Sonar 10 (#3566)

* sonarqube 9.9 * debug * change java version to 17 * test * sonar 9.9.1 * sonar 10 * plugins correction * sonar 10.1 * plugins fix * revert sonar version * update plugins * update config plugin * sonar 9.9.2 + plugins update * python plugin fix * sonar 10.2 * updates * update plugins * revert log changes * delete old sonar versions * sonar 9.9.3 * aem plugin * update plugins * revert iac plugin * update tests
lean-delivery · Jan 3, 2024 · 166cfbb · 166cfbb
1 parent 4dd844e
commit 166cfbb
Show file tree

Hide file tree

Showing 8 changed files with 139 additions and 12 deletions.
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -56,13 +56,16 @@ jobs:
       - name: Molecule
         run: molecule test -s default
 
-  ubuntu1804-sonar-old:
+  ubuntu1804-sonar:
     needs: lint
     strategy:
       matrix:
         sonar_version:
+          - '10.2.1.78527'
+          - '10.1.0.73491'
+          - '10.0.0.68432'
+          - '9.9.3.79811'
           - '8.9.10.61524'
-          - '7.9.6'
       fail-fast: false
     runs-on: ubuntu-latest
     container: leandelivery/docker-ansible-ci:ansible-7
@@ -83,7 +86,33 @@ jobs:
         env:
           SONAR_VERSION: ${{ matrix.sonar_version }}
 
-  ubuntu1804-ansible-old:
+  ubuntu1804-sonar-7:
+    needs: lint
+    strategy:
+      matrix:
+        sonar_version:
+          - '7.9.6'
+      fail-fast: false
+    runs-on: ubuntu-latest
+    container: leandelivery/docker-ansible-ci:ansible-7
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+      - name: Prepare
+        run: |
+          ansible --version
+          ansible-lint --version
+          molecule --version
+          rm -rf molecule/resources/provisioning
+          git clone https://github.com/lean-delivery/ansible-molecule-drivers.git molecule/resources/provisioning
+      - name: Molecule
+        run: molecule test -s java11
+        env:
+          SONAR_VERSION: ${{ matrix.sonar_version }}
+
+  ubuntu1804-ansible:
     needs: lint
     strategy:
       matrix:

diff --git a/README.md b/README.md
@@ -88,7 +88,7 @@ Java, database, web server with self-signed certificate should be installed prel
 Role Variables
 --------------
 
-  - `sonar_version` - SonarQube version\
+  - `sonar_version` - SonarQube version
   - `sonar_path` - installation directory\
     default: /opt/sonarqube
   - `sonar_user` - user for installing SonarQube\
@@ -251,14 +251,14 @@ Example Playbook
     ssl_certs_path_group: nginx
     ssl_certs_common_name: sonarqube.example.com
     # sonarqube
-    sonar_version: 9.9.3.79811
+    sonar_version: 10.3.0.82913
     sonar_check_url: 'http://{{ ansible_fqdn }}:9000'
     sonar_proxy_server_name: sonarqube.example.com
     sonar_install_optional_plugins: true
     sonar_optional_plugins: 
       - 'https://github.com/adnovum/sonar-build-breaker/releases/download/{{ build_breaker_epversion }}'
     sonar_default_excluded_plugins:
-      - '{{ sonar_plugins_path }}/sonar-flex-plugin-2.8.0.3166.jar'
+      - '{{ sonar_plugins_path }}/sonar-flex-plugin-2.12.0.4568.jar'
     sonar_web_password: your_new_secure_password
     change_password: true
     sonar_web_old_password: admin

diff --git a/defaults/main.yml b/defaults/main.yml
@@ -1,6 +1,6 @@
 ---
 # defaults file for sonarqube
-sonar_version: 9.5.0.56709
+sonar_version: 10.3.0.82913
 
 sonar_path: /opt/sonarqube
 sonar_user: sonar
@@ -177,7 +177,7 @@ php_pversion: "{% if sonar_version is version(\"9.6\", \">=\") %}3.34.0.11311\
 
