rewrite java CI to add integration test

Author: Turiok

.github/dependatbot.yml

@@ -0,0 +1,12 @@
+version: 2
+updates:
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    # https://docs.github.com/en/code-security/dependabot/working-with-dependabot/dependabot-options-reference#schedule-
+    schedule:
+      interval: "monthly"
+
+  - package-ecosystem: "maven"
+    directory: "/"
+    schedule:
+      interval: "monthly"

.github/workflows/java-continuous-integration.yml

@@ -8,69 +8,105 @@
 name: Java CI
 
 on: [push, pull_request]
-env: 
+env:
   MVN_USR: ${{ secrets.MVN_USR }}
   MVN_PWD: ${{ secrets.MVN_PWD }}
 
 jobs:
-  
+
   build:
     permissions:
       packages: read
     runs-on: ubuntu-latest
-    name: Java 17 CI
+    strategy:
+      matrix:
+        java: [ '17', '21' ]
+    name: Java ${{ matrix.Java }} CI
     steps:
+      # the latest version at https://github.com/marketplace/actions/checkout
       - name: Check out repository code
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
         with:
           fetch-depth: 0
+      # the latest version at https://github.com/marketplace/actions/setup-java-jdk
       - name: Setup java
-        uses: actions/setup-java@v2
+        uses: actions/setup-java@v4
         with:
           distribution: 'adopt'
-          java-version: 17
-      - name: Cache Maven packages
+          java-version: ${{ matrix.java }}
+          cache: 'maven'
+      # the latest version at https://github.com/actions/cache
+      - name: Cache target folders
         uses: actions/cache@v4
         with:
-          path: ~/.m2
-          key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
-          restore-keys: ${{ runner.os }}-m2
+          path: "**/target/"
+          key: ${{ runner.os }}-cache-java-${{ matrix.java }}-${{ github.sha }}
       - name: Build with Maven
-        run: mvn -B clean test package -s settings.xml
-      
+        run: mvn -B clean install -s settings.xml
+        env:
+          MVN_USR: dummy
+          MVN_PWD: ${{ secrets.GITHUB_TOKEN }}
+
   code-analysis:
     permissions:
       packages: read
-    runs-on: ubuntu-latest    
+    runs-on: ubuntu-latest
+    needs: build
     name: SonarCloud Code Analysis
     # It's not possible to launch an analysis on external pull requests
-    if: ${{ github.repository_owner == 'cnescatlab' }}
+    # if: ${{ github.repository_owner == 'cnescatlab' }}
     steps:
+      # the latest version at https://github.com/marketplace/actions/checkout
       - name: Check out repository code
-        uses: actions/checkout@v2
-        with:
-          fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of analysis
-      - name: Setup java
-        uses: actions/setup-java@v2
+        uses: actions/checkout@v4
         with:
-          distribution: 'adopt'
-          java-version: '17'
-      - name: Cache Maven packages
-        uses: actions/cache@v4
+          fetch-depth: 0
+      # the latest version at https://github.com/actions/cache
+      - name: Restore cache
+        uses: actions/cache/restore@v4
         with:
-          path: ~/.m2
-          key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
-          restore-keys: ${{ runner.os }}-m2
-      - name: Cache SonarCloud packages
-        uses: actions/cache@v4
+          path: "**/target/"
+          fail-on-cache-miss: true
+          key: ${{ runner.os }}-cache-java-21-${{ github.sha }}
+      # the latest version at https://github.com/marketplace/actions/official-sonarqube-scan
+      # Triggering SonarQube analysis as results of it are required by Quality Gate check.
+      - name: SonarQube Scan
+        uses: SonarSource/sonarqube-scan-action@v6
         with:
-          path: ~/.sonar/cache
-          key: ${{ runner.os }}-sonar
-          restore-keys: ${{ runner.os }}-sonar
-      - name: Build and analyze
+          args: >
+            -Dsonar.qualitygate.wait=true
+            -Dsonar.qualitygate.timeout=600
         env:
-          # Needed to get some information about the pull request, if any
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          # SonarCloud access token should be generated from https://sonarcloud.io/account/security/
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
-        run: mvn clean -s settings.xml org.jacoco:jacoco-maven-plugin:prepare-agent package sonar:sonar -Dsonar.organization=lequal -Dsonar.host.url=https://sonarcloud.io -Dsonar.login=$SONAR_TOKEN
+
+  integration-test:
+    permissions:
+      packages: read
+    runs-on: ubuntu-latest
+    needs: build
+    name: TI for SonarQube ${{ matrix.sonarQube }}
+    strategy:
+      matrix:
+        sonarQube: [ '25.1.0.102122-community', 'community']
+    steps:
+      # the latest version at https://github.com/marketplace/actions/docker-setup-compose
+      - name: Set up Docker Compose
+        uses: docker/setup-compose-action@v1
+        with:
+          version: latest
+      # the latest version at https://github.com/marketplace/actions/checkout
+      - name: Check out repository code
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+      # the latest version at https://github.com/actions/cache
+      - name: Restore cache
+        uses: actions/cache/restore@v4
+        with:
+          path: "**/target/"
+          fail-on-cache-miss: true
+          key: ${{ runner.os }}-cache-java-21-${{ github.sha }}
+      - name: Integration test
+        run: |
+          cd it
+          ./it.sh -S ${{ matrix.sonarQube }}

