summaryrefslogtreecommitdiffstats
path: root/jjb/ci_gate_security/opnfv-ci-gate-security.yml
diff options
context:
space:
mode:
Diffstat (limited to 'jjb/ci_gate_security/opnfv-ci-gate-security.yml')
-rw-r--r--jjb/ci_gate_security/opnfv-ci-gate-security.yml138
1 files changed, 74 insertions, 64 deletions
diff --git a/jjb/ci_gate_security/opnfv-ci-gate-security.yml b/jjb/ci_gate_security/opnfv-ci-gate-security.yml
index e2f6ceb7b..33179537c 100644
--- a/jjb/ci_gate_security/opnfv-ci-gate-security.yml
+++ b/jjb/ci_gate_security/opnfv-ci-gate-security.yml
@@ -1,3 +1,4 @@
+---
# SPDX-license-identifier: Apache-2.0
########################
# Job configuration for opnfv-anteater (security audit)
@@ -9,14 +10,14 @@
project: anteaterfw
jobs:
- - 'opnfv-security-audit-verify-{stream}'
- - 'opnfv-security-audit-weekly-{stream}'
+ - 'opnfv-security-audit-verify-{stream}'
+ - 'opnfv-security-audit-weekly-{stream}'
stream:
- - master:
- branch: '{stream}'
- gs-pathname: ''
- disabled: false
+ - master:
+ branch: '{stream}'
+ gs-pathname: ''
+ disabled: false
########################
# job templates
@@ -27,19 +28,19 @@
disabled: '{obj:disabled}'
parameters:
- - label:
- name: SLAVE_LABEL
- default: 'ericsson-build3'
- description: 'Slave label on Jenkins'
- - project-parameter:
- project: releng
- branch: '{branch}'
+ - label:
+ name: SLAVE_LABEL
+ default: 'ericsson-build3'
+ description: 'Slave label on Jenkins'
+ - project-parameter:
+ project: releng
+ branch: '{branch}'
triggers:
- - timed: '@weekly'
+ - timed: '@weekly'
builders:
- - anteater-security-audit-weekly
+ - anteater-security-audit-weekly
- job-template:
name: 'opnfv-security-audit-verify-{stream}'
@@ -47,72 +48,81 @@
disabled: '{obj:disabled}'
parameters:
- - label:
- name: SLAVE_LABEL
- default: 'ericsson-build3'
- description: 'Slave label on Jenkins'
- - project-parameter:
- project: $GERRIT_PROJECT
- branch: '{branch}'
- - string:
- name: GIT_BASE
- default: https://gerrit.opnfv.org/gerrit/$PROJECT
- description: "Used for overriding the GIT URL coming from Global Jenkins configuration in case if the stuff is done on none-LF HW."
+ - label:
+ name: SLAVE_LABEL
+ default: 'ericsson-build3'
+ description: 'Slave label on Jenkins'
+ - project-parameter:
+ project: $GERRIT_PROJECT
+ branch: '{branch}'
+ - string:
+ name: GIT_BASE
+ default: https://gerrit.opnfv.org/gerrit/$PROJECT
+ # yamllint disable rule:line-length
+ description: "Used for overriding the GIT URL coming from Global Jenkins configuration in case if the stuff is done on none-LF HW."
+ # yamllint enable rule:line-length
scm:
- - git-scm-gerrit
+ - git-scm-gerrit
+ # yamllint disable rule:line-length
triggers:
- - gerrit:
- server-name: 'gerrit.opnfv.org'
- trigger-on:
- - patchset-created-event:
- exclude-drafts: 'false'
- exclude-trivial-rebase: 'false'
- exclude-no-code-change: 'false'
- - draft-published-event
- - comment-added-contains-event:
- comment-contains-value: 'recheck'
- - comment-added-contains-event:
- comment-contains-value: 'reverify'
- projects:
- - project-compare-type: 'REG_EXP'
- project-pattern: 'apex|armband|bamboo|barometer|bottlenecks|calipso|compass4nfv|conductor|cooper|functest|octopus|pharos|releng|sandbox'
- branches:
- - branch-compare-type: 'ANT'
- branch-pattern: '**/{branch}'
- file-paths:
- - compare-type: ANT
- pattern: '**'
- skip-vote:
- successful: true
- failed: true
- unstable: true
- notbuilt: true
+ - gerrit:
+ server-name: 'gerrit.opnfv.org'
+ trigger-on:
+ - patchset-created-event:
+ exclude-drafts: 'false'
+ exclude-trivial-rebase: 'false'
+ exclude-no-code-change: 'false'
+ - draft-published-event
+ - comment-added-contains-event:
+ comment-contains-value: 'recheck'
+ - comment-added-contains-event:
+ comment-contains-value: 'reverify'
+ projects:
+ - project-compare-type: 'REG_EXP'
+ project-pattern: 'apex|armband|bamboo|barometer|bottlenecks|calipso|compass4nfv|conductor|cooper|cperf|daisy|doctor|dovetail|dpacc|enfv|escalator|fds|fuel|functest|octopus|pharos|releng|sandbox|yardstick'
+ branches:
+ - branch-compare-type: 'ANT'
+ branch-pattern: '**/{branch}'
+ file-paths:
+ - compare-type: ANT
+ pattern: '**'
+ skip-vote:
+ successful: true
+ failed: true
+ unstable: true
+ notbuilt: true
+ # yamllint enable rule:line-length
builders:
- - anteater-security-audit
- - report-security-audit-result-to-gerrit
+ - anteater-security-audit
+ - report-security-audit-result-to-gerrit
+ publishers:
+ - archive-artifacts:
+ artifacts: ".reports/*"
+
########################
# builder macros
########################
- builder:
name: anteater-security-audit
builders:
- - shell:
- !include-raw: ./anteater-security-audit.sh
+ - shell:
+ !include-raw: ./anteater-security-audit.sh
- builder:
name: report-security-audit-result-to-gerrit
builders:
- - shell:
- !include-raw: ./anteater-report-to-gerrit.sh
+ - shell:
+ !include-raw: ./anteater-report-to-gerrit.sh
+# yamllint disable rule:indentation
- builder:
name: anteater-security-audit-weekly
builders:
- - shell:
- !include-raw:
- - ./anteater-clone-all-repos.sh
- - ./anteater-security-audit-weekly.sh
-
+ - shell:
+ !include-raw:
+ - ./anteater-clone-all-repos.sh
+ - ./anteater-security-audit-weekly.sh
+# yamllint enable rule:indentation