Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update plugin and tools #33

Merged
merged 8 commits into from
May 3, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
64 changes: 48 additions & 16 deletions .github/workflows/cd.yml
Original file line number Diff line number Diff line change
Expand Up @@ -24,13 +24,13 @@ on:
env:
DOCKERFILE_PATH: "."
DOCKERFILE_FILENAME: "Dockerfile"
DOCKER_IMAGE_NAME: "lequal/sonar-scanner"
DOCKER_IMAGE_NAME: "lequal/sonar-scanner-catlab"

jobs:
# Job to test if a new version is ready to be released
deliverability:
name: Check if a new version must be released
runs-on: ubuntu-20.04
runs-on: ubuntu-22.04
# The job is run only if the CI workflow succeeded
if: github.event.workflow_run.conclusion == 'success'
outputs:
Expand All @@ -48,7 +48,7 @@ jobs:
if [ "$milestones" == "[]" ]
then
echo No milestone completed, not delivering
echo "::set-output name=delivery::forbidden"
echo "delivery=forbidden" >> $GITHUB_OUTPUT
exit 0
fi
echo -e "Completed milestones:\n$milestones"
Expand All @@ -62,17 +62,18 @@ jobs:
exit 1
fi
echo Ready to deliver
echo "::set-output name=version::$version"
echo "::set-output name=milestone_number::$milestone_number"
echo "::set-output name=delivery::allowed"
echo "version=$version" >> $GITHUB_OUTPUT
echo "milestone_number=$milestone_number" >> $GITHUB_OUTPUT
echo "delivery=allowed" >> $GITHUB_OUTPUT

release:
name: Release a new version of the docker image
runs-on: ubuntu-20.04
runs-on: ubuntu-22.04
needs: deliverability
if: needs.deliverability.outputs.delivery == 'allowed'
steps:
# git clone
- uses: actions/checkout@v2
- uses: actions/checkout@v4
with:
fetch-depth: 0
# Merge develop into master (fast forward) and tag master
Expand All @@ -91,7 +92,7 @@ jobs:
run: |
tags=($(git tag --sort="-v:refname" | grep -P -e '[0-9]+\.[0-9]+\.[0-9]+'))
echo The tag of the previous release is ${tags[1]}
echo "::set-output name=tag::${tags[1]}"
echo "tag=${tags[1]}" >> $GITHUB_OUTPUT
# Generate the changelog since last release
- name: Generate the changelog
uses: charmixer/auto-changelog-action@v1
Expand All @@ -117,47 +118,78 @@ jobs:

push_to_registry:
name: Push Docker image to Docker Hub
runs-on: ubuntu-20.04
runs-on: ubuntu-22.04
needs: deliverability
if: needs.deliverability.outputs.delivery == 'allowed'
steps:
- name: Check out the repo
uses: actions/checkout@v4

- name: Log in to Docker Hub
uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_TOKEN }}

- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7
uses: docker/metadata-action@v5
with:
images: ${{ env.DOCKER_IMAGE_NAME }}

- name: Build and push Docker image to version number
uses: docker/build-push-action@3b5e8027fcad23fda98b2e3ac259d8d67585f671
uses: docker/build-push-action@v5
with:
context: .
file: ${{ env.DOCKERFILE_PATH }}/${{ env.DOCKERFILE_FILENAME }}
push: true
tags: ${{ env.DOCKER_IMAGE_NAME}}:${{ needs.deliverability.outputs.version }}
labels: ${{ steps.meta.outputs.labels }}

- name: Build and push Docker image to lastest repo
uses: docker/build-push-action@3b5e8027fcad23fda98b2e3ac259d8d67585f671
- name: Build and push Docker image to lastest repo
uses: docker/build-push-action@v5
with:
context: .
file: ${{ env.DOCKERFILE_PATH }}/${{ env.DOCKERFILE_FILENAME }}
push: true
tags: ${{ env.DOCKER_IMAGE_NAME }}:latest
labels: ${{ steps.meta.outputs.labels }}

- name: Update repo description
uses: peter-evans/dockerhub-description@v4
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_TOKEN }}
repository: ${{ env.DOCKER_IMAGE_NAME }}

- name: Build and push Docker image old name to version number
uses: docker/build-push-action@v5
with:
context: .
file: ${{ env.DOCKERFILE_PATH }}/${{ env.DOCKERFILE_FILENAME }}
push: true
tags: lequal/sonar-scanner:${{ needs.deliverability.outputs.version }}
labels: ${{ steps.meta.outputs.labels }}

- name: Build and push Docker image old name to lastest repo
uses: docker/build-push-action@v5
with:
context: .
file: ${{ env.DOCKERFILE_PATH }}/${{ env.DOCKERFILE_FILENAME }}
push: true
tags: lequal/sonar-scanner:latest
labels: ${{ steps.meta.outputs.labels }}

