SONARPHP-1519 Migrate sonar-php build to Gradle (#1294)

SonarSource · Nov 4, 2024 · 2646a20 · 2646a20
1 parent 5724c1a
commit 2646a20
Show file tree

Hide file tree

Showing 67 changed files with 1,095 additions and 1,273 deletions.
diff --git a/.cirrus.yml b/.cirrus.yml
@@ -49,17 +49,6 @@ setup_orchestrator_cache: &SETUP_ORCHESTRATOR_CACHE
     fingerprint_script: echo ${TODAY}
     reupload_on_changes: "true"
 
-maven_cache: &MAVEN_CACHE
-  maven_cache:
-    folder: ${CIRRUS_WORKING_DIR}/.m2/repository
-    fingerprint_script: cat **/pom.xml
-
-win_maven_cache: &WIN_MAVEN_CACHE
-  maven_cache:
-    #windows cache is buggy if using ${CIRRUS_WORKING_DIR}
-    folder: ~/.m2/repository
-
-
 # ----------------------------------------------
 # -------------CONTAINER DEFINITIONS------------
 # ----------------------------------------------
@@ -116,7 +105,6 @@ only_main_branches_filter: &ONLY_MAIN_BRANCHES
 
 build_task:
   <<: *CONTAINER_DEFINITION
-  <<: *MAVEN_CACHE
   eks_container:
     memory: 3G
   env:
@@ -127,25 +115,24 @@ build_task:
   build_script:
     - git submodule update --init
     - source cirrus-env BUILD
-    - regular_mvn_build_deploy_analyze
-  cleanup_before_cache_script: cleanup_maven_repository
+    # TODO Remove ITs exclusion after SONARIAC-1521, since the ITs won't be in the test task anymore
+    - regular_gradle_build_deploy_analyze -x :its:plugin:tests:test -x :its:ruling:test
 
 build_win_task:
   <<: *WINDOWS_VM_DEFINITION
   <<: *ONLY_SONARSOURCE_QA
   <<: *DEPENDS_ON_BUILD
-  <<: *WIN_MAVEN_CACHE
   build_script:
     - git config --global core.autocrlf input
     - source cirrus-env CI
-    - mvn clean install
+    # TODO Remove ITs exclusion after SONARIAC-1521, since the ITs won't be in the test task anymore
+    - ./gradlew clean build -x :its:plugin:tests:test -x :its:ruling:test
 
 plugin_qa_task:
   <<: *ONLY_SONARSOURCE_QA
   <<: *DEPENDS_ON_BUILD
   <<: *QA_CONTAINER_DEFINITION
   <<: *SETUP_ORCHESTRATOR_CACHE
-  <<: *MAVEN_CACHE
   env:
     CIRRUS_CLONE_DEPTH: 1
     matrix:
@@ -155,17 +142,15 @@ plugin_qa_task:
     - git submodule update --init
   qa_script:
     - source cirrus-env QA
-    - source set_maven_build_version $BUILD_NUMBER
+    - source set_gradle_build_version $BUILD_NUMBER
     - cd its/plugin
-    - mvn verify -Drevision=${PROJECT_VERSION} -Dsonar.runtimeVersion=${SQ_VERSION} -Dmaven.test.redirectTestOutputToFile=false -B -e -V
-  cleanup_before_cache_script: cleanup_maven_repository
+    - ../../gradlew -Drevision=${PROJECT_VERSION} -Dsonar.runtimeVersion=${SQ_VERSION} test --info --console plain --no-daemon
 
