From 681aa2ee10eed1bab427b312f60c6911559e215f Mon Sep 17 00:00:00 2001 From: "Visser, M (Martin)" Date: Fri, 6 Feb 2026 09:03:31 +0100 Subject: [PATCH] CI / CD / release --- .azure/cd.yml | 5 +++-- .azure/release.yml | 18 ++++++++++++++++ .azure/templates/build.yml | 43 +++++++++++++++++++------------------- 3 files changed, 43 insertions(+), 23 deletions(-) create mode 100644 .azure/release.yml diff --git a/.azure/cd.yml b/.azure/cd.yml index c6776ff..f056d3a 100644 --- a/.azure/cd.yml +++ b/.azure/cd.yml @@ -1,7 +1,8 @@ trigger: - tags: + branches: include: - - '*' + - main + - release/* variables: - group: secure-vars diff --git a/.azure/release.yml b/.azure/release.yml new file mode 100644 index 0000000..c6776ff --- /dev/null +++ b/.azure/release.yml @@ -0,0 +1,18 @@ +trigger: + tags: + include: + - '*' + +variables: + - group: secure-vars + +pool: + name: 'Shared-EU-VM-Linux-Legacy-M-Prod' + +stages: + - template: /.azure/templates/build.yml + parameters: + checkmarxEnabled: true + deployEnabled: true + secretScannerEnabled: true + sonarqubeEnabled: true diff --git a/.azure/templates/build.yml b/.azure/templates/build.yml index 26e8328..88455c3 100644 --- a/.azure/templates/build.yml +++ b/.azure/templates/build.yml @@ -46,40 +46,41 @@ stages: - task: Maven@4 displayName: Maven Build inputs: - mavenPomFile: 'pom.xml' + effectivePomSkip: false goals: 'clean verify' - publishJUnitResults: true - testResultsFiles: '**/surefire-reports/TEST-*.xml' javaHomeOption: 'JDKVersion' jdkVersionOption: '1.17' - mavenVersionOption: 'Default' - mavenOptions: '-Xmx3072m' mavenAuthenticateFeed: false - effectivePomSkip: false + mavenOptions: '-Xmx3072m' + mavenPomFile: 'pom.xml' + mavenVersionOption: 'Default' + publishJUnitResults: true sonarQubeRunAnalysis: false + testResultsFiles: '**/surefire-reports/TEST-*.xml' - ${{ if parameters.sonarqubeEnabled }}: - task: RabobankCQSTask@1 displayName: SonarQube Analysis inputs: - sqServiceConnection: 'Rabobank CQS Service Connection - TEST' - scannerMode: 'maven' + mainSonarQubeProject: 'rabobank.shadow-tool-92651-rw' qualityGateBreak: false + scannerMode: 'maven' + sqServiceConnection: 'Rabobank CQS Service Connection - TEST' - ${{ if parameters.deployEnabled }}: - task: Maven@4 displayName: Deploy inputs: - mavenPomFile: 'pom.xml' + effectivePomSkip: false goals: 'clean deploy' - options: '-B -s $(mvnsettings.secureFilePath) -ntp' - publishJUnitResults: false javaHomeOption: 'JDKVersion' jdkVersionOption: '1.17' - mavenVersionOption: 'Default' - mavenOptions: '-Xmx3072m -Daether.dependencyCollector.impl=bf -Daether.dependencyCollector.bf.threads=10 -Daether.dependencyCollector.pool.artifact=hard -Daether.dependencyCollector.pool.dependency=hard' mavenAuthenticateFeed: false - effectivePomSkip: false + mavenOptions: '-Xmx3072m -Daether.dependencyCollector.impl=bf -Daether.dependencyCollector.bf.threads=10 -Daether.dependencyCollector.pool.artifact=hard -Daether.dependencyCollector.pool.dependency=hard' + mavenPomFile: 'pom.xml' + mavenVersionOption: 'Default' + options: '-B -s $(mvnsettings.secureFilePath) -ntp' + publishJUnitResults: false sonarQubeRunAnalysis: false - job: Checkmarx @@ -106,27 +107,27 @@ stages: - task: JavaToolInstaller@0 displayName: "Use Java 17" inputs: - versionSpec: 17 jdkArchitectureOption: x64 jdkSourceOption: PreInstalled + versionSpec: 17 - task: Maven@4 displayName: 'MavenNexusIQ' inputs: - mavenPomFile: 'pom.xml' + effectivePomSkip: false goals: 'com.sonatype.clm:clm-maven-plugin:index' - publishJUnitResults: false javaHomeOption: 'JDKVersion' jdkVersionOption: '17' - mavenVersionOption: 'Default' mavenAuthenticateFeed: false - effectivePomSkip: false + mavenPomFile: 'pom.xml' + mavenVersionOption: 'Default' + publishJUnitResults: false sonarQubeRunAnalysis: false - task: NexusIqPipelineTask@1 displayName: 'SonatypeEvaluate' inputs: - nexusIqService: 'Rabobank SCA NexusIQ' applicationId: 'shadow-tool' - stage: 'Build' + nexusIqService: 'Rabobank SCA NexusIQ' scanTargets: "**/module.xml" + stage: 'Build'