Merge branch 'main' into 69-java

.default.docker.env

@@ -0,0 +1,5 @@
+# Set default Sonarqube environment variables used by docker-compose
+# You can override these envvars by creating a '.override.docker.env' file
+# For available envvars list, see https://docs.sonarsource.com/sonarqube/latest/setup-and-upgrade/configure-and-operate-a-server/environment-variables/
+
+SONAR_LOG_LEVEL_WEB=INFO

.gitattributes

@@ -4,4 +4,8 @@
 
 # Ensure BAT files will always be checked out with CRLFs (regardless of the
 # OS they were checked out on).
-*.bat text eol=crlf
+*.bat text eol=crlf
+
+# Ensure BAT files will always be checked out with CRLFs (regardless of the
+# OS they were checked out on).
+*.cmd text eol=crlf

.github/workflows/_BACKUP_manual_release.yml

@@ -31,9 +31,9 @@ jobs:
           git config user.name 'github-actions[bot]'
           git config user.email ''
       - name: Maven release
-        run: mvn release:prepare -B -ff -DtagNameFormat=@{project.version}
+        run: ./mvnw release:prepare -B -ff -DtagNameFormat=@{project.version}
       - name: Maven release clean
-        run: mvn release:clean
+        run: ./mvnw release:clean
       - name: Get last TAG
         run: echo "LAST_TAG=$(git tag --sort=-version:refname | head -n 1)" >> $GITHUB_ENV
       - name: Extract release notes
@@ -44,7 +44,7 @@ jobs:
         with:
           ref: ${{ env.LAST_TAG }}
       - name: Build project
-        run: mvn -e -B clean package -DskipTests
+        run: ./mvnw -e -B clean package -DskipTests
       - name: Create release
         id: create_release
         uses: actions/create-release@v1

.github/workflows/build.yml

@@ -24,11 +24,11 @@ jobs:
         with:
           fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of analysis
 
-      - name: Set up JDK 11
+      - name: Set up JDK 17
         uses: actions/setup-java@v3
         with:
           distribution: 'temurin'
-          java-version: 11
+          java-version: 17
 
       - name: Cache Maven packages
         uses: actions/cache@v3
@@ -38,13 +38,7 @@ jobs:
           restore-keys: ${{ runner.os }}-m2
 
       - name: Verify
-        run: mvn -e -B verify
-
-      - name: Set up JDK 17
-        uses: actions/setup-java@v3
-        with:
-          distribution: 'temurin'
-          java-version: 17
+        run: ./mvnw -e -B verify
 
       - name: Cache SonarQube packages
         uses: actions/cache@v3
@@ -57,4 +51,4 @@ jobs:
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
-        run: mvn -e -B org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=green-code-initiative_ecoCode-java
+        run: ./mvnw -e -B org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=green-code-initiative_ecoCode-java

.github/workflows/tag_release.yml

@@ -29,7 +29,7 @@ jobs:
         id: extract-release-notes
         uses: ffurrer2/extract-release-notes@v1
       - name: Build project
-        run: mvn -e -B clean package -DskipTests
+        run: ./mvnw -e -B clean package -DskipTests
       - name: Create release
         id: create_release
         uses: actions/create-release@v1

.gitignore

@@ -1,8 +1,10 @@
 # Ignore all files and folders starting with ".", except a few exceptions
 .*
+!.mvn/
 !.gitignore
 !.gitattributes
 !.github/
+!.default.docker.env
 
 # Ignore generated files
 target

.mvn/wrapper/maven-wrapper.properties

@@ -0,0 +1,19 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+wrapperVersion=3.3.2
+distributionType=only-script
+distributionUrl=https://repo.maven.apache.org/maven2/org/apache/maven/apache-maven/3.9.9/apache-maven-3.9.9-bin.zip

