summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorCédric Ollivier <cedric.ollivier@orange.com>2022-04-12 17:20:37 +0200
committerCédric Ollivier <cedric.ollivier@orange.com>2022-04-12 17:34:46 +0200
commit5e2111831d34e68667f14858eb41edb7add00234 (patch)
tree24b89df6fb07d9a62835ae45d5da099d5a3f2dcf
parent0b8e9b8ba5adaf70cc2de6e5e09849b5e2422e93 (diff)
Add docker-scan in Functest images
Change-Id: I56158b92f917410dab4113590613e230d87d122d Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com>
-rw-r--r--jjb/functest/functest-kubernetes-ng.yaml92
-rw-r--r--jjb/functest/functest-kubernetes.yaml92
-rw-r--r--jjb/functest/functest.yaml106
-rw-r--r--jjb/functest/xtesting.yaml64
4 files changed, 354 insertions, 0 deletions
diff --git a/jjb/functest/functest-kubernetes-ng.yaml b/jjb/functest/functest-kubernetes-ng.yaml
index 70a826be0..72e273077 100644
--- a/jjb/functest/functest-kubernetes-ng.yaml
+++ b/jjb/functest/functest-kubernetes-ng.yaml
@@ -381,6 +381,86 @@
jobs:
- 'functest-kubernetes-ng-{repo}-{container}-{tag}-trivy'
+- builder:
+ name: functest-kubernetes-ng-docker-scan
+ builders:
+ - shell: |
+ apt-get -o DPkg::Lock::Timeout=300 update && \
+ DEBIAN_FRONTEND=noninteractive apt-get -o DPkg::Lock::Timeout=300 install \
+ curl docker.io -y
+
+ mkdir -p ~/.docker/cli-plugins && \
+ curl https://github.com/docker/scan-cli-plugin/releases/latest/download/docker-scan_linux_amd64 \
+ -L -s -S -o ~/.docker/cli-plugins/docker-scan &&\
+ chmod +x ~/.docker/cli-plugins/docker-scan
+ if [ "{repo}" = "_" ]; then
+ image={container}:{tag}
+ elif [ "{port}" = "None" ]; then
+ image={repo}/{container}:{tag}
+ else
+ image={repo}:{port}/{container}:{tag}
+ fi
+ docker-scan $image
+
+- job-template:
+ name: 'functest-kubernetes-ng-{repo}-{container}-{tag}-docker-scan'
+ triggers:
+ - timed: '@daily'
+ parameters:
+ - functest-kubernetes-ng-slave:
+ slave: '{slave}'
+ builders:
+ - functest-kubernetes-ng-docker-scan:
+ <<: *functest-kubernetes-ng-containers
+ publishers:
+ - email-ext:
+ failure: false
+ first-failure: true
+ fixed: true
+ recipients: cedric.ollivier@orange.com
+
+- project:
+ name: 'functest-kubernetes-ng-opnfv-functest-kubernetes-core-docker-scan'
+ <<: *functest-kubernetes-ng-params
+ container: 'functest-kubernetes-core'
+ jobs:
+ - 'functest-kubernetes-ng-{repo}-{container}-{tag}-docker-scan'
+
+- project:
+ name: 'functest-kubernetes-ng-opnfv-functest-kubernetes-healthcheck-docker-scan'
+ <<: *functest-kubernetes-ng-params
+ container: 'functest-kubernetes-healthcheck'
+ jobs:
+ - 'functest-kubernetes-ng-{repo}-{container}-{tag}-docker-scan'
+
+- project:
+ name: 'functest-kubernetes-ng-opnfv-functest-kubernetes-cnf-docker-scan'
+ <<: *functest-kubernetes-ng-params
+ container: 'functest-kubernetes-cnf'
+ jobs:
+ - 'functest-kubernetes-ng-{repo}-{container}-{tag}-docker-scan'
+
+- project:
+ name: 'functest-kubernetes-ng-opnfv-functest-kubernetes-security-docker-scan'
+ <<: *functest-kubernetes-ng-params
+ container: 'functest-kubernetes-security'
+ jobs:
+ - 'functest-kubernetes-ng-{repo}-{container}-{tag}-docker-scan'
