aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--anteater.conf1
-rw-r--r--anteater/src/get_lists.py51
-rw-r--r--anteater/src/patch_scan.py9
-rw-r--r--anteater/src/project_scan.py16
-rw-r--r--exceptions/apex.yaml8
-rw-r--r--exceptions/armband.yaml8
-rw-r--r--exceptions/availability.yaml10
-rw-r--r--exceptions/bamboo.yaml10
-rw-r--r--exceptions/barometer.yaml10
-rw-r--r--exceptions/bottlenecks.yaml10
-rw-r--r--exceptions/calipso.yaml8
-rw-r--r--exceptions/compass4nfv.yaml8
-rw-r--r--exceptions/conductor.yaml10
-rw-r--r--exceptions/copper.yaml10
-rw-r--r--exceptions/cperf.yaml10
-rw-r--r--exceptions/daisy.yaml10
-rw-r--r--exceptions/doctor.yaml10
-rw-r--r--exceptions/dovetail.yaml10
-rw-r--r--exceptions/dpacc.yaml10
-rw-r--r--exceptions/enfv.yaml10
-rw-r--r--exceptions/escalator.yaml10
-rw-r--r--exceptions/fds.yaml10
-rw-r--r--exceptions/fuel.yaml10
-rw-r--r--exceptions/functest.yaml8
-rw-r--r--exceptions/octopus.yaml10
-rw-r--r--exceptions/pharos.yaml10
-rw-r--r--exceptions/releng.yaml6
-rw-r--r--exceptions/sandbox.yaml10
-rw-r--r--exceptions/template.yaml10
-rw-r--r--exceptions/yardstick.yaml10
-rw-r--r--ignore_list.yaml15
31 files changed, 82 insertions, 256 deletions
diff --git a/anteater.conf b/anteater.conf
index 295099f..97c9c88 100644
--- a/anteater.conf
+++ b/anteater.conf
@@ -2,3 +2,4 @@
reports_dir = .reports/
anteater_log = .reports/anteater.log
master_list = ./master_list.yaml
+ignore_list = ./ignore_list.yaml
diff --git a/anteater/src/get_lists.py b/anteater/src/get_lists.py
index 17de7cb..ff63442 100644
--- a/anteater/src/get_lists.py
+++ b/anteater/src/get_lists.py
@@ -27,9 +27,13 @@ config = six.moves.configparser.RawConfigParser()
config.read('anteater.conf')
logger = logging.getLogger(__name__)
master_list = config.get('config', 'master_list')
+ignore_list = config.get('config', 'ignore_list')
with open(master_list, 'r') as f:
- yl = yaml.safe_load(f)
+ ml = yaml.safe_load(f)
+
+with open(ignore_list, 'r') as f:
+ il = yaml.safe_load(f)
def _remove_nullvalue(contents):
@@ -65,14 +69,14 @@ class GetLists(object):
with open(exception_file, 'r') as f:
ex = yaml.safe_load(f)
for key in ex:
- if key in yl:
- yl[key][project] = _merge(yl[key][project], ex.get(key, None)) \
- if project in yl[key] else ex.get(key, None)
+ if key in ml:
+ ml[key][project] = _merge(ml[key][project], ex.get(key, None)) \
+ if project in ml[key] else ex.get(key, None)
self.loaded = True
def binary_list(self, project):
try:
- default_list = (yl['binaries']['binary_ignore'])
+ default_list = (ml['binaries']['binary_ignore'])
except KeyError:
logger.error('Key Error processing binary list values')
@@ -81,10 +85,10 @@ class GetLists(object):
return binary_re
def binary_hash(self, project, patch_file):
- self.load_project_exception_file(yl.get('project_exceptions'), project)
+ self.load_project_exception_file(ml.get('project_exceptions'), project)
file_name = os.path.basename(patch_file)
try:
- binary_hash = (yl['binaries'][project][file_name])
