-
Notifications
You must be signed in to change notification settings - Fork 0
/
.cirrus.yml
75 lines (66 loc) · 3.04 KB
/
.cirrus.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
env:
GRADLE_OPTS: -Dorg.gradle.daemon=false -Dorg.gradle.jvmargs="-XX:+PrintFlagsFinal -XshowSettings:vm -XX:+HeapDumpOnOutOfMemoryError -XX:+UnlockExperimentalVMOptions -Djava.security.egd=file:/dev/./urandom -Dfile.encoding=UTF8 -Duser.language=en -Duser.country=US"
### Shared variables
ARTIFACTORY_URL: VAULT[development/kv/data/repox data.url]
ARTIFACTORY_PRIVATE_USERNAME: vault-${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-private-reader
ARTIFACTORY_PRIVATE_PASSWORD: VAULT[development/artifactory/token/${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-private-reader access_token]
ARTIFACTORY_ACCESS_TOKEN: VAULT[development/artifactory/token/${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-private-reader access_token]
ARTIFACTORY_DEPLOY_USERNAME: vault-${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-qa-deployer
ARTIFACTORY_DEPLOY_PASSWORD: VAULT[development/artifactory/token/${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-qa-deployer access_token]
ARTIFACTORY_DEPLOY_REPO: sonarsource-public-qa
#SONARQUBE_NEXT_TOKEN: VAULT[development/kv/data/next data.token]
ORG_GRADLE_PROJECT_signingKey: VAULT[development/kv/data/sign data.key]
ORG_GRADLE_PROJECT_signingPassword: VAULT[development/kv/data/sign data.passphrase]
ORG_GRADLE_PROJECT_signingKeyId: VAULT[development/kv/data/sign data.key_id]
BURGR_URL: VAULT[development/kv/data/burgr data.url]
BURGR_USERNAME: VAULT[development/kv/data/burgr data.cirrus_username]
BURGR_PASSWORD: VAULT[development/kv/data/burgr data.cirrus_password]
### Project variables
ARTIFACTS: org.sonarsource:git-files-blame:jar
CIRRUS_SHELL: bash
only_sonarsource_qa: &ONLY_SONARSOURCE_QA
only_if: $CIRRUS_USER_COLLABORATOR == 'true' && ($CIRRUS_PR != "" || $CIRRUS_BRANCH == "master")
container_definition: &CONTAINER_DEFINITION
image: ${CIRRUS_AWS_ACCOUNT}.dkr.ecr.eu-central-1.amazonaws.com/base:j17-g7-latest
cluster_name: ${CIRRUS_CLUSTER_NAME}
region: eu-central-1
namespace: default
build_task:
eks_container:
<<: *CONTAINER_DEFINITION
cpu: 1.5
memory: 4G
env:
SONAR_TOKEN: VAULT[development/kv/data/next data.token]
SONAR_HOST_URL: VAULT[development/kv/data/next data.url]
#allow deployment of pull request artifacts to repox
DEPLOY_PULL_REQUEST: true
gradle_cache:
folder: ~/.gradle/caches
script:
- source cirrus-env BUILD
- regular_gradle_build_deploy_analyze
on_failure:
reports_artifacts:
path: "**/build/reports/**/*"
junit_artifacts:
path: "**/test-results/**/*.xml"
format: junit
promote_task:
depends_on:
- build
<<: *ONLY_SONARSOURCE_QA
eks_container:
<<: *CONTAINER_DEFINITION
cpu: 0.5
memory: 500M
env:
ARTIFACTORY_PROMOTE_ACCESS_TOKEN: VAULT[development/artifactory/token/${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-promoter access_token]
script: |
source cirrus-env PROMOTE
jfrog rt bpr \
--url "${ARTIFACTORY_URL}" \
--access-token "${ARTIFACTORY_PROMOTE_ACCESS_TOKEN}" \
--status it-passed \
"${CIRRUS_REPO_NAME}" "${BUILD_NUMBER}" sonarsource-public-builds
burgr-notify-promotion