Add automated functional checks

.github/workflows/docker-image.yml

@@ -7,6 +7,10 @@ on:
   pull_request:
     types: [opened, synchronize, reopened]
 
+env:
+  CODE: "PROJ1"
+  RULES: "+csharpsquid:S104;-ts:S1561;+Web:WhiteSpaceAroundCheck"
+
 jobs:
   build:
     runs-on: ubuntu-latest
@@ -18,18 +22,26 @@ jobs:
           - env:
               IMAGE_EDITION: developer
     steps:
-      - uses: actions/checkout@v3
-
-      - name: Build the Docker image
-        run: docker build --build-arg="IMAGE_EDITION=${{ matrix.env.IMAGE_EDITION }}" -t ci .
+      - uses: actions/checkout@v4
 
-      - name: Run the Docker image
-        run: docker run -d --name ci ci
+      - name: Build and run container image
+        run: |
+          docker build --build-arg="IMAGE_EDITION=${{ matrix.env.IMAGE_EDITION }}" -t ci .
+          docker run -e PROJECT_CODE="${{ env.CODE }}" -e PROJECT_RULES="${{ env.RULES }}" -v $(pwd)/tests:/opt/sonarqube/test -d --name ci ci
 
-      - name: Verify the Docker image
+      - name: Wait for Sonar instance to start
         # profile for language 'web' is the last; assume everything is working if we got this far
         run: docker logs -f ci |& sed "/Current profile for language 'web' is 'Sonar way'/ q"
         timeout-minutes: 3
 
-      - name: Stop the Docker image
+      - name: Install test requirements
+        run: |
+          docker exec -u 0:0 ci apt-get update
+          docker exec -u 0:0 ci apt-get install -y python3 python3-pip
+          docker exec -u 0:0 ci pip3 install -Ur /opt/sonarqube/test/requirements.txt
+
+      - name: Run tests
+        run: docker exec -e PROJECT_CODE="${{ env.CODE }}" -e PROJECT_RULES="${{ env.RULES }}" ci python3 -m unittest -v
+
+      - name: Stop the container
         run: docker stop ci

Dockerfile

@@ -18,21 +18,15 @@ RUN apt-get update \
     && apt-get install -y wget curl ca-certificates-java jq postgresql-client \
     && rm -rf /var/lib/apt/lists/*
 
-ADD ./plugins /tmp/plugins
-RUN rm -rf ./extensions/plugins/* && \
-    cat /tmp/plugins/plugin-list && \
-    chmod +x /tmp/plugins/install-plugins.sh && \
-    /tmp/plugins/install-plugins.sh
+COPY sonar.properties /opt/sonarqube/conf/sonar.properties
+COPY ./src /src
+RUN chmod +x /src/ /src/*.sh && \
+    rm -rf ./extensions/plugins/* && \
+    /src/install-plugins.sh
 
 WORKDIR /opt/sonarqube
-
-COPY ./start-with-profile.sh .
-ADD ./rules /tmp/rules
-ADD sonar.properties /opt/sonarqube/conf/sonar.properties
-
-RUN chown -R sonarqube:sonarqube . \
-    && chmod +x start-with-profile.sh
+RUN chown -R sonarqube:sonarqube .
 
 USER sonarqube
 
-CMD ["./start-with-profile.sh"]
+CMD ["/src/start-with-profile.sh"]

MAINTENANCE.md

@@ -4,10 +4,10 @@
 ## Version upgrade workflow
 
 1. Update `Dockerfile`s with the new version of SonarQube
-1. Update [external plugins](https://github.com/ICTU/sonar/blob/master/plugins/plugin-list)
-1. Create profiles based on the internal plugin versions in [start-with-profile.sh](https://github.com/ICTU/sonar/blob/rules-update/start-with-profile.sh)
+1. Update external plugins in the [config.json](https://github.com/ICTU/sonar/blob/master/src/config.json)
+1. Create profiles based on the internal plugin versions in the [config.json](https://github.com/ICTU/sonar/blob/master/src/config.json)
     1. Obtain the base version numbers from the vanilla SonarQube image directory `/opt/sonarqube/lib/extensions`, excluding build number
-    1. Update the profile version number `RULES_VERSION` if the rules have been changed
+    1. Update the config rules version number `rules_version` if the rules have been changed
 1. Create new version tags on github
     1. `MAJOR.MINOR.PATCH`
     1. `MAJOR.MINOR.PATCH-developer`
@@ -16,32 +16,36 @@
 