- name: Update old name repo description
uses: peter-evans/dockerhub-description@v4
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_TOKEN }}
repository: lequal/sonar-scanner

close_milestone:
name: Close the milestone
runs-on: ubuntu-20.04
runs-on: ubuntu-22.04
needs:
- deliverability
- release
Expand Down
35 changes: 10 additions & 25 deletions .github/workflows/ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -25,62 +25,47 @@ on:
env:
DOCKERFILE_PATH: '.'
DOCKERFILE_FILENAME: 'Dockerfile'
DOCKER_IMAGE_NAME: 'lequal/sonar-scanner'
DOCKER_IMAGE_NAME: 'lequal/sonar-scanner-catlab'

jobs:
# Job that builds the image and upload it as an artifact
build:
name: Build the docker image
runs-on: ubuntu-latest
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v2
- uses: actions/checkout@v4
- name: Build docker image
run: docker build -t $DOCKER_IMAGE_NAME $DOCKERFILE_PATH
- name: Save Docker image
run: docker image save -o image.tar $DOCKER_IMAGE_NAME
- name: Upload image as an artifact
uses: actions/upload-artifact@v2
uses: actions/upload-artifact@v4
with:
name: image
path: image.tar
# Jobs that test the image and the embedded tools
test:
name: Test the Docker image
runs-on: ubuntu-20.04
runs-on: ubuntu-22.04
needs: build
steps:
- uses: actions/checkout@v2
- uses: actions/checkout@v4
- name: Retrieve the image
uses: actions/download-artifact@v2
uses: actions/download-artifact@v4
with:
name: image
- name: Load the image
run: docker image load -i image.tar
- name: Cache sonar-scanner data
uses: actions/cache@v2
uses: actions/cache@v4
with:
path: .sonarcache
key: sonar-scanner-cache
# Run the tests (with the appropriate server image)
- name: Test docker image
run: |
echo "Retrieving the branch name..."
if [ "${{ github.event_name }}" = "push" ]
then
branch=${{ github.ref }}
branch=${branch#*/}
branch=${branch#*/}
else # PR
branch=${{ github.head_ref }}
fi
echo "Cloning the server repo on branch $branch..."
if ! git clone https://github.com/cnescatlab/sonarqube.git -b "$branch" tmpserver;
then
echo "No branch $branch found on the server repository, using develop"
git clone https://github.com/cnescatlab/sonarqube.git -b develop tmpserver
fi
echo "Building the server image..."
docker build -t lequal/sonarqube:latest tmpserver/
echo "Retrieving the sonarqube-catlab image..."
docker pull lequal/sonarqube-catlab:latest
echo "Testing the scanner image..."
echo -e "Results of the CI pipeline\n" > tests_logs.txt
cd tests/
Expand Down
86 changes: 40 additions & 46 deletions Dockerfile
Original file line number Diff line number Diff line change
@@ -1,41 +1,44 @@
# Builder image for analysis tools
FROM debian:11-slim AS builder
FROM ubuntu:22.04 AS builder

# Install tools from sources
RUN echo 'deb http://ftp.fr.debian.org/debian/ bullseye main contrib non-free' >> /etc/apt/sources.list \
&& apt-get update \
&& apt-get install -y --no-install-recommends \
curl=7.74.0-* \
RUN apt update \
&& apt install -y --no-install-recommends \
curl=7.81.0-* \
# for C/C++ tools
make=4.3-* \
g\+\+=4:10.2.1-* \
python3=3.9.2-* \
g\+\+=4:11.2.0-* \
python3=3.10.6-* \
libpcre3-dev=2:8.39-* \
unzip=6.0-* \
xz-utils=5.2.5-*
xz-utils=5.2.5-* \
&& rm -rf /var/lib/apt/lists/* /var/cache/apt/archives/*

# sonar-scanner
RUN curl -ksSLO https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-4.8.0.2856.zip \
&& unzip sonar-scanner-cli-4.8.0.2856.zip \
&& mv /sonar-scanner-4.8.0.2856 /sonar-scanner
RUN curl -ksSLO https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-5.0.1.3006.zip \
&& unzip sonar-scanner-cli-5.0.1.3006.zip \
&& mv ./sonar-scanner-5.0.1.3006 /sonar-scanner \
&& rm sonar-scanner-cli-5.0.1.3006.zip