CHANGELOG.md

@@ -9,12 +9,25 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ### Added
 
+- [#59](https://github.com/green-code-initiative/ecoCode-java/pull/59) Add builtin profile `ecoCode way` to aggregate all implemented ecoCode rules by this plugin
+- [#53](https://github.com/green-code-initiative/ecoCode-java/issues/53) Improve integration tests
+
 ### Changed
 
 - [#21](https://github.com/green-code-initiative/ecoCode-java/issues/21) Improvement: some method calls are legitimate in a for loop expression.
+- [#49](https://github.com/green-code-initiative/ecoCode-java/pull/49) Add test to ensure all Rules are registered
+- [#336](https://github.com/green-code-initiative/ecoCode/issues/336) [Adds Maven Wrapper](https://github.com/green-code-initiative/ecoCode-java/pull/67)
 
 ### Deleted
 
+## [1.6.2] - 2024-07-21
+
+### Changed
+
+- [#60](https://github.com/green-code-initiative/ecoCode-java/issues/60) Check + update for SonarQube 10.6.0 compatibility
+- refactoring docker system
+- upgrade ecocode-rules-specifications to 1.6.2
+
 ## [1.6.1] - 2024-05-15
 
 ### Changed

Dockerfile

@@ -1,9 +1,16 @@
-FROM maven:3-openjdk-11-slim AS builder
+ARG MAVEN_BUILDER=3-openjdk-17-slim
+ARG SONARQUBE_VERSION=10.6.0-community
+
+FROM maven:${MAVEN_BUILDER} AS builder
 
 COPY . /usr/src/ecocode
 
 WORKDIR /usr/src/ecocode
+COPY src src/
+COPY pom.xml tool_build.sh ./
+
 RUN ./tool_build.sh
 
-FROM sonarqube:10.5.1-community
+FROM sonarqube:${SONARQUBE_VERSION}
 COPY --from=builder /usr/src/ecocode/target/ecocode-*.jar /opt/sonarqube/extensions/plugins/
+USER sonarqube

README.md

@@ -26,34 +26,28 @@ the [ecoCode repository](https://github.com/green-code-initiative/ecoCode#-sonar
 🚀 Getting Started
 ------------------
 
-You can give a try with a one command docker :
+You can give a try with a one command:
 
 ```sh
-docker run -ti --rm \
-       -p 9000:9000 \
-       --name sonarqube-ecocode-java ghcr.io/green-code-initiative/sonarqube-ecocode-java:latest
+./mvnw verify -Pkeep-running
 ```
 
-or (with logs and data locally stored) :
+... then you can use Java test project repository to test the environment : see [Java test project in `./src/it/test-projects/ecocode-java-plugin-test-project`](./src/it/test-projects/ecocode-java-plugin-test-project)
 
-```sh
-docker run -ti --rm \
-       -v sq_ecocode_logs:/opt/sonarqube/logs \
-       -v sq_ecocode_data:/opt/sonarqube/data \
-       -p 9000:9000 \
-       --name sonarqube-ecocode-java ghcr.io/green-code-initiative/sonarqube-ecocode-java:latest
-```
+NB: To install other `ecocode` plugins, you can :
 
-... and configure local SonarQube (security config and quality profile : see [configuration](https://github.com/green-code-initiative/ecoCode-common/blob/main/doc/INSTALL.md#configuration-sonarqube) for more details).
+- add JAVA System properties `Dtest-it.additional-plugins` with a comma separated list of plugin IDs (`groupId:artifactId:version`), or plugins JAR (`file://....`) to install.
 
-To install other `ecocode` plugins, you can also :
+  For example :
 
-- download each plugin separatly and copy the plugin (jar file) to `$SONAR_INSTALL_DIR/extensions/plugins` and restart SonarQube.
+  ```sh
+  ./mvnw verify -Pkeep-running -Dtest-it.additional-plugins=org.sonarsource.javascript:sonar-plugin:10.1.0.21143
+  ```
 - install different ecocode plugins with Marketplace (inside admin panel of SonarQube)
 
