diff --git a/.dockerignore b/.dockerignore
new file mode 100644
index 00000000..b9879f0d
--- /dev/null
+++ b/.dockerignore
@@ -0,0 +1,3 @@
+*
+!target/sonar-findbugs-plugin.jar
+!src/smoke-test
diff --git a/.travis.yml b/.travis.yml
index e8f53379..6a47cfb4 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -1,18 +1,15 @@
language: java
-sudo: false
+sudo: required
dist: trusty
jdk:
- oraclejdk8
+services:
+ - docker
env:
# latest LTS
- SONAR_VERSION=6.7.5 SONAR_JAVA_VERSION=5.2.0.13398
- # latest stable releases
- - SONAR_VERSION=7.3 SONAR_JAVA_VERSION=5.8.0.15699
- # latest releases that removes some API
+ # latest releases
- SONAR_VERSION=7.4 SONAR_JAVA_VERSION=5.8.0.15699
-matrix:
- allow_failures:
- - env: SONAR_VERSION=7.4 SONAR_JAVA_VERSION=5.8.0.15699
install:
# decrypt settings.xml, pubring.gpg and secring.gpg
- if [ -n "$encrypted_b6710039761a_key" ]; then openssl aes-256-cbc -K $encrypted_b6710039761a_key -iv $encrypted_b6710039761a_iv -in .travis/secrets.tar.enc -out .travis/secrets.tar -d; fi
@@ -21,6 +18,11 @@ script:
- mvn verify -B -e -V -Dsonar.version=$SONAR_VERSION -Dsonar-java.version=$SONAR_JAVA_VERSION
jobs:
include:
+ - stage: smoke-test
+ script:
+ - 'mvn package && docker-compose -f src/smoke-test/docker-compose.yml --project-directory . run --rm test-lts'
+ - script:
+ - 'mvn package && docker-compose -f src/smoke-test/docker-compose.yml --project-directory . run --rm test-latest'
- stage: analysis
if: ( type = pull_request and head_repo =~ ^spotbugs/ ) or ( type != pull_request and repo =~ ^spotbugs/ )
script:
diff --git a/pom.xml b/pom.xml
index bb4ec82d..34617ccc 100644
--- a/pom.xml
+++ b/pom.xml
@@ -213,7 +213,11 @@
sslr-core
1.22
-
+
+ org.codehaus.sonar
+ sonar-channel
+ 4.2
+
@@ -307,6 +311,38 @@
+
+ org.apache.maven.plugins
+ maven-shade-plugin
+ 3.2.1
+
+
+ package
+
+ shade
+
+
+
+
+ commons-io:commons-io
+ org.codehaus.sonar:sonar-channel
+
+
+
+
+ org.apache.commons.io
+ shaded.io
+
+
+ org.sonar.channel
+ shaded.channel
+
+
+ false
+
+
+
+
diff --git a/src/smoke-test/docker-compose.yml b/src/smoke-test/docker-compose.yml
new file mode 100644
index 00000000..8f84a469
--- /dev/null
+++ b/src/smoke-test/docker-compose.yml
@@ -0,0 +1,46 @@
+version: '3'
+services:
+ sonarqube-lts:
+ build:
+ context: .
+ dockerfile: src/smoke-test/sonarqube-lts
+ expose:
+ - 9000
+ networks:
+ lts:
+ aliases:
+ - sonarqube
+ sonarqube-latest:
+ build:
+ context: .
+ dockerfile: src/smoke-test/sonarqube-latest
+ expose:
+ - 9000
+ networks:
+ latest:
+ aliases:
+ - sonarqube
+ test-lts:
+ build:
+ context: .
+ dockerfile: src/smoke-test/sonarqube-client
+ volumes:
+ - '~/.m2:/root/.m2'
+ depends_on:
+ - sonarqube-lts
+ networks:
+ lts:
+ test-latest:
+ build:
+ context: .
