paypay · anshul-paypay · Nov 15, 2022 · Nov 22, 2021 · Nov 22, 2021 · Dec 1, 2021
diff --git a/.env b/.env
@@ -1,8 +1,8 @@
 # The Sonarqube base image. 'latest' if building locally, '8.5-community' if targeting a specific version
-SONARQUBE_VERSION=latest
+SONARQUBE_VERSION=9.5-community
 
 # The name of the Dockerfile to run. 'Dockerfile' is building locally, 'release.Dockerfile' if building the release image
-DOCKERFILE=Dockerfile
+DOCKERFILE=release.Dockerfile
 
 # The version of the plugin to include in the image
-PLUGIN_VERSION=1.10.0-SNAPSHOT
+PLUGIN_VERSION=1.12.0
diff --git a/.github/FUNDING.yml b/.github/FUNDING.yml
@@ -0,0 +1 @@
+github: [mc1arke]
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -21,7 +21,7 @@ jobs:
     steps:
       -
         name: Checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
       -
         name: Init
         id: init
@@ -45,17 +45,17 @@ jobs:
     steps:
       -
         name: Checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
       -
         name: Set up Java ${{ matrix.java }}
-        uses: actions/setup-java@v2.3.1
+        uses: actions/setup-java@v3
         with:
           java-version: ${{ matrix.java }}
           java-package: jdk
           distribution: 'zulu'
       -
         name: Cache deps
-        uses: actions/cache@v2
+        uses: actions/cache@v3
         with:
           path: ~/.gradle/caches
           key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*') }}
@@ -68,7 +68,7 @@ jobs:
       -
         name: Archive artifact
         if: success() && matrix.java == '11'
-        uses: actions/upload-artifact@v2
+        uses: actions/upload-artifact@v3
         with:
           name: snapshot
           path: build/libs/*.jar
@@ -80,19 +80,19 @@ jobs:
     steps:
       -
         name: Checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
         with:
           fetch-depth: 0
       -
         name: Set up Java
-        uses: actions/setup-java@v2.3.1
+        uses: actions/setup-java@v3
         with:
           java-version: 11
           java-package: jdk
           distribution: 'zulu'
       -
         name: Cache deps
-        uses: actions/cache@v2
+        uses: actions/cache@v3
         with:
           path: ~/.gradle/caches
           key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*') }}
@@ -118,7 +118,7 @@ jobs:
       -
         name: Archive artifact
         if: success()
-        uses: actions/upload-artifact@v2
+        uses: actions/upload-artifact@v3
         with:
           name: release
           path: build/libs/*.jar
@@ -141,19 +141,19 @@ jobs:
     steps:
       -
         name: Checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
         with:
           fetch-depth: 0
       -
         name: Set up Java
-        uses: actions/setup-java@v2.3.1
+        uses: actions/setup-java@v3
         with:
           java-version: 11
           java-package: jdk
           distribution: 'zulu'
       -
         name: Cache deps
-        uses: actions/cache@v2
+        uses: actions/cache@v3
         with:
           path: ~/.gradle/caches
           key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*') }}

diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
@@ -24,15 +24,15 @@ jobs:
 
     steps:
     - name: Checkout repository
-      uses: actions/checkout@v2
+      uses: actions/checkout@v3
 
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@v1
+      uses: github/codeql-action/init@v2
       with:
         languages: ${{ matrix.language }}
 
     - name: Autobuild
-      uses: github/codeql-action/autobuild@v1
+      uses: github/codeql-action/autobuild@v2
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v1
+      uses: github/codeql-action/analyze@v2
diff --git a/Dockerfile b/Dockerfile
@@ -1,10 +1,10 @@
 ARG SONARQUBE_VERSION
 
-FROM openjdk:11-jdk-slim as builder
+FROM gradle:7.3.3-jdk11-alpine as builder
 
 COPY . /home/build/project
 WORKDIR /home/build/project
-RUN ./gradlew build -x test
+RUN gradle build -x test
 
 FROM sonarqube:${SONARQUBE_VERSION}
 COPY --from=builder --chown=sonarqube:sonarqube /home/build/project/build/libs/sonarqube-community-branch-plugin-*.jar /opt/sonarqube/extensions/plugins/

diff --git a/README.md b/README.md
@@ -2,19 +2,29 @@
 [![Build Status](https://img.shields.io/github/workflow/status/mc1arke/sonarqube-community-branch-plugin/build?label=build&logo=github)](https://github.com/mc1arke/sonarqube-community-branch-plugin?workflow=build)
 