+ binary_hash = (ml['binaries'][project][file_name])
return binary_hash
except KeyError:
binary_hash = 'null'
@@ -93,13 +97,13 @@ class GetLists(object):
def file_audit_list(self, project):
project_list = False
- self.load_project_exception_file(yl.get('project_exceptions'), project)
+ self.load_project_exception_file(ml.get('project_exceptions'), project)
try:
- default_list = set((yl['file_audits']['file_names']))
+ default_list = set((ml['file_audits']['file_names']))
except KeyError:
logger.error('Key Error processing file_names list values')
try:
- project_list = set((yl['file_audits'][project]['file_names']))
+ project_list = set((ml['file_audits'][project]['file_names']))
logger.info('file_names waivers found for %s', project)
except KeyError:
logger.info('No file_names waivers found for %s', project)
@@ -117,39 +121,48 @@ class GetLists(object):
def file_content_list(self, project):
project_list = False
- self.load_project_exception_file(yl.get('project_exceptions'), project)
+ self.load_project_exception_file(ml.get('project_exceptions'), project)
try:
- master_list = (yl['file_audits']['file_contents'])
+ master_list = (ml['file_audits']['file_contents'])
except KeyError:
logger.error('Key Error processing file_contents list values')
try:
- project_list = set((yl['file_audits'][project]['file_contents']))
- project_list_re = re.compile("|".join(project_list),
- flags=re.IGNORECASE)
+ ignore_list = il['file_audits']['file_contents']
+
+ except KeyError:
+ logger.error('Key Error processing file_contents list values')
+
+ try:
+ project_list = ml['file_audits'][project]['file_contents']
+
except KeyError:
logger.info('No file_contents waivers found for %s', project)
- return master_list, project_list_re
+ ignore_list_merge = project_list + ignore_list
+
+ ignore_list_re = re.compile("|".join(ignore_list_merge), flags=re.IGNORECASE)
+
+ return master_list, ignore_list_re
def file_ignore(self):
try:
- file_ignore = (yl['file_ignore'])
+ file_ignore = (ml['file_ignore'])
except KeyError:
logger.error('Key Error processing file_ignore list values')
return file_ignore
def licence_extensions(self):
try:
- licence_extensions = (yl['licence']['licence_ext'])
+ licence_extensions = (ml['licence']['licence_ext'])
except KeyError:
logger.error('Key Error processing licence_extensions list values')
return licence_extensions
def licence_ignore(self):
try:
- licence_ignore = (yl['licence']['licence_ignore'])
+ licence_ignore = (ml['licence']['licence_ignore'])
except KeyError:
logger.error('Key Error processing licence_ignore list values')
return licence_ignore
diff --git a/anteater/src/patch_scan.py b/anteater/src/patch_scan.py
index 3b71f0a..133b0ff 100644
--- a/anteater/src/patch_scan.py
+++ b/anteater/src/patch_scan.py
@@ -47,7 +47,7 @@ def prepare_patchset(project, patchset):
file_audit_list, file_audit_project_list = lists.file_audit_list(project)
# Get file content black list and project waivers
- master_list, project_list_re = lists.file_content_list(project)
