cnescatlab · louisjdmartin · Apr 24, 2024 · Apr 16, 2024 · Apr 16, 2024 · Apr 22, 2024
diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml
@@ -72,7 +72,7 @@ jobs:
     if: needs.deliverability.outputs.delivery == 'allowed'
     steps:
       # git clone
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
         with:
           fetch-depth: 0
       # Merge develop into master (fast forward) and tag master
@@ -124,19 +124,19 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Log in to Docker Hub
-        uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a
+        uses: docker/login-action@v3
         with:
           username: ${{ secrets.DOCKER_USERNAME }}
           password: ${{ secrets.DOCKER_TOKEN }}
 
       - name: Extract metadata (tags, labels) for Docker
         id: meta
-        uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7
+        uses: docker/metadata-action@v5
         with:
           images: ${{ env.DOCKER_IMAGE_NAME }}
 
       - name: Build and push Docker image to version number
-        uses: docker/build-push-action@3b5e8027fcad23fda98b2e3ac259d8d67585f671
+        uses: docker/build-push-action@v5
         with:
           context: .
           file: ${{ env.DOCKERFILE_PATH }}/${{ env.DOCKERFILE_FILENAME }}
@@ -145,7 +145,7 @@ jobs:
           labels: ${{ steps.meta.outputs.labels }}
 
       - name: Build and push Docker image to  lastest repo
-        uses: docker/build-push-action@3b5e8027fcad23fda98b2e3ac259d8d67585f671
+        uses: docker/build-push-action@v5
         with:
           context: .
           file: ${{ env.DOCKERFILE_PATH }}/${{ env.DOCKERFILE_FILENAME }}

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -33,13 +33,13 @@ jobs:
     name: Build the docker image
     runs-on: ubuntu-20.04
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - name: Build docker image
         run: docker build -t $DOCKER_IMAGE_NAME $DOCKERFILE_PATH
       - name: Save Docker image
         run: docker image save -o image.tar $DOCKER_IMAGE_NAME
       - name: Upload image as an artifact
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
         with:
           name: image
           path: image.tar
@@ -49,9 +49,9 @@ jobs:
     runs-on: ubuntu-20.04
     needs: build
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
       - name: Retrieve the image
-        uses: actions/download-artifact@v2
+        uses: actions/download-artifact@v4
         with:
           name: image
       - name: Load the image

diff --git a/Dockerfile b/Dockerfile
@@ -1,69 +1,21 @@
 # This image is based on a LTS version of SonarQube
-FROM sonarqube:9.9.4-community
+FROM lequal/sonarqube:3.2.2
 
-LABEL maintainer="CNES CAT Lab"
+LABEL maintainer="CATLab"
 
 ENV HOME=/home/sonarqube \
     SONAR_SCANNER_HOME=/opt/sonar-scanner \
     SONAR_USER_HOME=/opt/sonar-scanner/.sonar \
-    PATH="$PATH:/opt/sonar-scanner/bin:/usr/local/bin" \
-    PYTHONPATH="$PYTHONPATH:/opt/python/cnes-pylint-extension-6.0.0/checkers/" \
-    PYLINTHOME="$HOME/.pylint.d"
+    PATH="$PATH:/opt/sonar-scanner/bin:/usr/local/bin"
 
