diff --git a/CHANGELOG.md b/CHANGELOG.md index aea70d8d91b959437684c67a77a4fd7d1f23b66a..d6c7ee60c023fcf756a37650f6ff8b11157b339b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,6 +3,15 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). --- +## [9.2.6-bb.13] - 2021-06-07 +### Upgrade +- Upgraded Sonarqube to ironbank version 8.9. +- Bigbang plugins have been upgraded to the latest versions: + - dependency-check-sonar-plugin version 2.0.8 + - sonar-c-plugin version 1.3.3.2051 + - sonar-cxx-plugin version 2.0.2.2734 + - sonar-zap-plugin version 2.2.0 + ## [9.2.6-bb.12] - 2021-06-02 ### Modified - Modified helm-test network policy to be more restrictive. diff --git a/Dockerfile b/Dockerfile index 671cc39833c8862559ae09df61c08876c8e4a402..6589e308bc5e0aaef1e2bca4c80e1412e054847a 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,12 +1,12 @@ # Start with the IronBank Image -FROM registry1.dso.mil/ironbank/sonarsource/sonarqube/sonarqube8-community:8.7.1-community +FROM registry1.dso.mil/ironbank/sonarsource/sonarqube/sonarqube8-community:8.9-community # Add needed Plugins -ADD https://github.com/dependency-check/dependency-check-sonar-plugin/releases/download/2.0.7/sonar-dependency-check-plugin-2.0.7.jar /opt/sonarqube/extensions/plugins/ -ADD https://github.com/SonarOpenCommunity/sonar-cxx/releases/download/cxx-1.3.2/sonar-c-plugin-1.3.2.1853.jar /opt/sonarqube/extensions/plugins/ -ADD https://github.com/SonarOpenCommunity/sonar-cxx/releases/download/cxx-1.3.2/sonar-cxx-plugin-1.3.2.1853.jar /opt/sonarqube/extensions/plugins/ +ADD https://github.com/dependency-check/dependency-check-sonar-plugin/releases/download/2.0.8/sonar-dependency-check-plugin-2.0.8.jar /opt/sonarqube/extensions/plugins/ +ADD https://github.com/SonarOpenCommunity/sonar-cxx/releases/download/cxx-1.3.3/sonar-c-plugin-1.3.3.2051.jar /opt/sonarqube/extensions/plugins/ +ADD https://github.com/SonarOpenCommunity/sonar-cxx/releases/download/cxx-2.0.2/sonar-cxx-plugin-2.0.2.2734.jar /opt/sonarqube/extensions/plugins/ ADD https://github.com/dmeiners88/sonarqube-prometheus-exporter/releases/download/v1.0.0-SNAPSHOT-2018-07-04/sonar-prometheus-exporter-1.0.0-SNAPSHOT.jar /opt/sonarqube/extensions/plugins/ ADD https://github.com/vaulttec/sonar-auth-oidc/releases/download/v2.0.0/sonar-auth-oidc-plugin-2.0.0.jar /opt/sonarqube/extensions/plugins/ -ADD https://github.com/OtherDevOpsGene/zap-sonar-plugin/releases/download/sonar-zap-plugin-2.0.2/sonar-zap-plugin-2.0.2.jar /opt/sonarqube/extensions/plugins/ +ADD https://github.com/OtherDevOpsGene/zap-sonar-plugin/releases/download/sonar-zap-plugin-2.2.0/sonar-zap-plugin-2.2.0.jar /opt/sonarqube/extensions/plugins/ USER root RUN chown -R sonarqube:sonarqube /opt/sonarqube/extensions/plugins USER sonarqube diff --git a/chart/Chart.yaml b/chart/Chart.yaml index 162b12128c52d9455c4fca67048cabe5bea7f61e..36a584381d0e60763dfa3a99a5aaabb8a5d13c59 100644 --- a/chart/Chart.yaml +++ b/chart/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v1 -appVersion: 8.7.1-community +appVersion: 8.9-community name: sonarqube description: SonarQube is an open sourced code quality scanning tool -version: 9.2.6-bb.12 +version: 9.2.6-bb.13 keywords: - coverage - security diff --git a/chart/tests/cypress/sonarqube-health.spec.js b/chart/tests/cypress/sonarqube-health.spec.js index 91dcead3d6ebac709bec13eaf891b59122fdd099..5325684b1c05598810be52bf94775788c8298aee 100644 --- a/chart/tests/cypress/sonarqube-health.spec.js +++ b/chart/tests/cypress/sonarqube-health.spec.js @@ -10,6 +10,7 @@ describe('Basic Sonarqube', function() { cy.get('input[name="password"]').type(Cypress.env('newpassword')) cy.get('input[name="password_confirmation"]').type(Cypress.env('newpassword')) cy.get('button[id="change-password"]').click() + cy.contains("I understand the risk").click() cy.scrollTo('topRight') cy.get('a[class="dropdown-toggle navbar-avatar"]').click() cy.contains("My Account").click() diff --git a/chart/values.yaml b/chart/values.yaml index 7bb5d87f8be4caec78668f3fb6f6e6cba3120310..f0c0dd68c52c8c4153a0b480b9f68c4110511222 100644 --- a/chart/values.yaml +++ b/chart/values.yaml @@ -20,7 +20,7 @@ OpenShift: image: repository: registry.dso.mil/platform-one/big-bang/apps/developer-tools/sonarqube/sonarqube8-community-bb - tag: 8.7.1-community-bb + tag: 8.9-community-bb pullPolicy: IfNotPresent # If using a private repository, the name of the imagePullSecret to use pullSecret: private-registry @@ -376,4 +376,4 @@ networkPolicies: enabled: false ingressLabels: app: istio-ingressgateway - istio: ingressgateway \ No newline at end of file + istio: ingressgateway