Merge pull request #33 from cnescatlab/update/update_plugin

Update plugin and tools

.github/workflows/cd.yml

@@ -24,13 +24,13 @@ on:
 env:
   DOCKERFILE_PATH: "."
   DOCKERFILE_FILENAME: "Dockerfile"
-  DOCKER_IMAGE_NAME: "lequal/sonar-scanner"
+  DOCKER_IMAGE_NAME: "lequal/sonar-scanner-catlab"
 
 jobs:
   # Job to test if a new version is ready to be released
   deliverability:
     name: Check if a new version must be released
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
     # The job is run only if the CI workflow succeeded
     if: github.event.workflow_run.conclusion == 'success'
     outputs:
@@ -48,7 +48,7 @@ jobs:
           if [ "$milestones" == "[]" ]
           then
             echo No milestone completed, not delivering
-            echo "::set-output name=delivery::forbidden"
+            echo "delivery=forbidden" >> $GITHUB_OUTPUT
             exit 0
           fi
           echo -e "Completed milestones:\n$milestones"
@@ -62,17 +62,18 @@ jobs:
             exit 1
           fi
           echo Ready to deliver
-          echo "::set-output name=version::$version"
-          echo "::set-output name=milestone_number::$milestone_number"
-          echo "::set-output name=delivery::allowed"
+          echo "version=$version" >> $GITHUB_OUTPUT
+          echo "milestone_number=$milestone_number" >> $GITHUB_OUTPUT
+          echo "delivery=allowed" >> $GITHUB_OUTPUT
+
   release:
     name: Release a new version of the docker image
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
     needs: deliverability
     if: needs.deliverability.outputs.delivery == 'allowed'
     steps:
       # git clone
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
         with:
           fetch-depth: 0
       # Merge develop into master (fast forward) and tag master
@@ -91,7 +92,7 @@ jobs:
         run: |
           tags=($(git tag --sort="-v:refname" | grep -P -e '[0-9]+\.[0-9]+\.[0-9]+'))
           echo The tag of the previous release is ${tags[1]}
-          echo "::set-output name=tag::${tags[1]}"
+          echo "tag=${tags[1]}" >> $GITHUB_OUTPUT
       # Generate the changelog since last release
       - name: Generate the changelog
         uses: charmixer/auto-changelog-action@v1
@@ -117,47 +118,78 @@ jobs:
 
   push_to_registry:
     name: Push Docker image to Docker Hub
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
     needs: deliverability
     if: needs.deliverability.outputs.delivery == 'allowed'
     steps:
       - name: Check out the repo
         uses: actions/checkout@v4
 
       - name: Log in to Docker Hub
-        uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a
+        uses: docker/login-action@v3
         with:
           username: ${{ secrets.DOCKER_USERNAME }}
           password: ${{ secrets.DOCKER_TOKEN }}
 
       - name: Extract metadata (tags, labels) for Docker
         id: meta
-        uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7
+        uses: docker/metadata-action@v5
         with:
           images: ${{ env.DOCKER_IMAGE_NAME }}
 
       - name: Build and push Docker image to version number
-        uses: docker/build-push-action@3b5e8027fcad23fda98b2e3ac259d8d67585f671
+        uses: docker/build-push-action@v5
         with:
           context: .
           file: ${{ env.DOCKERFILE_PATH }}/${{ env.DOCKERFILE_FILENAME }}
           push: true
           tags: ${{ env.DOCKER_IMAGE_NAME}}:${{ needs.deliverability.outputs.version }}
           labels: ${{ steps.meta.outputs.labels }}
 
-      - name: Build and push Docker image to  lastest repo
-        uses: docker/build-push-action@3b5e8027fcad23fda98b2e3ac259d8d67585f671
+      - name: Build and push Docker image to lastest repo
+        uses: docker/build-push-action@v5
         with:
           context: .
           file: ${{ env.DOCKERFILE_PATH }}/${{ env.DOCKERFILE_FILENAME }}
           push: true
           tags: ${{ env.DOCKER_IMAGE_NAME }}:latest
           labels: ${{ steps.meta.outputs.labels }}
 
+      - name: Update repo description
+        uses: peter-evans/dockerhub-description@v4
+        with:
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_TOKEN }}
+          repository: ${{ env.DOCKER_IMAGE_NAME }}
+
+      - name: Build and push Docker image old name to version number
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          file: ${{ env.DOCKERFILE_PATH }}/${{ env.DOCKERFILE_FILENAME }}
+          push: true
+          tags: lequal/sonar-scanner:${{ needs.deliverability.outputs.version }}
+          labels: ${{ steps.meta.outputs.labels }}
+
+      - name: Build and push Docker image old name to lastest repo
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          file: ${{ env.DOCKERFILE_PATH }}/${{ env.DOCKERFILE_FILENAME }}
+          push: true
+          tags: lequal/sonar-scanner:latest
+          labels: ${{ steps.meta.outputs.labels }}
+
+      - name: Update old name repo description
+        uses: peter-evans/dockerhub-description@v4
+        with:
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_TOKEN }}
+          repository: lequal/sonar-scanner
 
   close_milestone:
     name: Close the milestone
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
     needs:
       - deliverability
       - release

