Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
The current approach is to run /bin/bash in a fully privilaged docker
container as the root user and exec the anteater command from this.
There are a couple of reasons this approach doesn't make sense:
1) anteater is not a long running service
2) anteater doesn't need any privilaged access to the host
3) anteater is already a compiled binary and can be ran directly
Because the anteater container doesn't need access to all the host
devices nor is it running docker containers inside of docker, the
`--privileged=true` flag can be removed.
Note: '--rm' is added as well to ensure volumes do not persist past the
container lifecycle and lead to build server running out of disk space.
JIRA: RELENG-250
Change-Id: I1ec90b3737abf591b6b3373fe2fc8f52cdcfb11a
Signed-off-by: Trevor Bramwell <tbramwell@linuxfoundation.org>
|
|
also change job to only run weekly
Change-Id: I5f0d5f1d7020c02b2f3ec76aa7f5da2196184529
Signed-off-by: agardner <agardner@linuxfoundation.org>
|
|
Added license headers
remove errexit from report to gerrit
run as --user nobody
Change-Id: I4b65dbae1f255015877766a0afa44e9b9898651c
Signed-off-by: Aric Gardner <agardner@linuxfoundation.org>
Signed-off-by: Trevor Bramwell <tbramwell@linuxfoundation.org>
|
|
some formatting changes to shell script
Change-Id: I301cb4b385df81a81de5ba230c5a4709461703a3
Signed-off-by: Aric Gardner <agardner@linuxfoundation.org>
|
|
Change-Id: I090e601b45b58fae4235867536553570f2674f9a
Signed-off-by: Aric Gardner <agardner@linuxfoundation.org>
|
|
this file will become too complicated to escape inside the job
definition.
Change-Id: I3e167bee5d315a7ff3b52e7274b68c3146dfbd03
Signed-off-by: Aric Gardner <agardner@linuxfoundation.org>
|
|
Change-Id: Id1340090fbf410f9eda5e115f554fee778d26b90
Signed-off-by: Aric Gardner <agardner@linuxfoundation.org>
|
|
So I guess we put the voting logic in the report results to
gerrit step
Change-Id: I5a6d8c7986bc317648bbb7512ba4f8357bbb4f3c
Signed-off-by: Aric Gardner <agardner@linuxfoundation.org>
|
|
used tee to create audit log
Change-Id: I6941e142064cf7c9b4586660be69df2a02807af3
Signed-off-by: Aric Gardner <agardner@linuxfoundation.org>
|
|
looks like the spacing was off
Change-Id: Ief6d15d122add79b8f9492550ce4ceecafe545bd
Signed-off-by: Aric Gardner <agardner@linuxfoundation.org>
|
|
Change-Id: Ib42cef840ff8118c32676efdf8c21c315c1f4911
Signed-off-by: Fatih Degirmenci <fatih.degirmenci@ericsson.com>
|
|
Change-Id: Ibb3cc5a2425d9f2f79e27c86e22b176fd36cb3dc
Signed-off-by: Aric Gardner <agardner@linuxfoundation.org>
|
|
Change-Id: I988a95141886d53b7b14f3ab5c673f589786ae7a
Signed-off-by: Aric Gardner <agardner@linuxfounation.org>
|
|
Change-Id: I21aca84c2ce5526f4a0942b21c50455c3d8aa4bd
Signed-off-by: Aric Gardner <agardner@linuxfounation.org>
|
|
Change-Id: I7f161b5f939eaeba019ce882a9977908ee0c01b8
Signed-off-by: Fatih Degirmenci <fatih.degirmenci@ericsson.com>
Signed-off-by: Trevor Bramwell <tbramwell@linuxfoundation.org>
|
|
Change adds anteater Docker push and renames securityaudit
to ci_gate_security
Change-Id: Ibf7d930003e7d59cb84a3ddb72962a150590418b
Signed-off-by: lukehinds <lhinds@redhat.com>
|