 ## Adding plugins
 
-Add the url of the plugin jar-file to be installed to `plugins/plugin-list`.
+Add the url of the plugin jar-file to be installed to the [config.json](https://github.com/ICTU/sonar/blob/master/src/config.json) value of `plugins`.
 
 
 ## Creating a new quality profile
 
-Modify `start-with-profile.sh` and add a statement to the end of the script, such as:
+Modify the [config.json](https://github.com/ICTU/sonar/blob/master/src/config.json) value of `profiles` and add a key (language as profile name) with value dictionary, such as:
 
-    createProfile "ictu-cs-profile-v6.6" "Sonar%20way" "cs"
+    "yaml": {
+      "plugin_name": "sonar-ansible-plugin",
+      "plugin_external": true,
+      "version": "ansible-profile-v2.5.1"
+    },
 
 The parameters are:
-* Profile name
-* Base profile name
-* Language (internal SonarQube language identifier)
+* (key): language (internal SonarQube language identifier) 
+* plugin_name: name of the plugin to be used for this profile
+* plugin_external: true for external plugin, false (default) when it is contained in the base container image
+* version: profile version string (based on the plugin version)
 
 
-## Create rules txt file from SonarQubes quality profile backup (xml)
+## Create rule entries from SonarQubes quality profile backup (xml)
 
 In order to make the importing of existing profiles easier, use the transformation `profile_backup_transform.xslt`.
 Go to the profiles page in your SonarQube instance, backup a profile to an xml file and transform it.
 
 
 ## Activating or deactivating individual rules in the quality profiles
 
-Modify the corresponding `rules/(language).txt` file.
-Each line represents a rule to be activated or deactivated and has the following syntax: `(operation)(ruleId)#(comment)`
-Please ensure each file ends with a new line character, otherwise the rule will not be added to the profile
+Modify the corresponding [config.json](https://github.com/ICTU/sonar/blob/master/src/config.json) value of `rules[language]`.
+Each entry represents a rule to be activated or deactivated and has the following syntax: `(operation)(ruleId)#(comment)`
 
 * **operation**: `+` activates a rule; `-` deactivates a rule
 * **ruleId**: SonarQube rule identifier

README.md

@@ -5,7 +5,7 @@ A SonarQube container image with plugins, profiles and config used at ICTU
 
 ## Creating a new quality profile
 
-When starting the SonarQube image, new quality profiles will be automatically created for [supported languages](https://github.com/ICTU/sonar/blob/master/rules).
+When starting the SonarQube image, new quality profiles will be automatically created for [supported languages](https://github.com/ICTU/sonar/blob/master/src/config.json).
 These newly created profiles are set to be the default profile, but can also be [extended with your own custom rules](https://docs.sonarsource.com/sonarqube/latest/instance-administration/quality-profiles/#extending-a-quality-profile).
 
 Extending the default can be done by ensuring that the current profile has a name ending with `EXTENDED` (or `extended`).

docker/docker-compose.ci.yml

@@ -10,6 +10,8 @@ services:
       SONAR_JDBC_USERNAME: "sonar_user"
       SONAR_JDBC_PASSWORD: "sonar_pass"
       SONARQUBE_PASSWORD: "admin123"
+      PROJECT_CODE: "PROJ1"
+      PROJECT_RULES: "+csharpsquid:S104;-ts:S1561;+Web:WhiteSpaceAroundCheck"
 
   db:
     environment: