summaryrefslogtreecommitdiffstats
path: root/jjb/ci_gate_security/opnfv-ci-gate-security.yml
diff options
context:
space:
mode:
Diffstat (limited to 'jjb/ci_gate_security/opnfv-ci-gate-security.yml')
-rw-r--r--jjb/ci_gate_security/opnfv-ci-gate-security.yml102
1 files changed, 90 insertions, 12 deletions
diff --git a/jjb/ci_gate_security/opnfv-ci-gate-security.yml b/jjb/ci_gate_security/opnfv-ci-gate-security.yml
index 0a412c240..ef0da7f3a 100644
--- a/jjb/ci_gate_security/opnfv-ci-gate-security.yml
+++ b/jjb/ci_gate_security/opnfv-ci-gate-security.yml
@@ -9,9 +9,76 @@
project: anteaterfw
+ repo:
+ - apex
+ - apex-os-net-config
+ - apex-puppet-tripleo
+ - apex-tripleo-heat-templates
+ - armband
+ - auto
+ - availability
+ - bamboo
+ - barometer
+ - bottlenecks
+ - calipso
+ - clover
+ - compass-containers
+ - compass4nfv
+ - conductor
+ - container4nfv
+ - copper
+ - cperf
+ - daisy
+ - doctor
+ - domino
+ - dovetail
+ - dpacc
+ - enfv
+ - fastpathmetrics
+ - fds
+ - fuel
+ - functest
+ - ipv6
+ - joid
+ - kvmfornfv
+ - models
+ - moon
+ - multisite
+ - netready
+ - nfvbench
+ - octopus
+ - onosfw
+ - openretriever
+ - opera
+ - opnfvdocs
+ - orchestra
+ - ovn4nfv
+ - ovno
+ - ovsnfv
+ - parser
+ - pharos
+ - pharos-tools
+ - promise
+ - qtip
+ - releng
+ - releng-anteater
+ - releng-testresults
+ - releng-utils
+ - releng-xci
+ - samplevnf
+ - sdnvpn
+ - securityscanning
+ - sfc
+ - snaps
+ - stor4nfv
+ - storperf
+ - ves
+ - vswitchperf
+ - yardstick
+
jobs:
- 'opnfv-security-audit-verify-{stream}'
- - 'opnfv-security-audit-weekly-{stream}'
+ - 'opnfv-security-audit-{repo}-weekly-{stream}'
stream:
- master:
@@ -23,18 +90,26 @@
# job templates
########################
- job-template:
- name: 'opnfv-security-audit-weekly-{stream}'
+ name: 'opnfv-security-audit-{repo}-weekly-{stream}'
disabled: '{obj:disabled}'
parameters:
- - label:
- name: SLAVE_LABEL
- default: 'ericsson-build3'
- description: 'Slave label on Jenkins'
+ - ericsson-build3-defaults
+ - string:
+ name: ANTEATER_SCAN_PATCHSET
+ default: "false"
+ description: "Have anteater scan patchsets (true) or full project (false)"
- project-parameter:
- project: releng
+ project: '{repo}'
branch: '{branch}'
+ - string:
+ name: GERRIT_REFSPEC
+ default: 'refs/heads/{stream}'
+ description: "Default Gerrit ref git HEAD should point to"
+
+ scm:
+ - git-scm-gerrit
triggers:
- timed: '@weekly'
@@ -42,6 +117,13 @@
builders:
- anteater-security-audit-weekly
+ publishers:
+ # defined in jjb/global/releng-macros.yml
+ - 'email-{repo}-ptl':
+ subject: 'OPNFV Security Scan Result: {repo}'
+ - workspace-cleanup:
+ fail-build: false
+
- job-template:
name: 'opnfv-security-audit-verify-{stream}'
@@ -117,12 +199,8 @@
- shell:
!include-raw: ./anteater-report-to-gerrit.sh
-# yamllint disable rule:indentation
- builder:
name: anteater-security-audit-weekly
builders:
- shell:
- !include-raw:
- - ./anteater-clone-all-repos.sh
- - ./anteater-security-audit-weekly.sh
-# yamllint enable rule:indentation
+ !include-raw: ./anteater-security-audit-weekly.sh