Merge pull request #3 from james-flynn-ie/add-sonarcloud

Added: SonarCloud to pipeline

azure-pipelines.yml

@@ -5,55 +5,122 @@ pool:
   #  - The build VM is deployed by Microsoft, reducing maintenance.
   #  - Tools within the VM Image are always up to date.
   #  - Fresh build environment for every run (to reduce contamination from other runs).
-  # https://docs.microsoft.com/en-us/azure/devops/pipelines/agents/hosted?view=azure-devops&tabs=yaml
+  # see: https://docs.microsoft.com/en-us/azure/devops/pipelines/agents/hosted?view=azure-devops&tabs=yaml
   vmImage: ubuntu-20.04
 
 # Adding extra information into build name, to make it easier to identify builds. 
 # It can be called using '$(Build.BuildNumber)'
+# see: https://docs.microsoft.com/en-us/azure/devops/pipelines/process/run-number?view=azure-devops&tabs=yaml
 name: $(Build.DefinitionName).$(SourceBranchName).$(Date:yyyyMMdd)$(Rev:.r)
 
-jobs:
+stages:
-  - job: BuildTestDeploy
+  - stage: CI_CDelivery
-    displayName: Build Test and Deploy spring-petclinic Java Web App
+    displayName: 'Continuous Integration and Delivery'
-    steps:
+    dependsOn: []
-    - task: Maven@3
+    jobs:
-      displayName: 'Maven Package'
+    - job: BuildTestDeploy
-      inputs:
+      displayName: Build Test and Package spring-petclinic
-        mavenPomFile: 'pom.xml'
+      steps:
-        mavenOptions: '-Xmx3072m'
-        javaHomeOption: 'JDKVersion'
-        jdkVersionOption: '1.11'
-        jdkArchitectureOption: 'x64'
-        publishJUnitResults: true
-        testRunTitle: '$(Build.BuildNumber)'
-        testResultsFiles: '**/TEST-*.xml'
-        goals: 'package'
 
-    - task: CopyFiles@2
+      # Azure DevOps extension for configuring SonarCloud properties
-      displayName: 'Copy Files to artifact staging directory'
+      # see: https://marketplace.visualstudio.com/items?itemName=SonarSource.sonarcloud
-      inputs:
+      - task: SonarCloudPrepare@1
-        SourceFolder: '$(System.DefaultWorkingDirectory)'
+        displayName: 'Prepare SonarCloud Code Analysis Scan'
-        Contents: '**/target/*.?(war|jar)'
+        inputs:
-        TargetFolder: $(Build.ArtifactStagingDirectory)
+          # Azure DevOps Service Connection is used in place of secureSonar Token value within repo.
-        preserveTimestamp: true
+          # For configuring, see: https://docs.microsoft.com/en-us/azure/devops/pipelines/library/service-endpoints?view=azure-devops&tabs=yaml
+          SonarCloud: 'sonarcloud-svc-connection'
+          organization: 'james-flynn-ie'
+          scannerMode: 'Other'
+          ProjectKey: 'james-flynn-ie_spring-petclinic'
+          ProjectName: 'spring-petclinic'
+          # Sonar scanner does not allow branch name to be set for Pull Requests (PRs), but returns an error if not specified for CI builds.
+          # This conditional block only passes the branch name if build is not for a PR, otherwise it passes the Sonar PR params:
+          ${{ if ne(variables['Build.Reason'], 'PullRequest') }}:
+            extraProperties: |
+              sonar.branch.name=$(Build.SourceBranchName)
+              sonar.language=java
+              sonar.projectKey=james-flynn-ie_spring-petclinic
+          ${{ if eq(variables['Build.Reason'], 'PullRequest') }}:
+            extraProperties: |
+              sonar.pullrequest.key=$(System.PullRequest.pullRequestNumber)
+              sonar.pullrequest.branch=$(Build.SourceBranchName)
+              sonar.pullrequest.base=$(System.PullRequest.TargetBranch)
+              sonar.projectKey=james-flynn-ie_spring-petclinic
 
