diff options
Diffstat (limited to 'jjb/ci_gate_security/anteater-security-audit.sh')
-rw-r--r-- | jjb/ci_gate_security/anteater-security-audit.sh | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/jjb/ci_gate_security/anteater-security-audit.sh b/jjb/ci_gate_security/anteater-security-audit.sh new file mode 100644 index 000000000..1ac558208 --- /dev/null +++ b/jjb/ci_gate_security/anteater-security-audit.sh @@ -0,0 +1,33 @@ +#!/bin/bash +set -o pipefail + +cd $WORKSPACE +echo "Generating patchset file to list changed files" +git diff HEAD^1 --name-only | sed "s#^#/home/opnfv/anteater/$PROJECT/#" > $WORKSPACE/patchset +echo "Changed files are" +echo "--------------------------------------------------------" +cat $WORKSPACE/patchset +echo "--------------------------------------------------------" + +vols="-v $WORKSPACE:/home/opnfv/anteater/$PROJECT" +envs="-e PROJECT=$PROJECT" + +echo "Pulling releng-anteater docker image" +echo "--------------------------------------------------------" +docker pull opnfv/releng-anteater +echo "--------------------------------------------------------" + +cmd="docker run --user $JENKINS_USER -id $envs $vols --rm opnfv/releng-anteater /bin/bash" +echo "Running docker command $cmd" +container_id=$($cmd) +echo "Container ID is $container_id" +cmd="anteater --project $PROJECT --patchset /home/opnfv/anteater/$PROJECT/patchset" +echo "Executing command inside container" +echo "$cmd" +echo "--------------------------------------------------------" +docker exec $container_id $cmd +exit_code=$? +echo "--------------------------------------------------------" +echo "Stopping docker container with ID $container_id" +docker stop $container_id +exit $exit_code |