 ruling_task:
   <<: *ONLY_SONARSOURCE_QA
   <<: *DEPENDS_ON_BUILD
   <<: *QA_CONTAINER_DEFINITION
   <<: *SETUP_ORCHESTRATOR_CACHE
-  <<: *MAVEN_CACHE
   env:
     CIRRUS_CLONE_DEPTH: 1
     matrix:
@@ -181,39 +166,35 @@ ruling_task:
     - git submodule update --init
   ruling_script:
     - source cirrus-env QA
-    - source set_maven_build_version $BUILD_NUMBER
+    - source set_gradle_build_version $BUILD_NUMBER
     - cd its/ruling
-    - mvn test -Dtest=PhpGeneralRulingTest#test${PHP_PROJECT} -Drevision=${PROJECT_VERSION} -Dsonar.runtimeVersion=LATEST_RELEASE -Dmaven.test.redirectTestOutputToFile=false -B -e -V
-  cleanup_before_cache_script: cleanup_maven_repository
+    - ../../gradlew -Drevision=${PROJECT_VERSION} -Dsonar.runtimeVersion=LATEST_RELEASE test --tests PhpGeneralRulingTest.test${PHP_PROJECT} --info --console plain --no-daemon
 
 pr_analysis_task:
   <<: *ONLY_SONARSOURCE_QA
   <<: *DEPENDS_ON_BUILD
   <<: *QA_CONTAINER_DEFINITION
-  <<: *MAVEN_CACHE
   env:
     <<: *PR_ANALYSIS_SECRETS
     CIRRUS_CLONE_DEPTH: 1
   submodules_script:
     - git submodule update --init
   ruling_script:
     - source cirrus-env QA
-    - source set_maven_build_version $BUILD_NUMBER
+    - source set_gradle_build_version $BUILD_NUMBER
     - cd its/ruling
-    - mvn test -Dtest=PhpPrAnalysisTest -Drevision=${PROJECT_VERSION} -Dsonar.runtimeVersion=LATEST_RELEASE -Dmaven.test.redirectTestOutputToFile=false -B -e -V
-  cleanup_before_cache_script: cleanup_maven_repository
+    - ../../gradlew test --tests PhpPrAnalysisTest --info --console plain --no-daemon
 
 ws_scan_task:
   <<: *ONLY_MAIN_BRANCHES
   <<: *DEPENDS_ON_BUILD
   <<: *CONTAINER_DEFINITION
-  <<: *MAVEN_CACHE
   env:
     <<: *MEND_SCAN_SECRETS
   whitesource_script:
     - source cirrus-env QA
-    - source set_maven_build_version $BUILD_NUMBER
-    - mvn clean install -DskipTests
+    - source set_gradle_build_version $BUILD_NUMBER
+    - ./gradlew clean build -x test
     - source ws_scan.sh
   allow_failures: "true"
   always:
@@ -228,8 +209,6 @@ promote_task:
     - plugin_qa
   <<: *ONLY_SONARSOURCE_QA
   <<: *CONTAINER_DEFINITION
-  <<: *MAVEN_CACHE
   env:
     <<: *PROMOTE_SECRETS
-  script: cirrus_promote_maven
-  cleanup_before_cache_script: cleanup_maven_repository
+  script: cirrus_promote_gradle
diff --git a/.gitattributes b/.gitattributes
@@ -0,0 +1,3 @@
+*               text=auto
+/gradlew.bat    text    eol=crlf
+/gradlew        text    eol=lf
diff --git a/.gitignore b/.gitignore
@@ -1,6 +1,10 @@
 # Maven
 target/
 
+# Gradle
+build/
+.gradle
+
 # IntelliJ IDEA
 *.iws
 *.iml

diff --git a/LICENSE_HEADER b/LICENSE_HEADER
@@ -0,0 +1,19 @@
+/*
+ * SonarQube PHP Plugin
+ * Copyright (C) 2010-$YEAR SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ */
diff --git a/README.md b/README.md
@@ -75,7 +75,7 @@ To run tests locally follow these instructions.
 ### Build the Project and Run Unit Tests
 To build the plugin and run its unit tests, execute this command from the project's root directory (you will need [Maven](https://maven.apache.org/)):
 ```shell
-mvn clean install
+./gradlew build
 ```
 
