Merge branch 'release/4.2.0'

Author: robertauer

CHANGELOG.md

@@ -8,6 +8,15 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+## [4.2.0](https://github.com/cloudogu/ces-build-lib/releases/tag/4.2.0) - 2025-04-02
+### Changed
+- Removes the default legacy behavior which created a new project in SonarQube for every analyzed branch.
+This change uses the [community-branch-plugin](https://github.com/mc1arke/sonarqube-community-branch-plugin) as default
+to create a project for the single artifact id. In this project all analyses of branches and pull requests will be stored.
+
+### Fixed
+- [#147] Use dogu v2 api for applying dogus in k3d.
+
 ## [4.1.1](https://github.com/cloudogu/ces-build-lib/releases/tag/4.1.1) - 2025-03-11
 ### Fixed
 - [#143] Fix IllegalAccessError when using `GradleWrapperInDocker(..)`

README.md

@@ -817,13 +817,11 @@ Note that
   should be easy, however.
 
 ## Branches
+By default, the [sonarqube-community-branch-plugin](https://github.com/mc1arke/sonarqube-community-branch-plugin) is required and used.
+The reason for this is that since SonarQube version > 25 analysis with the legacy logic (creating one project per branch) fails
+on pull request because SonarQube requires the target branch (e.g. main) in the same project.
 
-By default, the `SonarQube` legacy logic, of creating one project per branch in a Jenkins Multibranch Pipeline project.
-
-A more convenient alternative is the paid-version-only [Branch Plugin](https://docs.sonarqube.org/display/PLUG/Branch+Plugin)
-or the [sonarqube-community-branch-plugin](https://github.com/mc1arke/sonarqube-community-branch-plugin), which has 
-similar features but is difficult to install, not supported officially and does not allow for migration to the official 
-branch plugin later on.
+A more convenient alternative is the paid-version-only [Branch Plugin](https://docs.sonarqube.org/display/PLUG/Branch+Plugin).
 
 You can enable either branch plugins like so:
 
@@ -891,17 +889,8 @@ Note that SonarCloud uses the Branch Plugin, so the first analysis has to be don
 
 ## Pull Requests in SonarQube
 
-As described above, SonarCloud can annotate PullRequests using the SonarCloud Application for GitHub. 
-It is no longer possible to do this from a regular community edition SonarQube, as the 
-[GitHub Plugin for SonarQube](https://docs.sonarqube.org/display/PLUG/GitHub+Plugin) is deprecated.
-
-So a PR build is treated just like any other. That is, 
-
-* without branch plugin: A new project using the `BRANCH_NAME` from env is created. 
-* with Branch Plugin: A new branch is analysed using the `BRANCH_NAME` from env.
-
-The Jenkins GitHub Plugin sets `BRANCH_NAME` to the PR Name, e.g. `PR-42`.
-
+As described above, SonarCloud can annotate PullRequests using the SonarCloud Application for GitHub.
+For the regular community edition the [community-branch-plugin](https://github.com/mc1arke/sonarqube-community-branch-plugin) is required.
 
 # Changelog
 Provides the functionality to read changes of a specific version in a changelog that is 

pom.xml

@@ -19,7 +19,7 @@
     <groupId>com.cloudogu.ces</groupId>
     <artifactId>ces-build-lib</artifactId>
     <name>ces-build-lib</name>
-    <version>4.1.1</version>
+    <version>4.2.0</version>
 
 
     <properties>

src/com/cloudogu/ces/cesbuildlib/K3d.groovy

@@ -403,7 +403,7 @@ class K3d {
     void applyDoguResource(String doguName, String doguNamespace, String doguVersion) {
         def filename = "target/make/k8s/${doguName}.yaml"
         def doguContentYaml = """
-apiVersion: k8s.cloudogu.com/v1
+apiVersion: k8s.cloudogu.com/v2
 kind: Dogu
 metadata:
   name: ${doguName}