 # Sonarqube Community Branch Plugin
+
 A plugin for SonarQube to allow branch analysis in the Community version.
 
 # Support
-This plugin is not maintained or supported by SonarSource and has no official upgrade path for migrating from the SonarQube Community Edition to any of the Commercial Editions (Developer, Enterprise, or Data Center Edition). Support for any problems is only available through issues on the Github repository or through alternative channels (e.g. StackOverflow) and any attempt to request support for this plugin directly from SonarSource or an affiliated channel (e.g. Sonar Community forum) is likely to result in your request being closed or ignored.
 
-If you plan on migrating your SonarQube data to a commercial edition after using this plugin then please be aware that this may result in some or all of your data being lost due to this compatibility of this plugin and the official SonarQube branch features being untested.
+This plugin is not maintained or supported by SonarSource and has no official upgrade path for migrating from the
+SonarQube Community Edition to any of the Commercial Editions (Developer, Enterprise, or Data Center Edition). Support
+for any problems is only available through issues on the Github repository or through alternative channels (e.g.
+StackOverflow) and any attempt to request support for this plugin directly from SonarSource or an affiliated channel (
+e.g. Sonar Community forum) is likely to result in your request being closed or ignored.
+
+If you plan on migrating your SonarQube data to a commercial edition after using this plugin then please be aware that
+this may result in some or all of your data being lost due to this compatibility of this plugin and the official
+SonarQube branch features being untested.
 
 # Compatibility
+
 Use the following table to find the correct plugin version for each SonarQube version
 
 SonarQube Version | Plugin Version
 ------------------|---------------
-9.0+              | 1.9.0
+9.1+              | 1.11.0
+9.0               | 1.9.0
 8.9               | 1.8.1
 8.7 - 8.8         | 1.7.0
 8.5 - 8.6         | 1.6.0
@@ -24,61 +34,123 @@ SonarQube Version | Plugin Version
 7.4 - 7.7         | 1.0.2
 
 # Features
-The plugin is intended to support the [features and parameters specified in the SonarQube documentation](https://docs.sonarqube.org/latest/branches/overview/).
+
+The plugin is intended to support the
+[features and parameters from the SonarQube documentation](https://docs.sonarqube.org/latest/branches/overview/).
 
 # Installation
 
 ## Manual Install
-__Please ensure you follow the installation instructions for the version of the plugin you're installing by looking at the README on the relevant release tag.__
 
-Either build the project or [download a compatible release version of the plugin JAR](https://github.com/mc1arke/sonarqube-community-branch-plugin/releases).
+__Please ensure you follow the installation instructions for the version of the plugin you're installing by looking at
+the README on the relevant release tag.__
+
+Either build the project
+or [download a compatible release version of the plugin JAR](https://github.com/mc1arke/sonarqube-community-branch-plugin/releases)
+.
 
 1. Copy the plugin JAR file to the `extensions/plugins/` directory of your SonarQube instance
-2. Add `-javaagent:./extensions/plugins/sonarqube-community-branch-plugin-${version}.jar=web` to the `sonar.web.javaAdditionalOpts` property in your Sonarqube installation's `config/sonar.properties` file, e.g. `sonar.web.javaAdditionalOpts=-javaagent:./extensions/plugins/sonarqube-community-branch-plugin-1.8.0.jar=web`
-3. Add `-javaagent:./extensions/plugins/sonarqube-community-branch-plugin-${version}.jar=ce` to the `sonar.ce.javaAdditionalOpts` property in your Sonarqube installation's `config/sonar.properties` file, e.g. `sonar.ce.javaAdditionalOpts=-javaagent:./extensions/plugins/sonarqube-community-branch-plugin-1.8.0.jar=ce`
+2. Add `-javaagent:./extensions/plugins/sonarqube-community-branch-plugin-${version}.jar=web` to
+   the `sonar.web.javaAdditionalOpts` property in your Sonarqube installation's `conf/sonar.properties` file,
+   e.g. `sonar.web.javaAdditionalOpts=-javaagent:./extensions/plugins/sonarqube-community-branch-plugin-1.8.0.jar=web`
+3. Add `-javaagent:./extensions/plugins/sonarqube-community-branch-plugin-${version}.jar=ce` to
+   the `sonar.ce.javaAdditionalOpts` property in your Sonarqube installation's `conf/sonar.properties` file,
+   e.g. `sonar.ce.javaAdditionalOpts=-javaagent:./extensions/plugins/sonarqube-community-branch-plugin-1.8.0.jar=ce`
 4. Start Sonarqube, and accept the warning about using third-party plugins
 
 ## Docker
-The plugin is distributed in the [mc1arke/sonarqube-with-community-branch-plugin](https://hub.docker.com/r/mc1arke/sonarqube-with-community-branch-plugin) Docker image, with the image versions matching the up-stream Sonarqube image version.
 
