3 files changed, 164 insertions, 0 deletions

diff --git a/jjb/securityscanning/opnfv-security-scan.yml b/jjb/securityscanning/opnfv-security-scan.yml
new file mode 100644
index 000000000..6b7cd4747
--- /dev/null
+++ b/jjb/securityscanning/opnfv-security-scan.yml
@@ -0,0 +1,109 @@
+########################
+# Job configuration for opnfv-lint
+########################
+- project:
+
+    name: security-scan
+
+    project: anteaterfw
+
+    jobs:
+        - 'opnfv-security-scan-verify-{stream}'
+
+    stream:
+        - master:
+            branch: '{stream}'
+            gs-pathname: ''
+            disabled: false
+
+########################
+# job templates
+########################
+- job-template:
+    name: 'opnfv-security-scan-verify-{stream}'
+
+    disabled: '{obj:disabled}'
+
+    parameters:
+        - project-parameter:
+            project: $GERRIT_PROJECT
+        - gerrit-parameter:
+            branch: '{branch}'
+
+    scm:
+        - gerrit-trigger-scm:
+            credentials-id: '{ssh-credentials}'
+            refspec: '$GERRIT_REFSPEC'
+            choosing-strategy: 'gerrit'
+
+    triggers:
+        - gerrit:
+            server-name: 'gerrit.opnfv.org'
+            trigger-on:
+                - patchset-created-event:
+                    exclude-drafts: 'false'
+                    exclude-trivial-rebase: 'false'
+                    exclude-no-code-change: 'false'
+                - draft-published-event
+                - comment-added-contains-event:
+                    comment-contains-value: 'recheck'
+                - comment-added-contains-event:
+                    comment-contains-value: 'reverify'
+            projects:
+              - project-compare-type: 'REG_EXP'
+                project-pattern: 'functest'
+                branches:
+                  - branch-compare-type: 'ANT'
+                    branch-pattern: '**/{branch}'
+                file-paths:
+                  - compare-type: ANT
+                    pattern: '**/*.py'
+          skip-vote:
+            successful: true
+            failed: true
+            unstable: true
+            notbuilt: true
+
+    builders:
+        - security-scan-python-code
+        - report-security-scan-result-to-gerrit
+########################
+# builder macros
+########################
+- builder:
+    name: security-scan-python-code
+    builders:
+        - shell: |
+            #!/bin/bash
+            set -o errexit
+            set -o pipefail
+            set -o xtrace
+            export PATH=$PATH:/usr/local/bin/
+
+            # this is where the security/license scan script will be executed
+            echo "Hello World!"
+- builder:
+    name: report-security-scan-result-to-gerrit
+    builders:
+        - shell: |
+            #!/bin/bash
+            set -o errexit
+            set -o pipefail
+            set -o xtrace
+            export PATH=$PATH:/usr/local/bin/
+
+            # If no violations were found, no lint log will exist.
+            if [[ -e securityscan.log ]] ; then
+                echo -e "\nposting security scan report to gerrit...\n"
+
+                cat securityscan.log
+                echo
+
+                ssh -p 29418 gerrit.opnfv.org \
+                    "gerrit review -p $GERRIT_PROJECT \
+                     -m \"$(cat securityscan.log)\" \
+                     $GERRIT_PATCHSET_REVISION \
+                     --notify NONE"
+
+                exit 1
+            fi
diff --git a/utils/test/testapi/deployment/deploy.py b/utils/test/testapi/deployment/deploy.py
new file mode 100644
index 000000000..748bd34f8
--- /dev/null
+++ b/utils/test/testapi/deployment/deploy.py
@@ -0,0 +1,40 @@
+import argparse
+import os
+
+from jinja2 import Environment, FileSystemLoader
+
+env = Environment(loader=FileSystemLoader('./'))
+docker_compose_yml = './docker-compose.yml'
+docker_compose_template = './docker-compose.yml.template'
+
+
+def render_docker_compose(port, swagger_url):
+    vars = {
+        "expose_port": port,
+        "swagger_url": swagger_url,
+    }
+    template = env.get_template(docker_compose_template)
+    yml = template.render(vars=vars)
+
+    with open(docker_compose_yml, 'w') as f:
+        f.write(yml)
+        f.close()
+
+
+def main(args):
+    render_docker_compose(args.expose_port, args.swagger_url)
+    os.system('docker-compose -f {} up -d'.format(docker_compose_yml))
+
+
+if __name__ == '__main__':
+    parser = argparse.ArgumentParser(description='Backup MongoDBs')
+    parser.add_argument('-p', '--expose-port',
+                        type=int,
+                        required=False,
+                        default=8000,
+                        help='testapi exposed port')
+    parser.add_argument('-su', '--swagger-url',
+                        type=str,
+                        required=True,
+                        help='testapi exposed swagger-url')
+    main(parser.parse_args())
diff --git a/utils/test/testapi/deployment/docker-compose.yml.template b/utils/test/testapi/deployment/docker-compose.yml.template
new file mode 100644
index 000000000..5b131f747
--- /dev/null
+++ b/utils/test/testapi/deployment/docker-compose.yml.template
@@ -0,0 +1,15 @@
+version: '2'
+services:
+  mongo:
+    image: mongo:3.2.1
+    container_name: opnfv-mongo
+  testapi:
+    image: opnfv/testapi:latest
+    container_name: opnfv-testapi
+    environment:
+      - mongodb_url=mongodb://mongo:27017/
+      - swagger_url={{ vars.swagger_url }}
+    ports:
+      - "{{ vars.expose_port }}:8000"
+    links:
+      - mongo