 ### Integration Tests
@@ -86,27 +86,21 @@ sonar.runtimeVersion=9.9
 ```
 Before running any of the integration tests make sure the submodules are checked out:
 ```shell
-  git submodule init
-  git submodule update
+  git submodule update --init
 ```
 #### Plugin Test
-The "Plugin Test" is an additional integration test that verifies plugin features such as metric calculation, coverage, etc. To launch it, execute this command from the directory `its/plugin`:
+The "Plugin Test" is an additional integration test that verifies plugin features such as metric calculation, coverage, etc. To launch it:
 ```shell
-mvn clean install
+./gradlew its:plugin:tests:test
 ```
 
 #### Ruling Test
 The "Ruling Test" is a special integration test that launches the analysis of a large code base, saves the issues created by the plugin in report files, and then compares those results to the set of expected issues (stored as JSON files). To launch the ruling test:
 ```shell
-cd its/ruling
-mvn clean install
+./gradlew its:ruling:test
 ```
 
-This test gives you the opportunity to examine the issues created by each rule and make sure they're what you expect. You can inspect new/lost issues by checking the web pages mentioned in the logs at the end of the analysis:
-```
-INFO  - HTML Issues Report generated: /path/to/project/sonar-php/its/sources/src/.sonar/issues-report/issues-report.html
-INFO  - Light HTML Issues Report generated: /path/to/project/sonar-php/its/sources/src/.sonar/issues-report/issues-report-light.html
-```
+This test gives you the opportunity to examine the issues created by each rule and make sure they're what you expect. You can inspect new/lost issues by checking the SonarQube local URL mentioned in the logs at the end of the analysis.
 If everything looks good to you, you can copy the file with the actual issues located at
 ```
 sonar-php/its/ruling/target/actual/

