Merge branch 'feature/sonar' into develop

6106008e · Emmanuel Bruno · 5134e4c4 · b36fae43 · 6106008e · 6106008e
Commit 6106008e authored 3 years ago by Emmanuel Bruno
--- a/.github/workflows/docker-image.yml
+++ b/.github/workflows/docker-image.yml
 name: Docker Image CI
-on:
+#on:
-  push:
+#  push:
-    branches: [ develop ]
+#    branches: [ develop ]
-  pull_request:
+#  pull_request:
-    branches: [ develop ]
+#    branches: [ develop ]
+# on every push
+on: [push]
+env:
+  GITHUBLOGIN: ${{secrets.GITHUBLOGIN}}
+  GITHUBPASSWORD: ${{secrets.GITHUBPASSWORD}}
+  DOCKER_USERNAME: ${{secrets.DOCKER_USERNAME}}
+  DOCKER_PASSWORD: ${{secrets.DOCKER_PASSWORD}}
+  SONAR_URL: ${{secrets.SONAR_URL}}
+  SONAR_TOKEN: ${{secrets.SONAR_TOKEN}}
 jobs:
-  build:
+  maven-build:
    runs-on: [self-hosted, linux, X64]
    steps:
    - uses: actions/checkout@v2
-    - name: Build the Docker image for branch ${GITHUB_REF##*/}
+    - name: Get Tag from Maven version
-      run: DOCKER_BUILDKIT=1 docker build . --file ./docker/Dockerfile --tag brunoe/samplejee91::${GITHUB_REF##*/}
+      run: echo "TAG=$(docker run -v maven-repo:/root/.m2 -w /usr/src/mymaven -v ${PWD}:/usr/src/mymaven --rm maven:3.8.4-eclipse-temurin-11 mvn -q -Dexec.executable=echo -Dexec.args='${project.version}' --non-recursive exec:exec|sed s/-SNAPSHOT/.${GITHUB_RUN_NUMBER}/)" >> $GITHUB_ENV
+    - name: Show tag
+      run: echo $TAG
+    - name: Build the Docker image for branch ${GITHUB_REF_NAME}
+      # run: DOCKER_BUILDKIT=1 docker build . --build-arg GITHUBLOGIN --build-arg GITHUBPASSWORD --build-arg SONAR_URL --build-arg SONAR_TOKEN --file ./docker/Dockerfile --tag brunoe/samplejee91:${GITHUB_REF_NAME}
+      run: COMPOSE_DOCKER_CLI_BUILD=1 DOCKER_BUILDKIT=1 BRANCH=${GITHUB_REF_NAME} TAG=${TAG} docker-compose build jakartaEE
+    - name: Login to DockerHub Registry
+      run: echo ${{ secrets.DOCKER_PASSWORD }} | docker login -u ${{ secrets.DOCKER_USERNAME }} --password-stdin
+    - name: Push to DockerHub Registry
+      run: COMPOSE_DOCKER_CLI_BUILD=1 DOCKER_BUILDKIT=1 docker-compose push
-  maven-sonar:
-    runs-on: [ self-hosted, Linux ]
-    needs: maven-build
-    # Develop branch only
-    # if: github.ref == 'refs/heads/develop'
-    steps:
-      - name: Launch a sonar analysis
-        run: ./mvn.sh -D sonar.branch.name=${GITHUB_REF#refs/heads/} --activate-profiles sonar sonar:sonar && mvn --activate-profiles sonar -pl . sonar-quality-gate:check
--- a/build.sh
+++ b/build.sh
+COMPOSE_DOCKER_CLI_BUILD=1 DOCKER_BUILDKIT=1 BRANCH=$(git rev-parse --abbrev-ref HEAD) docker-compose build jakartaEE
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -2,9 +2,16 @@ version: '3'
 services:
  jakartaEE:
    build:
+      args:
+        - BRANCH
+        - TAG
+        - GITHUBLOGIN
+        - GITHUBPASSWORD
+        - SONAR_URL
+        - SONAR_TOKEN
      context: .
