-
Notifications
You must be signed in to change notification settings - Fork 8
/
Copy path.cirrus.yml
71 lines (66 loc) · 2.58 KB
/
.cirrus.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
env:
ARTIFACTORY_URL: VAULT[development/kv/data/repox data.url]
ARTIFACTORY_PRIVATE_USERNAME: vault-${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-private-reader
ARTIFACTORY_DEPLOY_USERNAME: vault-${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-qa-deployer
ARTIFACTORY_DEPLOY_PASSWORD: VAULT[development/artifactory/token/${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-qa-deployer access_token]
# Possible values for ARTIFACTORY_DEPLOY_REPO: sonarsource-private-qa, sonarsource-public-qa
ARTIFACTORY_DEPLOY_REPO: sonarsource-public-qa
ARTIFACTORY_ACCESS_TOKEN: >-
VAULT[development/artifactory/token/${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-private-reader access_token]
# Use bash (instead of sh on linux or cmd.exe on windows)
CIRRUS_SHELL: bash
# Allows to run builds for the 50 last commits in a branch:
CIRRUS_CLONE_DEPTH: 50
container_definition: &CONTAINER_DEFINITION
image: ${CIRRUS_AWS_ACCOUNT}.dkr.ecr.eu-central-1.amazonaws.com/base:j17-latest
cluster_name: ${CIRRUS_CLUSTER_NAME}
region: eu-central-1
namespace: default
only_sonarsource_qa: &ONLY_SONARSOURCE_QA
only_if: >
(
$CIRRUS_USER_COLLABORATOR == 'true' &&
$CIRRUS_TAG == "" &&
($CIRRUS_PR != ""
|| $CIRRUS_BRANCH == 'master'
|| $CIRRUS_BRANCH =~ "branch-.*"
|| $CIRRUS_BRANCH =~ "dogfood-on-.*"
|| $CIRRUS_BUILD_SOURCE == 'api'
)
) || $CIRRUS_CRON == 'nightly'
build_task:
<<: *ONLY_SONARSOURCE_QA
eks_container:
<<: *CONTAINER_DEFINITION
cpu: 2
memory: 2G
env:
# analysis on next
SONAR_TOKEN: VAULT[development/kv/data/next data.token]
SONAR_HOST_URL: VAULT[development/kv/data/next data.url]
# allow deployment of pull request artifacts to repox
DEPLOY_PULL_REQUEST: true
SIGN_KEY: VAULT[development/kv/data/sign data.key]
PGP_PASSPHRASE: VAULT[development/kv/data/sign data.passphrase]
maven_cache:
folder: ${CIRRUS_WORKING_DIR}/.m2/repository
build_script:
- source cirrus-env BUILD
- regular_mvn_build_deploy_analyze
cleanup_before_cache_script: cleanup_maven_repository
promote_task:
depends_on:
- build
<<: *ONLY_SONARSOURCE_QA
eks_container:
<<: *CONTAINER_DEFINITION
cpu: 1
memory: 1G
env:
ARTIFACTORY_PROMOTE_ACCESS_TOKEN: >-
VAULT[development/artifactory/token/${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-promoter access_token]
GITHUB_TOKEN: VAULT[development/github/token/${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-promotion token]
maven_cache:
folder: ${CIRRUS_WORKING_DIR}/.m2/repository
script: cirrus_promote_maven
cleanup_before_cache_script: cleanup_maven_repository