+
+- project:
+ name: 'functest-kubernetes-ng-opnfv-functest-kubernetes-smoke-docker-scan'
+ <<: *functest-kubernetes-ng-params
+ container: 'functest-kubernetes-smoke'
+ jobs:
+ - 'functest-kubernetes-ng-{repo}-{container}-{tag}-docker-scan'
+
+- project:
+ name: 'functest-kubernetes-ng-opnfv-functest-kubernetes-benchmarking-docker-scan'
+ <<: *functest-kubernetes-ng-params
+ container: 'functest-kubernetes-benchmarking'
+ jobs:
+ - 'functest-kubernetes-ng-{repo}-{container}-{tag}-docker-scan'
+
- project:
name: 'functest-kubernetes-ng'
<<: *functest-kubernetes-ng-params
@@ -410,3 +490,15 @@
- last-failure
- last-duration
regex: ^functest-kubernetes-ng-[a-z0-9-.]+-trivy$
+
+- view:
+ name: functest-kubernetes-ng-docker-scan
+ view-type: list
+ columns:
+ - status
+ - weather
+ - job
+ - last-success
+ - last-failure
+ - last-duration
+ regex: ^functest-kubernetes-ng-[a-z0-9.]+-docker-scan$
diff --git a/jjb/functest/functest-kubernetes.yaml b/jjb/functest/functest-kubernetes.yaml
index 0fe4013cc..4354896aa 100644
--- a/jjb/functest/functest-kubernetes.yaml
+++ b/jjb/functest/functest-kubernetes.yaml
@@ -1282,6 +1282,86 @@
jobs:
- 'functest-kubernetes-{repo}-{container}-{tag}-trivy'
+- builder:
+ name: functest-kubernetes-docker-scan
+ builders:
+ - shell: |
+ apt-get -o DPkg::Lock::Timeout=300 update && \
+ DEBIAN_FRONTEND=noninteractive apt-get -o DPkg::Lock::Timeout=300 install \
+ curl docker.io -y
+
+ mkdir -p ~/.docker/cli-plugins && \
+ curl https://github.com/docker/scan-cli-plugin/releases/latest/download/docker-scan_linux_amd64 \
+ -L -s -S -o ~/.docker/cli-plugins/docker-scan &&\
+ chmod +x ~/.docker/cli-plugins/docker-scan
+ if [ "{repo}" = "_" ]; then
+ image={container}:{tag}
+ elif [ "{port}" = "None" ]; then
+ image={repo}/{container}:{tag}
+ else
+ image={repo}:{port}/{container}:{tag}
+ fi
+ docker-scan $image
+
+- job-template:
+ name: 'functest-kubernetes-{repo}-{container}-{tag}-docker-scan'
+ triggers:
+ - timed: '@weekly'
+ parameters:
+ - functest-kubernetes-slave:
+ slave: '{slave}'
+ builders:
+ - functest-kubernetes-docker-scan:
+ <<: *functest-kubernetes-containers
+ publishers:
+ - email-ext:
+ failure: false
+ first-failure: true
+ fixed: true
+ recipients: cedric.ollivier@orange.com
+
+- project:
+ name: 'functest-kubernetes-opnfv-functest-kubernetes-core-docker-scan'
+ <<: *functest-kubernetes-params
+ container: 'functest-kubernetes-core'
+ jobs:
+ - 'functest-kubernetes-{repo}-{container}-{tag}-docker-scan'
+
+- project:
+ name: 'functest-kubernetes-opnfv-functest-kubernetes-healthcheck-docker-scan'
+ <<: *functest-kubernetes-params
+ container: 'functest-kubernetes-healthcheck'
+ jobs:
+ - 'functest-kubernetes-{repo}-{container}-{tag}-docker-scan'
+
+- project:
+ name: 'functest-kubernetes-opnfv-functest-kubernetes-cnf-docker-scan'
+ <<: *functest-kubernetes-params
+ container: 'functest-kubernetes-cnf'
+ jobs:
+ - 'functest-kubernetes-{repo}-{container}-{tag}-docker-scan'
+
+- project:
+ name: 'functest-kubernetes-opnfv-functest-kubernetes-security-docker-scan'