      dockerfile: docker/Dockerfile
-    image: brunoe/samplejee91
+    image: brunoe/samplejee91:${TAG:-latest}
    environment:
      - ADMIN_PASSWORD=admin
    ports:

--- a/docker/Dockerfile
+++ b/docker/Dockerfile
-# syntax=docker/dockerfile:1.3
 ### First we build the application in docker in a controlled env
 FROM maven:3.8.4-eclipse-temurin-11 as build
+ARG BRANCH
+ARG GITHUBLOGIN
+ARG GITHUBPASSWORD
+ARG SONAR_URL
+ARG SONAR_TOKEN
 WORKDIR /app
+#see https://www.jrebel.com/blog/how-to-speed-up-your-maven-build
+# see https://www.baeldung.com/jvm-tiered-compilation
+ENV MAVEN_OPTS="-XX:+TieredCompilation -XX:TieredStopAtLevel=1"
+#ENV MAVEN_CLI_OPTS="-T 1C --settings /usr/share/maven/ref/settings-docker.xml -B"
+ENV MAVEN_CLI_OPTS="--settings /usr/share/maven/ref/settings-docker.xml -B"
+COPY docker/settings-docker.xml /usr/share/maven/ref/
 # COPY pom.xml /app/pom.xml
 COPY . /app/
 RUN --mount=type=cache,id=mvncache,target=/root/.m2/repository,rw \
-	mvn -B verify
+	mvn $MAVEN_CLI_OPTS verify
+RUN --mount=type=cache,id=mvncache,target=/root/.m2/repository,rw \
+    if [ "$SONAR_TOKEN" ] ; then \
+      mvn $MAVEN_CLI_OPTS -D sonar.branch.name=${BRANCH} \
+        --activate-profiles sonar sonar:sonar && \
+      mvn $MAVEN_CLI_OPTS --activate-profiles sonar -pl . sonar-quality-gate:check ; \
+    fi
 ### Then we add the builded war to a JEE server.
 #FROM payara/server-full:5.2021.9-jdk11 as server

--- a/.github/ci-settings.xml
+++ b/.github/ci-settings.xml
@@ -28,7 +28,7 @@
        <profile>
            <id>sonar</id>
            <properties>
-                <sonar.host.url>http://compute-lsis-2:9000</sonar.host.url>
+                <sonar.host.url>${env.SONAR_URL}</sonar.host.url>
                <sonar.login>${env.SONAR_TOKEN}</sonar.login>
            </properties>
        </profile>

--- a/mvn.sh
+++ b/mvn.sh
-#!/bin/bash
-docker run \
-          --env GITHUBLOGIN="$GITHUBLOGIN" \
-          --env GITHUBPASSWORD="$GITHUBPASSWORD" \
-          --env SONAR_TOKEN="$SONAR_TOKEN" \
-          --volume ~/.m2:/var/maven/.m2 \
-          --volume ~/.sonar:/var/maven/.sonar \
-          --volume ~/.config:/var/maven/.config \
-          --volume ~/.ssh:/home/user/.ssh \
-          --volume ~/.gitconfig:/home/user/.gitconfig \
-          --volume "$(pwd)":/usr/src/mymaven \
-          --workdir /usr/src/mymaven \
-          --rm \
-          --env PUID="$(id -u)" -e PGID="$(id -g)" \
-          --env MAVEN_CONFIG=/var/maven/.m2 \
-          brunoe/maven:3.8.1-jdk-16 \
-          runuser --user user --group user -- mvn -B -e -T 1C -Duser.home=/var/maven --settings /usr/src/mymaven/.github/ci-settings.xml "$@"
\ No newline at end of file
--- a/pom.xml
+++ b/pom.xml
@@ -7,6 +7,8 @@
    <version>1.0-SNAPSHOT</version>
    <packaging>pom</packaging>
+    <name>Demo JakartaEE</name>
    <modules>
        <module>entites</module>
        <module>utils</module>
@@ -173,6 +175,7 @@
            <dependency>
                <groupId>org.jboss.logging</groupId>
                <artifactId>jboss-logging-annotations</artifactId>
+                <version>2.2.1.Final</version>
                <exclusions>
                    <exclusion>
                        <groupId>org.jboss.logging</groupId>
@@ -275,6 +278,100 @@
                    <artifactId>maven-site-plugin</artifactId>
                    <version>3.9.1</version>
                </plugin>
+                <!--Sonarquve -->
+                <plugin>
+                    <groupId>org.sonarsource.scanner.maven</groupId>
+                    <artifactId>sonar-maven-plugin</artifactId>
+                    <version>3.9.1.2184</version>
+                </plugin>
+                <plugin>
+                    <groupId>io.github.r0bb3n</groupId>
+                    <artifactId>sonar-quality-gate-maven-plugin</artifactId>
+                    <version>1.1.0</version>
+                </plugin>
+                <!-- This plugins implements the gitflow branching model (http://nvie.com/git-model,
+           https://www.atlassian.com/git/tutorials/comparing-workflows/#!workflow-gitflow )
+           for maven. It gives an automatic way to manage versions and branches.
