From 1d191aa05617587f889880bb5344c84a422706e5 Mon Sep 17 00:00:00 2001 From: lhinds Date: Tue, 10 Oct 2017 14:13:55 +0100 Subject: Implements master ignore list This change introduces a master ignore list, to save having to repeat ignore strings in every project exception file. This is achieved via a new ignore_list.yaml file that is merged with the project exception list and then used for the re.search ignore statement in both patch_scan.py and project_scan.py Change-Id: Ifb60b8ba3091603182c2025dbbbfd1a88a72439b Signed-off-by: lhinds --- anteater.conf | 1 + anteater/src/get_lists.py | 51 +++++++++++++++++++++++++++----------------- anteater/src/patch_scan.py | 9 ++++---- anteater/src/project_scan.py | 16 ++++++++------ exceptions/apex.yaml | 8 ------- exceptions/armband.yaml | 8 ------- exceptions/availability.yaml | 10 +-------- exceptions/bamboo.yaml | 10 +-------- exceptions/barometer.yaml | 10 +-------- exceptions/bottlenecks.yaml | 10 +-------- exceptions/calipso.yaml | 8 ------- exceptions/compass4nfv.yaml | 8 ------- exceptions/conductor.yaml | 10 +-------- exceptions/copper.yaml | 10 +-------- exceptions/cperf.yaml | 10 +-------- exceptions/daisy.yaml | 10 +-------- exceptions/doctor.yaml | 10 +-------- exceptions/dovetail.yaml | 10 +-------- exceptions/dpacc.yaml | 10 +-------- exceptions/enfv.yaml | 10 +-------- exceptions/escalator.yaml | 10 +-------- exceptions/fds.yaml | 10 +-------- exceptions/fuel.yaml | 10 +-------- exceptions/functest.yaml | 8 ------- exceptions/octopus.yaml | 10 +-------- exceptions/pharos.yaml | 10 +-------- exceptions/releng.yaml | 6 ------ exceptions/sandbox.yaml | 10 +-------- exceptions/template.yaml | 10 +-------- exceptions/yardstick.yaml | 10 +-------- ignore_list.yaml | 15 +++++++++++++ 31 files changed, 82 insertions(+), 256 deletions(-) create mode 100644 ignore_list.yaml diff --git a/anteater.conf b/anteater.conf index 295099f..97c9c88 100644 --- a/anteater.conf +++ b/anteater.conf @@ -2,3 +2,4 @@ reports_dir = .reports/ anteater_log = .reports/anteater.log master_list = ./master_list.yaml +ignore_list = ./ignore_list.yaml diff --git a/anteater/src/get_lists.py b/anteater/src/get_lists.py index 17de7cb..ff63442 100644 --- a/anteater/src/get_lists.py +++ b/anteater/src/get_lists.py @@ -27,9 +27,13 @@ config = six.moves.configparser.RawConfigParser() config.read('anteater.conf') logger = logging.getLogger(__name__) master_list = config.get('config', 'master_list') +ignore_list = config.get('config', 'ignore_list') with open(master_list, 'r') as f: - yl = yaml.safe_load(f) + ml = yaml.safe_load(f) + +with open(ignore_list, 'r') as f: + il = yaml.safe_load(f) def _remove_nullvalue(contents): @@ -65,14 +69,14 @@ class GetLists(object): with open(exception_file, 'r') as f: ex = yaml.safe_load(f) for key in ex: - if key in yl: - yl[key][project] = _merge(yl[key][project], ex.get(key, None)) \ - if project in yl[key] else ex.get(key, None) + if key in ml: + ml[key][project] = _merge(ml[key][project], ex.get(key, None)) \ + if project in ml[key] else ex.get(key, None) self.loaded = True def binary_list(self, project): try: - default_list = (yl['binaries']['binary_ignore']) + default_list = (ml['binaries']['binary_ignore']) except KeyError: logger.error('Key Error processing binary list values') @@ -81,10 +85,10 @@ class GetLists(object): return binary_re def binary_hash(self, project, patch_file): - self.load_project_exception_file(yl.get('project_exceptions'), project) + self.load_project_exception_file(ml.get('project_exceptions'), project) file_name = os.path.basename(patch_file) try: - binary_hash = (yl['binaries'][project][file_name]) + binary_hash = (ml['binaries'][project][file_name]) return binary_hash except KeyError: binary_hash = 'null' @@ -93,13 +97,13 @@ class GetLists(object): def file_audit_list(self, project): project_list = False - self.load_project_exception_file(yl.get('project_exceptions'), project) + self.load_project_exception_file(ml.get('project_exceptions'), project) try: - default_list = set((yl['file_audits']['file_names'])) + default_list = set((ml['file_audits']['file_names'])) except KeyError: logger.error('Key Error processing file_names list values') try: - project_list = set((yl['file_audits'][project]['file_names'])) + project_list = set((ml['file_audits'][project]['file_names'])) logger.info('file_names waivers found for %s', project) except KeyError: logger.info('No file_names waivers found for %s', project) @@ -117,39 +121,48 @@ class GetLists(object): def file_content_list(self, project): project_list = False - self.load_project_exception_file(yl.get('project_exceptions'), project) + self.load_project_exception_file(ml.get('project_exceptions'), project) try: - master_list = (yl['file_audits']['file_contents']) + master_list = (ml['file_audits']['file_contents']) except KeyError: logger.error('Key Error processing file_contents list values') try: - project_list = set((yl['file_audits'][project]['file_contents'])) - project_list_re = re.compile("|".join(project_list), - flags=re.IGNORECASE) + ignore_list = il['file_audits']['file_contents'] + + except KeyError: + logger.error('Key Error processing file_contents list values') + + try: + project_list = ml['file_audits'][project]['file_contents'] + except KeyError: logger.info('No file_contents waivers found for %s', project) - return master_list, project_list_re + ignore_list_merge = project_list + ignore_list + + ignore_list_re = re.compile("|".join(ignore_list_merge), flags=re.IGNORECASE) + + return master_list, ignore_list_re def file_ignore(self): try: - file_ignore = (yl['file_ignore']) + file_ignore = (ml['file_ignore']) except KeyError: logger.error('Key Error processing file_ignore list values') return file_ignore def licence_extensions(self): try: - licence_extensions = (yl['licence']['licence_ext']) + licence_extensions = (ml['licence']['licence_ext']) except KeyError: logger.error('Key Error processing licence_extensions list values') return licence_extensions def licence_ignore(self): try: - licence_ignore = (yl['licence']['licence_ignore']) + licence_ignore = (ml['licence']['licence_ignore']) except KeyError: logger.error('Key Error processing licence_ignore list values') return licence_ignore diff --git a/anteater/src/patch_scan.py b/anteater/src/patch_scan.py index 3b71f0a..133b0ff 100644 --- a/anteater/src/patch_scan.py +++ b/anteater/src/patch_scan.py @@ -47,7 +47,7 @@ def prepare_patchset(project, patchset): file_audit_list, file_audit_project_list = lists.file_audit_list(project) # Get file content black list and project waivers - master_list, project_list_re = lists.file_content_list(project) + master_list, ignore_list = lists.file_content_list(project) # Get File Ignore Lists file_ignore = lists.file_ignore() @@ -69,7 +69,7 @@ def prepare_patchset(project, patchset): # Perform binary and file / content checks scan_patch(project, patch_file, binary_list, file_audit_list, file_audit_project_list, - master_list, project_list_re, licence_ext, + master_list, ignore_list, licence_ext, file_ignore, licence_ignore) # Process