src/com/cloudogu/ces/cesbuildlib/SonarQube.groovy

@@ -100,13 +100,7 @@ class SonarQube implements Serializable {
         if (isIgnoringBranches) {
             return
         }
-        
-        // Run SQ analysis in specific project for feature, hotfix, etc.
-        // Note that -Dsonar.branch is deprecated from SQ 6.6: https://docs.sonarqube.org/display/SONAR/Analysis+Parameters
-        // However, the alternative (the branch plugin is paid version only)
-        // See https://docs.sonarqube.org/display/PLUG/Branch+Plugin
-        // An alternative could be this: 
-        // https://github.com/mc1arke/sonarqube-community-branch-plugin
+        def artifactId = mvn.artifactId.trim()
         if (isUsingBranchPlugin) {
             mvn.additionalArgs += " -Dsonar.branch.name=${script.env.BRANCH_NAME} "
 
@@ -116,39 +110,29 @@ class SonarQube implements Serializable {
                 // Avoid exception "The main branch must not have a target" on master branch
                 mvn.additionalArgs += " -Dsonar.branch.target=${targetBranch} "
             }
-        } else if (script.env.BRANCH_NAME) {
-            // From SonarQube 7.9 "-Dsonar.branch" leads to an exception, because it's deprecated.
-            //mvn.additionalArgs += " -Dsonar.branch=${script.env.BRANCH_NAME} "
-            // In order to not break behavior of ces-build-lib, we re-implement similar behavior in ces-build-lib.
-
-            // Note that the legacy "-Dsonar.branch" resulted in the display name "<maven name> <branch name>"
-            // We can't do that because the blank sends us to jenkis-shell-quoting-hell.
-            // Even this didn't help: https://gist.github.com/Faheetah/e11bd0315c34ed32e681616e41279ef4
-            // So change it to "<maven artifact>:<branch name>", as artifact is not allowed to consist spaces
-
-            // We also apply this logic to PRs, since GitHub Plugin is deprecated from 7.2+.
-            // From SonarQube 6.6 "-Dsonar.analysis.mode" leads to an exception, because it's deprecated.
-            // There seems to be no replacement in the community version.
-            // See https://docs.sonarqube.org/display/PLUG/GitHub+Plugin
-            // Some examples for Env Vars when building PRs. 
+            // Use -Dsonar.branch.name with following plugin:
+            // https://github.com/mc1arke/sonarqube-community-branch-plugin
+            // Some examples for Env Vars when building PRs.
             // BRANCH_NAME=PR-26
-            // CHANGE_BRANCH=feature/simpify_git_push
+            // CHANGE_BRANCH=feature/simplify_git_push
             // CHANGE_TARGET=develop
-            
-            def artifactId = mvn.artifactId.trim()
-            // Malformed key for Project: 'groupId:artifactId:feature/something'. 
-            // Allowed characters are alphanumeric, '-', '_', '.' and ':', with at least one non-digit.
-            String projectKey = replaceCharactersNotAllowedInProjectKey(script.env.BRANCH_NAME)
-            String projectName = script.env.BRANCH_NAME
-            mvn.additionalArgs += " -Dsonar.projectKey=${mvn.groupId}:${artifactId}:${projectKey}"  +
-                    " -Dsonar.projectName=${artifactId}:${projectName} "
+        } else if (script.env.CHANGE_TARGET) {
+            mvn.additionalArgs += "-Dsonar.projectKey=${replaceCharactersNotAllowedInProjectKey(artifactId)} " +
+                " -Dsonar.projectName=${artifactId} " +
+                " -Dsonar.pullrequest.key=${script.env.CHANGE_ID} " +
+                " -Dsonar.pullrequest.branch=${script.env.CHANGE_BRANCH} " +
+                " -Dsonar.pullrequest.base=${script.env.CHANGE_TARGET} "
+        } else if (script.env.BRANCH_NAME) {
+            mvn.additionalArgs += "-Dsonar.projectKey=${replaceCharactersNotAllowedInProjectKey(artifactId)} " +
+                " -Dsonar.projectName=${artifactId} " +
+                " -Dsonar.branch.name=${script.env.BRANCH_NAME} "
         }
     }
 
