SQSCANGHA-24 Enable Mend scan

.cirrus.star

@@ -0,0 +1,4 @@
+load("github.com/SonarSource/cirrus-modules@v2", "load_features")
+
+def main(ctx):
+    return load_features(ctx)

.cirrus.yml

@@ -0,0 +1,38 @@
+env:
+  CIRRUS_VAULT_URL: https://vault.sonar.build:8200
+  CIRRUS_VAULT_AUTH_PATH: jwt-cirrusci
+  CIRRUS_VAULT_ROLE: cirrusci-${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}
+
+  # Mend scan global configuration
+  MEND_API_KEY: VAULT[development/kv/data/mend data.apikey]
+
+  # Staging image configuration
+  STAGING_IMAGE_NAME: sonarsource/sonarqube-scan-action
+  CURRENT_TAG: master
+
+vm_instance_template: &VM_TEMPLATE
+  experimental: true # see https://github.com/cirruslabs/cirrus-ci-docs/issues/1051
+  image: docker-builder-v*
+  type: t2.small
+  region: eu-central-1
+  subnet_id: ${CIRRUS_AWS_SUBNET}
+  disk: 10
+  cpu: 4
+  memory: 16G
+
+mend_task:
+  ec2_instance:
+    <<: *VM_TEMPLATE
+  # run only on master and long-term branches
+  only_if: $CIRRUS_USER_COLLABORATOR == 'true' && ($CIRRUS_BRANCH == "master" || $CIRRUS_BRANCH =~ "branch-.*")
+  setup_script:
+    - docker build --tag "${STAGING_IMAGE_NAME}:${CURRENT_TAG}" .
+    - apt-get remove -y unattended-upgrades
+    - apt-get update && apt-get install -y --no-install-recommends openjdk-17-jre
+    - curl -sSL https://unified-agent.s3.amazonaws.com/wss-unified-agent.jar -o wss-unified-agent.jar
+    - echo "docker.includes=${CURRENT_TAG}" >> .cirrus/wss-unified-agent.config
+  scan_script:
+    - echo "Scan the ${STAGING_IMAGE_NAME}:${CURRENT_TAG} image"
+    - java -jar wss-unified-agent.jar -c .cirrus/wss-unified-agent.config -apiKey $MEND_API_KEY
+
+

.cirrus/wss-unified-agent.config

@@ -0,0 +1,4 @@
+docker.projectNameFormat=repositoryNameAndTag
+docker.scanImages=true
+wss.url=https://saas-eu.whitesourcesoftware.com/agent
+productName=GitHubAction/SonarQubeScanAction