Merge branch 'bc/bugfix' into 'main'

Added plugins to container and pushed to gitlab See merge request !15

Merge branch 'bc/bugfix' into 'main'
Added plugins to container and pushed to gitlab See merge request !15
9b72df66 · Branden Cobb · 6d246e7f · 9fb36871 · 9b72df66 · 9b72df66
Commit 9b72df66 authored Mar 19, 2021 by Branden Cobb
8 changed files
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
 # Changelog
-## Initial Helm Chart Release - 2020-01-22
+## 9.2.6-bb.3 - 2021-03-16
+Plugins have been preinstalled into the container and made available at registry.dso.mil.
+InitContainers have also been pushed into registry.dso.mil until ironbank equivalents can be found.
+## Initial Helm Chart Release - 2021-01-22
 Added SAML sso integration
 Added istio virtual service

--- a/Dockerfile
+++ b/Dockerfile
+# Start with the IronBank Image
+FROM registry1.dso.mil/ironbank/sonarsource/sonarqube/sonarqube8-community:8.6-community
+# Add needed Plugins
+ADD https://github.com/dependency-check/dependency-check-sonar-plugin/releases/download/1.2.6/sonar-dependency-check-plugin-1.2.6.jar /opt/sonarqube/extensions/plugins/
+ADD https://github.com/SonarOpenCommunity/sonar-cxx/releases/download/cxx-1.3.2/sonar-c-plugin-1.3.2.1853.jar /opt/sonarqube/extensions/plugins/
+ADD https://github.com/SonarOpenCommunity/sonar-cxx/releases/download/cxx-1.3.2/sonar-cxx-plugin-1.3.2.1853.jar /opt/sonarqube/extensions/plugins/
+ADD https://github.com/dmeiners88/sonarqube-prometheus-exporter/releases/download/v1.0.0-SNAPSHOT-2018-07-04/sonar-prometheus-exporter-1.0.0-SNAPSHOT.jar /opt/sonarqube/extensions/plugins/
+ADD https://github.com/vaulttec/sonar-auth-oidc/releases/download/v2.0.0/sonar-auth-oidc-plugin-2.0.0.jar /opt/sonarqube/extensions/plugins/
+ADD https://github.com/OtherDevOpsGene/zap-sonar-plugin/releases/download/sonar-zap-plugin-2.0.2/sonar-zap-plugin-2.0.2.jar /opt/sonarqube/extensions/plugins/
+USER root
+RUN chown -R sonarqube:sonarqube /opt/sonarqube/extensions/plugins
+USER sonarqube
--- a/chart/Chart.yaml
+++ b/chart/Chart.yaml
@@ -2,7 +2,7 @@ apiVersion: v1
 appVersion: 8.6-community
 name: sonarqube
 description: SonarQube is an open sourced code quality scanning tool
-version: 9.2.6-bb.2
+version: 9.2.6-bb.3
 keywords:
  - coverage
  - security

--- a/chart/requirements.yaml
+++ b/chart/requirements.yaml
+dependencies:
+  - name: postgresql
+    version: 8.6.4
+    repository: file://charts/postgresql
+    condition: postgresql.enabled
--- a/chart/templates/deployment.yaml
+++ b/chart/templates/deployment.yaml
@@ -84,7 +84,7 @@ spec:
      {{- end }}
      {{- if or .Values.initSysctl.enabled .Values.elasticsearch.configureNode }}
        - name: init-sysctl
-          image: {{ default "busybox:1.32" .Values.initSysctl.image }}
+          image: {{ default "registry.dso.mil/platform-one/big-bang/apps/developer-tools/sonarqube/busybox:1.32" .Values.initSysctl.image }}
          imagePullPolicy: {{ .Values.image.pullPolicy  }}
          {{- if $securityContext := (default .Values.initContainers.securityContext .Values.initSysctl.securityContext) }}
          securityContext:
@@ -105,7 +105,7 @@ spec:
      {{- end }}
      {{- if .Values.plugins.install }}
        - name: install-plugins
-          image: {{ default "rjkernick/alpine-wget:latest" .Values.plugins.image }}
+          image: {{ default "registry.dso.mil/platform-one/big-bang/apps/developer-tools/sonarqube/alpine-wget:latest" .Values.plugins.image }}
          imagePullPolicy: {{ .Values.image.pullPolicy  }}
          command: ["sh",
            "-e",
@@ -136,7 +136,7 @@ spec:
      {{- end }}
      {{- if and .Values.sonarProperties .Values.sonarSecretProperties }}
        - name: concat-properties
-          image: {{ default "busybox:1.32" .Values.initContainers.image }}
+          image: {{ default "registry.dso.mil/platform-one/big-bang/apps/developer-tools/sonarqube/busybox:1.32" .Values.initContainers.image }}
          imagePullPolicy: {{ .Values.image.pullPolicy  }}
          command: ["sh",
            "-c",
@@ -163,12 +163,15 @@ spec:
      {{- end }}
      {{- if .Values.postgresql.enabled }}      
        - name: "wait-for-db"
-          image: {{ default "busybox:1.32" .Values.initContainers.image }}
+          image: registry1.dso.mil/ironbank/opensource/postgres/postgresql96:9.6.20
          imagePullPolicy: {{ .Values.image.pullPolicy  }}
          resources:
 {{ toYaml .Values.initContainers.resources | indent 12 }}
-          command: ["/bin/sh", "-c", "for i in $(seq 1 200); do nc -z -w3 {{ .Release.Name}}-postgresql 5432 && exit 0 || sleep 2; done; exit 1"]
+          command: ["/bin/sh", "-c", "until pg_isready -h {{ .Release.Name}}-postgresql -p 5432 -U {{ .Values.postgresql.postgresqlUsername }}; do sleep 2; done"]
-      {{- end }}          
+      {{- end }} 
+          env:
+          - name: POSTGRES_HOST_AUTH_METHOD
+            value: "trust"      
      {{- if .Values.priorityClassName }}
      priorityClassName: {{ .Values.priorityClassName }}
      {{- end }}

