From bc987da178d128a2dd0b81223e3c8cb94562150f Mon Sep 17 00:00:00 2001
From: Tomasz Tylenda <tomasz.tylenda@sonarsource.com>
Date: Wed, 22 Oct 2025 10:01:40 +0200
Subject: [PATCH 1/3] Create unified dogfooding GitHub action

---
 .github/workflows/unified-dogfooding.yml | 33 ++++++++++++++++++++++++
 1 file changed, 33 insertions(+)
 create mode 100644 .github/workflows/unified-dogfooding.yml

diff --git a/.github/workflows/unified-dogfooding.yml b/.github/workflows/unified-dogfooding.yml
new file mode 100644
index 000000000..039399e20
--- /dev/null
+++ b/.github/workflows/unified-dogfooding.yml
@@ -0,0 +1,33 @@
+name: Unified Dogfooding scans
+on:
+  schedule:
+    - cron: '45 2 * * *' # Run the workflow every day at 02:45 UTC
+  workflow_dispatch:
+  pull_request:
+
+jobs:
+  unified-platform-dogfooding:
+    runs-on: github-ubuntu-latest-s
+    name: Unified Platform Dogfooding
+    permissions:
+      id-token: write
+      contents: read
+    steps:
+      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      - uses: jdx/mise-action@5ac50f778e26fac95da98d50503682459e86d566 # v3.2.0
+        with:
+          version: 2025.7.12
+      - uses: SonarSource/ci-github-actions/build-maven@v1
+        with:
+          artifactory-reader-role: private-reader
+          artifactory-deployer-role: qa-deployer
+          run-shadow-scans: true
+      - name: Run IRIS Analysis
+        uses: SonarSource/unified-dogfooding-actions/run-iris@v1
+        with:
+          primary_project_key: org.sonarsource.xml:xml
+          primary_platform: "Next"
+          shadow1_project_key: org.sonarsource.xml:xml
+          shadow1_platform: "SQC-EU"
+          shadow2_project_key: org.sonarsource.xml:xml
+          shadow2_platform: "SQC-US"

From 45a4188465c0281e86d292306a2b2649ebd83fcd Mon Sep 17 00:00:00 2001
From: Tomasz Tylenda <tomasz.tylenda@sonarsource.com>
Date: Wed, 12 Nov 2025 10:50:18 +0100
Subject: [PATCH 2/3] sonar.organization

---
 pom.xml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/pom.xml b/pom.xml
index 2ba264a76..5b1799c5a 100644
--- a/pom.xml
+++ b/pom.xml
@@ -73,6 +73,8 @@
 
     <!-- Release: enable publication to Bintray -->
     <artifactsToPublish>${project.groupId}:sonar-xml-plugin:jar</artifactsToPublish>
+
+    <sonar.organization>sonarsource</sonar.organization>
   </properties>
 
   <dependencyManagement>

From 3b578e8251a0e1fd4bc9486648d47373c6c5e2bd Mon Sep 17 00:00:00 2001
From: Tomasz Tylenda <tomasz.tylenda@sonarsource.com>
Date: Wed, 12 Nov 2025 10:50:38 +0100
Subject: [PATCH 3/3] delete bash script

---
 shadow-scan-and-issue-replication.sh | 130 ---------------------------
 1 file changed, 130 deletions(-)
 delete mode 100755 shadow-scan-and-issue-replication.sh

diff --git a/shadow-scan-and-issue-replication.sh b/shadow-scan-and-issue-replication.sh
deleted file mode 100755
index 1fe21b697..000000000
--- a/shadow-scan-and-issue-replication.sh
+++ /dev/null
@@ -1,130 +0,0 @@
-#!/usr/bin/env bash
-
-set -euo pipefail
-
-# IRIS: Issue Replication for Sonarqube
-IRIS_JAR_URL="${ARTIFACTORY_URL}/sonarsource-private-releases/com/sonarsource/iris/iris/\[RELEASE\]/iris-\[RELEASE\]-jar-with-dependencies.jar"
-IRIS_JAR_PATH="target/libs/iris.jar"
-
-function build_and_analyze_the_project() {
-  echo
-  echo "===== Build and analyze the project targeting a shadow SonarQube instance"
-  local BUILD_CMD
-  if [[ -e "gradlew" ]]; then
-    BUILD_CMD="./gradlew --info --stacktrace --console plain build sonar"
-  else
-    source set_maven_build_version "$BUILD_NUMBER"
-    BUILD_CMD="mvn -Pcoverage -Dmaven.test.redirectTestOutputToFile=false --batch-mode --errors --show-version verify sonar:sonar"
-  fi
-  ${BUILD_CMD} \
-    -DbuildNumber="${BUILD_NUMBER}" \
-    -Dsonar.host.url="${SHADOW_SONAR_HOST_URL}" \
-    -Dsonar.token="${SHADOW_SONAR_TOKEN}" \
-    -Dsonar.organization="${SHADOW_ORGANIZATION}" \
-    -Dsonar.projectKey="${SHADOW_PROJECT_KEY}" \
-    -Dsonar.analysis.buildNumber="${BUILD_NUMBER}" \
-    -Dsonar.analysis.repository="${GITHUB_REPO}" \
-    "$@"
-}
-
-function download_iris() {
-  echo
-  echo "===== Download ${IRIS_JAR_URL}"
-  mkdir -p target/libs
-  curl --silent --fail-with-body --location --header "Authorization: Bearer ${ARTIFACTORY_PRIVATE_PASSWORD}" \
-      --output "${IRIS_JAR_PATH}" "${IRIS_JAR_URL}"
-}
-
-function sonarcloud_compute_engine_status_for_given_project() {
-  local PROJECT_KEY="$1"
-  local RESPONSE
-  RESPONSE="$(
-    curl --silent --fail-with-body --location --request GET \
-      --header "Authorization: Bearer ${SHADOW_SONAR_TOKEN}" \
-      --output - \
-      "${SHADOW_SONAR_HOST_URL}/api/ce/component?component=${PROJECT_KEY}"
-  )"
-  local STATUS
-  # we first check if there is one or more 'PENDING' tasks in the queue
-  STATUS="$(echo "${RESPONSE}" | jq -r '.queue[].status')"
-  if [[ "${STATUS}" == "null" ]]; then
-    STATUS=""
-  fi
-  if [[ -z "${STATUS}" ]]; then
-    # otherwise we get the status of the current task
-    STATUS="$(echo "${RESPONSE}" | jq -r '.current.status')"
-  fi
-  echo -n "${STATUS}"
-}
-
-function wait_for_sonarcloud_compute_engine_to_finish() {
-  local MAX_WAIT_TIME_SECONDS="300"  # Default to 5 minutes
-  local SLEEP_INTERVAL_SECONDS="1"
-  local ELAPSED_TIME=0
-  local LAST_STATUS=""
-  local STATUS
-
-  echo "Waiting for SonarCloud compute engine to finish for project key: ${SHADOW_PROJECT_KEY}"
-  while (( ELAPSED_TIME < MAX_WAIT_TIME_SECONDS )); do
-    STATUS=$(sonarcloud_compute_engine_status_for_given_project "${SHADOW_PROJECT_KEY}")
-    if [[ "${STATUS}" != "${LAST_STATUS}" ]]; then
-      echo -n " ${STATUS} "
-      LAST_STATUS="${STATUS}"
-    fi
-
-    if [[ "${STATUS}" == "PENDING" || "${STATUS}" == "IN_PROGRESS" ]]; then
-      echo -n "."
-    elif [[ "${STATUS}" == "FAILED" || "${STATUS}" == "CANCELED" ]]; then
-      echo -e "\nERROR: SonarCloud compute engine finished with status: ${STATUS}"
-      return 1
-    elif [[ "${STATUS}" == "SUCCESS" ]]; then
-      echo -e "\nSonarCloud compute engine finished successfully."
-      return 0
-    else
-      echo -e "\nERROR: Unknown status: ${STATUS}"
-      return 1
-    fi
-    sleep "${SLEEP_INTERVAL_SECONDS}"
-    ELAPSED_TIME=$((ELAPSED_TIME + SLEEP_INTERVAL_SECONDS))
-  done
-  echo -e "\nERROR: Timeout reached after ${MAX_WAIT_TIME_SECONDS} seconds."
-  return 1
-}
-
-function run_iris() {
-  local DRY_RUN="$1"
-  java \
-    -Diris.source.projectKey="${SONAR_PROJECT_KEY}" \
-    -Diris.source.url="${SONAR_HOST_URL}" \
-    -Diris.source.token="${SONAR_TOKEN}" \
-    -Diris.destination.projectKey="${SHADOW_PROJECT_KEY}" \
-    -Diris.destination.organization="${SHADOW_ORGANIZATION}" \
-    -Diris.destination.url="${SHADOW_SONAR_HOST_URL}" \
-    -Diris.destination.token="${SHADOW_SONAR_TOKEN}" \
-    -Diris.dryrun="${DRY_RUN}" \
-    -jar "${IRIS_JAR_PATH}"
-}
-
-function run_iris_with_and_without_dry_run() {
-  echo
-  echo "===== Execute IRIS as dry-run"
-  if run_iris true; then
-    echo "===== Successful IRIS execution as dry-run"
-    echo "===== Execute IRIS for real"
-    if run_iris false; then
-      echo "===== Successful IRIS execution for real"
-      return 0
-    else
-      echo "===== Failed IRIS execution for real"
-      return 1
-    fi
-  else
-    echo "===== Failed IRIS execution as dry-run"
-    return 1
-  fi
-}
-
-build_and_analyze_the_project "$@"
-download_iris
-wait_for_sonarcloud_compute_engine_to_finish
-run_iris_with_and_without_dry_run