+ dockerfile: src/smoke-test/sonarqube-client
+ volumes:
+ - '~/.m2:/root/.m2'
+ depends_on:
+ - sonarqube-latest
+ networks:
+ latest:
+
+networks:
+ lts:
+ latest:
diff --git a/src/smoke-test/run.sh b/src/smoke-test/run.sh
new file mode 100755
index 00000000..f6b6a7f2
--- /dev/null
+++ b/src/smoke-test/run.sh
@@ -0,0 +1,18 @@
+#!/bin/bash
+# Copied from https://github.com/SonarSource/docker-sonarqube/tree/master/7.1 under LGPL
+
+set -e
+
+if [ "${1:0:1}" != '-' ]; then
+ exec "$@"
+fi
+
+chown -R sonarqube:sonarqube $SONARQUBE_HOME
+exec gosu sonarqube \
+ java -jar lib/sonar-application-$SONAR_VERSION.jar \
+ -Dsonar.log.console=true \
+ -Dsonar.jdbc.username="$SONARQUBE_JDBC_USERNAME" \
+ -Dsonar.jdbc.password="$SONARQUBE_JDBC_PASSWORD" \
+ -Dsonar.jdbc.url="$SONARQUBE_JDBC_URL" \
+ -Dsonar.web.javaAdditionalOpts="$SONARQUBE_WEB_JVM_OPTS -Djava.security.egd=file:/dev/./urandom" \
+ "$@"
diff --git a/src/smoke-test/smoke-test.sh b/src/smoke-test/smoke-test.sh
new file mode 100755
index 00000000..4d078925
--- /dev/null
+++ b/src/smoke-test/smoke-test.sh
@@ -0,0 +1,37 @@
+#!/usr/bin/env bash
+
+set -eu
+
+# 1st param... The git URL to clone
+# 2nd param... The tag name to check out
+function download_target_project() {
+ DIR_NAME=$(mktemp -d)
+ cd /$DIR_NAME
+ git clone "$1" target_repo
+ cd target_repo
+ git checkout "$2"
+}
+
+function run_smoke_test() {
+ echo -n waiting SonarQube
+ until $(curl --output /dev/null -s --fail http://sonarqube:9000); do
+ echo -n '.'
+ sleep 5
+ done
+ echo SonarQube has been launched.
+
+ count=0
+ until mvn compile org.eclipse.jetty:jetty-jspc-maven-plugin:jspc org.sonarsource.scanner.maven:sonar-maven-plugin:3.5.0.1254:sonar -B -Dmaven.test.skip -Dsonar.profile="FindBugs + FB-Contrib" -Dsonar.host.url=http://sonarqube:9000 -Dsonar.login=admin -Dsonar.password=admin; do
+ count=$[ $count + 1 ]
+ if [ $count -ge 5 ]; then
+ echo Sonar fails to scan 5 times!