+ <<: *functest-kubernetes-params
+ container: 'functest-kubernetes-security'
+ jobs:
+ - 'functest-kubernetes-{repo}-{container}-{tag}-docker-scan'
+
+- project:
+ name: 'functest-kubernetes-opnfv-functest-kubernetes-smoke-docker-scan'
+ <<: *functest-kubernetes-params
+ container: 'functest-kubernetes-smoke'
+ jobs:
+ - 'functest-kubernetes-{repo}-{container}-{tag}-docker-scan'
+
+- project:
+ name: 'functest-kubernetes-opnfv-functest-kubernetes-benchmarking-docker-scan'
+ <<: *functest-kubernetes-params
+ container: 'functest-kubernetes-benchmarking'
+ jobs:
+ - 'functest-kubernetes-{repo}-{container}-{tag}-docker-scan'
+
- project:
name: 'functest-kubernetes'
<<: *functest-kubernetes-params
@@ -1311,3 +1391,15 @@
- last-failure
- last-duration
regex: (?!functest-kubernetes-pi)(?!functest-kubernetes-ng)^functest-kubernetes-[a-z-0-9.]+-trivy$
+
+- view:
+ name: functest-kubernetes-docker-scan
+ view-type: list
+ columns:
+ - status
+ - weather
+ - job
+ - last-success
+ - last-failure
+ - last-duration
+ regex: ^functest-kubernetes-[a-z0-9.]+-docker-scan$
diff --git a/jjb/functest/functest.yaml b/jjb/functest/functest.yaml
index d48bb80c1..11be70f66 100644
--- a/jjb/functest/functest.yaml
+++ b/jjb/functest/functest.yaml
@@ -1645,6 +1645,100 @@
jobs:
- 'functest-{repo}-{container}-{tag}-trivy'
+- builder:
+ name: functest-docker-scan
+ builders:
+ - shell: |
+ apt-get -o DPkg::Lock::Timeout=300 update && \
+ DEBIAN_FRONTEND=noninteractive apt-get -o DPkg::Lock::Timeout=300 install \
+ curl docker.io -y
+
+ mkdir -p ~/.docker/cli-plugins && \
+ curl https://github.com/docker/scan-cli-plugin/releases/latest/download/docker-scan_linux_amd64 \
+ -L -s -S -o ~/.docker/cli-plugins/docker-scan &&\
+ chmod +x ~/.docker/cli-plugins/docker-scan
+ if [ "{repo}" = "_" ]; then
+ image={container}:{tag}
+ elif [ "{port}" = "None" ]; then
+ image={repo}/{container}:{tag}
+ else
+ image={repo}:{port}/{container}:{tag}
+ fi
+ docker-scan $image
+
+- job-template:
+ name: 'functest-{repo}-{container}-{tag}-docker-scan'
+ triggers:
+ - timed: '@weekly'
+ parameters:
+ - functest-slave:
+ slave: '{slave}'
+ builders:
+ - functest-docker-scan:
+ <<: *functest-containers
+ publishers:
+ - email-ext:
+ failure: false
+ first-failure: true
+ fixed: true
+ recipients: cedric.ollivier@orange.com
+
+- project:
+ name: 'functest-opnfv-functest-core-docker-scan'
+ <<: *functest-params
+ container: 'functest-core'
+ jobs:
+ - 'functest-{repo}-{container}-{tag}-docker-scan'
+
+- project:
+ name: 'functest-opnfv-functest-tempest-docker-scan'
+ <<: *functest-params
+ container: 'functest-tempest'
+ jobs:
+ - 'functest-{repo}-{container}-{tag}-docker-scan'
+
+- project:
+ name: 'functest-opnfv-functest-healthcheck-docker-scan'
+ <<: *functest-params
+ container: 'functest-healthcheck'
+ jobs:
+ - 'functest-{repo}-{container}-{tag}-docker-scan'
+
+- project:
+ name: 'functest-opnfv-functest-smoke-docker-scan'
+ <<: *functest-params
+ container: 'functest-smoke'
+ jobs:
+ - 'functest-{repo}-{container}-{tag}-docker-scan'
