From 5d78d3ca9d79dac1eb5a839322ee64b683dab841 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Henrich=20Kr=C3=A4mer?= Date: Fri, 1 Sep 2023 11:12:36 +0200 Subject: [PATCH 1/3] sonar-scanner java needs tzdb.dat --- CHANGELOG.md | 2 ++ build/package/Dockerfile.sonar | 3 ++- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 6c803f98..d2d91d03 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -17,6 +17,8 @@ listed in the changelog. - sonar-scanner invocations stderr not captured ([#719](https://github.com/opendevstack/ods-pipeline/issues/719)) +- sonar-scanner does not start properly: java is lacking tzdb.dat ([#723](https://github.com/opendevstack/ods-pipeline/issues/723)) + ## [0.13.2] - 2023-07-18 ### Fixed diff --git a/build/package/Dockerfile.sonar b/build/package/Dockerfile.sonar index 7ab8d108..e0100ae0 100644 --- a/build/package/Dockerfile.sonar +++ b/build/package/Dockerfile.sonar @@ -36,7 +36,8 @@ FROM registry.access.redhat.com/ubi8/ubi-minimal:8.4 ENV SONAR_EDITION="community" \ JAVA_HOME=/usr/lib/jvm/jre-11 -RUN microdnf install --nodocs java-11-openjdk-headless which && microdnf clean all +RUN microdnf install --nodocs java-11-openjdk-headless tzdata-java which && microdnf clean all + # tzdata-java was missing unless explicitly installed: see https://stackoverflow.com/a/76848186 COPY --from=builder /usr/local/bin/sonar /usr/local/bin/sonar COPY --from=builder /usr/local/sonar-scanner-cli /usr/local/sonar-scanner-cli From d95061e540a763f73e440bf348bfee7c7a985981 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Henrich=20Kr=C3=A4mer?= Date: Fri, 1 Sep 2023 11:59:06 +0200 Subject: [PATCH 2/3] update sonar-scanner and cnes-report --- CHANGELOG.md | 3 +++ build/package/Dockerfile.sonar | 6 +++--- docs/design/software-design-specification.adoc | 4 ++-- 3 files changed, 8 insertions(+), 5 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index d2d91d03..4131b92a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -19,6 +19,9 @@ listed in the changelog. - sonar-scanner does not start properly: java is lacking tzdb.dat ([#723](https://github.com/opendevstack/ods-pipeline/issues/723)) +- update sonar-scanner and cnes-report ([#725](https://github.com/opendevstack/ods-pipeline/issues/725)) + + ## [0.13.2] - 2023-07-18 ### Fixed diff --git a/build/package/Dockerfile.sonar b/build/package/Dockerfile.sonar index e0100ae0..aa3c4191 100644 --- a/build/package/Dockerfile.sonar +++ b/build/package/Dockerfile.sonar @@ -4,8 +4,8 @@ SHELL ["/bin/bash", "-o", "pipefail", "-c"] USER root WORKDIR /usr/src/app -ENV SONAR_SCANNER_VERSION=4.6.2.2472 \ - CNES_REPORT_VERSION=4.0.0 +ENV SONAR_SCANNER_VERSION=4.8.0.2856 \ + CNES_REPORT_VERSION=4.2.0 # Build Go binary. COPY go.mod . @@ -37,7 +37,7 @@ ENV SONAR_EDITION="community" \ JAVA_HOME=/usr/lib/jvm/jre-11 RUN microdnf install --nodocs java-11-openjdk-headless tzdata-java which && microdnf clean all - # tzdata-java was missing unless explicitly installed: see https://stackoverflow.com/a/76848186 +# tzdata-java was missing unless explicitly installed: see https://stackoverflow.com/a/76848186 COPY --from=builder /usr/local/bin/sonar /usr/local/bin/sonar COPY --from=builder /usr/local/sonar-scanner-cli /usr/local/sonar-scanner-cli diff --git a/docs/design/software-design-specification.adoc b/docs/design/software-design-specification.adoc index 1cee287f..a932a8d6 100644 --- a/docs/design/software-design-specification.adoc +++ b/docs/design/software-design-specification.adoc @@ -557,13 +557,13 @@ a| The script installs the Helm chart located in `deploy/ods-pipeline`. Further, | SDS-EXT-7 | sonar-scanner -| 4.6 +| 4.8 | General purpose SonarQube scanner | https://github.com/SonarSource/sonar-scanner-cli | SDS-EXT-8 | cnes-report -| 4.0 +| 4.2 | Exports code analysis from a SonarQube server in various file formats. | https://github.com/cnescatlab/sonar-cnes-report From c1a0786dba30a00ecea234d446c60dd7195b8e2c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Henrich=20Kr=C3=A4mer?