 USER root
-COPY conf/. /tmp/conf/
-
-
-## ====================== DOWNLOAD DEPENDENCIES ===============================
-# Tools versions
-ARG ANSIBLE_LINT=2.5.1
-ARG CXX_VERSION=2.1.0
-ARG CXX_VERSION_FULL=${CXX_VERSION}.428
-ARG CHECKSTYLE_VERSION=10.9.3
-ARG CLOVER_VERSION=4.1
-ARG COBERTURA_VERSION=2.0
-ARG BRANCH_VERSION=1.14.0
-ARG FINDBUGS_VERSION=4.2.3
-ARG PMD_VERSION=3.4.0
-ARG SHELLCHECK_VERSION=2.5.0
-ARG ICODE_VERSION=3.1.1
-ARG CNESREPORT_VERSION=4.2.0
-ARG SONARTS_VERSION_REPO=2.1.0.4359
-ARG SONARTS_VERSION=2.1.0.4362
-ARG VHDLRC_VERSION=3.4
-ARG YAML_VERSION=1.7.0
-
-# Download SonarQube plugins
-ADD https://github.com/sbaudoin/sonar-ansible/releases/download/v${ANSIBLE_LINT}/sonar-ansible-plugin-${ANSIBLE_LINT}.jar \
-    https://github.com/SonarOpenCommunity/sonar-cxx/releases/download/cxx-${CXX_VERSION}/sonar-cxx-plugin-${CXX_VERSION_FULL}.jar \
-    https://github.com/checkstyle/sonar-checkstyle/releases/download/${CHECKSTYLE_VERSION}/checkstyle-sonar-plugin-${CHECKSTYLE_VERSION}.jar \
-    https://repo1.maven.org/maven2/io/github/sfeir-open-source/sonar-clover-plugin/${CLOVER_VERSION}/sonar-clover-plugin-${CLOVER_VERSION}.jar \
-    https://github.com/galexandre/sonar-cobertura/releases/download/${COBERTURA_VERSION}/sonar-cobertura-plugin-${COBERTURA_VERSION}.jar \
-    https://github.com/mc1arke/sonarqube-community-branch-plugin/releases/download/${BRANCH_VERSION}/sonarqube-community-branch-plugin-${BRANCH_VERSION}.jar \
-    https://github.com/spotbugs/sonar-findbugs/releases/download/${FINDBUGS_VERSION}/sonar-findbugs-plugin-${FINDBUGS_VERSION}.jar \
-    https://github.com/jensgerdes/sonar-pmd/releases/download/${PMD_VERSION}/sonar-pmd-plugin-${PMD_VERSION}.jar \
-    https://github.com/sbaudoin/sonar-shellcheck/releases/download/v${SHELLCHECK_VERSION}/sonar-shellcheck-plugin-${SHELLCHECK_VERSION}.jar \
-    https://github.com/cnescatlab/sonar-icode-cnes-plugin/releases/download/${ICODE_VERSION}/sonar-icode-cnes-plugin-${ICODE_VERSION}.jar \
-    https://github.com/cnescatlab/sonar-cnes-report/releases/download/${CNESREPORT_VERSION}/sonar-cnes-report-${CNESREPORT_VERSION}.jar \
-    https://github.com/SonarSource/SonarTS/releases/download/${SONARTS_VERSION_REPO}/sonar-typescript-plugin-${SONARTS_VERSION}.jar \
-    https://github.com/VHDLTool/sonar-VHDLRC/releases/download/v${VHDLRC_VERSION}/sonar-vhdlrc-plugin-${VHDLRC_VERSION}.jar \
-    https://github.com/sbaudoin/sonar-yaml/releases/download/v${YAML_VERSION}/sonar-yaml-plugin-${YAML_VERSION}.jar \
-    /opt/sonarqube/extensions/plugins/
-
-# Required by the community branch plugin (See https://github.com/mc1arke/sonarqube-community-branch-plugin/tree/1.8.1#installation)
-ENV SONAR_WEB_JAVAADDITIONALOPTS="-javaagent:./extensions/plugins/sonarqube-community-branch-plugin-${BRANCH_VERSION}.jar=web"
-ENV SONAR_CE_JAVAADDITIONALOPTS="-javaagent:./extensions/plugins/sonarqube-community-branch-plugin-${BRANCH_VERSION}.jar=ce"
 
 # Download software
-ADD https://github.com/cnescatlab/i-CodeCNES/releases/download/v4.1.0/icode-4.1.0.zip \
-    https://github.com/danmar/cppcheck/archive/refs/tags/2.10.tar.gz \
-    https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-4.8.0.2856.zip \
+ADD https://github.com/cnescatlab/i-CodeCNES/releases/download/4.1.2/icode-4.1.2.zip \
+    https://github.com/danmar/cppcheck/archive/refs/tags/2.13.0.tar.gz \
+    https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-5.0.1.3006.zip \
     /tmp/
 
