From c8b9acd166fcbd88139a65f7721e522980a0e013 Mon Sep 17 00:00:00 2001
From: Eric Ball <eball@linuxfoundation.org>
Date: Thu, 25 Mar 2021 12:58:09 -0700
Subject: [PATCH] Add sonar-prescan-script jobs for maven

We added these for the more generic Sonar jobs in lf-ci-jobs, but had
not added them for maven. We now have a need for this job type (it can
be used to ensure that a Sonarcloud-compatible version of nodejs is on
the system), so they are being added now.

Issue: IT-21602
Change-Id: Ic32f418a042839ab277dc1b85777d0eef475d620
Signed-off-by: Eric Ball <eball@linuxfoundation.org>
---
 .jjb-test/lf-maven-jobs/maven-sonarcloud.yaml      |  17 ++++
 docs/jjb/lf-maven-jobs.rst                         |   5 +
 jjb/lf-maven-jobs.yaml                             | 104 ++++++++++++++++++++-
 .../add-mvn-sonar-prescan-4dd3806c9698bb29.yaml    |   5 +
 4 files changed, 127 insertions(+), 4 deletions(-)
 create mode 100644 releasenotes/notes/add-mvn-sonar-prescan-4dd3806c9698bb29.yaml

diff --git a/.jjb-test/lf-maven-jobs/maven-sonarcloud.yaml b/.jjb-test/lf-maven-jobs/maven-sonarcloud.yaml
index 84ce9ac1..c3239a28 100644
--- a/.jjb-test/lf-maven-jobs/maven-sonarcloud.yaml
+++ b/.jjb-test/lf-maven-jobs/maven-sonarcloud.yaml
@@ -13,3 +13,20 @@
     sonarcloud-project-key: KEY
     sonarcloud-project-organization: ORGANIZATION
     sonarcloud-api-token: TOKEN
+
+- project:
+    name: example-sonarcloud-with-prescan-script
+    jobs:
+      - gerrit-maven-sonar-prescan-script
+
+    project: "sonarcloud"
+    project-name: "sonarcloud"
+    branch: "master"
+    mvn-settings: "sonarcloud-settings"
+    mvn-opts: "-Xmx1024m"
+    sonarcloud: true
+    sonarcloud-project-key: KEY
+    sonarcloud-project-organization: ORGANIZATION
+    sonarcloud-api-token: TOKEN
+    sonar-prescan-script: |
+      echo "Run script at start of job."
diff --git a/docs/jjb/lf-maven-jobs.rst b/docs/jjb/lf-maven-jobs.rst
index 0ce612e2..d312cecc 100644
--- a/docs/jjb/lf-maven-jobs.rst
+++ b/docs/jjb/lf-maven-jobs.rst
@@ -467,6 +467,9 @@ multi-branch configuration.
     - {project-name}-sonar
     - gerrit-maven-sonar
     - github-maven-sonar
+    - {project-name}-sonar-prescan-script
+    - gerrit-maven-sonar-prescan-script
+    - github-maven-sonar-prescan-script
 
 :Comment Trigger: run-sonar
 
@@ -475,6 +478,8 @@ multi-branch configuration.
     :build-node: The node to run build on.
     :jenkins-ssh-credential: Credential to use for SSH. (Generally configured in defaults.yaml)
     :mvn-settings: The name of settings file containing credentials for the project.
+    :sonar-prescan-script: (maven-sonar-prescan-script jobs) A shell script to run before
+        sonar scans.
 
 :Optional parameters:
 
diff --git a/jjb/lf-maven-jobs.yaml b/jjb/lf-maven-jobs.yaml
index 9bf175c3..2b5c7944 100644
--- a/jjb/lf-maven-jobs.yaml
+++ b/jjb/lf-maven-jobs.yaml
@@ -1199,6 +1199,13 @@
             unstable: true
             notbuilt: true
 
+    publishers:
+      - lf-jacoco-report
+      - findbugs
+      - lf-infra-publish
+
+- mvn_sonar_builders: &mvn_sonar_builders
+    name: mvn-sonar-builders
     builders:
       - lf-infra-pre-build
       # With SonarCloud
@@ -1230,10 +1237,39 @@
                 mvn-settings: "{mvn-settings}"
                 mvn-version: "{mvn-version}"
 