--- a/chart/templates/tests/sonarqube-test.yaml
+++ b/chart/templates/tests/sonarqube-test.yaml
@@ -13,7 +13,7 @@ metadata:
 spec:
  initContainers:
    - name: "bats"
-      image: "bats/bats:1.2.1"
+      image: "registry.dso.mil/platform-one/big-bang/apps/developer-tools/sonarqube/bats:1.2.1"
      imagePullPolicy: {{ .Values.image.pullPolicy }}
      command: ["bash", "-c"]
      args:
@@ -25,7 +25,7 @@ spec:
          name: tools
  containers:
    - name: {{ .Release.Name }}-ui-test
-      image: {{ default "bitnami/minideb-extras" .Values.tests.image }}
+      image: {{ default "registry.dso.mil/platform-one/big-bang/apps/developer-tools/sonarqube/minideb-extras:latest" .Values.tests.image }}
      imagePullPolicy: {{ .Values.image.pullPolicy }}
      command: [
        "/tools/bats/bin/bats",

--- a/chart/values.yaml
+++ b/chart/values.yaml
@@ -19,8 +19,8 @@ OpenShift:
  createSCC: true
 image:
-  repository: registry1.dso.mil/ironbank/sonarsource/sonarqube/sonarqube8-community
+  repository: registry.dso.mil/platform-one/big-bang/apps/developer-tools/sonarqube/sonarqube8-community-bb
-  tag: 8.6-community
+  tag: 8.6-community-bb
  pullPolicy: IfNotPresent
  # If using a private repository, the name of the imagePullSecret to use
  pullSecret: []
@@ -37,7 +37,7 @@ containerSecurityContext:
 # Settings to configure elasticsearch host requirements
 elasticsearch:
  # DEPRECATED: Use initSysctl.enabled instead
-  configureNode: true
+  configureNode: false
  bootstrapChecks: true
 service:
@@ -115,7 +115,7 @@ livenessProbe:
  # sonar.web.context: /sonarqube
 initContainers:
-  # image: busybox:1.32
+  # image: registry.dso.mil/platform-one/big-bang/apps/developer-tools/sonarqube/busybox:1.32
  # We allow the init containers to have a separate security context declaration because
  # the initContainer may not require the same as SonarQube.
  # securityContext: {}
@@ -131,12 +131,12 @@ initContainers:
  # secret: my-secret
 initSysctl:
-  enabled: true
+  enabled: false
  vmMaxMapCount: 524288
  fsFileMax: 131072
  nofile: 131072
  nproc: 8192
-  # image: busybox:1.32
+  # image: registry.dso.mil/platform-one/big-bang/apps/developer-tools/sonarqube/busybox:1.32
  securityContext:
    privileged: true
  # resources: {}
@@ -149,10 +149,10 @@ initSysctl:
 #    - "https://github.com/SonarSource/sonar-ldap/releases/download/2.2-RC3/sonar-ldap-plugin-2.2.0.601.jar"
 plugins:
  install: 
-    - https://github.com/dependency-check/dependency-check-sonar-plugin/releases/download/1.2.6/sonar-dependency-check-plugin-1.2.6.jar
+#    - https://github.com/dependency-check/dependency-check-sonar-plugin/releases/download/1.2.6/sonar-dependency-check-plugin-1.2.6.jar
-    - https://github.com/SonarOpenCommunity/sonar-cxx/releases/download/cxx-1.3.2/sonar-c-plugin-1.3.2.1853.jar
+#    - https://github.com/SonarOpenCommunity/sonar-cxx/releases/download/cxx-1.3.2/sonar-c-plugin-1.3.2.1853.jar
-    - https://github.com/SonarOpenCommunity/sonar-cxx/releases/download/cxx-1.3.2/sonar-cxx-plugin-1.3.2.1853.jar
+#    - https://github.com/SonarOpenCommunity/sonar-cxx/releases/download/cxx-1.3.2/sonar-cxx-plugin-1.3.2.1853.jar
-    - https://github.com/dmeiners88/sonarqube-prometheus-exporter/releases/download/v1.0.0-SNAPSHOT-2018-07-04/sonar-prometheus-exporter-1.0.0-SNAPSHOT.jar
+#    - https://github.com/dmeiners88/sonarqube-prometheus-exporter/releases/download/v1.0.0-SNAPSHOT-2018-07-04/sonar-prometheus-exporter-1.0.0-SNAPSHOT.jar
  lib: []
  # For use behind a corporate proxy when downloading plugins
@@ -160,7 +160,7 @@ plugins:
  # httpsProxy: ""
  # noProxy: ""
-  # image: rjkernick/alpine-wget:latest
+  # image: registry.dso.mil/platform-one/big-bang/apps/developer-tools/sonarqube/alpine-wget:latest
  # resources: {}
  # .netrc secret file with a key "netrc" to use basic auth while downloading plugins
@@ -314,8 +314,8 @@ podLabels: {}
 sonarqubeFolder: /opt/sonarqube
 tests:
-  enabled: true
+  enabled: false
-  # image: bitnami/minideb-extras
+  # image: registry.dso.mil/platform-one/big-bang/apps/developer-tools/sonarqube/minideb-extras:latest
 serviceAccount:
  create: false

--- a/tests/test-values.yml
+++ b/tests/test-values.yml
@@ -3,3 +3,4 @@ image:
 istio:
  enabled: true