-# CNES Pylint extension
-ADD https://github.com/cnescatlab/cnes-pylint-extension/archive/refs/tags/v6.0.0.tar.gz \
-    /tmp/python/
-
 # Add CNES pylintrc A_B, C, D
 COPY pylintrc.d/ /opt/python/
 
@@ -101,37 +53,37 @@ RUN apt-get update -y \
     && rm -rf /var/lib/apt/lists/* \
     && mkdir /home/sonarqube \
     ## Install i-Code CNES
-    && unzip /tmp/icode-4.1.0.zip -d /tmp \
+    && unzip /tmp/icode-4.1.2.zip -d /tmp \
     && chmod +x /tmp/icode/icode \
     && mv /tmp/icode/* /usr/bin \
     && rm -r /tmp/icode \
-    && rm /tmp/icode-4.1.0.zip \
+    && rm /tmp/icode-4.1.2.zip \
     ## Install Sonar Scanner
-    && unzip /tmp/sonar-scanner-cli-4.8.0.2856.zip -d /opt/ \
-    && mv /opt/sonar-scanner-4.8.0.2856 /opt/sonar-scanner \
-    && rm -rf /tmp/sonar-scanner-cli-4.8.0.2856.zip
+    && unzip /tmp/sonar-scanner-cli-5.0.1.3006.zip -d /opt/ \
+    && mv /opt/sonar-scanner-5.0.1.3006 /opt/sonar-scanner \
+    && rm -rf /tmp/sonar-scanner-cli-5.0.1.3006.zip
 
 ## Python, Pylint & CNES Pylint setup
-RUN tar -xvzf /tmp/python/v6.0.0.tar.gz -C /opt/python \
-    && rm -rf /tmp/python \
-    && pip install --no-cache-dir \
-    setuptools-scm==7.1.0 \
-    pytest-runner==6.0.0 \
-    wrapt==1.15.0 \
+RUN pip install --no-cache-dir \
+    setuptools-scm==8.0.4 \
+    pytest-runner==6.0.1 \
+    wrapt==1.16.0 \
     six==1.16.0 \
-    lazy-object-proxy==1.9.0 \
+    lazy-object-proxy==1.10.0 \
     mccabe==0.7.0 \
-    isort==5.12.0 \
-    typed-ast==1.5.4 \
-    astroid==2.15.2 \
-    pylint==2.17.2
+    isort==5.13.2 \
+    typed-ast==1.5.5 \
+    astroid==3.1.0 \
+    pylint==3.1.0 \
+    pylint_sonarjson_catlab==2.0.0 \
+    cnes-pylint-extension==7.0.0
 
 ## C and C++ tools installation
 RUN cd /tmp \
-    && tar -zxvf 2.10.tar.gz \
-    && make -C cppcheck-2.10/ install MATCHCOMPILER="yes" FILESDIR="/usr/share/cppcheck" HAVE_RULES="yes" CXXFLAGS="-O2 -DNDEBUG -Wall -Wno-sign-compare -Wno-unused-function -Wno-deprecated-declarations" \
+    && tar -zxvf 2.13.0.tar.gz \
+    && make -C cppcheck-2.13.0/ install MATCHCOMPILER="yes" FILESDIR="/usr/share/cppcheck" HAVE_RULES="yes" CXXFLAGS="-O2 -DNDEBUG -Wall -Wno-sign-compare -Wno-unused-function -Wno-deprecated-declarations" \
     && cd .. \
-    && rm -rf ./2.10.tar.gz ./cppcheck-2.10/ \
+    && rm -rf ./2.13.0.tar.gz ./cppcheck-2.13.0/ \
     && chown sonarqube:sonarqube -R /opt \
     && chown sonarqube:sonarqube -R /home \
     && apt-get autoremove -y \
@@ -149,7 +101,6 @@ COPY configure-cat.bash \
 
 # Make sonarqube owner of it's installation directories
 RUN chmod 750 /tmp/init.bash \
-    && chown sonarqube:sonarqube -R /tmp/conf \
     ###### Disable telemetry
     && sed -i 's/#sonar\.telemetry\.enable=true/sonar\.telemetry\.enable=false/' /opt/sonarqube/conf/sonar.properties \
     ###### Set default report path for Cppcheck