-    publishers:
-      - lf-jacoco-report
-      - findbugs
-      - lf-infra-publish
+- mvn_sonar_builders_prescan_script: &mvn_sonar_builders_prescan_script
+    name: mvn-sonar-builders-prescan-script
+    builders:
+      - shell: "{sonar-prescan-script}"
+      - lf-infra-pre-build
+      # With SonarCloud
+      - conditional-step:
+          condition-kind: boolean-expression
+          condition-expression: "{sonarcloud}"
+          steps:
+            - shell: echo 'Using SonarCloud'
+            - lf-infra-maven-sonarcloud:
+                java-version: "{java-version}"
+                mvn-goals: "{mvn-goals}"
+                mvn-settings: "{mvn-settings}"
+                mvn-version: "{mvn-version}"
+                sonarcloud-project-key: "{sonarcloud-project-key}"
+                sonarcloud-project-organization: "{sonarcloud-project-organization}"
+                sonarcloud-api-token: "{sonarcloud-api-token}"
+                sonarcloud-java-version: "{sonarcloud-java-version}"
+      # With SonarQube
+      - conditional-step:
+          condition-kind: not
+          condition-operand:
+            condition-kind: boolean-expression
+            condition-expression: "{sonarcloud}"
+          steps:
+            - shell: echo 'Using SonarQube'
+            - lf-infra-maven-sonar:
+                java-version: "{java-version}"
+                mvn-goals: "{mvn-goals}"
+                mvn-settings: "{mvn-settings}"
+                mvn-version: "{mvn-version}"
 
 - builder:
     name: lf-infra-maven-sonar
@@ -1287,6 +1323,26 @@
     <<: *lf_maven_common
     # yamllint disable-line rule:key-duplicates
     <<: *lf_maven_sonar
+    <<: *mvn_sonar_builders
+
+    scm:
+      - lf-infra-gerrit-scm:
+          jenkins-ssh-credential: "{jenkins-ssh-credential}"
+          git-url: "{git-url}"
+          refspec: $GERRIT_REFSPEC
+          branch: $GERRIT_BRANCH
+          submodule-recursive: "{submodule-recursive}"
+          submodule-timeout: "{submodule-timeout}"
+          submodule-disable: "{submodule-disable}"
+          choosing-strategy: default
+
+- job-template:
+    name: "{project-name}-sonar-prescan-script"
+    id: gerrit-maven-sonar-prescan-script
+    <<: *lf_maven_common
+    # yamllint disable-line rule:key-duplicates
+    <<: *lf_maven_sonar
+    <<: *mvn_sonar_builders_prescan_script
 
     scm:
       - lf-infra-gerrit-scm:
@@ -1338,6 +1394,46 @@
           white-list-target-branches:
             - "{branch}"
 
+- job-template:
+    name: "{project-name}-sonar-prescan-script"
+    id: github-maven-sonar-prescan-script
+    <<: *lf_maven_common
+    # yamllint disable-line rule:key-duplicates
+    <<: *lf_maven_sonar
+    <<: *mvn_sonar_builders_prescan_script
+
+    properties:
+      - lf-infra-properties:
+          build-days-to-keep: "{build-days-to-keep}"
+      - github:
+          url: "{github-url}/{github-org}/{project}"
+
+    scm:
+      - lf-infra-github-scm:
+          url: "{git-clone-url}{github-org}/{project}"
+          refspec: "+refs/pull/*:refs/remotes/origin/pr/*"
+          branch: "$sha1"
+          submodule-recursive: "{submodule-recursive}"
+          submodule-timeout: "{submodule-timeout}"
+          submodule-disable: "{submodule-disable}"
+          choosing-strategy: default
+          jenkins-ssh-credential: "{jenkins-ssh-credential}"
+
+    triggers:
+      - timed: "{obj:cron}"
+      - github-pull-request:
+          trigger-phrase: "^run-sonar$"
+          only-trigger-phrase: true
+          status-context: "Maven Sonar"
+          permit-all: true
+          github-hooks: true
+          org-list:
+            - "{github-org}"
+          white-list: "{obj:github_pr_whitelist}"
+          admin-list: "{obj:github_pr_admin_list}"
+          white-list-target-branches:
+            - "{branch}"
+
 ################
 # Maven Verify #
 ################
diff --git a/releasenotes/notes/add-mvn-sonar-prescan-4dd3806c9698bb29.yaml b/releasenotes/notes/add-mvn-sonar-prescan-4dd3806c9698bb29.yaml
new file mode 100644
index 00000000..3061d994
--- /dev/null
+++ b/releasenotes/notes/add-mvn-sonar-prescan-4dd3806c9698bb29.yaml
@@ -0,0 +1,5 @@
+---
+features:
+  - |
+    Add sonar-prescan-script jobs for maven, allowing maven sonar jobs to
+    execute a shell script prior to the scan.
-- 
2.16.6