+ master_list, ignore_list = lists.file_content_list(project)
# Get File Ignore Lists
file_ignore = lists.file_ignore()
@@ -69,7 +69,7 @@ def prepare_patchset(project, patchset):
# Perform binary and file / content checks
scan_patch(project, patch_file, binary_list,
file_audit_list, file_audit_project_list,
- master_list, project_list_re, licence_ext,
+ master_list, ignore_list, licence_ext,
file_ignore, licence_ignore)
# Process each file in patch set using waivers generated above
@@ -79,7 +79,7 @@ def prepare_patchset(project, patchset):
def scan_patch(project, patch_file, binary_list, file_audit_list,
file_audit_project_list, master_list,
- project_list_re, licence_ext, file_ignore, licence_ignore):
+ ignore_list, licence_ext, file_ignore, licence_ignore):
""" Scan actions for each commited file in patch set """
global failure
if is_binary(patch_file):
@@ -130,7 +130,8 @@ def scan_patch(project, patch_file, binary_list, file_audit_list,
for key, value in master_list.iteritems():
regex = value['regex']
desc = value['desc']
- if re.search(regex, line) and not re.search(project_list_re, line):
+ if re.search(regex, line) and not re.search(
+ ignore_list, line):
logger.error('File contains violation: %s', patch_file)
logger.error('Flagged Content: %s', line.rstrip())
logger.error('Matched Regular Exp: %s', regex)
diff --git a/anteater/src/project_scan.py b/anteater/src/project_scan.py
index 12e9a97..9bb3539 100644
--- a/anteater/src/project_scan.py
+++ b/anteater/src/project_scan.py
@@ -30,6 +30,7 @@ config = six.moves.configparser.RawConfigParser()
config.read('anteater.conf')
reports_dir = config.get('config', 'reports_dir')
master_list = config.get('config', 'master_list')
+ignore_list = config.get('config', 'master_list')
ignore_dirs = ['.git']
hasher = hashlib.sha256()
@@ -47,7 +48,7 @@ def prepare_project(project, project_dir):
file_audit_list, file_audit_project_list = lists.file_audit_list(project)
# Get file content black list and project waivers
- master_list, project_list = lists.file_content_list(project)
+ master_list, ignore_list = lists.file_content_list(project)
# Get File Ignore Lists
file_ignore = lists.file_ignore()
@@ -58,8 +59,8 @@ def prepare_project(project, project_dir):
# Perform rudimentary scans
scan_file(project_dir, project, binary_list,file_audit_list,
- file_audit_project_list, master_list, file_ignore,
- project_list)
+ file_audit_project_list, master_list, ignore_list,
+ file_ignore)
# Perform licence header checks
licence_check(licence_ext, licence_ignore, project, project_dir)
@@ -67,8 +68,8 @@ def prepare_project(project, project_dir):
def scan_file(project_dir, project, binary_list, file_audit_list,
- file_audit_project_list, master_list, file_ignore,
- project_list):
+ file_audit_project_list, master_list, ignore_list,
+ file_ignore):
"""Searches for banned strings and files that are listed """
for root, dirs, files in os.walk(project_dir):
# Filter out ignored directories from list.
@@ -90,9 +91,10 @@ def scan_file(project_dir, project, binary_list, file_audit_list,