-__Note:__ If you're setting the `SONAR_WEB_JAVAADDITIONALOPTS` or `SONAR_CE_JAVAADDITIONALOPTS` environment variables in your container launch then you'll need to add the `javaagent` configuration to your overrides to match what's in the provided Dockerfile.
+The plugin is distributed in
+the [mc1arke/sonarqube-with-community-branch-plugin](https://hub.docker.com/r/mc1arke/sonarqube-with-community-branch-plugin)
+Docker image, with the image versions matching the up-stream Sonarqube image version.
+
+__Note:__ If you're setting the `SONAR_WEB_JAVAADDITIONALOPTS` or `SONAR_CE_JAVAADDITIONALOPTS` environment variables in
+your container launch then you'll need to add the `javaagent` configuration to your overrides to match what's in the
+provided Dockerfile.
+
+## Kubernetes with official Helm Chart
+
+When using
+[Sonarqube official Helm Chart](https://github.com/SonarSource/helm-chart-sonarqube/tree/master/charts/sonarqube),
+you need to add the following settings to your helm values, where `${version}` should be replaced with the plugin
+version (e.g. `1.11.0`):
+
+```yaml
+plugins:
+  install:
+    - https://github.com/mc1arke/sonarqube-community-branch-plugin/releases/download/${version}/sonarqube-community-branch-plugin-${version}.jar
+  lib:
+    - sonarqube-community-branch-plugin-${version}.jar
+jvmOpts: "-javaagent:/opt/sonarqube/lib/common/sonarqube-community-branch-plugin-${version}.jar=web"
+jvmCeOpts: "-javaagent:/opt/sonarqube/lib/common/sonarqube-community-branch-plugin-${version}.jar=ce"
+```
+
+### Issues with file path  with persistency
+
+If you set `persistence.enabled=true` on SonarQube chart, the plugin might be copied to this path:
+
+```
+/opt/sonarqube/lib/common/sonarqube-community-branch-plugin-${version}.jar/sonarqube-community-branch-plugin-${version}.jar
+```
+
+instead of this:
+
+```
+/opt/sonarqube/lib/common/sonarqube-community-branch-plugin-${version}.jar
+```
+
+As a workaround either change the paths in the config above, or exec into the container and move file up the directory
+to match the config.
 
 # Configuration
+
 ## Global configuration
+
 Make sure `sonar.core.serverBaseURL` in SonarQube [/admin/settings](http://localhost:9000/admin/settings) is properly
- set in order to for the links in the comment to work.
+set in order to for the links in the comment to work.
 
 Set all other properties that you can define globally for all of your projects.
 
-## How to decorate the PR
+## How to decorate a Pull Request
+
 In order to decorate your Pull Request's source branch, you need to analyze your target branch first.
 
 ### Run analysis of branches
-
-The analysis needs the following setting:
+
+If the scan is being run from a CI supporting auto-configuration then the scanner can be launched without any branch
+parameters. Otherwise, the analysis needs the following setting:
 `sonar.branch.name = branch_name (e.g master)`
 
 ### Run analysis of the PR branch
-Carefully read the official SonarQube guide for [pull request decoration](https://docs.sonarqube.org/latest/analysis/pull-request/) 
 
-In there you'll find the following properties that need to be set.
+Carefully read the official SonarQube guide
+for [pull request decoration](https://docs.sonarqube.org/latest/analysis/pull-request/)
+
+In there you'll find the following properties that need to be set, unless your CI support auto-configuration.
+
 ```
 sonar.pullrequest.key = pull_request_id (e.g. 100)
 sonar.pullrequest.branch = source_branch_name (e.g feature/TICKET-123)
 sonar.pullrequest.base = target_branch_name (e.g master)
 ```
 
 :warning: There must not be any `sonar.branch` properties like `sonar.branch.name` arguments set when you analyze a
-  pull-request. These properties indicate to sonar that a branch is being analyzed rather than a pull-request so no
-    pull-request decoration will be executed.
-    
+pull-request. These properties indicate to sonar that a branch is being analyzed rather than a pull-request so no
+pull-request decoration will be executed.
+
 ## Serving images for PR decoration
-By default, images for PR decoration are served as static resources on the SonarQube server as a part of Community Branch Plugin. 
 