README.md

@@ -38,7 +38,7 @@ Here is the compatibility matrix of the plugin:
 |        3.1.1       |          4.1.2          |        7.9 -> 9.9           |       Fortran       |
 |        3.1.2       |          5.1.0          |        7.9 -> 9.9           |       Fortran       |
 |        5.1.0       |          5.1.0          |        7.9 -> 9.9           |       Fortran       |
-|        5.2.0       |          5.1.0          |      25.1.0 -> 25.9.0       |       Fortran       |
+|        5.2.0       |          5.1.0          |     25.1.0 -> 25.9.0        |       Fortran       |
 
 *Notice: Since 5.X this plugins will follow I-Code versionning. There is no breaking changes between 3.X and 5.X*
 

it/audit.sh

@@ -29,7 +29,7 @@ echo $SONAR_TOKEN
 # Audit code
 echo "Launching scanner..."
 cd /usr/src/myapp/it
-sonar-scanner -X -Dsonar.qualitygate.wait 2>&1 | tee /tmp/scanner.log
+sonar-scanner -Dsonar.log.level=DEBUG -Dsonar.verbose=true -Dsonar.qualitygate.wait 2>&1 | tee /tmp/scanner.log
 
 if [ $? -ne 0 ]
 then
@@ -64,26 +64,32 @@ if r.status_code != 200:
 
 data = r.json()
 
-if data['total'] != 100:
-    print('Wrong total number of issues: ' + str(data['total']), file=sys.stderr)
-    sys.exit(1)
-
 issues = 0
 if 'f77-rules' in data['issues'][0]['rule'] and data['issues'][0]['line'] == 1:
     issues += 1
 
+if data['total'] != 100:
+    print('Wrong total number of issues: ' + str(data['total']), file=sys.stderr)
+    sys.exit(1)
+else:
+    print('Validation Fortran 77 OK. Issues found: ' + str(data['total']), file=sys.stdout)
+
 r = requests.get('http://sonarqube:9000/api/issues/search?componentKeys=$SONAR_PROJECT_KEY:src/clanhb.f90&statuses=OPEN', auth=('$SONAR_ADMIN_LOGIN', '$SONAR_ADMIN_PWD'))
 if r.status_code != 200:
     print('Invalid server response: ' + str(r.status_code), file=sys.stderr)
     sys.exit(1)
 
 data = r.json()
 
+
+if 'f90-rules' in data['issues'][0]['rule'] and data['issues'][0]['line'] == 1:
+    issues += 1
+
 if data['total'] != 197:
     print('Wrong total number of issues: ' + str(data['total']), file=sys.stderr)
     sys.exit(1)
-if 'f90-rules' in data['issues'][0]['rule'] and data['issues'][0]['line'] == 1:
-    issues += 1
+else:
+    print('Validation Fortran 90 OK. Issues found: ' + str(data['total']), file=sys.stdout)
 
 
 sys.exit(0 if issues == 2 else 1)

it/it.sh

@@ -39,11 +39,11 @@ export SCRIPT_DIR=`dirname $0`
 
 # Clean-up if needed
 echo "Cleanup..."
-docker-compose -f $SCRIPT_DIR/docker-compose.yml down
+docker compose -f $SCRIPT_DIR/docker-compose.yml down
 
 # Start containers
 echo "Starting SonarQube..."
-docker-compose -f $SCRIPT_DIR/docker-compose.yml up -d sonarqube
+docker compose -f $SCRIPT_DIR/docker-compose.yml up --quiet-pull -d sonarqube
 CONTAINER_NAME=$(docker ps --format "{{.Names}}" | grep 'it-sonarqube-1.*' | head -1)
 # Wait for SonarQube to be up
 grep -q "SonarQube is operational" <(docker logs --follow --tail 0 $CONTAINER_NAME)
@@ -54,7 +54,7 @@ MAVEN_VERSION=$(grep '<version>' $SCRIPT_DIR/../pom.xml | head -1 | sed 's/<\/\?
 echo "Installing the plugin Icode version $MAVEN_VERSION"
 docker cp $SCRIPT_DIR/../target/sonar-icode-cnes-plugin-$MAVEN_VERSION.jar $CONTAINER_NAME:/opt/sonarqube/extensions/plugins
 # Restart SonarQube
-docker-compose -f $SCRIPT_DIR/docker-compose.yml restart sonarqube
+docker compose -f $SCRIPT_DIR/docker-compose.yml restart sonarqube
 # Wait for SonarQube to be up
 grep -q "SonarQube is operational" <(docker logs --follow --tail 0 $CONTAINER_NAME)
 # Check plug-in installation
@@ -83,11 +83,11 @@ echo "Plugin successfully installed!"
 