write('Matched String: {0}'.
format(match.group()))
- # Check if Binary is whitelisted
+ # Check if Binary is whitelisted
hashlist = get_lists.GetLists()
binary_hash = hashlist.binary_hash(project, full_path)
+
if is_binary(full_path) and not binary_list.search(full_path):
with open(full_path, 'rb') as afile:
buf = afile.read()
@@ -124,7 +126,7 @@ def scan_file(project_dir, project, binary_list, file_audit_list,
regex = value['regex']
desc = value['desc']
if re.search(regex, line) and not re.search(
- project_list, line):
+ ignore_list, line):
logger.error('File contains violation: %s',
full_path)
logger.error('Flagged Content: %s',
diff --git a/exceptions/apex.yaml b/exceptions/apex.yaml
index c28b07c..fdf875e 100644
--- a/exceptions/apex.yaml
+++ b/exceptions/apex.yaml
@@ -13,14 +13,6 @@ file_audits:
- network_settings.py
- deploy_settings.py
file_contents:
- - ^#
- - git clone.+\.openstack\.org
- - git clone.+gerrit\.opnfv\.org
- - wget.+build\.opnfv\.org
- - wget.+artifacts\.opnfv\.org
- - wget.+git\.opnfv.org
- - wget.+git\.openstack.org
- - git clone.+https:\/\/git.opendaylight\.org\/gerrit\/
- rpm-build wget libvirt
- wget git gcc
- def clean_ssh_keys\(key_file=\'\/root\/\.ssh\/authorized\_keys
diff --git a/exceptions/armband.yaml b/exceptions/armband.yaml
index 57c1749..a0075c0 100644
--- a/exceptions/armband.yaml
+++ b/exceptions/armband.yaml
@@ -62,13 +62,5 @@ binaries:
file_audits:
file_names: [nullvalue]
file_contents:
- - ^.+#
- - git clone.+\.openstack\.org
- - git clone.+gerrit\.opnfv\.org
- - wget.+build\.opnfv\.org
- - wget.+artifacts\.opnfv\.org
- - wget.+git\.opnfv.org
- - wget.+git\.openstack.org
- - git clone.+https:\/\/git.opendaylight\.org\/gerrit\/
- curl.+\$local_env
- password.+salt.+opnfv_user_password
diff --git a/exceptions/availability.yaml b/exceptions/availability.yaml
index 7d4b0d5..0532ba4 100644
--- a/exceptions/availability.yaml
+++ b/exceptions/availability.yaml
@@ -10,12 +10,4 @@ binaries:
file_audits:
file_names: [nullvalue]
- file_contents:
- - ^#
- - git clone.+\.openstack\.org
- - git clone.+gerrit\.opnfv\.org
- - wget.+build\.opnfv\.org
- - wget.+artifacts\.opnfv\.org
- - wget.+git\.opnfv.org
- - wget.+git\.openstack.org
- - git clone.+https:\/\/git.opendaylight\.org\/gerrit\/
+ file_contents: [nullvalue]
diff --git a/exceptions/bamboo.yaml b/exceptions/bamboo.yaml
index 7d4b0d5..0532ba4 100644
--- a/exceptions/bamboo.yaml
+++ b/exceptions/bamboo.yaml
@@ -10,12 +10,4 @@ binaries:
file_audits:
file_names: [nullvalue]
- file_contents:
- - ^#
- - git clone.+\.openstack\.org
- - git clone.+gerrit\.opnfv\.org
- - wget.+build\.opnfv\.org
- - wget.+artifacts\.opnfv\.org
- - wget.+git\.opnfv.org
- - wget.+git\.openstack.org
- - git clone.+https:\/\/git.opendaylight\.org\/gerrit\/
+ file_contents: [nullvalue]
diff --git a/exceptions/barometer.yaml b/exceptions/barometer.yaml
index 7d4b0d5..0532ba4 100644
--- a/exceptions/barometer.yaml
+++ b/exceptions/barometer.yaml
