP_URL=https://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-${SONARQUBE_VERSION}.zip | ||
| ENV JAVA_HOME=/opt/java/openjdk \ | ||
| PATH="/opt/java/openjdk/bin:$PATH" \ | ||
| @@ -86,7 +86,7 @@ RUN set -eux; \ | ||
| # | ||
| # SonarQube setup | ||
| # | ||
| ARG SONARQUBE_VERSION=8.9.1.44547 | ||
| ARG SONARQUBE_VERSION=8.9.2.46101 | ||
| ARG SONARQUBE_ZIP_URL=https://binaries.sonarsource.com/CommercialDistribution/sonarqube-datacenter/sonarqube-datacenter-${SONARQUBE_VERSION}.zip | ||
| ENV JAVA_HOME=/opt/java/openjdk \ | ||
| PATH="/opt/java/openjdk/bin:$PATH" \ | ||
| @@ -85,7 +85,7 @@ RUN set -eux; \ | ||
| # | ||
| # SonarQube setup | ||
| # | ||
| ARG SONARQUBE_VERSION=8.9.1.44547 | ||
| ARG SONARQUBE_VERSION=8.9.2.46101 | ||
| ARG SONARQUBE_ZIP_URL=https://binaries.sonarsource.com/CommercialDistribution/sonarqube-datacenter/sonarqube-datacenter-${SONARQUBE_VERSION}.zip | ||
| ENV JAVA_HOME=/opt/java/openjdk \ | ||
| PATH="/opt/java/openjdk/bin:$PATH" \ | ||
| @@ -86,7 +86,7 @@ RUN set -eux; \ | ||
| # | ||
| # SonarQube setup | ||
| # | ||
| ARG SONARQUBE_VERSION=8.9.1.44547 | ||
| ARG SONARQUBE_VERSION=8.9.2.46101 | ||
| ARG SONARQUBE_ZIP_URL=https://binaries.sonarsource.com/CommercialDistribution/sonarqube-developer/sonarqube-developer-${SONARQUBE_VERSION}.zip | ||
| ENV JAVA_HOME=/opt/java/openjdk \ | ||
| PATH="/opt/java/openjdk/bin:$PATH" \ | ||
| @@ -86,7 +86,7 @@ RUN set -eux; \ | ||
| # | ||
| # SonarQube setup | ||
| # | ||
| ARG SONARQUBE_VERSION=8.9.1.44547 | ||
| ARG SONARQUBE_VERSION=8.9.2.46101 | ||
| ARG SONARQUBE_ZIP_URL=https://binaries.sonarsource.com/CommercialDistribution/sonarqube-enterprise/sonarqube-enterprise-${SONARQUBE_VERSION}.zip | ||
| ENV JAVA_HOME=/opt/java/openjdk \ | ||
| PATH="/opt/java/openjdk/bin:$PATH" \ | ||
| @@ -0,0 +1,137 @@ | ||
| FROM alpine:3.14 | ||
|
|
||
| ENV JAVA_VERSION="jdk-11.0.11+9" \ | ||
| LANG='en_US.UTF-8' \ | ||
| LANGUAGE='en_US:en' \ | ||
| LC_ALL='en_US.UTF-8' | ||
|
|
||
| # | ||
| # glibc setup | ||
| # | ||
| RUN set -eux; \ | ||
| apk add --no-cache tzdata --virtual .build-deps curl binutils zstd; \ | ||
| GLIBC_VER="2.33-r0"; \ | ||
| ALPINE_GLIBC_REPO="https://github.com/sgerrand/alpine-pkg-glibc/releases/download"; \ | ||
| GCC_LIBS_URL="https://archive.archlinux.org/packages/g/gcc-libs/gcc-libs-10.2.0-6-x86_64.pkg.tar.zst"; \ | ||
| GCC_LIBS_SHA256="e33b45e4a10ef26259d6acf8e7b5dd6dc63800641e41eb67fa6588d061f79c1c"; \ | ||
| ZLIB_URL="https://archive.archlinux.org/packages/z/zlib/zlib-1%3A1.2.11-4-x86_64.pkg.tar.xz"; \ | ||
| ZLIB_SHA256=43a17987d348e0b395cb6e28d2ece65fb3b5a0fe433714762780d18c0451c149; \ | ||
| curl -LfsS https://alpine-pkgs.sgerrand.com/sgerrand.rsa.pub -o /etc/apk/keys/sgerrand.rsa.pub; \ | ||
| SGERRAND_RSA_SHA256="823b54589c93b02497f1ba4dc622eaef9c813e6b0f0ebbb2f771e32adf9f4ef2"; \ | ||
| echo "${SGERRAND_RSA_SHA256} */etc/apk/keys/sgerrand.rsa.pub" | sha256sum -c - ; \ | ||