each file in patch set using waivers generated above @@ -79,7 +79,7 @@ def prepare_patchset(project, patchset): def scan_patch(project, patch_file, binary_list, file_audit_list, file_audit_project_list, master_list, - project_list_re, licence_ext, file_ignore, licence_ignore): + ignore_list, licence_ext, file_ignore, licence_ignore): """ Scan actions for each commited file in patch set """ global failure if is_binary(patch_file): @@ -130,7 +130,8 @@ def scan_patch(project, patch_file, binary_list, file_audit_list, for key, value in master_list.iteritems(): regex = value['regex'] desc = value['desc'] - if re.search(regex, line) and not re.search(project_list_re, line): + if re.search(regex, line) and not re.search( + ignore_list, line): logger.error('File contains violation: %s', patch_file) logger.error('Flagged Content: %s', line.rstrip()) logger.error('Matched Regular Exp: %s', regex) diff --git a/anteater/src/project_scan.py b/anteater/src/project_scan.py index 12e9a97..9bb3539 100644 --- a/anteater/src/project_scan.py +++ b/anteater/src/project_scan.py @@ -30,6 +30,7 @@ config = six.moves.configparser.RawConfigParser() config.read('anteater.conf') reports_dir = config.get('config', 'reports_dir') master_list = config.get('config', 'master_list') +ignore_list = config.get('config', 'master_list') ignore_dirs = ['.git'] hasher = hashlib.sha256() @@ -47,7 +48,7 @@ def prepare_project(project, project_dir): file_audit_list, file_audit_project_list = lists.file_audit_list(project) # Get file content black list and project waivers - master_list, project_list = lists.file_content_list(project) + master_list, ignore_list = lists.file_content_list(project) # Get File Ignore Lists file_ignore = lists.file_ignore() @@ -58,8 +59,8 @@ def prepare_project(project, project_dir): # Perform rudimentary scans scan_file(project_dir, project, binary_list,file_audit_list, - file_audit_project_list, master_list, file_ignore, - project_list) + file_audit_project_list, master_list, ignore_list, + file_ignore) # Perform licence header checks licence_check(licence_ext, licence_ignore, project, project_dir) @@ -67,8 +68,8 @@ def prepare_project(project, project_dir): def scan_file(project_dir, project, binary_list, file_audit_list, - file_audit_project_list, master_list, file_ignore, - project_list): + file_audit_project_list, master_list, ignore_list, + file_ignore): """Searches for banned strings and files that are listed """ for root, dirs, files in os.walk(project_dir): # Filter out ignored directories from list. @@ -90,9 +91,10 @@ def scan_file(project_dir, project, binary_list, file_audit_list, write('Matched String: {0}'. format(match.group())) - # Check if Binary is whitelisted + # Check if Binary is whitelisted hashlist = get_lists.GetLists() binary_hash = hashlist.binary_hash(project, full_path) + if is_binary(full_path) and not binary_list.search(full_path): with open(full_path, 'rb') as afile: buf = afile.read() @@ -124,7 +126,7 @@ def scan_file(project_dir, project, binary_list, file_audit_list, regex = value['regex'] desc = value['desc'] if re.search(regex, line) and not re.search( - project_list, line): + ignore_list, line): logger.error('File contains violation: %s', full_path) logger.error('Flagged Content: %s', diff --git a/exceptions/apex.yaml b/exceptions/apex.yaml index c28b07c..fdf875e 100644 --- a/exceptions/apex.yaml +++ b/exceptions/apex.yaml @@ -13,14 +13,6 @@ file_audits: - network_settings.py - deploy_settings.py file_contents: - - ^# - - git clone.