diff options
author | Aric Gardner <agardner@linuxfoundation.org> | 2017-06-14 12:03:12 +0800 |
---|---|---|
committer | agardner <agardner@linuxfoundation.org> | 2017-06-19 14:54:03 -0400 |
commit | 075027d9f92966e2e688db3d31529fabee6f3dec (patch) | |
tree | 0f5d1f964fe81f23be360dda3f77b14bf3c8ab80 /jjb/ci_gate_security/anteater-security-audit-weekly.sh | |
parent | e4e6211295ae7d1d18b481731fca188a1d1fd2af (diff) |
Add weekly job for security scan
Added license headers
remove errexit from report to gerrit
run as --user nobody
Change-Id: I4b65dbae1f255015877766a0afa44e9b9898651c
Signed-off-by: Aric Gardner <agardner@linuxfoundation.org>
Signed-off-by: Trevor Bramwell <tbramwell@linuxfoundation.org>
Diffstat (limited to 'jjb/ci_gate_security/anteater-security-audit-weekly.sh')
-rw-r--r-- | jjb/ci_gate_security/anteater-security-audit-weekly.sh | 37 |
1 files changed, 37 insertions, 0 deletions
diff --git a/jjb/ci_gate_security/anteater-security-audit-weekly.sh b/jjb/ci_gate_security/anteater-security-audit-weekly.sh new file mode 100644 index 000000000..99f2820ec --- /dev/null +++ b/jjb/ci_gate_security/anteater-security-audit-weekly.sh @@ -0,0 +1,37 @@ +#!/bin/bash +# SPDX-license-identifier: Apache-2.0 + +echo "--------------------------------------------------------" +vols="-v $WORKSPACE/allrepos/:/home/opnfv/anteater/allrepos/" +echo "Pulling releng-anteater docker image" +echo "--------------------------------------------------------" +docker pull opnfv/releng-anteater +echo "--------------------------------------------------------" +cmd="docker run --user nobody -id $vols opnfv/releng-anteater /bin/bash" +echo "Running docker command $cmd" +container_id=$($cmd) +echo "Container ID is $container_id" +source $WORKSPACE/opnfv-projects.sh +for project in "${PROJECT_LIST[@]}" + +do + cmd="anteater --project testproj --path /home/opnfv/anteater/allrepos/$project" + echo "Executing command inside container" + echo "$cmd" + echo "--------------------------------------------------------" + docker exec $container_id $cmd > $WORKSPACE/"$project".securityaudit.log 2>&1 +done + +exit_code=$? +echo "--------------------------------------------------------" +echo "Stopping docker container with ID $container_id" +docker stop $container_id + + +#gsutil cp $WORKSPACE/securityaudit.log \ +# gs://$GS_URL/$PROJECT-securityaudit-weekly.log 2>&1 +# +#gsutil -m setmeta \ +# -h "Content-Type:text/html" \ +# -h "Cache-Control:private, max-age=0, no-transform" \ +# gs://$GS_URL/$PROJECT-securityaudit-weekly.log > /dev/null 2>&1 |