Skip to content

Commit 54fd5d6

Browse files
GabrielFleischerGabrielFleischer
committed
Finalize CI migration
1 parent 1ec8755 commit 54fd5d6

File tree

5 files changed

+37
-233
lines changed

5 files changed

+37
-233
lines changed

.cirrus.star

Lines changed: 0 additions & 4 deletions
This file was deleted.

.cirrus.yml

Lines changed: 0 additions & 184 deletions
This file was deleted.

.github/workflows/build.yml

Lines changed: 36 additions & 40 deletions
Original file line numberDiff line numberDiff line change
@@ -15,63 +15,66 @@ concurrency:
1515
cancel-in-progress: true
1616

1717
jobs:
18-
get-build-number:
19-
outputs:
20-
build-number: ${{ steps.get-build-number.outputs.BUILD_NUMBER }}
18+
build:
19+
name: Build
2120
runs-on: github-ubuntu-latest-s
22-
name: Get build number
2321
permissions:
24-
id-token: write
22+
id-token: write # Required for Vault OIDC authentication
23+
contents: write # Required for repository access and tagging
24+
outputs:
25+
build-number: ${{ steps.build.outputs.BUILD_NUMBER }}
26+
deployed: ${{ steps.build.outputs.deployed }}
2527
steps:
26-
- uses: SonarSource/ci-github-actions/get-build-number@v1
27-
id: get-build-number
28+
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
29+
- uses: jdx/mise-action@5ac50f778e26fac95da98d50503682459e86d566 # v3.2.0
30+
with:
31+
version: 2025.7.12
32+
- uses: SonarSource/ci-github-actions/build-maven@v1
33+
id: build
34+
with:
35+
deploy-pull-request: true
36+
artifactory-reader-role: private-reader
37+
artifactory-deployer-role: qa-deployer
2838

29-
build:
30-
strategy:
31-
matrix:
32-
item:
33-
- { runner: "github-ubuntu-latest-s", deploy: true}
34-
- { runner: "github-windows-latest-s", deploy: false}
35-
name: Build on ${{ matrix.item.runner }}
36-
runs-on: ${{ matrix.item.runner }}
37-
needs: get-build-number
39+
build-win:
40+
name: Build Windows
41+
needs:
42+
- build
43+
runs-on: github-windows-latest-s
3844
permissions:
3945
id-token: write # Required for Vault OIDC authentication
4046
contents: write # Required for repository access and tagging
4147
env:
42-
BUILD_NUMBER: ${{ needs.get-build-number.outputs.build-number }}
48+
BUILD_NUMBER: ${{ needs.build.outputs.build-number }}
4349
steps:
4450
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
4551
- uses: jdx/mise-action@5ac50f778e26fac95da98d50503682459e86d566 # v3.2.0
4652
with:
4753
version: 2025.7.12
4854
- uses: SonarSource/ci-github-actions/build-maven@v1
4955
with:
50-
deploy: ${{ matrix.item.deploy }}
51-
deploy-pull-request: ${{ matrix.item.deploy }}
56+
deploy: false
5257
artifactory-reader-role: private-reader
5358
artifactory-deployer-role: qa-deployer
5459