.github/workflows/ci.yml

@@ -25,62 +25,47 @@ on:
 env:
   DOCKERFILE_PATH: '.'
   DOCKERFILE_FILENAME: 'Dockerfile'
-  DOCKER_IMAGE_NAME: 'lequal/sonar-scanner'
+  DOCKER_IMAGE_NAME: 'lequal/sonar-scanner-catlab'
 
 jobs:
   # Job that builds the image and upload it as an artifact
   build:
     name: Build the docker image
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
       - name: Build docker image
         run: docker build -t $DOCKER_IMAGE_NAME $DOCKERFILE_PATH
       - name: Save Docker image
         run: docker image save -o image.tar $DOCKER_IMAGE_NAME
       - name: Upload image as an artifact
-        uses: actions/upload-artifact@v2
+        uses: actions/upload-artifact@v4
         with:
           name: image
           path: image.tar
   # Jobs that test the image and the embedded tools
   test:
     name: Test the Docker image
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
     needs: build
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
       - name: Retrieve the image
-        uses: actions/download-artifact@v2
+        uses: actions/download-artifact@v4
         with:
           name: image
       - name: Load the image
         run: docker image load -i image.tar
       - name: Cache sonar-scanner data
-        uses: actions/cache@v2
+        uses: actions/cache@v4
         with:
           path: .sonarcache
           key: sonar-scanner-cache
       # Run the tests (with the appropriate server image)
       - name: Test docker image
         run: |
-          echo "Retrieving the branch name..."
-          if [ "${{ github.event_name }}" = "push" ]
-          then
-            branch=${{ github.ref }}
-            branch=${branch#*/}
-            branch=${branch#*/}
-          else # PR
-            branch=${{ github.head_ref }}
-          fi
-          echo "Cloning the server repo on branch $branch..."
-          if ! git clone https://github.com/cnescatlab/sonarqube.git -b "$branch" tmpserver;
-          then
-            echo "No branch $branch found on the server repository, using develop"
-            git clone https://github.com/cnescatlab/sonarqube.git -b develop tmpserver
-          fi
-          echo "Building the server image..."
-          docker build -t lequal/sonarqube:latest tmpserver/
+          echo "Retrieving the sonarqube-catlab image..."
+          docker pull lequal/sonarqube-catlab:latest
           echo "Testing the scanner image..."
           echo -e "Results of the CI pipeline\n" > tests_logs.txt
           cd tests/

Dockerfile

@@ -1,41 +1,44 @@
 # Builder image for analysis tools
-FROM debian:11-slim AS builder
+FROM ubuntu:22.04 AS builder
 
 # Install tools from sources
-RUN echo 'deb http://ftp.fr.debian.org/debian/ bullseye main contrib non-free' >> /etc/apt/sources.list \
-    && apt-get update \
-    && apt-get install -y --no-install-recommends \
-    curl=7.74.0-* \
+RUN apt update \
+    && apt install -y --no-install-recommends \
+    curl=7.81.0-* \
     # for C/C++ tools
     make=4.3-* \
-    g\+\+=4:10.2.1-* \
-    python3=3.9.2-* \
+    g\+\+=4:11.2.0-* \
+    python3=3.10.6-* \
     libpcre3-dev=2:8.39-* \
     unzip=6.0-* \
-    xz-utils=5.2.5-*
+    xz-utils=5.2.5-* \
+    && rm -rf /var/lib/apt/lists/* /var/cache/apt/archives/*
 
 # sonar-scanner
-RUN curl -ksSLO https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-4.8.0.2856.zip \
-    && unzip sonar-scanner-cli-4.8.0.2856.zip \
-    && mv /sonar-scanner-4.8.0.2856 /sonar-scanner
+RUN curl -ksSLO https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-5.0.1.3006.zip \
+    && unzip sonar-scanner-cli-5.0.1.3006.zip \
+    && mv ./sonar-scanner-5.0.1.3006 /sonar-scanner \
+    && rm sonar-scanner-cli-5.0.1.3006.zip
 
 # CppCheck
-RUN curl -ksSLO https://github.com/danmar/cppcheck/archive/refs/tags/2.10.tar.gz \
-    && tar -zxvf 2.10.tar.gz  \
-    && make -C cppcheck-2.10/ install \
+RUN curl -ksSLO https://github.com/danmar/cppcheck/archive/refs/tags/2.14.0.tar.gz \
+    && tar -zxvf 2.14.0.tar.gz  \
+    && make -C cppcheck-2.14.0/ install \
     MATCHCOMPILER="yes" \
     FILESDIR="/usr/share/cppcheck" \
     HAVE_RULES="yes" \
-    CXXFLAGS="-O2 -DNDEBUG -Wall -Wno-sign-compare -Wno-unused-function -Wno-deprecated-declarations"
+    CXXFLAGS="-O2 -DNDEBUG -Wall -Wno-sign-compare -Wno-unused-function -Wno-deprecated-declarations" \
+    && rm -rf cppcheck-2.14.0 2.14.0.tar.gz
 