 # Audit code
 echo "Audit test scripts..."
-docker-compose -f $SCRIPT_DIR/docker-compose.yml up --build --exit-code-from auditor auditor
+docker compose -f $SCRIPT_DIR/docker-compose.yml up --quiet-pull --build --exit-code-from auditor auditor
 AUDIT_STATUS=$?
 
 # Delete containers
 echo "Cleanup..."
-docker-compose -f $SCRIPT_DIR/docker-compose.yml down
+docker compose -f $SCRIPT_DIR/docker-compose.yml down
 
 exit $AUDIT_STATUS

it/sonar-project.properties

@@ -1,5 +1,5 @@
 sonar.projectKey=icode
-sonar.projectName=I-Code
+sonar.projectName=I-Code TI
 sonar.projectVersion=1.0
 sonar.sources=src
 sonar.scm.disabled=True

pom.xml

@@ -57,8 +57,8 @@
 
     <properties>
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
-        <maven.compiler.source>11</maven.compiler.source>
-        <maven.compiler.target>23</maven.compiler.target>
+        <!--
+        https://maven.apache.org/plugins/maven-compiler-plugin/examples/set-compiler-release.html -->
         <maven.compiler.release>17</maven.compiler.release>
         <surefire.version>3.5.3</surefire.version>
         <!-- Matrice: https://github.com/SonarSource/sonar-plugin-api -->
@@ -73,16 +73,6 @@
         <sonar.test>src/test/java</sonar.test>
     </properties>
 
-    <repositories>
-        <repository>
-            <id>github</id>
-            <url>https://maven.pkg.github.com/cnescatlab/i-CodeCNES</url>
-            <snapshots>
-                <enabled>false</enabled>
-            </snapshots>
-        </repository>
-    </repositories>
-
     <dependencies>
         <dependency>
             <groupId>org.sonarsource.api.plugin</groupId>
@@ -104,6 +94,7 @@
             <groupId>org.sonarsource.sonarqube</groupId>
             <artifactId>sonar-plugin-api-impl</artifactId>
             <version>${sonar.version}</version>
+            <scope>test</scope>
         </dependency>
         <dependency>
             <groupId>junit</groupId>
@@ -180,20 +171,19 @@
                 <groupId>org.sonarsource.sonar-packaging-maven-plugin</groupId>
                 <artifactId>sonar-packaging-maven-plugin</artifactId>
                 <extensions>true</extensions>
+                <version>1.23.0.740</version>
             </plugin>
 
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-compiler-plugin</artifactId>
-                <configuration>
-                    <source>${jdk.min.version}</source>
-                    <target>${jdk.min.version}</target>
-                </configuration>
+                <version>3.14.1</version>
             </plugin>
 
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-project-info-reports-plugin</artifactId>
+                <version>3.9.0</version>
                 <configuration>
                     <dependencyLocationsEnabled>false</dependencyLocationsEnabled>
                 </configuration>
@@ -202,6 +192,7 @@
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-surefire-plugin</artifactId>
+                <version>3.5.4</version>
                 <dependencies>
                     <dependency>
                         <groupId>org.apache.maven.surefire</groupId>
@@ -214,6 +205,7 @@
             <plugin>
                 <groupId>org.jacoco</groupId>
                 <artifactId>jacoco-maven-plugin</artifactId>
+                <version>0.8.13</version>
                 <executions>
                     <execution>
                         <id>prepare-agent</id>

settings.xml

@@ -1,7 +1,6 @@
 <settings xmlns="http://maven.apache.org/SETTINGS/1.0.0"
   xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-  xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0
-                      http://maven.apache.org/xsd/settings-1.0.0.xsd">
+  xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 http://maven.apache.org/xsd/settings-1.0.0.xsd">
 
   <servers>
     <server>
@@ -10,4 +9,19 @@
       <password>${env.MVN_PWD}</password>
     </server>
   </servers>
-</settings>
+
+  <profiles>
+    <profile>
+      <id>github</id>
+      <repositories>
+        <repository>
+          <id>github</id>
+          <url>https://maven.pkg.github.com/cnescatlab/*</url>
+        </repository>
+      </repositories>
+    </profile>
+  </profiles>
+  <activeProfiles>
+    <activeProfile>github</activeProfile>
+  </activeProfiles>
+</settings>

sonar-project.properties

@@ -0,0 +1,12 @@
+# FIXME mettre lequal lorsque il y aura la PR
+# sonar.projectKey=fr.cnes.sonar.plugins:sonar-icode-cnes-plugin
+sonar.projectKey=Turiok_sonar-icode-cnes-plugin
+sonar.projectName=Sonar i-Code CNES plugin
+sonar.projectDescription=i-Code CNES plugin for SonarQube
+sonar.sources=src/main/java
+sonar.tests=src/test
+sonar.java.binaries=target
+# FIXME mettre lequal lorsque il y aura la PR
+# sonar.organization=lequal
+sonar.organization=turiok
+