+
+- project:
+ name: 'functest-opnfv-functest-benchmarking-docker-scan'
+ <<: *functest-params
+ container: 'functest-benchmarking'
+ jobs:
+ - 'functest-{repo}-{container}-{tag}-docker-scan'
+
+- project:
+ name: 'functest-opnfv-functest-vnf-docker-scan'
+ <<: *functest-params
+ container: 'functest-vnf'
+ jobs:
+ - 'functest-{repo}-{container}-{tag}-docker-scan'
+
+- project:
+ name: 'functest-opnfv-functest-smoke-cntt-docker-scan'
+ <<: *functest-params
+ container: 'functest-smoke-cntt'
+ jobs:
+ - 'functest-{repo}-{container}-{tag}-docker-scan'
+
+- project:
+ name: 'functest-opnfv-functest-benchmarking-cntt-docker-scan'
+ <<: *functest-params
+ container: 'functest-benchmarking-cntt'
+ jobs:
+ - 'functest-{repo}-{container}-{tag}-docker-scan'
+
- project:
name: 'functest'
<<: *functest-params
@@ -1674,3 +1768,15 @@
- last-failure
- last-duration
regex: (?!functest-kubernetes)(?!functest-pi)^functest-[a-z-0-9.]+-trivy$
+
+- view:
+ name: functest-docker-scan
+ view-type: list
+ columns:
+ - status
+ - weather
+ - job
+ - last-success
+ - last-failure
+ - last-duration
+ regex: ^functest-[a-z0-9.]+-docker-scan$
diff --git a/jjb/functest/xtesting.yaml b/jjb/functest/xtesting.yaml
index ac62ad9b6..1638e5e71 100644
--- a/jjb/functest/xtesting.yaml
+++ b/jjb/functest/xtesting.yaml
@@ -849,6 +849,58 @@
jobs:
- 'xtesting-{repo}-{container}-{tag}-trivy'
+- builder:
+ name: xtesting-docker-scan
+ builders:
+ - shell: |
+ apt-get -o DPkg::Lock::Timeout=300 update && \
+ DEBIAN_FRONTEND=noninteractive apt-get -o DPkg::Lock::Timeout=300 install \
+ curl docker.io -y
+
+ mkdir -p ~/.docker/cli-plugins && \
+ curl https://github.com/docker/scan-cli-plugin/releases/latest/download/docker-scan_linux_amd64 \
+ -L -s -S -o ~/.docker/cli-plugins/docker-scan &&\
+ chmod +x ~/.docker/cli-plugins/docker-scan
+ if [ "{repo}" = "_" ]; then
+ image={container}:{tag}
+ elif [ "{port}" = "None" ]; then
+ image={repo}/{container}:{tag}
+ else
+ image={repo}:{port}/{container}:{tag}
+ fi
+ docker-scan $image
+
+- job-template:
+ name: 'xtesting-{repo}-{container}-{tag}-docker-scan'
+ triggers:
+ - timed: '@daily'
+ parameters:
+ - xtesting-slave:
+ slave: '{slave}'
+ builders:
+ - xtesting-docker-scan:
+ <<: *xtesting-containers
+ publishers:
+ - email-ext:
+ failure: false
+ first-failure: true
+ fixed: true
+ recipients: cedric.ollivier@orange.com
+
+- project:
+ name: 'xtesting-opnfv-xtesting-docker-scan'
+ <<: *xtesting-params
+ container: 'xtesting'
+ jobs:
+ - 'xtesting-{repo}-{container}-{tag}-docker-scan'
+
+- project:
+ name: 'xtesting-opnfv-xtesting-mts-docker-scan'
+ <<: *xtesting-params
+ container: 'xtesting-mts'
+ jobs:
+ - 'xtesting-{repo}-{container}-{tag}-docker-scan'
+
- project:
name: 'xtesting'
<<: *xtesting-params
@@ -878,3 +930,15 @@
- last-failure
- last-duration
regex: (?!xtesting-pi)^xtesting-[a-z-0-9.]+-trivy$
+
+- view:
+ name: xtesting-docker-scan
+ view-type: list
+ columns:
+ - status
+ - weather
+ - job
+ - last-success
+ - last-failure
+ - last-duration
+ regex: ^xtesting-[a-z0-9.]+-docker-scan$