@@ -10,12 +10,4 @@ binaries:
file_audits:
file_names: [nullvalue]
- file_contents:
- - ^#
- - git clone.+\.openstack\.org
- - git clone.+gerrit\.opnfv\.org
- - wget.+build\.opnfv\.org
- - wget.+artifacts\.opnfv\.org
- - wget.+git\.opnfv.org
- - wget.+git\.openstack.org
- - git clone.+https:\/\/git.opendaylight\.org\/gerrit\/
+ file_contents: [nullvalue]
diff --git a/exceptions/bottlenecks.yaml b/exceptions/bottlenecks.yaml
index 7d4b0d5..0532ba4 100644
--- a/exceptions/bottlenecks.yaml
+++ b/exceptions/bottlenecks.yaml
@@ -10,12 +10,4 @@ binaries:
file_audits:
file_names: [nullvalue]
- file_contents:
- - ^#
- - git clone.+\.openstack\.org
- - git clone.+gerrit\.opnfv\.org
- - wget.+build\.opnfv\.org
- - wget.+artifacts\.opnfv\.org
- - wget.+git\.opnfv.org
- - wget.+git\.openstack.org
- - git clone.+https:\/\/git.opendaylight\.org\/gerrit\/
+ file_contents: [nullvalue]
diff --git a/exceptions/calipso.yaml b/exceptions/calipso.yaml
index d31856e..49c135a 100644
--- a/exceptions/calipso.yaml
+++ b/exceptions/calipso.yaml
@@ -122,14 +122,6 @@ binaries:
file_audits:
file_names: [nullvalue]
file_contents:
- - ^#
- - git clone.+\.openstack\.org
- - git clone.+gerrit\.opnfv\.org
- - wget.+build\.opnfv\.org
- - wget.+artifacts\.opnfv\.org
- - wget.+git\.opnfv.org
- - wget.+git\.openstack.org
- - git clone.+https:\/\/git.opendaylight\.org\/gerrit\/
- \.login-button#login-buttons-(.*)
- <input class="mdl-textfield__input" type="password" id="apiPassword">
- "password: { type: String }"
diff --git a/exceptions/compass4nfv.yaml b/exceptions/compass4nfv.yaml
index e4f1c52..3613e38 100644
--- a/exceptions/compass4nfv.yaml
+++ b/exceptions/compass4nfv.yaml
@@ -11,14 +11,6 @@ binaries:
file_audits:
file_names: [nullvalue]
file_contents:
- - ^#
- - git clone.+\.openstack\.org
- - git clone.+gerrit\.opnfv\.org
- - wget.+build\.opnfv\.org
- - wget.+artifacts\.opnfv\.org
- - wget.+git\.opnfv.org
- - wget.+git\.openstack.org
- - git clone.+https:\/\/git.opendaylight\.org\/gerrit\/
- publicURL
- server_password
- username\,.password
diff --git a/exceptions/conductor.yaml b/exceptions/conductor.yaml
index 7d4b0d5..0532ba4 100644
--- a/exceptions/conductor.yaml
+++ b/exceptions/conductor.yaml
@@ -10,12 +10,4 @@ binaries:
file_audits:
file_names: [nullvalue]
- file_contents:
- - ^#
- - git clone.+\.openstack\.org
- - git clone.+gerrit\.opnfv\.org
- - wget.+build\.opnfv\.org
- - wget.+artifacts\.opnfv\.org
- - wget.+git\.opnfv.org
- - wget.+git\.openstack.org
- - git clone.+https:\/\/git.opendaylight\.org\/gerrit\/
+ file_contents: [nullvalue]
diff --git a/exceptions/copper.yaml b/exceptions/copper.yaml
index 7d4b0d5..0532ba4 100644
--- a/exceptions/copper.yaml
+++ b/exceptions/copper.yaml
@@ -10,12 +10,4 @@ binaries:
file_audits:
file_names: [nullvalue]
- file_contents:
- - ^#
- - git clone.+\.openstack\.org
- - git clone.+gerrit\.opnfv\.org
- - wget.+build\.opnfv\.org
- - wget.+artifacts\.opnfv\.org
- - wget.+git\.opnfv.org
- - wget.+git\.openstack.org
- - git clone.+https:\/\/git.opendaylight\.org\/gerrit\/
