bats doesn't work. switching back to busybox and disabling initSysctl....

bats doesn't work. switching back to busybox and disabling initSysctl. initContainer is only used to wait for DB

CHANGELOG.md

 # Changelog
 
-## Initial Helm Chart Release - 2020-01-22
+## 9.2.6-bb.3 - 2021-03-16
+Plugins have been preinstalled into the container and made available at registry.dso.mil.
+
+InitContainers have also been pushed into registry.dso.mil until ironbank equivalents can be found.
+
+## Initial Helm Chart Release - 2021-01-22
 Added SAML sso integration
 
 Added istio virtual service

Dockerfile

+# Start with the IronBank Image
+FROM registry1.dso.mil/ironbank/sonarsource/sonarqube/sonarqube8-community:8.6-community
+# Add needed Plugins
+ADD https://github.com/dependency-check/dependency-check-sonar-plugin/releases/download/1.2.6/sonar-dependency-check-plugin-1.2.6.jar /opt/sonarqube/extensions/plugins/
+ADD https://github.com/SonarOpenCommunity/sonar-cxx/releases/download/cxx-1.3.2/sonar-c-plugin-1.3.2.1853.jar /opt/sonarqube/extensions/plugins/
+ADD https://github.com/SonarOpenCommunity/sonar-cxx/releases/download/cxx-1.3.2/sonar-cxx-plugin-1.3.2.1853.jar /opt/sonarqube/extensions/plugins/
+ADD https://github.com/dmeiners88/sonarqube-prometheus-exporter/releases/download/v1.0.0-SNAPSHOT-2018-07-04/sonar-prometheus-exporter-1.0.0-SNAPSHOT.jar /opt/sonarqube/extensions/plugins/
+ADD https://github.com/vaulttec/sonar-auth-oidc/releases/download/v2.0.0/sonar-auth-oidc-plugin-2.0.0.jar /opt/sonarqube/extensions/plugins/
+ADD https://github.com/OtherDevOpsGene/zap-sonar-plugin/releases/download/sonar-zap-plugin-2.0.2/sonar-zap-plugin-2.0.2.jar /opt/sonarqube/extensions/plugins/
+USER root
+RUN chown -R sonarqube:sonarqube /opt/sonarqube/extensions/plugins
+USER sonarqube

chart/Chart.yaml

@@ -2,7 +2,7 @@ apiVersion: v1
 appVersion: 8.6-community
 name: sonarqube
 description: SonarQube is an open sourced code quality scanning tool
-version: 9.2.6-bb.2
+version: 9.2.6-bb.3
 keywords:
   - coverage
   - security

chart/requirements.yaml

+dependencies:
+  - name: postgresql
+    version: 8.6.4
+    repository: file://charts/postgresql
+    condition: postgresql.enabled

chart/templates/deployment.yaml

@@ -84,7 +84,7 @@ spec:
       {{- end }}
       {{- if or .Values.initSysctl.enabled .Values.elasticsearch.configureNode }}
         - name: init-sysctl
-          image: {{ default "busybox:1.32" .Values.initSysctl.image }}
+          image: {{ default "registry.dso.mil/platform-one/big-bang/apps/developer-tools/sonarqube/busybox:1.32" .Values.initSysctl.image }}
           imagePullPolicy: {{ .Values.image.pullPolicy  }}
           {{- if $securityContext := (default .Values.initContainers.securityContext .Values.initSysctl.securityContext) }}
           securityContext:
@@ -105,7 +105,7 @@ spec:
       {{- end }}
       {{- if .Values.plugins.install }}
         - name: install-plugins
-          image: {{ default "rjkernick/alpine-wget:latest" .Values.plugins.image }}
+          image: {{ default "registry.dso.mil/platform-one/big-bang/apps/developer-tools/sonarqube/alpine-wget:latest" .Values.plugins.image }}
           imagePullPolicy: {{ .Values.image.pullPolicy  }}
           command: ["sh",
             "-e",
@@ -136,7 +136,7 @@ spec:
       {{- end }}
       {{- if and .Values.sonarProperties .Values.sonarSecretProperties }}
         - name: concat-properties
-          image: {{ default "busybox:1.32" .Values.initContainers.image }}
+          image: {{ default "registry.dso.mil/platform-one/big-bang/apps/developer-tools/sonarqube/busybox:1.32" .Values.initContainers.image }}
           imagePullPolicy: {{ .Values.image.pullPolicy  }}
           command: ["sh",
             "-c",
@@ -163,12 +163,15 @@ spec:
       {{- end }}
       {{- if .Values.postgresql.enabled }}      
         - name: "wait-for-db"
-          image: {{ default "busybox:1.32" .Values.initContainers.image }}
+          image: registry1.dso.mil/ironbank/opensource/postgres/postgresql96:9.6.20
           imagePullPolicy: {{ .Values.image.pullPolicy  }}
           resources:
 {{ toYaml .Values.initContainers.resources | indent 12 }}
-          command: ["/bin/sh", "-c", "for i in $(seq 1 200); do nc -z -w3 {{ .Release.Name}}-postgresql 5432 && exit 0 || sleep 2; done; exit 1"]
+          command: ["/bin/sh", "-c", "until pg_isready -h {{ .Release.Name}}-postgresql -p 5432 -U {{ .Values.postgresql.postgresqlUsername }}; do sleep 2; done"]
       {{- end }} 
+          env:
+          - name: POSTGRES_HOST_AUTH_METHOD
+            value: "trust"      
       {{- if .Values.priorityClassName }}
       priorityClassName: {{ .Values.priorityClassName }}
       {{- end }}

