Feat: Add Maven SonarCloud verify job 76/68976/11
authorKevin Sandi <ksandi@contractor.linuxfoundation.org>
Thu, 14 Oct 2021 22:55:42 +0000 (16:55 -0600)
committerKevin Sandi <ksandi@contractor.linuxfoundation.org>
Wed, 20 Oct 2021 20:58:15 +0000 (14:58 -0600)
Add new Maven SonarCloud verify job that will execute SonarCloud
scans before a change gets merged.

Issue-ID: RELENG-4011
Signed-off-by: Kevin Sandi <ksandi@contractor.linuxfoundation.org>
Change-Id: I6045b186bfde76e19d77f50ef14c98107e2cb0c5

.jjb-test/lf-maven-jobs.yaml
.jjb-test/lf-maven-jobs/maven-sonarcloud.yaml
docs/jjb/lf-maven-jobs.rst
jjb/lf-maven-jobs.yaml
releasenotes/notes/add-maven-sonarcloud-verify-job-fca8aeb04cfe004b.yaml [new file with mode: 0644]

index 03c722b..8763766 100644 (file)
@@ -7,6 +7,7 @@
       - gerrit-maven-javadoc-verify
       - gerrit-maven-merge
       - gerrit-maven-sonar
+      - gerrit-maven-sonar-verify
       - gerrit-maven-stage
       - gerrit-maven-verify
       - gerrit-maven-verify-dependencies
index 5d73a16..8cbed76 100644 (file)
     sonar-prescan-script: |
       echo "Run script at start of job."
     scan-dev-branch: false
+
+- project:
+    name: example-sonarcloud-verify
+    jobs:
+      - gerrit-maven-sonar-verify
+
+    project: "sonarcloud"
+    project-name: "sonarcloud"
+    branch: "master"
+    mvn-settings: "sonarcloud-settings"
+    mvn-opts: "-Xmx1024m"
+    sonarcloud: true
+    sonarcloud-project-key: KEY
+    sonarcloud-project-organization: ORGANIZATION
+    sonarcloud-api-token: TOKEN
+    scan-dev-branch: true
index adb4ca0..86e586e 100644 (file)
@@ -521,6 +521,67 @@ multi-branch configuration.
     :gerrit_sonar_triggers: Override Gerrit Triggers.
 
 
+SonarCloud Example:
+
+.. literalinclude:: ../../.jjb-test/lf-maven-jobs/maven-sonarcloud.yaml
+   :language: yaml
+
+Maven Sonar Verify
+------------------
+
+Sonar job which runs mvn clean install then publishes to Sonar.
+
+This job runs on dev branches and its triggered on new patchsets.
+
+:Template Names:
+
+    - {project-name}-sonar-verify
+    - gerrit-maven-sonar-verify
+
+:Comment Trigger: recheck|reverify
+
+:Required parameters:
+
+    :build-node: The node to run build on.
+    :jenkins-ssh-credential: Credential to use for SSH. (Generally configured in defaults.yaml)
+    :mvn-settings: The name of settings file containing credentials for the project.
+
+:Optional parameters:
+
+    :build-days-to-keep: Days to keep build logs in Jenkins. (default: 7)
+    :build-timeout: Timeout in minutes before aborting build. (default: 60)
+    :git-url: URL clone project from. (default: $GIT_URL/$PROJECT)
+    :java-version: Version of Java to use for the Maven build. (default: openjdk11)
+    :mvn-global-settings: The name of the Maven global settings to use for
+        Maven configuration. (default: global-settings)
+    :mvn-goals: The maven goals to perform for the build.
+        (default: clean install)
+    :mvn-opts: Sets MAVEN_OPTS to start up the JVM running Maven. (default: '')
+    :mvn-params: Parameters to pass to the mvn CLI. (default: '')
+    :mvn-version: Version of maven to use. (default: mvn35)
+    :sonar-mvn-goal: Maven goals to run for sonar analysis.
+        (default: sonar:sonar)
+    :sonarcloud: Set to ``true`` to use SonarCloud ``true|false``.
+        (default: true)
+    :sonarcloud-project-key: SonarCloud project key. (default: '')
+    :sonarcloud-project-organization: SonarCloud project organization.
+        (default: '')
+    :sonarcloud-api-token: SonarCloud API Token. (default: '')
+    :sonarcloud-java-version: Version of Java to use for the Sonar scan. (default: openjdk11)
+    :stream: Keyword that represents a release code-name.
+        Often the same as the branch. (default: master)
+    :submodule-recursive: Whether to checkout submodules recursively.
+        (default: true)
+    :submodule-timeout: Timeout (in minutes) for checkout operation.
+        (default: 10)
+    :submodule-disable: Disable submodule checkout operation.
+        (default: false)
+    :scan-dev-branch: Run the scan on a developer branch.
+        (default: true)
+
+    :gerrit_sonar_triggers: Override Gerrit Triggers.
+
+
 SonarCloud Example:
 
 .. literalinclude:: ../../.jjb-test/lf-maven-jobs/maven-sonarcloud.yaml
index d4a5f08..ea5f608 100644 (file)
           submodule-disable: "{submodule-disable}"
           choosing-strategy: default
 
+- job-template:
+    name: "{project-name}-sonar-verify"
+    id: gerrit-maven-sonar-verify
+    <<: *lf_maven_common
+    # yamllint disable-line rule:key-duplicates
+    <<: *lf_maven_sonar
+    <<: *mvn_sonar_builders
+
+    sonarcloud: true
+    scan-dev-branch: true
+
+    gerrit_sonar_triggers:
+      - patchset-created-event:
+          exclude-drafts: true
+          exclude-trivial-rebase: false
+          exclude-no-code-change: false
+      - draft-published-event
+      - comment-added-contains-event:
+          comment-contains-value: '^Patch Set\s+\d+:\s+(recheck|reverify)\s*$'
+
+    gerrit_trigger_file_paths:
+      - compare-type: REG_EXP
+        pattern: ".*"
+
+    triggers:
+      - gerrit:
+          server-name: "{gerrit-server-name}"
+          trigger-on: "{obj:gerrit_sonar_triggers}"
+          projects:
+            - project-compare-type: "ANT"
+              project-pattern: "{project}"
+              branches:
+                - branch-compare-type: "ANT"
+                  branch-pattern: "**/{branch}"
+              file-paths: "{obj:gerrit_trigger_file_paths}"
+
+    scm:
+      - lf-infra-gerrit-scm:
+          jenkins-ssh-credential: "{jenkins-ssh-credential}"
+          git-url: "{git-url}"
+          refspec: $GERRIT_REFSPEC
+          branch: $GERRIT_BRANCH
+          submodule-recursive: "{submodule-recursive}"
+          submodule-timeout: "{submodule-timeout}"
+          submodule-disable: "{submodule-disable}"
+          choosing-strategy: default
+
 - job-template:
     name: "{project-name}-sonar-prescan-script"
     id: gerrit-maven-sonar-prescan-script
diff --git a/releasenotes/notes/add-maven-sonarcloud-verify-job-fca8aeb04cfe004b.yaml b/releasenotes/notes/add-maven-sonarcloud-verify-job-fca8aeb04cfe004b.yaml
new file mode 100644 (file)
index 0000000..4ef5cba
--- /dev/null
@@ -0,0 +1,5 @@
+---
+features:
+  - |
+    Add new Maven SonarCloud verify job that will execute SonarCloud
+    scans before a change gets merged.