+ file_contents: [nullvalue]
diff --git a/exceptions/cperf.yaml b/exceptions/cperf.yaml
index 7d4b0d5..0532ba4 100644
--- a/exceptions/cperf.yaml
+++ b/exceptions/cperf.yaml
@@ -10,12 +10,4 @@ binaries:
file_audits:
file_names: [nullvalue]
- file_contents:
- - ^#
- - git clone.+\.openstack\.org
- - git clone.+gerrit\.opnfv\.org
- - wget.+build\.opnfv\.org
- - wget.+artifacts\.opnfv\.org
- - wget.+git\.opnfv.org
- - wget.+git\.openstack.org
- - git clone.+https:\/\/git.opendaylight\.org\/gerrit\/
+ file_contents: [nullvalue]
diff --git a/exceptions/daisy.yaml b/exceptions/daisy.yaml
index 7d4b0d5..0532ba4 100644
--- a/exceptions/daisy.yaml
+++ b/exceptions/daisy.yaml
@@ -10,12 +10,4 @@ binaries:
file_audits:
file_names: [nullvalue]
- file_contents:
- - ^#
- - git clone.+\.openstack\.org
- - git clone.+gerrit\.opnfv\.org
- - wget.+build\.opnfv\.org
- - wget.+artifacts\.opnfv\.org
- - wget.+git\.opnfv.org
- - wget.+git\.openstack.org
- - git clone.+https:\/\/git.opendaylight\.org\/gerrit\/
+ file_contents: [nullvalue]
diff --git a/exceptions/doctor.yaml b/exceptions/doctor.yaml
index 7d4b0d5..0532ba4 100644
--- a/exceptions/doctor.yaml
+++ b/exceptions/doctor.yaml
@@ -10,12 +10,4 @@ binaries:
file_audits:
file_names: [nullvalue]
- file_contents:
- - ^#
- - git clone.+\.openstack\.org
- - git clone.+gerrit\.opnfv\.org
- - wget.+build\.opnfv\.org
- - wget.+artifacts\.opnfv\.org
- - wget.+git\.opnfv.org
- - wget.+git\.openstack.org
- - git clone.+https:\/\/git.opendaylight\.org\/gerrit\/
+ file_contents: [nullvalue]
diff --git a/exceptions/dovetail.yaml b/exceptions/dovetail.yaml
index 7d4b0d5..0532ba4 100644
--- a/exceptions/dovetail.yaml
+++ b/exceptions/dovetail.yaml
@@ -10,12 +10,4 @@ binaries:
file_audits:
file_names: [nullvalue]
- file_contents:
- - ^#
- - git clone.+\.openstack\.org
- - git clone.+gerrit\.opnfv\.org
- - wget.+build\.opnfv\.org
- - wget.+artifacts\.opnfv\.org
- - wget.+git\.opnfv.org
- - wget.+git\.openstack.org
- - git clone.+https:\/\/git.opendaylight\.org\/gerrit\/
+ file_contents: [nullvalue]
diff --git a/exceptions/dpacc.yaml b/exceptions/dpacc.yaml
index 7d4b0d5..0532ba4 100644
--- a/exceptions/dpacc.yaml
+++ b/exceptions/dpacc.yaml
@@ -10,12 +10,4 @@ binaries:
file_audits:
file_names: [nullvalue]
- file_contents:
- - ^#
- - git clone.+\.openstack\.org
- - git clone.+gerrit\.opnfv\.org
- - wget.+build\.opnfv\.org
- - wget.+artifacts\.opnfv\.org
- - wget.+git\.opnfv.org
- - wget.+git\.openstack.org
- - git clone.+https:\/\/git.opendaylight\.org\/gerrit\/
+ file_contents: [nullvalue]
diff --git a/exceptions/enfv.yaml b/exceptions/enfv.yaml
index 7d4b0d5..0532ba4 100644
--- a/exceptions/enfv.yaml
+++ b/exceptions/enfv.yaml
@@ -10,12 +10,4 @@ binaries:
file_audits:
file_names: [nullvalue]
- file_contents:
- - ^#
- - git clone.+\.openstack\.org
- - git clone.+gerrit\.opnfv\.org
- - wget.+build\.opnfv\.org
- - wget.+artifacts\.opnfv\.org
- - wget.+git\.opnfv.org
- - wget.+git\.openstack.org