 # Infer
 RUN curl -ksSLO https://github.com/facebook/infer/releases/download/v1.1.0/infer-linux64-v1.1.0.tar.xz \
-    && tar -C /opt -Jxvf infer-linux64-v1.1.0.tar.xz
+    && tar -C /opt -Jxvf infer-linux64-v1.1.0.tar.xz \
+    && rm infer-linux64-v1.1.0.tar.xz
 
 ################################################################################
 
 # Final image based on the official sonar-scanner image
-FROM debian:11-slim
+FROM ubuntu:22.04
 
 LABEL maintainer="CATLab"
 
@@ -88,55 +91,46 @@ COPY --from=builder /opt/infer-linux64-v1.1.0/lib /opt/infer-linux64-v1.1.0/lib
 # Add CNES pylintrc A_B, C, D
 COPY pylintrc.d/ /opt/python/
 
-# Download CNES pylint extension
-ADD https://github.com/cnescatlab/cnes-pylint-extension/archive/refs/tags/v6.0.0.tar.gz \
-    /tmp/python/
-
 # Install tools
-RUN echo 'deb http://ftp.fr.debian.org/debian/ bullseye main contrib non-free' >> /etc/apt/sources.list \
-    && apt-get update \
+RUN apt update \
     && mkdir -p /usr/share/man/man1 \
-    && apt-get install -y --no-install-recommends \
+    && apt install -y --no-install-recommends \
     # Needed by sonar-scanner
     openjdk-17-jre=17.0.* \
     # Needed by Pylint
-    python3=3.9.2-* \
-    python3-pip=20.3.4-* \
+    python3=3.10.6-* \
+    python3-pip=22.0.2* \
     # Shellcheck
-    shellcheck=0.7.1-* \
+    shellcheck=0.8.0-* \
     # Needed by Infer
-    libsqlite3-0=3.34.1-* \
-    libtinfo5=6.2* \
+    libsqlite3-0=3.37.2-* \
     python2.7=2.7.18-* \
     # Compilation tools needed by Infer
-    gcc=4:10.2.1-* \
-    g\+\+=4:10.2.1-* \
-    clang=1:11.0-* \
+    gcc=4:11.2.0-* \
+    g\+\+=4:11.2.0-* \
+    clang=1:14.0-* \
     make=4.3-* \
     && rm -rf /var/lib/apt/lists/* \
     && rm -rf /usr/local/man \
     # Install pylint and CNES pylint extension
-    && mkdir -p /opt/python/cnes-pylint-extension-6.0.0 \
-    && tar -xvzf /tmp/python/v6.0.0.tar.gz -C /tmp/python \
-    && mv /tmp/python/cnes-pylint-extension-6.0.0/checkers /opt/python/cnes-pylint-extension-6.0.0/ \
-    && rm -rf /tmp/python \
     && pip install --no-cache-dir \
-    setuptools-scm==7.1.0 \
-    pytest-runner==6.0.0 \
-    wrapt==1.15.0 \
+    cnes-pylint-extension==7.0.0 \
+    pylint-sonarjson-catlab==2.0.0 \
+    setuptools-scm==8.0.4 \
+    pytest-runner==6.0.1 \
+    wrapt==1.16.0 \
     six==1.16.0 \
-    lazy-object-proxy==1.9.0 \
+    lazy-object-proxy==1.10.0 \
     mccabe==0.7.0 \
-    isort==5.12.0 \
-    typed-ast==1.5.4 \
-    astroid==2.15.2 \
-    pylint==2.17.2 \
+    isort==5.13.2 \
+    typed-ast==1.5.5 \
+    astroid==3.1.0 \
+    pylint==3.1.0 \
     # Infer
     && ln -s "/opt/infer-linux64-v1.1.0/bin/infer" /usr/local/bin/infer
 
 # Make sonar-scanner, CNES pylint and C/C++ tools executable
-ENV PYTHONPATH="$PYTHONPATH:/opt/python/cnes-pylint-extension-6.0.0/checkers" \
-    PATH="$SONAR_SCANNER_HOME/bin:/usr/local/bin:$PATH" \
+ENV PATH="$SONAR_SCANNER_HOME/bin:/usr/local/bin:$PATH" \
     PYLINTHOME="$SONAR_SCANNER_HOME/.pylint.d" \
     JAVA_HOME="/usr/lib/jvm/java-17-openjdk-amd64"