| curl -LfsS ${ALPINE_GLIBC_REPO}/${GLIBC_VER}/glibc-${GLIBC_VER}.apk > /tmp/glibc-${GLIBC_VER}.apk; \ | ||
| apk add --no-cache /tmp/glibc-${GLIBC_VER}.apk; \ | ||
| curl -LfsS ${ALPINE_GLIBC_REPO}/${GLIBC_VER}/glibc-bin-${GLIBC_VER}.apk > /tmp/glibc-bin-${GLIBC_VER}.apk; \ | ||
| apk add --no-cache /tmp/glibc-bin-${GLIBC_VER}.apk; \ | ||
| curl -Ls ${ALPINE_GLIBC_REPO}/${GLIBC_VER}/glibc-i18n-${GLIBC_VER}.apk > /tmp/glibc-i18n-${GLIBC_VER}.apk; \ | ||
| apk add --no-cache /tmp/glibc-i18n-${GLIBC_VER}.apk; \ | ||
| /usr/glibc-compat/bin/localedef --inputfile en_US --charmap UTF-8 "$LANG" || true ;\ | ||
| echo "export LANG=$LANG" > /etc/profile.d/locale.sh; \ | ||
| curl -LfsS ${GCC_LIBS_URL} -o /tmp/gcc-libs.tar.zst; \ | ||
| echo "${GCC_LIBS_SHA256} */tmp/gcc-libs.tar.zst" | sha256sum -c - ; \ | ||
| mkdir /tmp/gcc; \ | ||
| zstd -d /tmp/gcc-libs.tar.zst --output-dir-flat /tmp; \ | ||
| tar -xf /tmp/gcc-libs.tar -C /tmp/gcc; \ | ||
| mv /tmp/gcc/usr/lib/libgcc* /tmp/gcc/usr/lib/libstdc++* /usr/glibc-compat/lib; \ | ||
| strip /usr/glibc-compat/lib/libgcc_s.so.* /usr/glibc-compat/lib/libstdc++.so*; \ | ||
| curl -LfsS ${ZLIB_URL} -o /tmp/libz.tar.xz; \ | ||
| echo "${ZLIB_SHA256} */tmp/libz.tar.xz" | sha256sum -c - ;\ | ||
| mkdir /tmp/libz; \ | ||
| tar -xf /tmp/libz.tar.xz -C /tmp/libz; \ | ||
| mv /tmp/libz/usr/lib/libz.so* /usr/glibc-compat/lib; \ | ||
| apk del --purge .build-deps glibc-i18n; \ | ||
| rm -rf /tmp/*.apk /tmp/gcc /tmp/gcc-libs.tar* /tmp/libz /tmp/libz.tar.xz /var/cache/apk/*; | ||
|
|
||
| # | ||
| # AdoptOpenJDK/openjdk11 setup | ||
| # | ||
| RUN set -eux; \ | ||
| apk add --no-cache --virtual .fetch-deps curl; \ | ||
| ARCH="$(apk --print-arch)"; \ | ||
| case "${ARCH}" in \ | ||
| aarch64|arm64) \ | ||
| ESUM='fde6b29df23b6e7ed6e16a237a0f44273fb9e267fdfbd0b3de5add98e55649f6'; \ | ||
| BINARY_URL='https://github.com/AdoptOpenJDK/openjdk11-binaries/releases/download/jdk-11.0.11%2B9/OpenJDK11U-jre_aarch64_linux_hotspot_11.0.11_9.tar.gz'; \ | ||
| ;; \ | ||
| armhf|armv7l) \ | ||
| ESUM='ad02656f800fd64c2b090b23ad24a099d9cd1054948ecb0e9851bc39c51c8be8'; \ | ||
| BINARY_URL='https://github.com/AdoptOpenJDK/openjdk11-binaries/releases/download/jdk-11.0.11%2B9/OpenJDK11U-jre_arm_linux_hotspot_11.0.11_9.tar.gz'; \ | ||
| ;; \ | ||
| ppc64el|ppc64le) \ | ||
| ESUM='37c19c7c2d1cea627b854a475ef1a765d30357d765d20cf3f96590037e79d0f3'; \ | ||
| BINARY_URL='https://github.com/AdoptOpenJDK/openjdk11-binaries/releases/download/jdk-11.0.11%2B9/OpenJDK11U-jre_ppc64le_linux_hotspot_11.0.11_9.tar.gz'; \ | ||
| ;; \ | ||
| s390x) \ | ||
| ESUM='f18101fc50aad795a41b4d3bbc591308c83664fd2390bf2bc007fd9b3d531e6c'; \ | ||
| BINARY_URL='https://github.com/AdoptOpenJDK/openjdk11-binaries/releases/download/jdk-11.0.11%2B9/OpenJDK11U-jre_s390x_linux_hotspot_11.0.11_9.tar.gz'; \ | ||
| ;; \ | ||
| amd64|x86_64) \ | ||