+ exit 1
+ fi
+ echo SonarQube is not ready to scan project, wait 5 sec
+ sleep 5
+ done
+}
+
+# Use the project that uses Maven and contains .jsp file
+download_target_project 'https://github.com/spring-projects/spring-petclinic.git' 'e9f5f7b54108e35e660a9c9311a682ddce0633bc'
+run_smoke_test
diff --git a/src/smoke-test/sonarqube-client b/src/smoke-test/sonarqube-client
new file mode 100644
index 00000000..b5029b8e
--- /dev/null
+++ b/src/smoke-test/sonarqube-client
@@ -0,0 +1,10 @@
+FROM maven:3.6.0-jdk-8
+
+RUN apt-get update && apt-get install -y --no-install-recommends \
+ bash \
+ git \
+ nodejs \
+ && rm -rf /var/lib/apt/lists/*
+
+COPY src/smoke-test/smoke-test.sh /tmp/smoke-test.sh
+ENTRYPOINT /tmp/smoke-test.sh
diff --git a/src/smoke-test/sonarqube-latest b/src/smoke-test/sonarqube-latest
new file mode 100644
index 00000000..3d655d99
--- /dev/null
+++ b/src/smoke-test/sonarqube-latest
@@ -0,0 +1,55 @@
+# Copied from https://github.com/SonarSource/docker-sonarqube/tree/master/7.1 under LGPL
+FROM openjdk:8
+
+ENV SONAR_VERSION=7.4 \
+ SONARQUBE_HOME=/opt/sonarqube \
+ # Database configuration
+ # Defaults to using H2
+ SONARQUBE_JDBC_USERNAME=sonar \
+ SONARQUBE_JDBC_PASSWORD=sonar \
+ SONARQUBE_JDBC_URL=
+
+# Http port
+EXPOSE 9000
+
+RUN groupadd -r sonarqube && useradd -r -g sonarqube sonarqube
+
+# grab gosu for easy step-down from root
+RUN set -x \
+ && wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/1.10/gosu-$(dpkg --print-architecture)" \
+ && wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/1.10/gosu-$(dpkg --print-architecture).asc" \
+ && export GNUPGHOME="$(mktemp -d)" \
+ && (gpg --batch --keyserver ha.pool.sks-keyservers.net --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4 \
+ || gpg --batch --keyserver ipv4.pool.sks-keyservers.net --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4) \
+ && gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu \
+ && rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc \
+ && chmod +x /usr/local/bin/gosu \
+ && gosu nobody true
+
+RUN set -x \
+
+ # pub 2048R/D26468DE 2015-05-25
+ # Key fingerprint = F118 2E81 C792 9289 21DB CAB4 CFCA 4A29 D264 68DE
+ # uid sonarsource_deployer (Sonarsource Deployer)
+ # sub 2048R/06855C1D 2015-05-25
+ && (gpg --batch --keyserver ha.pool.sks-keyservers.net --recv-keys F1182E81C792928921DBCAB4CFCA4A29D26468DE \
+ || gpg --batch --keyserver ipv4.pool.sks-keyservers.net --recv-keys F1182E81C792928921DBCAB4CFCA4A29D26468DE) \
+
+ && cd /opt \
+ && curl -o sonarqube.zip -fSL https://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-$SONAR_VERSION.zip \
+ && curl -o sonarqube.zip.asc -fSL https://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-$SONAR_VERSION.zip.asc \
+ && gpg --batch --verify sonarqube.zip.asc sonarqube.zip \
+ && unzip sonarqube.zip \
+ && mv sonarqube-$SONAR_VERSION sonarqube \
+ && chown -R sonarqube:sonarqube sonarqube \
+ && rm sonarqube.zip* \
+ && rm -rf $SONARQUBE_HOME/bin/*
+
+VOLUME "$SONARQUBE_HOME/data"
+
+WORKDIR $SONARQUBE_HOME
+COPY src/smoke-test/run.sh $SONARQUBE_HOME/bin/
+ENTRYPOINT ["./bin/run.sh"]
+
+# modified for smoke-test
+COPY target/sonar-findbugs-plugin.jar $SONARQUBE_HOME/extensions/plugins/
diff --git a/src/smoke-test/sonarqube-lts b/src/smoke-test/sonarqube-lts
new file mode 100644
index 00000000..e702f5be
--- /dev/null
+++ b/src/smoke-test/sonarqube-lts
@@ -0,0 +1,5 @@
+FROM sonarqube:6.7.5
+ENV SONAR_JAVA_VERSION=5.2.0.13398
+
+RUN wget -P $SONARQUBE_HOME/extensions/plugins/ --no-verbose http://central.maven.org/maven2/org/sonarsource/java/sonar-java-plugin/$SONAR_JAVA_VERSION/sonar-java-plugin-$SONAR_JAVA_VERSION.jar
+COPY target/sonar-findbugs-plugin.jar $SONARQUBE_HOME/extensions/plugins/