diff --git a/.cirrus.star b/.cirrus.star deleted file mode 100644 index 462c380..0000000 --- a/.cirrus.star +++ /dev/null @@ -1,5 +0,0 @@ -load("github.com/SonarSource/cirrus-modules@v3", "load_features") - - -def main(ctx): - return load_features(ctx, only_if=dict()) diff --git a/.cirrus.yml b/.cirrus.yml deleted file mode 100644 index 220b419..0000000 --- a/.cirrus.yml +++ /dev/null @@ -1,62 +0,0 @@ -env: - CIRRUS_SHELL: bash - CIRRUS_VAULT_URL: https://vault.sonar.build:8200 - CIRRUS_VAULT_AUTH_PATH: jwt-cirrusci - CIRRUS_VAULT_ROLE: cirrusci-${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME} - - ARTIFACTORY_URL: https://repox.jfrog.io/artifactory - ARTIFACTORY_PRIVATE_USERNAME: vault-${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-private-reader - ARTIFACTORY_PRIVATE_PASSWORD: VAULT[development/artifactory/token/${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-private-reader access_token] - ARTIFACTORY_DEPLOY_USERNAME: vault-${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-qa-deployer - ARTIFACTORY_DEPLOY_PASSWORD: VAULT[development/artifactory/token/${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-qa-deployer access_token] - ARTIFACTORY_DEPLOY_REPO: sonarsource-public-qa - ARTIFACTORY_ACCESS_TOKEN: VAULT[development/artifactory/token/${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-private-reader access_token] - -only_sonarsource_qa: &ONLY_SONARSOURCE_QA - only_if: $CIRRUS_USER_COLLABORATOR == 'true' && $CIRRUS_TAG == "" && ($CIRRUS_PR != "" || $CIRRUS_BRANCH == "master" || $CIRRUS_BRANCH =~ "branch-.*") - -nodejs_runtimes_cache_definition: &RUNTIME_CACHE - runtime_cache: - folder: runtime/downloads/ - fingerprint_script: cat runtime/pom.xml | grep -o ".*" - -eks_container_definition: &CONTAINER_DEFINITION - image: ${CIRRUS_AWS_ACCOUNT}.dkr.ecr.eu-central-1.amazonaws.com/base:j17-latest - cluster_name: ${CIRRUS_CLUSTER_NAME} - region: eu-central-1 - namespace: default - -build_task: - eks_container: - <<: *CONTAINER_DEFINITION - cpu: 2 - memory: 10G - env: - DEPLOY_PULL_REQUEST: "true" - SONAR_TOKEN: VAULT[development/kv/data/next data.token] - SONAR_HOST_URL: https://next.sonarqube.com/sonarqube - maven_cache: - folder: ${CIRRUS_WORKING_DIR}/.m2/repository - <<: *RUNTIME_CACHE - build_script: - - source cirrus-env BUILD - - regular_mvn_build_deploy_analyze - cleanup_before_cache_script: - - cleanup_maven_repository - -promote_task: - depends_on: - - build - <<: *ONLY_SONARSOURCE_QA - eks_container: - <<: *CONTAINER_DEFINITION - cpu: 2 - memory: 2G - env: - ARTIFACTORY_PROMOTE_ACCESS_TOKEN: VAULT[development/artifactory/token/${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-promoter access_token] - GITHUB_TOKEN: VAULT[development/github/token/${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-promotion token] - maven_cache: - folder: $CIRRUS_WORKING_DIR/.m2/repository - script: cirrus_promote_maven - cleanup_before_cache_script: - - cleanup_maven_repository diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml new file mode 100644 index 0000000..fd36c0e --- /dev/null +++ b/.github/workflows/build.yml @@ -0,0 +1,33 @@ +name: Build +on: + push: + branches: [master, branch-*, dogfood-*] + pull_request: + merge_group: + workflow_dispatch: + +concurrency: + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} + cancel-in-progress: true + +jobs: + build: + runs-on: github-ubuntu-latest-m + permissions: + id-token: write + contents: write + steps: + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + with: + fetch-depth: 0 + - uses: jdx/mise-action@5ac50f778e26fac95da98d50503682459e86d566 # v3.2.0 + with: + version: 2025.7.12 + - uses: SonarSource/ci-github-actions/build-maven@v1 + with: + artifactory-reader-role: private-reader + deploy-pull-request: true + sonar-platform: next + - uses: SonarSource/ci-github-actions/promote@v1 + with: + promote-pull-request: true \ No newline at end of file diff --git a/mise.toml b/mise.toml new file mode 100644 index 0000000..84c0dee --- /dev/null +++ b/mise.toml @@ -0,0 +1,3 @@ +[tools] +java = "17.0" +maven = "3.9"