+\.openstack\.org - - git clone.+gerrit\.opnfv\.org - - wget.+build\.opnfv\.org - - wget.+artifacts\.opnfv\.org - - wget.+git\.opnfv.org - - wget.+git\.openstack.org - - git clone.+https:\/\/git.opendaylight\.org\/gerrit\/ - rpm-build wget libvirt - wget git gcc - def clean_ssh_keys\(key_file=\'\/root\/\.ssh\/authorized\_keys diff --git a/exceptions/armband.yaml b/exceptions/armband.yaml index 57c1749..a0075c0 100644 --- a/exceptions/armband.yaml +++ b/exceptions/armband.yaml @@ -62,13 +62,5 @@ binaries: file_audits: file_names: [nullvalue] file_contents: - - ^.+# - - git clone.+\.openstack\.org - - git clone.+gerrit\.opnfv\.org - - wget.+build\.opnfv\.org - - wget.+artifacts\.opnfv\.org - - wget.+git\.opnfv.org - - wget.+git\.openstack.org - - git clone.+https:\/\/git.opendaylight\.org\/gerrit\/ - curl.+\$local_env - password.+salt.+opnfv_user_password diff --git a/exceptions/availability.yaml b/exceptions/availability.yaml index 7d4b0d5..0532ba4 100644 --- a/exceptions/availability.yaml +++ b/exceptions/availability.yaml @@ -10,12 +10,4 @@ binaries: file_audits: file_names: [nullvalue] - file_contents: - - ^# - - git clone.+\.openstack\.org - - git clone.+gerrit\.opnfv\.org - - wget.+build\.opnfv\.org - - wget.+artifacts\.opnfv\.org - - wget.+git\.opnfv.org - - wget.+git\.openstack.org - - git clone.+https:\/\/git.opendaylight\.org\/gerrit\/ + file_contents: [nullvalue] diff --git a/exceptions/bamboo.yaml b/exceptions/bamboo.yaml index 7d4b0d5..0532ba4 100644 --- a/exceptions/bamboo.yaml +++ b/exceptions/bamboo.yaml @@ -10,12 +10,4 @@ binaries: file_audits: file_names: [nullvalue] - file_contents: - - ^# - - git clone.+\.openstack\.org - - git clone.+gerrit\.opnfv\.org - - wget.+build\.opnfv\.org - - wget.+artifacts\.opnfv\.org - - wget.+git\.opnfv.org - - wget.+git\.openstack.org - - git clone.+https:\/\/git.opendaylight\.org\/gerrit\/ + file_contents: [nullvalue] diff --git a/exceptions/barometer.yaml b/exceptions/barometer.yaml index 7d4b0d5..0532ba4 100644 --- a/exceptions/barometer.yaml +++ b/exceptions/barometer.yaml @@ -10,12 +10,4 @@ binaries: file_audits: file_names: [nullvalue] - file_contents: - - ^# - - git clone.+\.openstack\.org - - git clone.+gerrit\.opnfv\.org - - wget.+build\.opnfv\.org - - wget.+artifacts\.opnfv\.org - - wget.+git\.opnfv.org - - wget.+git\.openstack.org - - git clone.+https:\/\/git.opendaylight\.org\/gerrit\/ + file_contents: [nullvalue] diff --git a/exceptions/bottlenecks.yaml b/exceptions/bottlenecks.yaml index 7d4b0d5..0532ba4 100644 --- a/exceptions/bottlenecks.yaml +++ b/exceptions/bottlenecks.yaml @@ -10,12 +10,4 @@ binaries: file_audits: file_names: [nullvalue] - file_contents: - - ^# - - git clone.+\.openstack\.org - - git clone.+gerrit\.opnfv\.org - - wget.+build\.opnfv\.org - - wget.+artifacts\.opnfv\.org - - wget.+git\.opnfv.org - - wget.+git\.openstack.org - - git clone.+https:\/\/git.opendaylight\.org\/gerrit\/ + file_contents: [nullvalue] diff --git a/exceptions/calipso.yaml b/exceptions/calipso.yaml index d31856e..49c135a 100644 --- a/exceptions/calipso.yaml +++ b/exceptions/calipso.yaml @@ -122,14 +122,6 @@ binaries: file_audits: file_names: [nullvalue] file_contents: - - ^# - - git clone.+\.openstack\.org - - git clone.+gerrit\.opnfv\.org - - wget.+build\.opnfv\.org - - wget.+artifacts\.opnfv\.org - - wget.+git\.opnfv.org - - wget.+git\.openstack.org - - git clone.+https:\/\/git.opendaylight\.org\/gerrit\/ - \.login-button#login-buttons-(.