diff --git a/build-logic/build.gradle.kts b/build-logic/build.gradle.kts
@@ -0,0 +1,10 @@
+plugins {
+    `kotlin-dsl`
+}
+
+dependencies {
+    implementation(libs.jfrog.buildinfo.gradle)
+    implementation(libs.sonar.scanner.gradle)
+    implementation(libs.diffplug.spotless)
+    implementation(libs.diffplug.blowdryer)
+}
diff --git a/build-logic/settings.gradle.kts b/build-logic/settings.gradle.kts
@@ -0,0 +1,55 @@
+dependencyResolutionManagement {
+  repositories {
+    mavenCentral()
+    gradlePluginPortal()
+    maven {
+      url = uri("https://repox.jfrog.io/repox/sonarsource")
+      val artifactoryUsername =
+        providers.environmentVariable("ARTIFACTORY_PRIVATE_USERNAME")
+          .orElse(providers.gradleProperty("artifactoryUsername"))
+      val artifactoryPassword =
+        providers.environmentVariable("ARTIFACTORY_PRIVATE_PASSWORD")
+          .orElse(providers.gradleProperty("artifactoryPassword"))
+
+      if (artifactoryUsername.isPresent && artifactoryPassword.isPresent) {
+        authentication {
+          credentials {
+            username = artifactoryUsername.get()
+            password = artifactoryPassword.get()
+          }
+        }
+      }
+    }
+  }
+  versionCatalogs {
+    create("libs") {
+      from(files("../gradle/libs.versions.toml"))
+    }
+  }
+}
+
+pluginManagement {
+  repositories {
+    mavenCentral()
+    gradlePluginPortal()
+    maven {
+      url = uri("https://repox.jfrog.io/repox/sonarsource")
+
+      val artifactoryUsername =
+        providers.environmentVariable("ARTIFACTORY_PRIVATE_USERNAME")
+          .orElse(providers.gradleProperty("artifactoryUsername"))
+      val artifactoryPassword =
+        providers.environmentVariable("ARTIFACTORY_PRIVATE_PASSWORD")
+          .orElse(providers.gradleProperty("artifactoryPassword"))
+
+      if (artifactoryUsername.isPresent && artifactoryPassword.isPresent) {
+        authentication {
+          credentials {
+            username = artifactoryUsername.get()
+            password = artifactoryPassword.get()
+          }
+        }
+      }
+    }
+  }
+}
diff --git a/build-logic/src/main/kotlin/org.sonarsource.php.artifactory-configuration.gradle.kts b/build-logic/src/main/kotlin/org.sonarsource.php.artifactory-configuration.gradle.kts
@@ -0,0 +1,96 @@
+import org.sonarsource.php.signingCondition
+
+plugins {
+  id("com.jfrog.artifactory")
+  signing
+  `maven-publish`
+}
+
+publishing {
+  publications.create<MavenPublication>("mavenJava") {
+    pom {
+      name.set("SonarSource PHP Analyzer")
+      description.set(project.description)
+      url.set("http://www.sonarqube.org/")
+      organization {
+        name.set("SonarSource")
+        url.set("http://www.sonarsource.com/")
+      }
+      licenses {
+        license {
+          name.set("GNU LGPL 3")
+          url.set("http://www.gnu.org/licenses/lgpl.txt")
+          distribution.set("repo")
+        }
+      }
+      scm {
+        url.set("https://github.com/SonarSource/sonar-php")
+      }
+      developers {
+        developer {
+          id.set("sonarsource-team")
+          name.set("SonarSource Team")
+        }
+      }
+    }
+  }
+}
+
+signing {
+  val signingKeyId: String? by project
+  val signingKey: String? by project
+  val signingPassword: String? by project
+  useInMemoryPgpKeys(signingKeyId, signingKey, signingPassword)
+  setRequired {
+    project.signingCondition()
+  }
+  sign(publishing.publications)
+}
+
+tasks.withType<Sign> {
+  onlyIf {
+    val artifactorySkip: Boolean = tasks.artifactoryPublish.get().skip
+    !artifactorySkip && project.signingCondition()
+  }
+}
+
+artifactory {
+  val artifactsToPublish = "org.sonarsource.php:sonar-php-plugin:jar"
+
+  clientConfig.info.addEnvironmentProperty("ARTIFACTS_TO_PUBLISH", artifactsToPublish)
+  clientConfig.info.addEnvironmentProperty("ARTIFACTS_TO_DOWNLOAD", "")
+
+  setContextUrl(System.getenv("ARTIFACTORY_URL"))
+  publish {
+    repository {
+      setRepoKey(System.getenv("ARTIFACTORY_DEPLOY_REPO"))
+      setUsername(System.getenv("ARTIFACTORY_DEPLOY_USERNAME"))
+      setPassword(System.getenv("ARTIFACTORY_DEPLOY_PASSWORD"))
+    }
+    defaults {
+      publications("mavenJava")
+      setProperties(
+        mapOf(
+          "build.name" to "sonar-php",
+          "version" to project.version.toString(),
+          "build.number" to project.ext["buildNumber"].toString(),
+          "pr.branch.target" to System.getenv("PULL_REQUEST_BRANCH_TARGET"),
+          "pr.number" to System.getenv("PULL_REQUEST_NUMBER"),
+          "vcs.branch" to System.getenv("GIT_BRANCH"),
+          "vcs.revision" to System.getenv("GIT_COMMIT"),
+        ),
+      )
+      setPublishArtifacts(true)
+      setPublishPom(true)
+      setPublishIvy(false)
+    }
+  }
+
+  clientConfig.info.addEnvironmentProperty("PROJECT_VERSION", project.version.toString())
+  clientConfig.info.buildName = "sonar-php"
+  clientConfig.info.buildNumber = project.ext["buildNumber"].toString()
+  clientConfig.isIncludeEnvVars = true
+  clientConfig.envVarsExcludePatterns =
+    "*password*,*PASSWORD*,*secret*,*MAVEN_CMD_LINE_ARGS*,sun.java.command," +
+    "*token*,*TOKEN*,*LOGIN*,*login*,*key*,*KEY*,*PASSPHRASE*,*signing*"
+}