From 2fea92d9d1004c186e1e0443269361c40e159655 Mon Sep 17 00:00:00 2001 From: lukehinds Date: Thu, 1 Jun 2017 13:36:25 +0100 Subject: Add Job Configuration for Anteater Change adds anteater Docker push and renames securityaudit to ci_gate_security Change-Id: Ibf7d930003e7d59cb84a3ddb72962a150590418b Signed-off-by: lukehinds --- jjb/ci_gate_security/opnfv-ci-gate-security.yml | 105 ++++++++++++++++++++++++ jjb/releng/opnfv-docker.yml | 3 + jjb/securityaudit/opnfv-security-audit.yml | 105 ------------------------ 3 files changed, 108 insertions(+), 105 deletions(-) create mode 100644 jjb/ci_gate_security/opnfv-ci-gate-security.yml delete mode 100644 jjb/securityaudit/opnfv-security-audit.yml diff --git a/jjb/ci_gate_security/opnfv-ci-gate-security.yml b/jjb/ci_gate_security/opnfv-ci-gate-security.yml new file mode 100644 index 000000000..732df8925 --- /dev/null +++ b/jjb/ci_gate_security/opnfv-ci-gate-security.yml @@ -0,0 +1,105 @@ +######################## +# Job configuration for opnfv-lint +######################## +- project: + + name: anteaterfw + + project: anteaterfw + + jobs: + - 'opnfv-security-audit-verify-{stream}' + + stream: + - master: + branch: '{stream}' + gs-pathname: '' + disabled: false + +######################## +# job templates +######################## +- job-template: + name: 'opnfv-security-audit-verify-{stream}' + + disabled: '{obj:disabled}' + + parameters: + - project-parameter: + project: $GERRIT_PROJECT + branch: '{branch}' + + scm: + - git-scm-gerrit + + triggers: + - gerrit: + server-name: 'gerrit.opnfv.org' + trigger-on: + - patchset-created-event: + exclude-drafts: 'false' + exclude-trivial-rebase: 'false' + exclude-no-code-change: 'false' + - draft-published-event + - comment-added-contains-event: + comment-contains-value: 'recheck' + - comment-added-contains-event: + comment-contains-value: 'reverify' + projects: + - project-compare-type: 'REG_EXP' + project-pattern: 'sandbox' + branches: + - branch-compare-type: 'ANT' + branch-pattern: '**/{branch}' + file-paths: + - compare-type: ANT + pattern: '**/*.py' + skip-vote: + successful: true + failed: true + unstable: true + notbuilt: true + + builders: + - security-audit-python-code + - report-security-audit-result-to-gerrit +######################## +# builder macros +######################## +- builder: + name: security-audit-python-code + builders: + - shell: | + #!/bin/bash + set -o errexit + set -o pipefail + set -o xtrace + export PATH=$PATH:/usr/local/bin/ + + # this is where the security/license audit script will be executed + echo "Hello World!" +- builder: + name: report-security-audit-result-to-gerrit + builders: + - shell: | + #!/bin/bash + set -o errexit + set -o pipefail + set -o xtrace + export PATH=$PATH:/usr/local/bin/ + + # If no violations were found, no lint log will exist. + if [[ -e securityaudit.log ]] ; then + echo -e "\nposting security audit report to gerrit...\n" + + cat securityaudit.log + echo + + ssh -p 29418 gerrit.opnfv.org \ + "gerrit review -p $GERRIT_PROJECT \ + -m \"$(cat securityaudit.log)\" \ + $GERRIT_PATCHSET_REVISION \ + --notify NONE" + + exit 1 + fi diff --git a/jjb/releng/opnfv-docker.yml b/jjb/releng/opnfv-docker.yml index 3b7ec3478..0975e39f1 100644 --- a/jjb/releng/opnfv-docker.yml +++ b/jjb/releng/opnfv-docker.yml @@ -25,6 +25,9 @@ project: # projects with jobs for master + - 'anteater': + <<: *master + <<: *other-receivers - 'bottlenecks': <<: *master <<: *other-receivers diff --git a/jjb/securityaudit/opnfv-security-audit.yml b/jjb/securityaudit/opnfv-security-audit.yml deleted file mode 100644 index 732df8925..000000000 --- a/jjb/securityaudit/opnfv-security-audit.yml +++ /dev/null @@ -1,105 +0,0 @@ -######################## -# Job configuration for opnfv-lint -######################## -- project: - - name: anteaterfw - - project: anteaterfw - - jobs: - - 'opnfv-security-audit-verify-{stream}' - - stream: - - master: - branch: '{stream}' - gs-pathname: '' - disabled: false - -######################## -# job templates -######################## -- job-template: - name: 'opnfv-security-audit-verify-{stream}' - - disabled: '{obj:disabled}' - - parameters: - - project-parameter: - project: $GERRIT_PROJECT - branch: '{branch}' - - scm: - - git-scm-gerrit - - triggers: - - gerrit: - server-name: 'gerrit.opnfv.org' - trigger-on: - - patchset-created-event: - exclude-drafts: 'false' - exclude-trivial-rebase: 'false' - exclude-no-code-change: 'false' - - draft-published-event - - comment-added-contains-event: - comment-contains-value: 'recheck' - - comment-added-contains-event: - comment-contains-value: 'reverify' - projects: - - project-compare-type: 'REG_EXP' - project-pattern: 'sandbox' - branches: - - branch-compare-type: 'ANT' - branch-pattern: '**/{branch}' - file-paths: - - compare-type: ANT - pattern: '**/*.py' - skip-vote: - successful: true - failed: true - unstable: true - notbuilt: true - - builders: - - security-audit-python-code - - report-security-audit-result-to-gerrit -######################## -# builder macros -######################## -- builder: - name: security-audit-python-code - builders: - - shell: | - #!/bin/bash - set -o errexit - set -o pipefail - set -o xtrace - export PATH=$PATH:/usr/local/bin/ - - # this is where the security/license audit script will be executed - echo "Hello World!" -- builder: - name: report-security-audit-result-to-gerrit - builders: - - shell: | - #!/bin/bash - set -o errexit - set -o pipefail - set -o xtrace - export PATH=$PATH:/usr/local/bin/ - - # If no violations were found, no lint log will exist. - if [[ -e securityaudit.log ]] ; then - echo -e "\nposting security audit report to gerrit...\n" - - cat securityaudit.log - echo - - ssh -p 29418 gerrit.opnfv.org \ - "gerrit review -p $GERRIT_PROJECT \ - -m \"$(cat securityaudit.log)\" \ - $GERRIT_PATCHSET_REVISION \ - --notify NONE" - - exit 1 - fi -- cgit 1.2.3-korg