*) - - "password: { type: String }" diff --git a/exceptions/compass4nfv.yaml b/exceptions/compass4nfv.yaml index e4f1c52..3613e38 100644 --- a/exceptions/compass4nfv.yaml +++ b/exceptions/compass4nfv.yaml @@ -11,14 +11,6 @@ binaries: file_audits: file_names: [nullvalue] file_contents: - - ^# - - git clone.+\.openstack\.org - - git clone.+gerrit\.opnfv\.org - - wget.+build\.opnfv\.org - - wget.+artifacts\.opnfv\.org - - wget.+git\.opnfv.org - - wget.+git\.openstack.org - - git clone.+https:\/\/git.opendaylight\.org\/gerrit\/ - publicURL - server_password - username\,.password diff --git a/exceptions/conductor.yaml b/exceptions/conductor.yaml index 7d4b0d5..0532ba4 100644 --- a/exceptions/conductor.yaml +++ b/exceptions/conductor.yaml @@ -10,12 +10,4 @@ binaries: file_audits: file_names: [nullvalue] - file_contents: - - ^# - - git clone.+\.openstack\.org - - git clone.+gerrit\.opnfv\.org - - wget.+build\.opnfv\.org - - wget.+artifacts\.opnfv\.org - - wget.+git\.opnfv.org - - wget.+git\.openstack.org - - git clone.+https:\/\/git.opendaylight\.org\/gerrit\/ + file_contents: [nullvalue] diff --git a/exceptions/copper.yaml b/exceptions/copper.yaml index 7d4b0d5..0532ba4 100644 --- a/exceptions/copper.yaml +++ b/exceptions/copper.yaml @@ -10,12 +10,4 @@ binaries: file_audits: file_names: [nullvalue] - file_contents: - - ^# - - git clone.+\.openstack\.org - - git clone.+gerrit\.opnfv\.org - - wget.+build\.opnfv\.org - - wget.+artifacts\.opnfv\.org - - wget.+git\.opnfv.org - - wget.+git\.openstack.org - - git clone.+https:\/\/git.opendaylight\.org\/gerrit\/ + file_contents: [nullvalue] diff --git a/exceptions/cperf.yaml b/exceptions/cperf.yaml index 7d4b0d5..0532ba4 100644 --- a/exceptions/cperf.yaml +++ b/exceptions/cperf.yaml @@ -10,12 +10,4 @@ binaries: file_audits: file_names: [nullvalue] - file_contents: - - ^# - - git clone.+\.openstack\.org - - git clone.+gerrit\.opnfv\.org - - wget.+build\.opnfv\.org - - wget.+artifacts\.opnfv\.org - - wget.+git\.opnfv.org - - wget.+git\.openstack.org - - git clone.+https:\/\/git.opendaylight\.org\/gerrit\/ + file_contents: [nullvalue] diff --git a/exceptions/daisy.yaml b/exceptions/daisy.yaml index 7d4b0d5..0532ba4 100644 --- a/exceptions/daisy.yaml +++ b/exceptions/daisy.yaml @@ -10,12 +10,4 @@ binaries: file_audits: file_names: [nullvalue] - file_contents: - - ^# - - git clone.+\.openstack\.org - - git clone.+gerrit\.opnfv\.org - - wget.+build\.opnfv\.org - - wget.+artifacts\.opnfv\.org - - wget.+git\.opnfv.org - - wget.+git\.openstack.org - - git clone.+https:\/\/git.opendaylight\.org\/gerrit\/ + file_contents: [nullvalue] diff --git a/exceptions/doctor.yaml b/exceptions/doctor.yaml index 7d4b0d5..0532ba4 100644 --- a/exceptions/doctor.yaml +++ b/exceptions/doctor.yaml @@ -10,12 +10,4 @@ binaries: file_audits: file_names: [nullvalue] - file_contents: - - ^# - - git clone.+\.openstack\.org - - git clone.+gerrit\.opnfv\.org - - wget.+build\.opnfv\.org - - wget.+artifacts\.opnfv\.org - - wget.+git\.opnfv.org - - wget.+git\.openstack.org - - git clone.+https:\/\/git.opendaylight\.org\/gerrit\/ + file_contents: [nullvalue] diff --git a/exceptions/dovetail.yaml b/exceptions/dovetail.yaml index 7d4b0d5..0532ba4 100644 --- a/exceptions/dovetail.yaml +++ b/exceptions/dovetail.yaml @@ -10,12 +10,4 @@ binaries: file_audits: file_names: [nullvalue] - file_contents: - - ^# - - git clone.+\.openstack\.org - - git clone.+gerrit\.opnfv\.org - - wget.+build\.opnfv\.org - - wget.+artifacts\.opnfv\.org - - wget.+git\.opnfv.org - - wget.+git\.openstack.org - - git clone.