+           https://bitbucket.org/atlassian/jgit-flow/wiki/Home
+           mvn jgitflow:feature-start:
+             creates a new feature branch; pushes the branch to origin automatically (can be shared and
+             used by jenkins).
+           mvn jgitflow:feature-finish:
+             merges the feature branch back into the development branch and pushes to origin.
+               The good way :
+                   git fetch : make sure your local repo copy is up-to-date
+                   git checkout development : go to development
+                   git merge origin/development : make sure your local develop is up-to-date (origin being the remote's name here)
+                   git checkout <feature-branch> : go to you feature branch again
+                   git merge develop : Merge and solve conflicts, if any (on you feature branch)
+                   mvn jgitflow:feature-finish you already solved the conflicts
+           mvn jgitflow:release-start:
+              creates a release branch (freeze to prepare a release, only bugfix, documentation
+              and translation) and pushes it to origin.
+           mvn jgitflow:release-finish:
+              builds, tags and merges the release branch back into master and development;
+              updates versions in master and development branches
+           mvn jgitflow:hotfix-start: like mvn jgitflow:release-start but branches off of master
+           mvn jgitflow:hotfix-finish: like mvn jgitflow:release-finish
+           We forbid deploy from the workstations, it has to be done by the C.I. server.
+           -->
+                <plugin>
+                    <groupId>external.atlassian.jgitflow</groupId>
+                    <artifactId>jgitflow-maven-plugin</artifactId>
+                    <version>1.0-m5.1</version>
+                    <dependencies>
+                        <dependency>
+                            <groupId>com.jcraft</groupId>
+                            <artifactId>jsch</artifactId>
+                            <version>0.1.55</version>
+                        </dependency>
+                    </dependencies>
+                    <configuration>
+                        <!-- Enable this to push to origin using SSH keys -->
+                        <enableSshAgent>true</enableSshAgent>
+                        <!-- Keep your maven submodules at the same version as the parent POM -->
+                        <autoVersionSubmodules>true</autoVersionSubmodules>
+                        <!-- Pushing in-development features to origin allows all devs to see what each other
+                             are working on                                        -->
+                        <!--pushFeatures>true</pushFeatures-->
+                        <!-- This allows the CI server (e.g. Jenkins) to automatically push new releases to
+                             origin; you can then either manually deploy them or, if you are doing Continuous
+                             Deployments, auto-deploy them to prod -->
+                        <!--pushReleases>true</pushReleases-->
+                        <!--pushHotfixes>true</pushHotfixes-->
+                        <!-- append the feature name to the version on the feature branch. -->
+                        <enableFeatureVersions>true</enableFeatureVersions>
+                        <!-- Prevents deployments from dev workstations so that they can be done by a CI
+                             server  -->
+                        <noDeploy>true</noDeploy>
+                        <!-- Whether to squash commits into a single commit before merging. -->
+                        <squash>false</squash>
+                        <scmCommentPrefix>[gitflow]</scmCommentPrefix>
+                        <!-- A VOIR -->
+                        <featureRebase>true</featureRebase>
+                        <!--pullDevelop>true</pullDevelop>
+                        <pullMaster>true</pullMaster-->
+                        <flowInitContext>
+                            <masterBranchName>master</masterBranchName>
+                            <developBranchName>develop</developBranchName>
+                            <featureBranchPrefix>feature/</featureBranchPrefix>
+                            <releaseBranchPrefix>release/</releaseBranchPrefix>
+                            <hotfixBranchPrefix>hotfix/</hotfixBranchPrefix>
+                            <versionTagPrefix />
+                        </flowInitContext>
+                    </configuration>
+                </plugin>
            </plugins>
        </pluginManagement>
    </build>
@@ -298,4 +395,5 @@
        </repository>
    </repositories>
 </project>