= Date: Fri, 1 Sep 2023 13:33:19 +0200 Subject: [PATCH 3/3] sonar image needs node --- CHANGELOG.md | 1 + build/package/Dockerfile.sonar | 18 +++++++++++++++--- docs/design/software-design-specification.adoc | 4 ++-- 3 files changed, 18 insertions(+), 5 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 4131b92a..c1d91921 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -21,6 +21,7 @@ listed in the changelog. - update sonar-scanner and cnes-report ([#725](https://github.com/opendevstack/ods-pipeline/issues/725)) +- SonarQube doesn't scan FE-related code ([#716](https://github.com/opendevstack/ods-pipeline/issues/716)) ## [0.13.2] - 2023-07-18 diff --git a/build/package/Dockerfile.sonar b/build/package/Dockerfile.sonar index aa3c4191..6c71ce9a 100644 --- a/build/package/Dockerfile.sonar +++ b/build/package/Dockerfile.sonar @@ -31,13 +31,25 @@ RUN cd /tmp \ && chmod +x /usr/local/cnes/cnesreport.jar # Final image -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.4 +FROM registry.access.redhat.com/ubi8/nodejs-18:1 + +ENV NPM_CONFIG_PREFIX=$HOME/.npm-global \ + LANG=en_US.UTF-8 \ + LC_ALL=en_US.UTF-8 + +RUN echo id: $(id) && \ + echo node version: $(node --version) && \ + echo npm version: $(npm --version) && \ + echo npx version: $(npx --version) ENV SONAR_EDITION="community" \ JAVA_HOME=/usr/lib/jvm/jre-11 -RUN microdnf install --nodocs java-11-openjdk-headless tzdata-java which && microdnf clean all -# tzdata-java was missing unless explicitly installed: see https://stackoverflow.com/a/76848186 +USER root +RUN INSTALL_PKGS="java-11-openjdk-headless which" && \ + yum install -y --setopt=tsflags=nodocs $INSTALL_PKGS && \ + rpm -V $INSTALL_PKGS && \ + yum -y clean all --enablerepo='*' COPY --from=builder /usr/local/bin/sonar /usr/local/bin/sonar COPY --from=builder /usr/local/sonar-scanner-cli /usr/local/sonar-scanner-cli diff --git a/docs/design/software-design-specification.adoc b/docs/design/software-design-specification.adoc index a932a8d6..979d5c8a 100644 --- a/docs/design/software-design-specification.adoc +++ b/docs/design/software-design-specification.adoc @@ -28,7 +28,7 @@ As described in the architecture, the system is installed into local namespaces. |=== | SDS-SHARED-1 | `ods-sonar` container image -| Container image for SQ scanning. Based on `ubi8/ubi-minimal` (SDS-EXT-2), includes software to analyze source code statically (SDS-SHARED-2, SDS-EXT-7, SDS-EXT-8 and SDS-EXT-30). +| Container image for SQ scanning. Based on `ubi8/nodejs-18` (SDS-EXT-32), includes software to analyze source code statically (SDS-SHARED-2, SDS-EXT-7, SDS-EXT-8 and SDS-EXT-30). | SDS-SHARED-2 | `sonar` binary @@ -380,7 +380,7 @@ If the Aqua scanner is installed in the base image, the pushed image shall be sc Processes tags specified in the `extra-tags` parameter to add tags to the image in the target registry: -* If an artifact for the tagged image exists, the tag is not further processed. +* If an artifact for the tagged image exists, the tag is not further processed. * If there is no artifact for the tagged image: * Adds the tag using skopeo (SDS-EXT-17) to the image in the target registry. * The resulting tagged image artifact is placed into `.ods/artifacts`.