 jacoco_pversion: 1.3.0.1538
 
-iac_pversion: "{% if sonar_version is version(\"9.6\", \">=\") %}1.24.0.7839\
+iac_pversion: "{% if sonar_version is version(\"9.6\", \">=\") %}1.22.0.7057\
                {% elif sonar_version is version(\"8.9\", \">=\") %}1.16.0.3845\
                {% else %}0.0.0\
                {% endif %}"
@@ -395,6 +395,7 @@ sonar_excluded_plugins:
   - '{{ sonar_plugins_path }}/sonar-java-plugin-7.17.0.31219.jar'
   - '{{ sonar_plugins_path }}/sonar-java-plugin-7.20.0.31692.jar' # 10.1
   - '{{ sonar_plugins_path }}/sonar-java-plugin-7.24.0.32100.jar' # 10.2
+  - '{{ sonar_plugins_path }}/sonar-java-plugin-7.27.1.33504.jar' # 10.3
 
   - '{{ sonar_plugins_path }}/sonar-javascript-plugin-4.1.0.6085.jar'
   - '{{ sonar_plugins_path }}/sonar-javascript-plugin-4.2.0.6476.jar'
@@ -422,6 +423,7 @@ sonar_excluded_plugins:
   - '{{ sonar_plugins_path }}/sonar-javascript-plugin-10.1.0.21143.jar'
   - '{{ sonar_plugins_path }}/sonar-javascript-plugin-10.3.1.21905.jar' # 10.1
   - '{{ sonar_plugins_path }}/sonar-javascript-plugin-10.5.1.22382.jar' # 10.2
+  - '{{ sonar_plugins_path }}/sonar-javascript-plugin-10.9.0.24449.jar' # 10.3
 
   - '{{ sonar_plugins_path }}/sonar-typescript-plugin-1.7.0.2893.jar'
   - '{{ sonar_plugins_path }}/sonar-typescript-plugin-1.8.0.3332.jar'
@@ -475,6 +477,7 @@ sonar_excluded_plugins:
   - '{{ sonar_plugins_path }}/sonar-python-plugin-4.1.0.11333.jar'
   - '{{ sonar_plugins_path }}/sonar-python-plugin-4.3.0.11660.jar' # 10.1
   - '{{ sonar_plugins_path }}/sonar-python-plugin-4.7.0.12181.jar' # 10.2
+  - '{{ sonar_plugins_path }}/sonar-python-plugin-4.10.0.13725.jar' # 10.3
 
   - '{{ sonar_plugins_path }}/sonar-kotlin-plugin-1.0.1.965.jar'
   - '{{ sonar_plugins_path }}/sonar-kotlin-plugin-1.2.1.2009.jar'
@@ -492,6 +495,7 @@ sonar_excluded_plugins:
   - '{{ sonar_plugins_path }}/sonar-kotlin-plugin-2.13.0.2116.jar'
   - '{{ sonar_plugins_path }}/sonar-kotlin-plugin-2.15.0.2579.jar' # 10.1
   - '{{ sonar_plugins_path }}/sonar-kotlin-plugin-2.17.0.2902.jar' # 10.2
+  - '{{ sonar_plugins_path }}/sonar-kotlin-plugin-2.18.0.2938.jar' # 10.3
 
   - '{{ sonar_plugins_path }}/sonar-css-plugin-1.0.1.508.jar'
   - '{{ sonar_plugins_path }}/sonar-css-plugin-1.0.2.611.jar'
@@ -529,6 +533,7 @@ sonar_excluded_plugins:
   - '{{ sonar_plugins_path }}/sonar-php-plugin-3.28.0.9490.jar'
   - '{{ sonar_plugins_path }}/sonar-php-plugin-3.30.0.9766.jar' # 10.1
   - '{{ sonar_plugins_path }}/sonar-php-plugin-3.32.0.10180.jar' # 10.2
+  - '{{ sonar_plugins_path }}/sonar-php-plugin-3.33.0.11274.jar' # 10.3
 
   - '{{ sonar_plugins_path }}/sonar-html-plugin-3.1.0.1615.jar'
   - '{{ sonar_plugins_path }}/sonar-html-plugin-3.2.0.2082.jar'
@@ -538,6 +543,7 @@ sonar_excluded_plugins:
   - '{{ sonar_plugins_path }}/sonar-html-plugin-3.7.1.3306.jar'
   - '{{ sonar_plugins_path }}/sonar-html-plugin-3.8.0.3510.jar' # 10.1
   - '{{ sonar_plugins_path }}/sonar-html-plugin-3.9.0.3600.jar' # 10.2
+  - '{{ sonar_plugins_path }}/sonar-html-plugin-3.11.0.4708.jar' # 10.3
 
   - '{{ sonar_plugins_path }}/sonar-jacoco-plugin-1.0.1.143.jar'
   - '{{ sonar_plugins_path }}/sonar-jacoco-plugin-1.0.2.475.jar'
@@ -553,6 +559,7 @@ sonar_excluded_plugins:
   - '{{ sonar_plugins_path }}/sonar-iac-plugin-1.15.0.3752.jar'
   - '{{ sonar_plugins_path }}/sonar-iac-plugin-1.17.0.3976.jar' # 10.1
   - '{{ sonar_plugins_path }}/sonar-iac-plugin-1.20.0.5654.jar' # 10.2
+  - '{{ sonar_plugins_path }}/sonar-iac-plugin-1.22.0.7057.jar' # 10.3
 
   - '{{ sonar_plugins_path }}/sonar-config-plugin-1.1.0.185.jar'
   - '{{ sonar_plugins_path }}/sonar-config-plugin-1.2.0.267.jar'
@@ -565,6 +572,7 @@ sonar_excluded_plugins:
   - '{{ sonar_plugins_path }}/sonar-text-plugin-2.0.2.1090.jar'
   - '{{ sonar_plugins_path }}/sonar-text-plugin-2.1.0.1163.jar' # 10.1
   - '{{ sonar_plugins_path }}/sonar-text-plugin-2.3.0.1632.jar' # 10.2
+  - '{{ sonar_plugins_path }}/sonar-text-plugin-2.7.1.1388.jar' # 10.3
 
   - '{{ sonar_plugins_path }}/sonar-csharp-plugin-7.15.0.8572.jar'
   - '{{ sonar_plugins_path }}/sonar-csharp-plugin-8.22.0.31243.jar'
@@ -581,6 +589,7 @@ sonar_excluded_plugins:
   - '{{ sonar_plugins_path }}/sonar-csharp-plugin-8.55.0.65544.jar'
   - '{{ sonar_plugins_path }}/sonar-csharp-plugin-9.3.0.71466.jar' # 10.1
   - '{{ sonar_plugins_path }}/sonar-csharp-plugin-9.8.0.76515.jar' # 10.2
+  - '{{ sonar_plugins_path }}/sonar-csharp-plugin-9.13.0.79967.jar' # 10.3
 
   - '{{ sonar_plugins_path }}/sonar-vbnet-plugin-7.15.0.8572.jar'
   - '{{ sonar_plugins_path }}/sonar-vbnet-plugin-8.22.0.31243.jar'
@@ -597,6 +606,7 @@ sonar_excluded_plugins:
   - '{{ sonar_plugins_path }}/sonar-vbnet-plugin-8.55.0.65544.jar'
   - '{{ sonar_plugins_path }}/sonar-vbnet-plugin-9.3.0.71466.jar' # 10.1
   - '{{ sonar_plugins_path }}/sonar-vbnet-plugin-9.8.0.76515.jar' # 10.2
+  - '{{ sonar_plugins_path }}/sonar-vbnet-plugin-9.13.0.79967.jar' # 10.3
 
 # Override this var to exclude default plugins you don't need
 sonar_default_excluded_plugins: []

diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml
@@ -9,9 +9,9 @@ lint: |
   yamllint . -c .yamllint
   ansible-lint . -c .ansible-lint
 platforms:
-  - name: test-docker-centos7-sonarqube
-    image: leandelivery/docker-systemd:centos7
-    privileged: true
+#  - name: test-docker-centos7-sonarqube
+#    image: leandelivery/docker-systemd:centos7
+#    privileged: true
 
   - name: test-docker-ubuntu18.04-sonarqube
     image: leandelivery/docker-systemd:ubuntu-18.04

diff --git a/molecule/java11/converge.yml b/molecule/java11/converge.yml
@@ -0,0 +1,21 @@
+---
+- name: Converge
+  hosts: all
+  roles:
+    - role: ansible-role-sonarqube
+      sonar_install_optional_plugins: true
+      sonar_set_jenkins_webhook: true
+      sonar_restore_profiles: true
+      sonar_web_password: your_new_secure_password
+      change_password: true
+      sonar_web_old_password: admin
+      sonar_proxy_type:
+      sonar_db:
+        type: H2
+        port:
+        host:
+        name:
+        user:
+        password:
+        options:
+      sonar_start_by_service: false
diff --git a/molecule/java11/molecule.yml b/molecule/java11/molecule.yml
@@ -0,0 +1,45 @@
+---
+dependency:
+  name: galaxy
+  options:
+    role-file: requirements.yml
+driver:
+  name: docker
+lint: |
+  yamllint . -c .yamllint
+  ansible-lint . -c .ansible-lint
+platforms:
+  - name: test-docker-ubuntu1804-sonarqube
+    image: leandelivery/docker-systemd:ubuntu-18.04
+    privileged: true
+    security_opts:
+      - seccomp=unconfined
+    volumes:
+      - /sys/fs/cgroup:/sys/fs/cgroup:ro
+    tmpfs:
+      - /tmp
+      - /run
+    capabilities:
+      - SYS_ADMIN
+    groups:
+      - python3
+provisioner:
+  name: ansible
+  log: true
+  config_options:
+    defaults:
+      callback_whitelist: profile_tasks,timer
+  inventory:
+    group_vars:
+      python3:
+        ansible_python_interpreter: /usr/bin/python3
+    host_vars:
+      test-docker-ubuntu1804-sonarqube:
+        sonar_version: ${SONAR_VERSION:-7.9.6}
+  playbooks:
+    prepare: ../resources/prepare_java11.yml
+    verify: ../resources/tests/verify.yml
+scenario:
+  name: java11
+verifier:
+  name: ansible
diff --git a/molecule/resources/prepare.yml b/molecule/resources/prepare.yml
@@ -3,7 +3,7 @@
   hosts: all
   roles:
     - role: lean_delivery.java
-      java_major_version: 11
+      java_major_version: 17
       transport: repositories
 # https://github.com/lean-delivery/ansible-role-sonarqube/issues/3025
 #    - role: anxs.postgresql

diff --git a/molecule/resources/prepare_java11.yml b/molecule/resources/prepare_java11.yml
@@ -0,0 +1,22 @@
+---
+- name: Prepare pre-requisites
+  hosts: all
+  roles:
+    - role: lean_delivery.java
+      java_major_version: 11
+      transport: repositories
+# https://github.com/lean-delivery/ansible-role-sonarqube/issues/3025
+#    - role: anxs.postgresql
+#      become: true
+#      postgresql_users:
+#        - name: sonar
+#          pass: sonar
+#      postgresql_databases:
+#        - name: sonar
+#          owner: sonar
+#    - role: nginxinc.nginx
+#      become: true
+#    - role: jdauphant.ssl-certs
+#      become: true
+#      ssl_certs_path_owner: nginx
+#      ssl_certs_path_group: nginx