The AdoptOpenJDK has been discontinued since July 2021 (https://adoptopenjdk.net). Switching the distribution to Azul Zulu. When using Zulu you get all the latest updated (TCK Tested) builds for all versions of OpenJDK.
**Note:** Other distributions such as Temurin do not support archived fixed releases prior to Sept. 2021 and many non LTS (long term support) releases if you plan to try out newer features in the language.
Sonarqube 9.0 introduced a call from each project's DevOps configuration page to a validation endpoint for confirming that a project's ALM configuration works correctly, as well as endpoints for adding and updating Bitbucket Cloud endpoints.
As the Bitbucket Cloud endpoints conflict with the equivalent endpoints provided by the plugin, the relevant endpoints and supporting code have been removed from the plugin. An implementation for the new validation endpoint has been introduced, plus validators for everything other than Azure DevOps which requires a wider refactor so has a default 'valid' response', as well as implementation for each validator, plus a refactor to move each ALM's client into a common location shared between the decorators and validators.
The Sonarqube libraries now contains Java 11 bytecode, so the Java 8 restrictions and build settings in this project have been removed, and various method calls have been modified to make use of the Java 11 APIs, such as direct use of Charsets whilst encoding, and checking for empty optionals.
The release process has been updated to look for a commit to the gradle.properties file that removes the '-SNAPSHOT' suffix from the version number rather than being triggered off the push of a tag.
Github does not expose secrets during the execution of actions on pull requests from forked projects, so the Sonar task would always fail on external pull requests. Additionally, anyone forking the project would have had the Sonarqube step fail unless they'd specifically setup Sonarqube secrets on their fork. To overcome this, the `sonar` step is now executed based on the condition of the `SONAR_TOKEN` secret being present in the current execution environment.
Includes a fix for incorrect syntax and variable references in the Pull Request Sonar analysis block.
This change migrates from using Travis CI for performing check builds, to using Github actions for both check and release builds.
To allow this, three jobs have been introduced:
* Snapshot - performs the Gradle builds and publishes the snapshot JAR as an artifact against the check execution;
* Release - executes the release plugin in Gradle whenever a new tag is detected in Git, and creates a new draft release entry on the release page with the release artifact attached;
* Sonarqube - executes Sonarqube against any commit, submitting analysis details to Sonarcloud with the relevant branch, tag, or Pull Request details to allow Sonarcloud to decorate any findings. Note that this requires the `SONAR_TOKEN`, `SONAR_ORG_KEY`, and `SONAR_PROJECT_KEY` secrets to have been set against the repository in Github.
