ods-core icon indicating copy to clipboard operation
ods-core copied to clipboard

Published 20 hours ago verified publisher icon opendevstack

Update SonarQube to latest LTS

Open michaelsauter opened this issue 3 years ago • 6 comments

ODS is officially compatible with SQ 8.2. It is known not to work with 8.5+ (see #960). The latest LTS is 8.9. From 8.5 onwards, the language plugins are bundled, which would reduce the maintenance effort on our side, and would fix e.g. #1073.

I think ODS should be compatible with the latest LTS whenever possible.

BTW: The latest version is 9.2, which has support for Terraform files, which sounds like a nice addition as well.

michaelsauter avatar Nov 26 '21 07:11 michaelsauter

hi @michaelsauter , due to also try to check the log4j vul topic, I will try to push this to be fixed ASAP. I will target for now only master/4.x. What about 3.x?

gerardcl avatar Jan 24 '22 10:01 gerardcl

We will meet tomorrow with @braisvq1996. Llinking here official docs to prepare upgrading to latest LTS 8.9 version:

  • https://docs.sonarqube.org/latest/setup/before-you-upgrade/
  • https://docs.sonarqube.org/latest/setup/upgrade-notes/
  • https://docs.sonarqube.org/latest/instance-administration/plugin-version-matrix/
  • https://docs.sonarqube.org/latest/setup/upgrading/ Also:
  • https://github.com/cnescatlab/sonar-cnes-report/tree/4.0.0
  • https://github.com/SonarSource/sonarqube/releases/tag/8.9.6.50800

gerardcl avatar Jan 24 '22 12:01 gerardcl

@gerardcl great!

I would say master/4.x but would delegate to @metmajer.

An important aspect of this work is going to be the upgrade path. How do we avoid a situation where people are blocked because SQ was updated and their client is not compatible?

michaelsauter avatar Jan 24 '22 13:01 michaelsauter

we could provide both instances for short period of time and let users migrate smoothly

gerardcl avatar Jan 24 '22 13:01 gerardcl

we have fixed this issue first, required to be able to build new agents with new sonar depencencies versions -> https://github.com/opendevstack/ods-core/issues/1093

gerardcl avatar Feb 01 '22 10:02 gerardcl

with @braisvq1996 we have managed to have the following upgrade test with success:

  • testing with enterprise edition:
  1. sonarqube instance with 8.2 version in use
  2. sonarqube instance upgraded to 8.9 with success (backup.sh a priori, disable readiness temporarily, open /setup, enable readiness back)
  • testing with community edition:
  1. having an existing ODS 4.x project using sonarqube 8.2 with python agent 4.x
  2. upgrade sonarqube to 8.9 (see above, same process)
  3. upgrade jenkins agent base and python agent in 4.x to use latest cnes and sq client versions
  4. run same pipeline with new agents

so, it looks we are ready to plan an upgrade date

gerardcl avatar Feb 01 '22 10:02 gerardcl