tamaya-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Aaron Coburn <aaron.cob...@gmail.com>
Subject Re: [workInProgress] Sonar-Integration: working manually at the moment
Date Mon, 22 Apr 2019 12:55:33 GMT
There are two ways (that I know of) to add these credentials to the Travis
configuration without including them as plain text. I take it that you've
already generated a token from the sonar cloud interface. For both
approaches, you'll need to add this to the .travis.yml file:

addons:
    sonarcloud:
        organization: (I think this would be "apache")

One option is to create an encrypted version of the token. Documentation is
here:
https://docs.travis-ci.com/user/environment-variables/#defining-encrypted-variables-in-travisyml

For this, there is a ruby gem called `travis`. Once installed ($ gem
install travis), you can run

   $ travis encrypt <the-sonar-token>

The output of that command is the secure token, which would go here:

addons:
    sonarcloud:
        token:
            secure: <token-goes-here>

The second approach involves adjusting the settings in the Travis-CI web
interface: https://travis-ci.org/apache/incubator-tamaya/settings

Under the "Environment Variables" section, you'd need to add an entry with
the Name set to SONAR_TOKEN and the Value set to the value of the token
from Sonarcloud. Make sure that "Display value in build log" is set to
"false".

I tend to like the second option because it means you can rotate tokens
without having to adjust the code. Also, as a side note, the `travis
encrypt` command makes use of the repository's name to generate the secure
token, so after Tamaya graduates and the repository changes from
`incubator-tamaya` to just `tamaya`, that secure token (if that's the path
you choose) would need to be regenerated.

Best,
Aaron


On Sun, Apr 21, 2019 at 8:19 PM Anatole Tresch <atsticks@gmail.com> wrote:

> sounds great!
>
> P. Ottlinger <pottlinger@apache.org> schrieb am So., 21. Apr. 2019, 23:13:
>
> > Hi guys,
> >
> > I'm working on a Sonarcloud-integration of Tamaya
> > via TAMAYA-277.
> >
> > Any new code smells result in red builds.
> >
> > At the moment only manual uploads are possible as I'm waiting for a hint
> > from INFRA on how to configure credentials properly (don't want to put
> > them in .travis.yml and am unsure if they are correct in ASF-Jenkins).
> >
> > Sorry for all the mailspam ;) -
> > happy easter,
> >
> > Phil
> >
> >
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message