.gitea/workflows/ci.yml

@@ -297,79 +297,46 @@ jobs:
           set -e
           apt-get update && apt-get install -y wget curl unzip openjdk-17-jre
           
-          # Use a known working version to avoid download issues
+          # Download and install SonarScanner
-          SONAR_SCANNER_VERSION="5.0.1.3006"
+          echo "Detecting latest SonarScanner version..."
-          SCANNER_URL="https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-${SONAR_SCANNER_VERSION}-linux.zip"
+          SONAR_SCANNER_VERSION=$(curl -s https://api.github.com/repos/SonarSource/sonar-scanner-cli/releases/latest | grep '"tag_name":' | sed -E 's/.*"([^"]+)".*/\1/' | sed 's/v//')
+          
+          if [ -z "$SONAR_SCANNER_VERSION" ]; then
+            echo "Failed to detect version, using fallback version 5.0.1.3006"
+            SONAR_SCANNER_VERSION="5.0.1.3006"
+          fi
           
           echo "Installing SonarScanner version: ${SONAR_SCANNER_VERSION}"
+          SCANNER_URL="https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-${SONAR_SCANNER_VERSION}-linux.zip"
+          
           echo "Downloading from: ${SCANNER_URL}"
-          
+          if ! wget -q --show-progress "${SCANNER_URL}" -O /tmp/sonar-scanner.zip; then
-          # Download with verbose error output
-          if ! wget --progress=bar:force "${SCANNER_URL}" -O /tmp/sonar-scanner.zip 2>&1; then
             echo "❌ Failed to download SonarScanner"
-            echo "Checking if file was partially downloaded:"
-            ls -lh /tmp/sonar-scanner.zip 2>/dev/null || echo "No file found"
             exit 1
           fi
           
-          # Verify download
-          if [ ! -f /tmp/sonar-scanner.zip ] || [ ! -s /tmp/sonar-scanner.zip ]; then
-            echo "❌ Downloaded file is missing or empty"
-            exit 1
-          fi
-          
-          echo "Download complete. File size: $(du -h /tmp/sonar-scanner.zip | cut -f1)"
-          
           echo "Extracting SonarScanner..."
           if ! unzip -q /tmp/sonar-scanner.zip -d /tmp; then
             echo "❌ Failed to extract SonarScanner"
-            echo "Archive info:"
-            file /tmp/sonar-scanner.zip || true
-            unzip -l /tmp/sonar-scanner.zip 2>&1 | head -20 || true
             exit 1
           fi
           
-          # Find the extracted directory (handle both naming conventions)
-          EXTRACTED_DIR=""
           if [ -d "/tmp/sonar-scanner-${SONAR_SCANNER_VERSION}-linux" ]; then
-            EXTRACTED_DIR="/tmp/sonar-scanner-${SONAR_SCANNER_VERSION}-linux"
+            mv /tmp/sonar-scanner-${SONAR_SCANNER_VERSION}-linux /opt/sonar-scanner
           elif [ -d "/tmp/sonar-scanner-cli-${SONAR_SCANNER_VERSION}-linux" ]; then
-            EXTRACTED_DIR="/tmp/sonar-scanner-cli-${SONAR_SCANNER_VERSION}-linux"
+            mv /tmp/sonar-scanner-cli-${SONAR_SCANNER_VERSION}-linux /opt/sonar-scanner
           else
-            # Try to find any sonar-scanner directory
-            EXTRACTED_DIR=$(find /tmp -maxdepth 1 -type d -name "*sonar-scanner*" | head -1)
-          fi
-          
-          if [ -z "$EXTRACTED_DIR" ] || [ ! -d "$EXTRACTED_DIR" ]; then
             echo "❌ SonarScanner directory not found after extraction"
-            echo "Contents of /tmp:"
+            ls -la /tmp/ | grep sonar
-            ls -la /tmp/ | grep -E "(sonar|zip)" || ls -la /tmp/ | head -20
             exit 1
           fi
           