+https:\/\/git.opendaylight\.org\/gerrit\/ + file_contents: [nullvalue] diff --git a/exceptions/dpacc.yaml b/exceptions/dpacc.yaml index 7d4b0d5..0532ba4 100644 --- a/exceptions/dpacc.yaml +++ b/exceptions/dpacc.yaml @@ -10,12 +10,4 @@ binaries: file_audits: file_names: [nullvalue] - file_contents: - - ^# - - git clone.+\.openstack\.org - - git clone.+gerrit\.opnfv\.org - - wget.+build\.opnfv\.org - - wget.+artifacts\.opnfv\.org - - wget.+git\.opnfv.org - - wget.+git\.openstack.org - - git clone.+https:\/\/git.opendaylight\.org\/gerrit\/ + file_contents: [nullvalue] diff --git a/exceptions/enfv.yaml b/exceptions/enfv.yaml index 7d4b0d5..0532ba4 100644 --- a/exceptions/enfv.yaml +++ b/exceptions/enfv.yaml @@ -10,12 +10,4 @@ binaries: file_audits: file_names: [nullvalue] - file_contents: - - ^# - - git clone.+\.openstack\.org - - git clone.+gerrit\.opnfv\.org - - wget.+build\.opnfv\.org - - wget.+artifacts\.opnfv\.org - - wget.+git\.opnfv.org - - wget.+git\.openstack.org - - git clone.+https:\/\/git.opendaylight\.org\/gerrit\/ + file_contents: [nullvalue] diff --git a/exceptions/escalator.yaml b/exceptions/escalator.yaml index 7d4b0d5..0532ba4 100644 --- a/exceptions/escalator.yaml +++ b/exceptions/escalator.yaml @@ -10,12 +10,4 @@ binaries: file_audits: file_names: [nullvalue] - file_contents: - - ^# - - git clone.+\.openstack\.org - - git clone.+gerrit\.opnfv\.org - - wget.+build\.opnfv\.org - - wget.+artifacts\.opnfv\.org - - wget.+git\.opnfv.org - - wget.+git\.openstack.org - - git clone.+https:\/\/git.opendaylight\.org\/gerrit\/ + file_contents: [nullvalue] diff --git a/exceptions/fds.yaml b/exceptions/fds.yaml index 7d4b0d5..0532ba4 100644 --- a/exceptions/fds.yaml +++ b/exceptions/fds.yaml @@ -10,12 +10,4 @@ binaries: file_audits: file_names: [nullvalue] - file_contents: - - ^# - - git clone.+\.openstack\.org - - git clone.+gerrit\.opnfv\.org - - wget.+build\.opnfv\.org - - wget.+artifacts\.opnfv\.org - - wget.+git\.opnfv.org - - wget.+git\.openstack.org - - git clone.+https:\/\/git.opendaylight\.org\/gerrit\/ + file_contents: [nullvalue] diff --git a/exceptions/fuel.yaml b/exceptions/fuel.yaml index 7d4b0d5..0532ba4 100644 --- a/exceptions/fuel.yaml +++ b/exceptions/fuel.yaml @@ -10,12 +10,4 @@ binaries: file_audits: file_names: [nullvalue] - file_contents: - - ^# - - git clone.+\.openstack\.org - - git clone.+gerrit\.opnfv\.org - - wget.+build\.opnfv\.org - - wget.+artifacts\.opnfv\.org - - wget.+git\.opnfv.org - - wget.+git\.openstack.org - - git clone.+https:\/\/git.opendaylight\.org\/gerrit\/ + file_contents: [nullvalue] diff --git a/exceptions/functest.yaml b/exceptions/functest.yaml index bc6766d..f43d1c4 100644 --- a/exceptions/functest.yaml +++ b/exceptions/functest.yaml @@ -10,14 +10,6 @@ binaries: file_audits: file_names: [nullvalue] file_contents: - - ^# - - git clone.+\.openstack\.org - - git clone.+gerrit\.opnfv\.org - - wget.+build\.opnfv\.org - - wget.+artifacts\.opnfv\.org - - wget.+git\.opnfv.org - - wget.+git\.openstack.org - - git clone.+https:\/\/git.opendaylight\.org\/gerrit\/ - openssl-dev.libjpeg-turbo-dev.git.wget.& - RUN.+curl.*https\:\/\/get\.rvm\.io.*bash.*stable - grep.sed.wget.ca-certificates.git.\&& diff --git a/exceptions/octopus.yaml b/exceptions/octopus.yaml index c90dcf2..5860307 100644 --- a/exceptions/octopus.yaml +++ b/exceptions/octopus.yaml @@ -10,12 +10,4 @@ binaries: - dca00ca0c823938e3fca1889ae366e86e6ce2279e4fc689b437d43978cfbe1c9 file_audits: file_names: [nullvalue] - file_contents: - - ^# - - git clone.+\.openstack\.org - - git clone.+gerrit\.opnfv\.org - - wget.+build\.opnfv\.org - - wget.+artifacts\.opnfv\.org - - wget.+git\.opnfv.org - - wget.+git\.openstack.org - - git clone.+https:\/\/git.opendaylight\.org\/gerrit\/ + file_contents: [nullvalue] diff --git a/exceptions/pharos.yaml b/exceptions/pharos.yaml index 99f9e2b..6637339 100644 --- a/exceptions/pharos.yaml +++ b/exceptions/pharos.yaml @@ -9,12 +9,4 @@ binaries: binary_ignore: [nullvalue] file_audits: file_names: [nullvalue] - file_contents: - - ^# - - git clone.+\.openstack\.org - - git clone.+gerrit\.opnfv\.org - - wget.+build\.opnfv\.org - - wget.+artifacts\.opnfv\.org - - wget.+git\.opnfv.org - - wget.+git\.openstack.org - - git clone.+https:\/\/git.opendaylight\.org\/gerrit\/ + file_contents: [nullvalue] diff --git a/exceptions/releng.yaml b/exceptions/releng.yaml index 4003f8a..269ff7d 100644 --- a/exceptions/releng.yaml +++ b/exceptions/releng.yaml @@ -10,12 +10,9 @@ binaries: file_audits: file_names: [nullvalue] file_contents: - - ^# - -s set secret key - "PKG_MAP\\[wget\\]" - "\\[wget\\]=wget" - - "git clone(.*)\\.openstack\\.org" - - "git clone(.*)gerrit\\.opnfv\\.org" - "name: GIT_CLONE_BASE" - "name: SSH_KEY" - "packages = \\['parted', 'puppet', 'wget'" @@ -60,6 +57,3 @@ file_audits: - wget > /dev/null - wget \$get_pip_url - wget(.*)WORKSPACE/opnfv\.properties(.*)GS_URL(.*)properties - - wget(.*)build\.opnfv\.org - - wget.+git\.opnfv.org - - wget(.*)artifacts\.opnfv\.org diff --git a/exceptions/sandbox.yaml b/exceptions/sandbox.yaml index 50c0f78..950fc1c 100644 --- a/exceptions/sandbox.yaml +++ b/exceptions/sandbox.yaml @@ -11,12 +11,4 @@ binaries: file_audits: file_names: [nullvalue] - file_contents: - - ^# - - git clone.+\.openstack\.org - - git clone.+gerrit\.opnfv\.org - - wget.+build\.opnfv\.org - - wget.+artifacts\.opnfv\.org - - wget.+git\.opnfv.org - - wget.+git\.openstack.org - - git clone.+https:\/\/git.opendaylight\.org\/gerrit\/ + file_contents: [nullvalue] diff --git a/exceptions/template.yaml b/exceptions/template.yaml index 7d4b0d5..0532ba4 100644 --- a/exceptions/template.yaml +++ b/exceptions/template.yaml @@ -10,12 +10,4 @@ binaries: file_audits: file_names: [nullvalue] - file_contents: - - ^# - - git clone.+\.openstack\.org - - git clone.+gerrit\.opnfv\.org - - wget.+build\.opnfv\.org - - wget.+artifacts\.opnfv\.org - - wget.+git\.opnfv.org - - wget.+git\.openstack.org - - git clone.+https:\/\/git.opendaylight\.org\/gerrit\/ + file_contents: [nullvalue] diff --git a/exceptions/yardstick.yaml b/exceptions/yardstick.yaml index 7d4b0d5..0532ba4 100644 --- a/exceptions/yardstick.yaml +++ b/exceptions/yardstick.yaml @@ -10,12 +10,4 @@ binaries: file_audits: file_names: [nullvalue] - file_contents: - - ^# - - git clone.+\.openstack\.org - - git clone.+gerrit\.opnfv\.org - - wget.+build\.opnfv\.org - - wget.+artifacts\.opnfv\.org - - wget.+git\.opnfv.org - - wget.+git\.openstack.org - - git clone.+https:\/\/git.opendaylight\.org\/gerrit\/ + file_contents: [nullvalue] diff --git a/ignore_list.yaml b/ignore_list.yaml new file mode 100644 index 0000000..0cd5361 --- /dev/null +++ b/ignore_list.yaml @@ -0,0 +1,15 @@ +--- +binaries: + binary_ignore: [nullvalue] + +file_audits: + file_names: [nullvalue] + file_contents: + - ^# + - git clone.+\.openstack\.org + - git clone.+gerrit\.opnfv\.org + - wget.+build\.opnfv\.org + - wget.+artifacts\.opnfv\.org + - wget.+git\.opnfv.org + - wget.+git\.openstack.org + - git clone.+https:\/\/git.opendaylight\.org\/gerrit\/ -- cgit 1.2.3-korg