chart/templates/tests/sonarqube-test.yaml

@@ -13,7 +13,7 @@ metadata:
 spec:
   initContainers:
     - name: "bats"
-      image: "bats/bats:1.2.1"
+      image: "registry.dso.mil/platform-one/big-bang/apps/developer-tools/sonarqube/bats:1.2.1"
       imagePullPolicy: {{ .Values.image.pullPolicy }}
       command: ["bash", "-c"]
       args:
@@ -25,7 +25,7 @@ spec:
           name: tools
   containers:
     - name: {{ .Release.Name }}-ui-test
-      image: {{ default "bitnami/minideb-extras" .Values.tests.image }}
+      image: {{ default "registry.dso.mil/platform-one/big-bang/apps/developer-tools/sonarqube/minideb-extras:latest" .Values.tests.image }}
       imagePullPolicy: {{ .Values.image.pullPolicy }}
       command: [
         "/tools/bats/bin/bats",

chart/values.yaml

@@ -19,8 +19,8 @@ OpenShift:
   createSCC: true
 
 image:
-  repository: registry1.dso.mil/ironbank/sonarsource/sonarqube/sonarqube8-community
-  tag: 8.6-community
+  repository: registry.dso.mil/platform-one/big-bang/apps/developer-tools/sonarqube/sonarqube8-community-bb
+  tag: 8.6-community-bb
   pullPolicy: IfNotPresent
   # If using a private repository, the name of the imagePullSecret to use
   pullSecret: []
@@ -37,7 +37,7 @@ containerSecurityContext:
 # Settings to configure elasticsearch host requirements
 elasticsearch:
   # DEPRECATED: Use initSysctl.enabled instead
-  configureNode: true
+  configureNode: false
   bootstrapChecks: true
 
 service:
@@ -115,7 +115,7 @@ livenessProbe:
   # sonar.web.context: /sonarqube
 
 initContainers:
-  # image: busybox:1.32
+  # image: registry.dso.mil/platform-one/big-bang/apps/developer-tools/sonarqube/busybox:1.32
   # We allow the init containers to have a separate security context declaration because
   # the initContainer may not require the same as SonarQube.
   # securityContext: {}
@@ -131,12 +131,12 @@ initContainers:
   # secret: my-secret
 
 initSysctl:
-  enabled: true
+  enabled: false
   vmMaxMapCount: 524288
   fsFileMax: 131072
   nofile: 131072
   nproc: 8192
-  # image: busybox:1.32
+  # image: registry.dso.mil/platform-one/big-bang/apps/developer-tools/sonarqube/busybox:1.32
   securityContext:
     privileged: true
   # resources: {}
@@ -149,10 +149,10 @@ initSysctl:
 #    - "https://github.com/SonarSource/sonar-ldap/releases/download/2.2-RC3/sonar-ldap-plugin-2.2.0.601.jar"
 plugins:
   install: 
-    - https://github.com/dependency-check/dependency-check-sonar-plugin/releases/download/1.2.6/sonar-dependency-check-plugin-1.2.6.jar
-    - https://github.com/SonarOpenCommunity/sonar-cxx/releases/download/cxx-1.3.2/sonar-c-plugin-1.3.2.1853.jar
-    - https://github.com/SonarOpenCommunity/sonar-cxx/releases/download/cxx-1.3.2/sonar-cxx-plugin-1.3.2.1853.jar
-    - https://github.com/dmeiners88/sonarqube-prometheus-exporter/releases/download/v1.0.0-SNAPSHOT-2018-07-04/sonar-prometheus-exporter-1.0.0-SNAPSHOT.jar
+#    - https://github.com/dependency-check/dependency-check-sonar-plugin/releases/download/1.2.6/sonar-dependency-check-plugin-1.2.6.jar
+#    - https://github.com/SonarOpenCommunity/sonar-cxx/releases/download/cxx-1.3.2/sonar-c-plugin-1.3.2.1853.jar
+#    - https://github.com/SonarOpenCommunity/sonar-cxx/releases/download/cxx-1.3.2/sonar-cxx-plugin-1.3.2.1853.jar
+#    - https://github.com/dmeiners88/sonarqube-prometheus-exporter/releases/download/v1.0.0-SNAPSHOT-2018-07-04/sonar-prometheus-exporter-1.0.0-SNAPSHOT.jar
   lib: []
 
   # For use behind a corporate proxy when downloading plugins
@@ -160,7 +160,7 @@ plugins:
   # httpsProxy: ""
   # noProxy: ""
 
-  # image: rjkernick/alpine-wget:latest
+  # image: registry.dso.mil/platform-one/big-bang/apps/developer-tools/sonarqube/alpine-wget:latest
   # resources: {}
 
   # .netrc secret file with a key "netrc" to use basic auth while downloading plugins
@@ -314,8 +314,8 @@ podLabels: {}
 sonarqubeFolder: /opt/sonarqube
 
 tests:
-  enabled: true
-  # image: bitnami/minideb-extras
+  enabled: false
+  # image: registry.dso.mil/platform-one/big-bang/apps/developer-tools/sonarqube/minideb-extras:latest
 
 serviceAccount:
   create: false

tests/test-values.yml

@@ -3,3 +3,4 @@ image:
 
 istio:
   enabled: true
+