-Then you can use Java test project repository to test the environment : see README.md of [Java test project](https://github.com/green-code-initiative/ecoCode-java-test-project)
+You can also directly use a [all-in-one docker-compose](https://github.com/green-code-initiative/ecoCode-common/blob/main/doc/INSTALL.md#start-sonarqube-if-first-time)
 
-Finally, you can directly use a [all-in-one docker-compose](https://github.com/green-code-initiative/ecoCode-common/blob/main/doc/INSTALL.md#start-sonarqube-if-first-time)
+... and configure local SonarQube (security config and quality profile : see [configuration](https://github.com/green-code-initiative/ecoCode-common/blob/main/doc/INSTALL.md#configuration-sonarqube) for more details).
 
 🛒 Distribution
 ------------------
@@ -63,9 +57,10 @@ Ready to use binaries are available [from GitHub](https://github.com/green-code-
 🧩 Compatibility
 -----------------
 
-| Plugin version | SonarQube version   | Java version |
-|----------------|---------------------|--------------|
-| 1.5.+          | 9.4.+ LTS to 10.5.1 | 11 / 17      |
+| Plugin version | SonarQube version   | Java version                                                                                   |
+|----------------|---------------------|------------------------------------------------------------------------------------------------|
+| 1.6.+          | 9.4.+ LTS to 10.6.0 | 11 / 17                                                                                        |
+| 1.7.+          | 9.9.+ LTS to 10.6.0 | [17](https://docs.sonarsource.com/sonarqube/9.9/requirements/prerequisites-and-overview/#java) |
 
 > Compatibility table of versions lower than 1.4.+ are available from the
 > main [ecoCode repository](https://github.com/green-code-initiative/ecoCode#-plugins-version-compatibility).

_TODOs_DDC.md

@@ -7,4 +7,5 @@
     - check usefulness
     - upgrade versions
 - enable github `dependabot` to create automatically PR with version upgrades of dependencides (when all dependencies will be ok)
-- ménage dans les branches de dev (local et remote)
+- ménage dans les branches de dev (local et remote)
+- docker-compose : ":9000" (génération port aléatoire pour l'IHM + repérage pour IHM) au lieu de "9000:9000" si erreur lors du démarrage "Error response from daemon: Ports are not available: exposing port TCP 0.0.0.0:9000 -> 0.0.0.0:0: listen tcp 0.0.0.0:9000: bind: address already in use"

docker-compose.yml

@@ -1,23 +1,27 @@
-version: "3.3"
+name: sonarqube_ecocode_java
+
 services:
   sonar:
-    image: sonarqube:10.5.1-community
+    build: .
     container_name: sonar_ecocode_java
     ports:
-      - "9000:9000"
+      - ":9000"
     networks:
       - sonarnet
     depends_on:
-      - db
+      db:
+        condition: service_healthy
     environment:
       SONAR_JDBC_USERNAME: sonar
       SONAR_JDBC_PASSWORD: sonar
       SONAR_JDBC_URL: jdbc:postgresql://db:5432/sonarqube
       SONAR_ES_BOOTSTRAP_CHECKS_DISABLE: 'true'
+    env_file:
+      - path: ./.default.docker.env
+        required: true
+      - path: ./.override.docker.env
+        required: false
     volumes:
-      - type: bind
-        source: ./target/ecocode-java-plugin-1.6.2-SNAPSHOT.jar
-        target: /opt/sonarqube/extensions/plugins/ecocode-java-plugin-1.6.2-SNAPSHOT.jar
       - "extensions:/opt/sonarqube/extensions"
       - "logs:/opt/sonarqube/logs"
       - "data:/opt/sonarqube/data"
@@ -34,6 +38,11 @@ services:
       POSTGRES_PASSWORD: sonar
       POSTGRES_DB: sonarqube
       PGDATA: pg_data:/var/lib/postgresql/data/pgdata
+    healthcheck:
+      test: [ "CMD-SHELL", "pg_isready -U sonar -d sonarqube" ]
+      interval: 5s
+      timeout: 5s
+      retries: 5
 
 networks:
   sonarnet: