Initial code push of Anteater

Likely far to much to cover in a commit msg.

Main bulk is the Anteater code itself, alongside
packaging requirements and build tools and Dockerfile.

Unit tests are planned as a follow up, so pushing this for now
so that efforts can get underway to integrate the tool with
jjb.

Questions on how it works, please reach me in IRC.

Change-Id: I2cd3cae391f8bf2cdc91b39c56dfc4833a1c4913
Signed-off-by: lhinds <lhinds@redhat.com>

1 files changed, 37 insertions, 0 deletions

diff --git a/gatechecks.yaml b/gatechecks.yaml
new file mode 100644
index 0000000..e04c6f1
--- /dev/null
+++ b/gatechecks.yaml
@@ -0,0 +1,37 @@
+# When adding projects all `arrays: []` sections must have
+# a value, Use 'nullvalue' if no waivers are available.
+#
+# This file uses standard regular expression syntax,  however be mindful
+# of escaping YAML delimiters too (such as `:`) using double quotes "".
+
+binaries:
+  binary_ignore: [\.pdf,\.png,\.jpeg,\.jpg,\.gif,\.idx,\.pack,\.woff,\.ttf,\.eot,\.DS_Store,\.git/objects,\.git/index,
+                  \.otf,\.ico]
+  releng:
+    binary_ignore: [nullvalue]
+
+file_audits:
+  file_names: [\.gpg$,\.key$,\.asc$,\.sig$,\.md5,aws_access_key_id,aws_secret_access_key,id_rsa]
+  file_contents: [-----BEGIN\sRSA\sPRIVATE\sKEY----,secret,ssh_key,private_key,md5,wget,"curl(.*?)bash",eval,
+                 "sh(.*?)curl","git(.*?)clone",gost,md2,md4,md5,rc4,sha0,streebog,dual_ec_drbg,
+                 snefru,panama,ripemd,sslv1,sslv2,tlsv1]
+  releng:
+    file_names: [nullvalue]
+    file_contents: [slave_secret,self\.local_ssh_key,self\.proxy_ssh_key,jh_ssh_key='/root/\.ssh/id_rsa',fa-user-secret,
+                     -s  set secret key,paramiko\.RSAKey\.from_private_key_file\(pkey_file\),git clone the Openstack-Ansible,
+                     secret not defined,user_secrets\.yml,wget -O /tmp/get-pip\.py,"PKG_MAP\\[wget\\]",^wget \\,
+                     "git clone(.*)gerrit\\.opnfv\\.org","git clone(.*)\\.openstack\\.org",wget(.*)build.opnfv.org,
+                     wget --version,"\\[wget\\]=wget",git repositories of XCI,"packages = \\['parted', 'puppet', 'wget'",
+                     bifrost_ssh_private_key,github\.com/maestrodev/puppet-wget,"wget http://repo1\\.maven\\.org",
+                     elif type wget >/dev/null,wget \$get_pip_url,"wget(.*)puppetlabs\\.com",git_clone(.*)MOD(.*)MODULE_PATH(.*)MODULE_NAME,
+                     git clone \$MOD \$DEST,function git_clone,"name: SSH_KEY","name: GIT_CLONE_BASE",
+                     wget -q -O \$ODL_ZIP \$NETVIRT_ARTIFACT_URL,git clone(.*)\$GIT_BASE(.*)\$WORKSPACE,
+                     git clone --quiet --branch \$BRANCH \$LAB_CONFIG_URL lab-config,git clone(.*)\$OPENSTACK_OSA_GIT_URL,
+                     wget --directory-prefix=(.*)SNAP_CACHE(.*)snap_url(.*),sudo yum -y install wget,cacheValues,isInfiniteValue,
+                     wget(.*)WORKSPACE/opnfv\.properties(.*)GS_URL(.*)properties,wget > /dev/null,fileValidationError,eval_collection,
+                     eval_db,if \(name === 'evals'\),evaluate,value,ast\.literal_eva,_eval_pods_db,new = eval\(obj\)]
+
+licence:
+  licence_ext: ['.rst','.md','.py','.sh','.java','.rb']
+  licence_ignore: ['__init__.py']
+