-    protected String replaceCharactersNotAllowedInProjectKey(String potentialProjectKey) {
-        return potentialProjectKey.replaceAll("[^a-zA-Z0-9-_.:]", "_");
+    protected static String replaceCharactersNotAllowedInProjectKey(String potentialProjectKey) {
+        return potentialProjectKey.replaceAll("[^a-zA-Z0-9-_.:]", "_")
     }
-    
+
     protected String determineIntegrationBranch() {
         if (config['integrationBranch']) {
             return config['integrationBranch']
@@ -221,7 +205,7 @@ class SonarQube implements Serializable {
                 }
 
                 analyzeWith(mvn, script.env.SONAR_MAVEN_GOAL, script.env.SONAR_HOST_URL, script.env.SONAR_AUTH_TOKEN,
-                        sonarExtraProps)
+                    sonarExtraProps)
             }
         }
     }
@@ -257,9 +241,9 @@ class SonarQube implements Serializable {
 
         def executeWith(Maven mvn) {
             script.withCredentials([script.usernamePassword(credentialsId: usernameAndPasswordCredential,
-                    passwordVariable: 'PASSWORD', usernameVariable: 'USERNAME')]) {
+                passwordVariable: 'PASSWORD', usernameVariable: 'USERNAME')]) {
                 analyzeWith(mvn, 'sonar:sonar', host, script.env.USERNAME,
-                        "-Dsonar.password=${script.env.PASSWORD} ")
+                    "-Dsonar.password=${script.env.PASSWORD} ")
             }
         }
     }

test/com/cloudogu/ces/cesbuildlib/K3dTest.groovy

@@ -358,7 +358,7 @@ class K3dTest {
         scriptMock.expectedShRetValueForScript.put("echo 'test' | grep 'test'", "test")
 
         String doguYaml = """
-apiVersion: k8s.cloudogu.com/v1
+apiVersion: k8s.cloudogu.com/v2
 kind: Dogu
 metadata:
   name: nginx-ingress
@@ -384,7 +384,7 @@ spec:
         assertThat(scriptMock.allActualArgs[10].trim()).isEqualTo("yq -oj '.Image=\"myIP.local:5000/test/myimage:0.1.2\"' dogu.json > leWorkspace/target/dogu.json")
         assertThat(scriptMock.allActualArgs[11].trim()).isEqualTo("sudo KUBECONFIG=leK3dWorkSpace/.k3d/.kube/config kubectl create configmap test-descriptor --from-file=leWorkspace/target/dogu.json")
         assertThat(scriptMock.allActualArgs[12].trim()).isEqualTo("sudo KUBECONFIG=leK3dWorkSpace/.k3d/.kube/config kubectl apply -f \n" +
-            "apiVersion: k8s.cloudogu.com/v1\n" +
+            "apiVersion: k8s.cloudogu.com/v2\n" +
             "kind: Dogu\n" +
             "metadata:\n" +
             "  name: nginx-ingress\n" +
@@ -532,7 +532,7 @@ spec:
 
         def filename = "target/make/k8s/testName.yaml"
         def doguContentYaml = """
-apiVersion: k8s.cloudogu.com/v1
+apiVersion: k8s.cloudogu.com/v2
 kind: Dogu
 metadata:
   name: testName

test/com/cloudogu/ces/cesbuildlib/SonarQubeTest.groovy

@@ -47,7 +47,7 @@ class SonarQubeTest {
 
         assert mavenMock.args ==
                 'sonar:sonar -Dsonar.host.url=http://ces/sonar -Dsonar.login=auth '
-        assertBranchName(branchName, branchName)
+        assertBranchName(branchName, mavenMock)
         assert scriptMock.actualStringArgs['credentialsId'] == 'secretTextCred'
     }
 
@@ -75,7 +75,7 @@ class SonarQubeTest {
 
         assert mavenMock.args ==
                 'sonar:sonar -Dsonar.host.url=http://ces/sonar -Dsonar.login=usr -Dsonar.password=pw '
-        assertBranchName('develop', 'develop')
+        assertBranchName('develop', mavenMock)
         assert scriptMock.actualUsernamePasswordArgs[0]['credentialsId'] == 'usrPwCred'
     }
 