| ESUM='144f2c6bcf64faa32016f2474b6c01031be75d25325e9c3097aed6589bc5d548'; \ | ||
| BINARY_URL='https://github.com/AdoptOpenJDK/openjdk11-binaries/releases/download/jdk-11.0.11%2B9/OpenJDK11U-jre_x64_linux_hotspot_11.0.11_9.tar.gz'; \ | ||
| ;; \ | ||
| *) \ | ||
| echo "Unsupported arch: ${ARCH}"; \ | ||
| exit 1; \ | ||
| ;; \ | ||
| esac; \ | ||
| curl -LfsSo /tmp/openjdk.tar.gz ${BINARY_URL}; \ | ||
| echo "${ESUM} */tmp/openjdk.tar.gz" | sha256sum -c -; \ | ||
| mkdir -p /opt/java/openjdk; \ | ||
| cd /opt/java/openjdk; \ | ||
| tar -xf /tmp/openjdk.tar.gz --strip-components=1; \ | ||
| apk del --purge .fetch-deps; \ | ||
| rm -rf /var/cache/apk/*; \ | ||
| rm -rf /tmp/openjdk.tar.gz; | ||
|
|
||
| # | ||
| # SonarQube setup | ||
| # | ||
| ARG SONARQUBE_VERSION=9.0.0.45539 | ||
| ARG SONARQUBE_ZIP_URL=https://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-${SONARQUBE_VERSION}.zip | ||
| ENV JAVA_HOME=/opt/java/openjdk \ | ||
| PATH="/opt/java/openjdk/bin:$PATH" \ | ||
| SONARQUBE_HOME=/opt/sonarqube \ | ||
| SONAR_VERSION="${SONARQUBE_VERSION}" \ | ||
| SQ_DATA_DIR="/opt/sonarqube/data" \ | ||
| SQ_EXTENSIONS_DIR="/opt/sonarqube/extensions" \ | ||
| SQ_LOGS_DIR="/opt/sonarqube/logs" \ | ||
| SQ_TEMP_DIR="/opt/sonarqube/temp" | ||
|
|
||
| RUN set -eux; \ | ||
| addgroup -S -g 1000 sonarqube; \ | ||
| adduser -S -D -u 1000 -G sonarqube sonarqube; \ | ||
| apk add --no-cache --virtual build-dependencies gnupg unzip curl; \ | ||
| apk add --no-cache bash su-exec ttf-dejavu; \ | ||
| # pub 2048R/D26468DE 2015-05-25 | ||
| # Key fingerprint = F118 2E81 C792 9289 21DB CAB4 CFCA 4A29 D264 68DE | ||
| # uid sonarsource_deployer (Sonarsource Deployer) <infra@sonarsource.com> | ||
| # sub 2048R/06855C1D 2015-05-25 | ||
| echo "networkaddress.cache.ttl=5" >> "${JAVA_HOME}/conf/security/java.security"; \ | ||
| sed --in-place --expression="s?securerandom.source=file:/dev/random?securerandom.source=file:/dev/urandom?g" "${JAVA_HOME}/conf/security/java.security"; \ | ||
| for server in $(shuf -e ha.pool.sks-keyservers.net \ | ||
| hkp://p80.pool.sks-keyservers.net:80 \ | ||
| keyserver.ubuntu.com \ | ||
| hkp://keyserver.ubuntu.com:80 \ | ||
| pgp.mit.edu) ; do \ | ||
| gpg --batch --keyserver "${server}" --recv-keys 679F1EE92B19609DE816FDE81DB198F93525EC1A && break || : ; \ | ||
| done; \ | ||
| mkdir --parents /opt; \ | ||
| cd /opt; \ | ||
| curl --fail --location --output sonarqube.zip --silent --show-error "${SONARQUBE_ZIP_URL}"; \ | ||
| curl --fail --location --output sonarqube.zip.asc --silent --show-error "${SONARQUBE_ZIP_URL}.asc"; \ | ||
| gpg --batch --verify sonarqube.zip.asc sonarqube.zip; \ | ||
| unzip -q sonarqube.zip; \ | ||
| mv "sonarqube-${SONARQUBE_VERSION}" sonarqube; \ | ||
| rm sonarqube.zip*; \ | ||
| rm -rf ${SONARQUBE_HOME}/bin/*; \ | ||
| chown -R sonarqube:sonarqube ${SONARQUBE_HOME}; \ | ||
| # this 777 will be replaced by 700 at runtime (allows semi-arbitrary "--user" values) | ||