# CppCheck
RUN curl -ksSLO https://github.com/danmar/cppcheck/archive/refs/tags/2.10.tar.gz \
&& tar -zxvf 2.10.tar.gz \
&& make -C cppcheck-2.10/ install \
RUN curl -ksSLO https://github.com/danmar/cppcheck/archive/refs/tags/2.14.0.tar.gz \
&& tar -zxvf 2.14.0.tar.gz \
&& make -C cppcheck-2.14.0/ install \
MATCHCOMPILER="yes" \
FILESDIR="/usr/share/cppcheck" \
HAVE_RULES="yes" \
CXXFLAGS="-O2 -DNDEBUG -Wall -Wno-sign-compare -Wno-unused-function -Wno-deprecated-declarations"
CXXFLAGS="-O2 -DNDEBUG -Wall -Wno-sign-compare -Wno-unused-function -Wno-deprecated-declarations" \
&& rm -rf cppcheck-2.14.0 2.14.0.tar.gz

# Infer
RUN curl -ksSLO https://github.com/facebook/infer/releases/download/v1.1.0/infer-linux64-v1.1.0.tar.xz \
&& tar -C /opt -Jxvf infer-linux64-v1.1.0.tar.xz
&& tar -C /opt -Jxvf infer-linux64-v1.1.0.tar.xz \
&& rm infer-linux64-v1.1.0.tar.xz

################################################################################

# Final image based on the official sonar-scanner image
FROM debian:11-slim
FROM ubuntu:22.04

LABEL maintainer="CATLab"

Expand Down Expand Up @@ -88,55 +91,46 @@ COPY --from=builder /opt/infer-linux64-v1.1.0/lib /opt/infer-linux64-v1.1.0/lib
# Add CNES pylintrc A_B, C, D
COPY pylintrc.d/ /opt/python/

# Download CNES pylint extension
ADD https://github.com/cnescatlab/cnes-pylint-extension/archive/refs/tags/v6.0.0.tar.gz \
/tmp/python/

# Install tools
RUN echo 'deb http://ftp.fr.debian.org/debian/ bullseye main contrib non-free' >> /etc/apt/sources.list \
&& apt-get update \
RUN apt update \
&& mkdir -p /usr/share/man/man1 \
&& apt-get install -y --no-install-recommends \
&& apt install -y --no-install-recommends \
# Needed by sonar-scanner
openjdk-17-jre=17.0.* \
# Needed by Pylint
python3=3.9.2-* \
python3-pip=20.3.4-* \
python3=3.10.6-* \
python3-pip=22.0.2* \
# Shellcheck
shellcheck=0.7.1-* \
shellcheck=0.8.0-* \
# Needed by Infer
libsqlite3-0=3.34.1-* \
libtinfo5=6.2* \
libsqlite3-0=3.37.2-* \
python2.7=2.7.18-* \
# Compilation tools needed by Infer
gcc=4:10.2.1-* \
g\+\+=4:10.2.1-* \
clang=1:11.0-* \
gcc=4:11.2.0-* \
g\+\+=4:11.2.0-* \
clang=1:14.0-* \
make=4.3-* \
&& rm -rf /var/lib/apt/lists/* \
&& rm -rf /usr/local/man \
# Install pylint and CNES pylint extension
&& mkdir -p /opt/python/cnes-pylint-extension-6.0.0 \
&& tar -xvzf /tmp/python/v6.0.0.tar.gz -C /tmp/python \
&& mv /tmp/python/cnes-pylint-extension-6.0.0/checkers /opt/python/cnes-pylint-extension-6.0.0/ \
&& rm -rf /tmp/python \
&& pip install --no-cache-dir \
setuptools-scm==7.1.0 \
pytest-runner==6.0.0 \
wrapt==1.15.0 \
cnes-pylint-extension==7.0.0 \
pylint-sonarjson-catlab==2.0.0 \
setuptools-scm==8.0.4 \
pytest-runner==6.0.1 \
wrapt==1.16.0 \
six==1.16.0 \
lazy-object-proxy==1.9.0 \
lazy-object-proxy==1.10.0 \
mccabe==0.7.0 \
isort==5.12.0 \
typed-ast==1.5.4 \
astroid==2.15.2 \
pylint==2.17.2 \
isort==5.13.2 \
typed-ast==1.5.5 \
astroid==3.1.0 \
pylint==3.1.0 \
# Infer
&& ln -s "/opt/infer-linux64-v1.1.0/bin/infer" /usr/local/bin/infer

# Make sonar-scanner, CNES pylint and C/C++ tools executable
ENV PYTHONPATH="$PYTHONPATH:/opt/python/cnes-pylint-extension-6.0.0/checkers" \
PATH="$SONAR_SCANNER_HOME/bin:/usr/local/bin:$PATH" \
ENV PATH="$SONAR_SCANNER_HOME/bin:/usr/local/bin:$PATH" \
PYLINTHOME="$SONAR_SCANNER_HOME/.pylint.d" \
JAVA_HOME="/usr/lib/jvm/java-17-openjdk-amd64"

Expand Down
Loading