SCANMAVEN-284 Bump releasability workflow version (#294)

1. Migrate releasability check to the new version.
2. Change the group id of the propery dump plugin to bypass releasability check (it is not released).

Author: leonardo-pilastri-sonarsource

.github/workflows/releasability.yaml

@@ -2,6 +2,11 @@ name: Releasability status
 
 on:
   workflow_dispatch:
+    # Inputs the workflow accepts.
+    inputs:
+      version:
+        description: Optional; Used to specify the version to check, otherwise pulls the latest master version from artifactory.
+        required: false
 
 jobs:
   update_releasability_status:
@@ -11,6 +16,38 @@ jobs:
       id-token: write
       contents: read
     steps:
-      - uses: SonarSource/gh-action_releasability/releasability-status@23c9ad31b2d613bade88da898dfdca0b5c65ac69 # v1.2.1
+      - name: Retrieve Vault Secrets
+        id: secrets
+        uses: SonarSource/vault-action-wrapper@v3
+        with:
+          secrets: |
+            development/artifactory/token/{REPO_OWNER_NAME_DASH}-private-reader access_token | ARTIFACTORY_PASSWORD;
+            development/artifactory/token/{REPO_OWNER_NAME_DASH}-private-reader role | ARTIFACTORY_ROLE;
+            development/kv/data/repox url | ARTIFACTORY_URL;
+      - name: Get the latest available version number
+        id: latest-version
+        env:
+          ARTIFACTORY_PRIVATE_USERNAME: vault-${{ fromJSON(steps.secrets.outputs.vault).ARTIFACTORY_ROLE }}
+          ARTIFACTORY_PRIVATE_PASSWORD: ${{ fromJSON(steps.secrets.outputs.vault).ARTIFACTORY_PASSWORD }}
+          ARTIFACTORY_URL: ${{ fromJSON(steps.secrets.outputs.vault).ARTIFACTORY_URL }}
+          REPO: sonarsource-public-builds
+          GROUP_ID: org.sonarsource.scanner.maven
+          ARTIFACT_ID: sonar-scanner-maven
+        run: |
+          if [[ -z "${{ github.event.inputs.version }}" ]]; then
+            echo "version not provided, pulling latest version from $REPO."
+            echo LATEST_VERSION=$(curl -s -u ${ARTIFACTORY_PRIVATE_USERNAME}:${ARTIFACTORY_PRIVATE_PASSWORD} \
+            "${ARTIFACTORY_URL}/api/search/latestVersion?g=${GROUP_ID}&a=${ARTIFACT_ID}&repos=${REPO}") >> "$GITHUB_OUTPUT"
+          else
+            echo "version is provided, using its value: ${{ github.event.inputs.version }}."
+            echo "LATEST_VERSION=${{ github.event.inputs.version }}" >> "$GITHUB_OUTPUT"
+          fi
+      - uses: SonarSource/gh-action_releasability@v2
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          branch: ${{ github.ref_name }}
+          commit-sha: ${{ github.sha }}
+          organization: ${{ github.repository_owner }}
+          repository: ${{ github.event.repository.name }}
+          version: ${{ steps.latest-version.outputs.LATEST_VERSION }}

its/pom.xml

@@ -24,9 +24,10 @@
       <artifactId>sonar-maven-plugin</artifactId>
     </dependency>
     <dependency>
-      <groupId>org.sonarsource.scanner.maven</groupId>
+      <groupId>org.example.integration</groupId>
       <artifactId>property-dump-plugin</artifactId>
-      <version>1-SNAPSHOT</version>
+      <version>1.0-SNAPSHOT</version>
+      <scope>test</scope>
     </dependency>
     <dependency>
       <groupId>org.junit.jupiter</groupId>

its/src/test/java/com/sonar/maven/it/suite/AbstractMavenTest.java

@@ -78,7 +78,7 @@ public abstract class AbstractMavenTest {
     .addBundledPluginToKeep("sonar-xml-plugin")
     .addBundledPluginToKeep("sonar-html-plugin")
     // This plugin should have been built locally from the property-dump-plugin module
-    .addPlugin(FileLocation.of("../property-dump-plugin/target/property-dump-plugin-1-SNAPSHOT.jar"))
+    .addPlugin(FileLocation.of("../property-dump-plugin/target/property-dump-plugin-1.0-SNAPSHOT.jar"))
     .build();
 
   protected WsClient wsClient;

property-dump-plugin/pom.xml

@@ -10,8 +10,9 @@
     <version>5.1.0-SNAPSHOT</version>
   </parent>
 
+  <groupId>org.example.integration</groupId>
   <artifactId>property-dump-plugin</artifactId>
-  <version>1-SNAPSHOT</version>
+  <version>1.0-SNAPSHOT</version>
   <packaging>sonar-plugin</packaging>
 
   <properties>