| chmod -R 777 "${SQ_DATA_DIR}" "${SQ_EXTENSIONS_DIR}" "${SQ_LOGS_DIR}" "${SQ_TEMP_DIR}"; \ | ||
| apk del --purge build-dependencies; | ||
|
|
||
| COPY --chown=sonarqube:sonarqube run.sh sonar.sh ${SONARQUBE_HOME}/bin/ | ||
|
|
||
| WORKDIR ${SONARQUBE_HOME} | ||
| EXPOSE 9000 | ||
| ENTRYPOINT ["bin/run.sh"] | ||
| CMD ["bin/sonar.sh"] |
| @@ -0,0 +1,58 @@ | ||
| #!/usr/bin/env bash | ||
|
|
||
| set -euo pipefail | ||
|
|
||
| declare -a sq_opts=() | ||
| set_prop_from_deprecated_env_var() { | ||
| if [ "$2" ]; then | ||
| sq_opts+=("-D$1=$2") | ||
| fi | ||
| } | ||
|
|
||
| # if nothing is passed, assume we want to run sonarqube server | ||
| if [ "$#" == 0 ]; then | ||
| set -- bin/sonar.sh | ||
| fi | ||
|
|
||
| # if first arg looks like a flag, assume we want to run sonarqube server with flags | ||
| if [ "${1:0:1}" = '-' ]; then | ||
| set -- bin/sonar.sh "$@" | ||
| fi | ||
|
|
||
| if [[ "$1" = 'bin/sonar.sh' ]]; then | ||
| chown -R "$(id -u):$(id -g)" "${SQ_DATA_DIR}" "${SQ_EXTENSIONS_DIR}" "${SQ_LOGS_DIR}" "${SQ_TEMP_DIR}" 2>/dev/null || : | ||
| chmod -R 700 "${SQ_DATA_DIR}" "${SQ_EXTENSIONS_DIR}" "${SQ_LOGS_DIR}" "${SQ_TEMP_DIR}" 2>/dev/null || : | ||
|
|
||
| # Allow the container to be started with `--user` | ||
| if [[ "$(id -u)" = '0' ]]; then | ||
| chown -R sonarqube:sonarqube "${SQ_DATA_DIR}" "${SQ_EXTENSIONS_DIR}" "${SQ_LOGS_DIR}" "${SQ_TEMP_DIR}" | ||
| exec su-exec sonarqube "$0" "$@" | ||
| fi | ||
|
|
||
| # | ||
| # Deprecated way to pass settings to SonarQube that will be removed in future versions. | ||
| # Please use environment variables (https://docs.sonarqube.org/latest/setup/environment-variables/) | ||
| # instead to customize SonarQube. | ||
| # | ||
| while IFS='=' read -r envvar_key envvar_value | ||
| do | ||
| if [[ "$envvar_key" =~ sonar.* ]] || [[ "$envvar_key" =~ ldap.* ]]; then | ||
| sq_opts+=("-D${envvar_key}=${envvar_value}") | ||
| fi | ||
| done < <(env) | ||
|
|
||
| # | ||
| # Deprecated environment variable mapping that will be removed in future versions. | ||
| # Please use environment variables from https://docs.sonarqube.org/latest/setup/environment-variables/ | ||
| # instead of using these 4 environment variables below. | ||
| # | ||
| set_prop_from_deprecated_env_var "sonar.jdbc.username" "${SONARQUBE_JDBC_USERNAME:-}" | ||
| set_prop_from_deprecated_env_var "sonar.jdbc.password" "${SONARQUBE_JDBC_PASSWORD:-}" | ||
| set_prop_from_deprecated_env_var "sonar.jdbc.url" "${SONARQUBE_JDBC_URL:-}" | ||
| set_prop_from_deprecated_env_var "sonar.web.javaAdditionalOpts" "${SONARQUBE_WEB_JVM_OPTS:-}" | ||
| if [ ${#sq_opts[@]} -ne 0 ]; then | ||
| set -- "$@" "${sq_opts[@]}" | ||
| fi | ||
| fi | ||
|
|
||
| exec "$@" |
| @@ -0,0 +1,2 @@ | ||
| #!/usr/bin/env bash | ||
| exec java -jar lib/sonar-application-"${SONAR_VERSION}".jar -Dsonar.log.console=true "$@" |
Oops, something went wrong.