-    # Publish build artifacts to Azure Pipelines. Extension uses Robocopy "under the hood."
+      # https://docs.microsoft.com/en-us/azure/devops/pipelines/tasks/build/maven?view=azure-devops
-    # https://docs.microsoft.com/en-us/azure/devops/pipelines/tasks/utility/publish-build-artifacts?view=azure-devops
+      - task: Maven@3
-    - task: PublishBuildArtifacts@1
+        displayName: 'Maven Build, Test and Package'
-      inputs:
+        inputs:
-        pathToPublish: '$(Build.ArtifactStagingDirectory)/target' 
+          mavenPomFile: 'pom.xml'
-        artifactName: 'jar-artifact' 
+          # 'clean install sonar:sonar' is required to run the Sonarcloud scan ('package' creates the JAR).
-        publishLocation: 'Container' # Publishes inside Azure Pipelines artifact folder.
+          # see: https://www.coachdevops.com/2020/04/how-to-integrate-sonarqube-in-azure.html
-        parallel: true # Increased speed through multi-threaded copying.
+          goals: 'clean install sonar:sonar package'
-        parallelCount: 8 # Dependent upon CPU capabilities.
+          publishJUnitResults: true
+          testResultsFiles: '**/TEST-*.xml'
+          testRunTitle: '$(Build.BuildNumber)'
+          javaHomeOption: 'JDKVersion'
+          jdkVersionOption: '1.11'
+          mavenVersionOption: 'Default'
+          mavenOptions: '-Xmx3072m'
+          mavenAuthenticateFeed: false
+          effectivePomSkip: false
+          sonarQubeRunAnalysis: true
+          sqMavenPluginVersionChoice: 'latest'
+  
+      # Adds results and link to sonarcloud.io reports under 'Extensions' tab on pipeline run report.
+      # see: https://marketplace.visualstudio.com/items?itemName=SonarSource.sonarcloud
+      - task: SonarCloudPublish@1
+        displayName: 'Publish Quality Gate Result on SonarCloud'
+        inputs:
+          pollingTimeoutSec: '300'
 
-    - task: AzureWebApp@1
+      # https://docs.microsoft.com/en-us/azure/devops/pipelines/tasks/utility/copy-files?view=azure-devops&tabs=yaml
-      displayName: Deploy spring-petclinic to Azure Web App service
+      - task: CopyFiles@2
-      inputs:
+        displayName: 'Copy Files to artifact staging directory'
-        azureSubscription: 'azure-svc-connection'
+        inputs:
-        appType: webAppLinux
+          SourceFolder: '$(System.DefaultWorkingDirectory)'
-        appName: 'james-pet-clinic'
+          Contents: '**/target/*.?(war|jar)'
-        package: '$(System.DefaultWorkingDirectory)/**/*.jar'
+          TargetFolder: $(Build.ArtifactStagingDirectory)
-      # Only deploy web app from main branch (for release purposes)
+          preserveTimestamp: true
-      condition: and(succeeded(), eq(variables['Build.SourceBranch'], 'refs/heads/main'))
+  
-  
+      # Publish build artifacts to Azure Pipelines (Continuous Delivery).
+      # Build artifacts are retained and can be downloaded for local use, or used in other stages or pipeline runs for deployments.
+      # https://docs.microsoft.com/en-us/azure/devops/pipelines/tasks/utility/publish-build-artifacts?view=azure-devops
+      - task: PublishBuildArtifacts@1
+        inputs:
+          pathToPublish: '$(Build.ArtifactStagingDirectory)/target' 
+          artifactName: 'jar-artifact' 
+          publishLocation: 'Container' # Publishes inside Azure Pipelines artifact folder.
+          parallel: true # Increased speed through multi-threaded copying.
+          parallelCount: 8 # Dependent upon CPU capabilities.
+
+  - stage: CDeployment
+    displayName: 'Continuous Deployment'
+    dependsOn: [CI_CDelivery]
+    condition: and(succeeded(), eq(variables['Build.SourceBranch'], 'refs/heads/main'))
+    jobs:
+    - job: DeployWebApp
+      displayName: Deploy spring-petclinic Java Web App
+      steps:
+      - task: DownloadPipelineArtifact@2
+        inputs:
+          artifact: 'jar-artifact'
+          path: $(System.DefaultWorkingDirectory)
+
+      # Deploy JAR into Azure Web App Service https://docs.microsoft.com/en-us/azure/app-service/overview
+      # Azure App Service offers a Web application hosting Platform-as-a-Service, offering:
+      #  - Security
+      #  - Load balancing
+      #  - High Availability and autoscaling (based on policies)
+      # For pipeline configuration, see: https://docs.microsoft.com/en-us/azure/devops/pipelines/tasks/deploy/azure-rm-web-app?view=azure-devops
+      - task: AzureWebApp@1
+        displayName: Deploy spring-petclinic to Azure Web App service
+        inputs:
+          # For configuring Service Connection, see: https://docs.microsoft.com/en-us/azure/devops/pipelines/library/service-endpoints?view=azure-devops&tabs=yaml
+          azureSubscription: 'azure-svc-connection'
+          appType: webAppLinux
+          appName: 'james-pet-clinic'
+          package: '$(System.DefaultWorkingDirectory)/**/*.jar'
+        # Only deploy web app from main branch (for release purposes)
+...