5560
qa:
61+
name: "QA Tests - ${{ matrix.item.suite }} [${{ runner.os }}]"
62+
if: ${{ needs.build.outputs.deployed }}
5663
strategy:
5764
matrix:
5865
item:
59-
- { suite: "plugin", sq_version: "DEV", runner: "github-ubuntu-latest-s"}
60-
- { suite: "plugin", sq_version: "LATEST_RELEASE", runner: "github-ubuntu-latest-s"}
61-
- { suite: "ruling", sq_version: "LATEST_RELEASE", runner: "github-ubuntu-latest-s"}
62-
- { suite: "ruling", sq_version: "LATEST_RELEASE", runner: "github-windows-latest-s"}
66+
- { suite: "plugin", sq_version: "DEV", runner: "github-ubuntu-latest-s" }
67+
- { suite: "plugin", sq_version: "LATEST_RELEASE", runner: "github-ubuntu-latest-s" }
68+
- { suite: "ruling", sq_version: "LATEST_RELEASE", runner: "github-ubuntu-latest-s" }
69+
- { suite: "ruling", sq_version: "LATEST_RELEASE", runner: "github-windows-latest-s" }
6370
runs-on: ${{ matrix.item.runner }}
64-
name: QA Tests
6571
needs:
66-
- get-build-number
6772
- build # We only need the build that deploys the artifacts to run ruling.
6873
permissions:
6974
id-token: write # Required for Vault OIDC authentication
7075
contents: write # Required for repository access
7176
env:
72-
SUITE: ${{ matrix.item.suite }}
73-
SQ_VERSION: ${{ matrix.item.sq_version }}
74-
BUILD_NUMBER: ${{ needs.get-build-number.outputs.build-number }}
77+
BUILD_NUMBER: ${{ needs.build.outputs.build-number }}
7578
steps:
7679
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
7780
- uses: jdx/mise-action@5ac50f778e26fac95da98d50503682459e86d566 # v3.2.0
@@ -83,38 +86,31 @@ jobs:
8386
with:
8487
secrets: |
8588
development/github/token/licenses-ro token | GITHUB_TOKEN;
86-
development/artifactory/token/{REPO_OWNER_NAME_DASH}-private-reader access_token | ARTIFACTORY_ACCESS_TOKEN;
8789
- name: Configure Maven
8890
uses: SonarSource/ci-github-actions/config-maven@v1
8991
with:
9092
artifactory-reader-role: private-reader
91-
env:
92-
GITHUB_TOKEN: ${{ fromJSON(steps.secrets.outputs.vault).GITHUB_TOKEN }}
93-
ARTIFACTORY_ACCESS_TOKEN: ${{ fromJSON(steps.secrets.outputs.vault).ARTIFACTORY_ACCESS_TOKEN }}
9493
- name: Plugin QA Tests
94+
shell: bash # Set explicitly so Bash is used on Windows runners too.
95+
working-directory: "its/${{ matrix.item.suite }}"
9596
env:
97+
SUITE: ${{ matrix.item.suite }}
98+
SQ_VERSION: ${{ matrix.item.sq_version }}
9699
GITHUB_TOKEN: ${{ fromJSON(steps.secrets.outputs.vault).GITHUB_TOKEN }}
97-
ARTIFACTORY_ACCESS_TOKEN: ${{ fromJSON(steps.secrets.outputs.vault).ARTIFACTORY_ACCESS_TOKEN }}
98-
shell: bash # Set explicitly so Bash is used on Windows runners too.
99100
run: |
100-
cd "its/${SUITE}"
101101
mvn verify "-Pit-${SUITE}" "-Dsonar.runtimeVersion=${SQ_VERSION}" -Dmaven.test.redirectTestOutputToFile=false -B -e -V
102102
103103
promote:
104104
needs:
105105
- build
106+
- build-win
106107
- qa
107108
runs-on: github-ubuntu-latest-s # Custom GitHub-hosted runner for public repos
108109
name: Promote
109110
permissions:
110111
id-token: write # Required for Vault OIDC authentication
111112
contents: write # Required for repository access and tagging
112113
steps:
113-
- uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0
114-
- uses: jdx/mise-action@c37c93293d6b742fc901e1406b8f764f6fb19dac # v2.4.4
115-
with:
116-
cache_save: false
117-
version: 2025.7.12
118114
- uses: SonarSource/ci-github-actions/promote@v1
119115
with:
120116
promote-pull-request: true

README.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
Code Quality and Security for XML [![Build Status](https://api.cirrus-ci.com/github/SonarSource/sonar-xml.svg?branch=master)](https://cirrus-ci.com/github/SonarSource/sonar-xml) [![Quality Gate Status](https://next.sonarqube.com/sonarqube/api/project_badges/measure?project=org.sonarsource.xml%3Axml&metric=alert_status)](https://next.sonarqube.com/sonarqube/dashboard?id=org.sonarsource.xml%3Axml) [![Coverage](https://next.sonarqube.com/sonarqube/api/project_badges/measure?project=org.sonarsource.xml%3Axml&metric=coverage)](https://next.sonarqube.com/sonarqube/dashboard?id=org.sonarsource.xml%3Axml)
1+
Code Quality and Security for XML [![Build Status](https://github.com/SonarSource/sonar-xml/actions/workflows/build.yml/badge.svg?branch=master)](https://github.com/SonarSource/sonar-xml/actions/workflows/build.yml) [![Quality Gate Status](https://next.sonarqube.com/sonarqube/api/project_badges/measure?project=org.sonarsource.xml%3Axml&metric=alert_status)](https://next.sonarqube.com/sonarqube/dashboard?id=org.sonarsource.xml%3Axml) [![Coverage](https://next.sonarqube.com/sonarqube/api/project_badges/measure?project=org.sonarsource.xml%3Axml&metric=coverage)](https://next.sonarqube.com/sonarqube/dashboard?id=org.sonarsource.xml%3Axml)
22
==========
33

44
This SonarSource project is a code analyzer for XML files.

third-party-licenses.sh

Lines changed: 0 additions & 4 deletions
This file was deleted.

0 commit comments

Comments
 (0)