-          echo "Found extracted directory: ${EXTRACTED_DIR}"
+          ln -sf /opt/sonar-scanner/bin/sonar-scanner /usr/local/bin/sonar-scanner
-          mv "${EXTRACTED_DIR}" /opt/sonar-scanner
+          chmod +x /opt/sonar-scanner/bin/sonar-scanner
-          
+          chmod +x /usr/local/bin/sonar-scanner
-          # Create symlink
-          if [ -f /opt/sonar-scanner/bin/sonar-scanner ]; then
-            ln -sf /opt/sonar-scanner/bin/sonar-scanner /usr/local/bin/sonar-scanner
-            chmod +x /opt/sonar-scanner/bin/sonar-scanner
-            chmod +x /usr/local/bin/sonar-scanner
-          else
-            echo "❌ sonar-scanner binary not found in /opt/sonar-scanner/bin/"
-            echo "Contents of /opt/sonar-scanner/bin/:"
-            ls -la /opt/sonar-scanner/bin/ || true
-            exit 1
-          fi
           
           echo "Verifying installation..."
-          if ! sonar-scanner --version; then
+          sonar-scanner --version || (echo "❌ SonarScanner verification failed" && exit 1)
-            echo "❌ SonarScanner verification failed"
-            echo "PATH: $PATH"
-            which sonar-scanner || echo "sonar-scanner not in PATH"
-            exit 1
-          fi
-          echo "✓ SonarScanner installed successfully"
 
       - name: Verify SonarQube connection
         run: |

inventories/production/host_vars/sonarqube-01.yml

@@ -6,4 +6,4 @@ ansible_become: true
 ansible_become_method: sudo
 # Configure shell for ladmin user
 shell_users:
-  - ladmin
+  - ladmin

roles/applications/tasks/main.yml

@@ -45,7 +45,6 @@
     fi
   register: brave_repo_check
   failed_when: false
-  changed_when: false
   when: applications_brave_needs_install
 
 - name: Clean up duplicate Brave repository files

roles/datascience/defaults/main.yml

@@ -16,4 +16,4 @@ install_r: false
 r_packages:
   - r-base
   - r-base-dev
-  - r-recommended
+  - r-recommended

roles/datascience/handlers/main.yml

@@ -4,4 +4,4 @@
     name: jupyter-notebook
     state: restarted
     daemon_reload: true
-  become: true
+  become: true

roles/datascience/meta/main.yml

@@ -1,3 +1,3 @@
 ---
 dependencies:
-  - role: base
+  - role: base

roles/datascience/tasks/main.yml

@@ -199,4 +199,4 @@
 
     - name: Display R version
       ansible.builtin.debug:
-        msg: "R version installed: {{ r_version.stdout_lines[0] if r_version.stdout_lines | length > 0 else 'Not checked in dry-run mode' }}"
+        msg: "R version installed: {{ r_version.stdout_lines[0] if r_version.stdout_lines | length > 0 else 'Not checked in dry-run mode' }}"

roles/development/tasks/main.yml

@@ -46,7 +46,6 @@
     fi
   register: nodesource_key_check
   failed_when: false
-  changed_when: false
   when: node_version_check.rc != 0 or not node_version_check.stdout.startswith('v22')
 
 - name: Remove incorrect NodeSource repository

roles/docker/tasks/setup_gpg_key.yml

@@ -43,4 +43,4 @@
   ansible.builtin.file:
     path: /tmp/docker.gpg
     state: absent
-  when: docker_key_check.stdout in ["not_exists", "wrong_key"]
+  when: docker_key_check.stdout in ["not_exists", "wrong_key"]

roles/docker/tasks/setup_repo_debian.yml

@@ -26,4 +26,4 @@
     repo: "deb [arch=amd64 signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian {{ ansible_distribution_release }} stable"
     state: present
     update_cache: true
-  when: docker_repo_check.stdout in ["not_exists", "wrong_config"]
+  when: docker_repo_check.stdout in ["not_exists", "wrong_config"]

roles/docker/tasks/setup_repo_linux_mint.yml

@@ -34,4 +34,4 @@
     repo: "deb [arch=amd64 signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu {{ docker_ubuntu_codename }} stable"
     state: present
     update_cache: true
-  when: docker_repo_check.stdout in ["not_exists", "wrong_config"]
+  when: docker_repo_check.stdout in ["not_exists", "wrong_config"]

roles/docker/tasks/setup_repo_ubuntu.yml

@@ -26,4 +26,4 @@
     repo: "deb [arch=amd64 signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu {{ ansible_distribution_release }} stable"
     state: present
     update_cache: true
-  when: docker_repo_check.stdout in ["not_exists", "wrong_config"]
+  when: docker_repo_check.stdout in ["not_exists", "wrong_config"]

roles/tailscale/tasks/debian.yml

@@ -34,7 +34,6 @@
     fi
   register: tailscale_repo_check
   failed_when: false
-  changed_when: false
   when: tailscale_version_check.rc != 0
 
 - name: Remove incorrect Tailscale GPG key