@@ -128,7 +128,7 @@ class SonarQubeTest {
 
         assert mavenMock.args ==
                 'sonar:sonar -Dsonar.host.url=host -Dsonar.login=auth -DextraKey=extraValue'
-        assertBranchName('develop', 'develop')
+        assertBranchName('develop', mavenMock)
         assert scriptMock.actualSonarQubeEnv == 'sqEnv'
     }
 
@@ -157,8 +157,13 @@ class SonarQubeTest {
     @Test
     void analyzeWithBranchContainCharsNotValidForProjectKey() throws Exception {
         String branchName = 'feature/abc'
-        String projectKey = 'feature_abc'
-        String projectName = branchName
+        // Use custom maven mock because the attributes are read only
+        def mavenMock = new MavenMock(scriptMock)
+        mavenMock.mockedArtifactId = "ces/build/lib"
+        mavenMock.mockedGroupId = "com.cloudogu.ces"
+        mavenMock.mockedName = "ces build lib"
+        String projectKey = 'ces_build_lib'
+        String projectName = "ces/build/lib"
 
         def sonarQube = new SonarQube(scriptMock, [usernamePassword: 'usrPwCred', sonarHostUrl: 'http://ces/sonar'])
         scriptMock.env = [
@@ -168,7 +173,9 @@ class SonarQubeTest {
 
         sonarQube.analyzeWith(mavenMock)
 
-        assertBranchName(projectKey, projectName)
+        assertBranchName(branchName, mavenMock)
+        assertProjectKey(projectKey, mavenMock)
+        assertProjectName(projectName, mavenMock)
     }
 
     @Test
@@ -251,6 +258,27 @@ class SonarQubeTest {
         assert mavenMock.additionalArgs.endsWith(' -Dsonar.branch.target=develop ')
     }
 
+    @Test
+    void analyzeWithBranchCommunityBranchPluginOnPullRequest() throws Exception {
+        def branchName = "PR-42"
+        def changeID = "123"
+        def changeTarget = "develop"
+        scriptMock.env = [
+            CHANGE_BRANCH: branchName,
+            CHANGE_TARGET: changeTarget,
+            CHANGE_ID: changeID,
+        ]
+
+        def sonarQube = new SonarQube(scriptMock, ["sonarQubeEnv": "env"])
+        sonarQube.analyzeWith(mavenMock)
+
+        assertProjectName(mavenMock.artifactId, mavenMock)
+        assertProjectKey(mavenMock.artifactId, mavenMock)
+        assert mavenMock.additionalArgs.contains("-Dsonar.pullrequest.key=${changeID}")
+        assert mavenMock.additionalArgs.contains("-Dsonar.pullrequest.branch=${branchName}")
+        assert mavenMock.additionalArgs.contains("-Dsonar.pullrequest.base=${changeTarget}")
+    }
+
     @Test
     void waitForQualityGate() throws Exception {
         scriptMock.expectedQGate = [status: 'OK']
@@ -321,7 +349,15 @@ class SonarQubeTest {
         assert exception.message == "Missing required 'sonarHostUrl' parameter."
     }
 
-    void assertBranchName(String projectKey, String projectName) {
-        assert mavenMock.additionalArgs.contains("-Dsonar.projectKey=com.cloudogu.ces:ces-build-lib:${projectKey} -Dsonar.projectName=ces-build-lib:${projectName}")
+    static void assertProjectKey(String projectKey, MavenMock mavenMock) {
+        assert mavenMock.additionalArgs.contains("-Dsonar.projectKey=${projectKey}")
+    }
+
+    static void assertProjectName(String projectName, MavenMock mavenMock) {
+        assert mavenMock.additionalArgs.contains("-Dsonar.projectName=${projectName}")
+    }
+
+    static void assertBranchName(String branchName, MavenMock mavenMock) {
+        assert mavenMock.additionalArgs.contains("-Dsonar.branch.name=${branchName}")
     }
 }