- - git clone.+https:\/\/git.opendaylight\.org\/gerrit\/
+ file_contents: [nullvalue]
diff --git a/exceptions/escalator.yaml b/exceptions/escalator.yaml
index 7d4b0d5..0532ba4 100644
--- a/exceptions/escalator.yaml
+++ b/exceptions/escalator.yaml
@@ -10,12 +10,4 @@ binaries:
file_audits:
file_names: [nullvalue]
- file_contents:
- - ^#
- - git clone.+\.openstack\.org
- - git clone.+gerrit\.opnfv\.org
- - wget.+build\.opnfv\.org
- - wget.+artifacts\.opnfv\.org
- - wget.+git\.opnfv.org
- - wget.+git\.openstack.org
- - git clone.+https:\/\/git.opendaylight\.org\/gerrit\/
+ file_contents: [nullvalue]
diff --git a/exceptions/fds.yaml b/exceptions/fds.yaml
index 7d4b0d5..0532ba4 100644
--- a/exceptions/fds.yaml
+++ b/exceptions/fds.yaml
@@ -10,12 +10,4 @@ binaries:
file_audits:
file_names: [nullvalue]
- file_contents:
- - ^#
- - git clone.+\.openstack\.org
- - git clone.+gerrit\.opnfv\.org
- - wget.+build\.opnfv\.org
- - wget.+artifacts\.opnfv\.org
- - wget.+git\.opnfv.org
- - wget.+git\.openstack.org
- - git clone.+https:\/\/git.opendaylight\.org\/gerrit\/
+ file_contents: [nullvalue]
diff --git a/exceptions/fuel.yaml b/exceptions/fuel.yaml
index 7d4b0d5..0532ba4 100644
--- a/exceptions/fuel.yaml
+++ b/exceptions/fuel.yaml
@@ -10,12 +10,4 @@ binaries:
file_audits:
file_names: [nullvalue]
- file_contents:
- - ^#
- - git clone.+\.openstack\.org
- - git clone.+gerrit\.opnfv\.org
- - wget.+build\.opnfv\.org
- - wget.+artifacts\.opnfv\.org
- - wget.+git\.opnfv.org
- - wget.+git\.openstack.org
- - git clone.+https:\/\/git.opendaylight\.org\/gerrit\/
+ file_contents: [nullvalue]
diff --git a/exceptions/functest.yaml b/exceptions/functest.yaml
index bc6766d..f43d1c4 100644
--- a/exceptions/functest.yaml
+++ b/exceptions/functest.yaml
@@ -10,14 +10,6 @@ binaries:
file_audits:
file_names: [nullvalue]
file_contents:
- - ^#
- - git clone.+\.openstack\.org
- - git clone.+gerrit\.opnfv\.org
- - wget.+build\.opnfv\.org
- - wget.+artifacts\.opnfv\.org
- - wget.+git\.opnfv.org
- - wget.+git\.openstack.org
- - git clone.+https:\/\/git.opendaylight\.org\/gerrit\/
- openssl-dev.libjpeg-turbo-dev.git.wget.&
- RUN.+curl.*https\:\/\/get\.rvm\.io.*bash.*stable
- grep.sed.wget.ca-certificates.git.\&&
diff --git a/exceptions/octopus.yaml b/exceptions/octopus.yaml
index c90dcf2..5860307 100644
--- a/exceptions/octopus.yaml
+++ b/exceptions/octopus.yaml
@@ -10,12 +10,4 @@ binaries:
- dca00ca0c823938e3fca1889ae366e86e6ce2279e4fc689b437d43978cfbe1c9
file_audits:
file_names: [nullvalue]
- file_contents:
- - ^#
- - git clone.+\.openstack\.org
- - git clone.+gerrit\.opnfv\.org
- - wget.+build\.opnfv\.org
- - wget.+artifacts\.opnfv\.org
- - wget.+git\.opnfv.org
- - wget.+git\.openstack.org
- - git clone.+https:\/\/git.opendaylight\.org\/gerrit\/
+ file_contents: [nullvalue]
diff --git a/exceptions/pharos.yaml b/exceptions/pharos.yaml
index 99f9e2b..6637339 100644
--- a/exceptions/pharos.yaml
+++ b/exceptions/pharos.yaml
@@ -9,12 +9,4 @@ binaries:
binary_ignore: [nullvalue]
file_audits:
file_names: [nullvalue]
- file_contents:
- - ^#
- - git clone.+\.openstack\.org
- - git clone.+gerrit\.opnfv\.org
- - wget.+build\.opnfv\.org
- - wget.+artifacts\.opnfv\.org
- - wget.+git\.opnfv.org
- - wget.+git\.openstack.org
- - git clone.+https:\/\/git.opendaylight\.org\/gerrit\/
+ file_contents: [nullvalue]
diff --git a/exceptions/releng.yaml b/exceptions/releng.yaml
index 4003f8a..269ff7d 100644
--- a/exceptions/releng.yaml
+++ b/exceptions/releng.yaml
@@ -10,12 +10,9 @@ binaries:
file_audits:
file_names: [nullvalue]
file_contents:
- - ^#
- -s set secret key
- "PKG_MAP\\[wget\\]"
- "\\[wget\\]=wget"
- - "git clone(.*)\\.openstack\\.org"
- - "git clone(.*)gerrit\\.opnfv\\.org"
- "name: GIT_CLONE_BASE"
- "name: SSH_KEY"
- "packages = \\['parted', 'puppet', 'wget'"
@@ -60,6 +57,3 @@ file_audits:
- wget > /dev/null
- wget \$get_pip_url
- wget(.*)WORKSPACE/opnfv\.properties(.*)GS_URL(.*)properties
- - wget(.*)build\.opnfv\.org
- - wget.+git\.opnfv.org
- - wget(.*)artifacts\.opnfv\.org
diff --git a/exceptions/sandbox.yaml b/exceptions/sandbox.yaml
index 50c0f78..950fc1c 100644
--- a/exceptions/sandbox.yaml
+++ b/exceptions/sandbox.yaml
@@ -11,12 +11,4 @@ binaries:
file_audits:
file_names: [nullvalue]
- file_contents:
- - ^#
- - git clone.+\.openstack\.org
- - git clone.+gerrit\.opnfv\.org
- - wget.+build\.opnfv\.org
- - wget.+artifacts\.opnfv\.org
- - wget.+git\.opnfv.org
- - wget.+git\.openstack.org
- - git clone.+https:\/\/git.opendaylight\.org\/gerrit\/
+ file_contents: [nullvalue]
diff --git a/exceptions/template.yaml b/exceptions/template.yaml
index 7d4b0d5..0532ba4 100644
--- a/exceptions/template.yaml
+++ b/exceptions/template.yaml
@@ -10,12 +10,4 @@ binaries:
file_audits:
file_names: [nullvalue]
- file_contents:
- - ^#
- - git clone.+\.openstack\.org
- - git clone.+gerrit\.opnfv\.org
- - wget.+build\.opnfv\.org
- - wget.+artifacts\.opnfv\.org
- - wget.+git\.opnfv.org
- - wget.+git\.openstack.org
- - git clone.+https:\/\/git.opendaylight\.org\/gerrit\/
+ file_contents: [nullvalue]
diff --git a/exceptions/yardstick.yaml b/exceptions/yardstick.yaml
index 7d4b0d5..0532ba4 100644
--- a/exceptions/yardstick.yaml
+++ b/exceptions/yardstick.yaml
@@ -10,12 +10,4 @@ binaries:
file_audits:
file_names: [nullvalue]
- file_contents:
- - ^#
- - git clone.+\.openstack\.org
- - git clone.+gerrit\.opnfv\.org
- - wget.+build\.opnfv\.org
- - wget.+artifacts\.opnfv\.org
- - wget.+git\.opnfv.org
- - wget.+git\.openstack.org
- - git clone.+https:\/\/git.opendaylight\.org\/gerrit\/
+ file_contents: [nullvalue]
diff --git a/ignore_list.yaml b/ignore_list.yaml
new file mode 100644
index 0000000..0cd5361
--- /dev/null
+++ b/ignore_list.yaml
@@ -0,0 +1,15 @@
+---
+binaries:
+ binary_ignore: [nullvalue]
+
+file_audits:
+ file_names: [nullvalue]
+ file_contents:
+ - ^#
+ - git clone.+\.openstack\.org
+ - git clone.+gerrit\.opnfv\.org
+ - wget.+build\.opnfv\.org
+ - wget.+artifacts\.opnfv\.org
+ - wget.+git\.opnfv.org
+ - wget.+git\.openstack.org
+ - git clone.+https:\/\/git.opendaylight\.org\/gerrit\/