-If you use a SonarQube server behind a firewall and/or PR service (Github, Gitlab etc.) hasn't access to SonarQube server, you should change `Images base URL` property in `General > Pull Request` settings.
+By default, images for PR decoration are served as static resources on the SonarQube server as a part of Community
+Branch Plugin.
+
+If you use a SonarQube server behind a firewall and/or PR service (Github, Gitlab etc.) doesn't have access to SonarQube
+server, you should change `Images base URL` property in `General > Pull Request` settings.
+
+Anyone needing to set this value can use the
+URL `https://raw.githubusercontent.com/mc1arke/sonarqube-community-branch-plugin/master/src/main/resources/static`, or
+download the files from this location and host them themself.
 
-Anyone needing to set this value can use the URL `https://raw.githubusercontent.com/mc1arke/sonarqube-community-branch-plugin/master/src/main/resources/static`, or download the files from this location and host them themself.
-
 # Building the plugin from source
-In case you want to try and test the current branch or build it for your development execute `./gradlew clean build
-` inside of the project directory. This will put the built jar under `libs/sonarqube-community-branch-plugin*.jar`
+
+If you want to try and test the current branch or build it for your development execute `./gradlew clean build`
+inside of the project directory. This will put the built jar under `libs/sonarqube-community-branch-plugin*.jar`
diff --git a/build.gradle b/build.gradle
@@ -52,23 +52,27 @@ configurations {
 
 compileJava {
     options.compilerArgs += '-proc:none'
+    options.encoding = 'UTF-8'
+}
+tasks.withType(JavaCompile) {
+    options.encoding = 'UTF-8'
 }
 
 
 dependencies {
     compileOnly(fileTree(dir: sonarLibraries, include: '**/*.jar', exclude: 'extensions/*.jar'))
     testImplementation(fileTree(dir: sonarLibraries, include: '**/*.jar', exclude: 'extensions/*.jar'))
-    testImplementation('org.mockito:mockito-core:4.0.0')
-    testImplementation('org.assertj:assertj-core:3.21.0')
+    testImplementation('org.mockito:mockito-core:4.6.1')
+    testImplementation('org.assertj:assertj-core:3.23.1')
     testImplementation('com.github.tomakehurst:wiremock:2.27.2')
     zip("sonarqube:sonarqube:${sonarqubeVersion}@zip")
-    implementation('org.bouncycastle:bcpkix-jdk15on:1.69')
+    implementation('org.bouncycastle:bcpkix-jdk15on:1.70')
     implementation(files('lib/nodes-0.5.0.jar'))
-    runtimeOnly('com.fasterxml.jackson.datatype:jackson-datatype-jsr310:2.13.0')
+    runtimeOnly('com.fasterxml.jackson.datatype:jackson-datatype-jsr310:2.13.3')
     compileOnly('com.google.code.findbugs:jsr305:3.0.2')
-    implementation('org.javassist:javassist:3.28.0-GA')
-    implementation('com.squareup.okhttp3:logging-interceptor:4.9.2')
-    testImplementation(platform('org.junit:junit-bom:5.8.1'))
+    implementation('org.javassist:javassist:3.29.0-GA')
+    implementation('com.squareup.okhttp3:logging-interceptor:4.10.0')
+    testImplementation(platform('org.junit:junit-bom:5.8.2'))
     testImplementation('org.junit.jupiter:junit-jupiter')
     testImplementation('junit:junit:4.13.2')
     testRuntimeOnly('org.junit.vintage:junit-vintage-engine')

diff --git a/gradle.properties b/gradle.properties
@@ -1 +1 @@
-version=1.10.0-SNAPSHOT
+version=1.12.1
diff --git a/gradle/wrapper/gradle-wrapper.properties b/gradle/wrapper/gradle-wrapper.properties
@@ -1,5 +1,5 @@
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-7.1.1-all.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-7.3.3-all.zip
 zipStoreBase=GRADLE_USER_HOME
 zipStorePath=wrapper/dists