From 5e2111831d34e68667f14858eb41edb7add00234 Mon Sep 17 00:00:00 2001 From: Cédric Ollivier Date: Tue, 12 Apr 2022 17:20:37 +0200 Subject: Add docker-scan in Functest images MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Change-Id: I56158b92f917410dab4113590613e230d87d122d Signed-off-by: Cédric Ollivier --- jjb/functest/functest-kubernetes-ng.yaml | 92 +++++++++++++++++++++++++++ jjb/functest/functest-kubernetes.yaml | 92 +++++++++++++++++++++++++++ jjb/functest/functest.yaml | 106 +++++++++++++++++++++++++++++++ jjb/functest/xtesting.yaml | 64 +++++++++++++++++++ 4 files changed, 354 insertions(+) diff --git a/jjb/functest/functest-kubernetes-ng.yaml b/jjb/functest/functest-kubernetes-ng.yaml index 70a826be0..72e273077 100644 --- a/jjb/functest/functest-kubernetes-ng.yaml +++ b/jjb/functest/functest-kubernetes-ng.yaml @@ -381,6 +381,86 @@ jobs: - 'functest-kubernetes-ng-{repo}-{container}-{tag}-trivy' +- builder: + name: functest-kubernetes-ng-docker-scan + builders: + - shell: | + apt-get -o DPkg::Lock::Timeout=300 update && \ + DEBIAN_FRONTEND=noninteractive apt-get -o DPkg::Lock::Timeout=300 install \ + curl docker.io -y + + mkdir -p ~/.docker/cli-plugins && \ + curl https://github.com/docker/scan-cli-plugin/releases/latest/download/docker-scan_linux_amd64 \ + -L -s -S -o ~/.docker/cli-plugins/docker-scan &&\ + chmod +x ~/.docker/cli-plugins/docker-scan + if [ "{repo}" = "_" ]; then + image={container}:{tag} + elif [ "{port}" = "None" ]; then + image={repo}/{container}:{tag} + else + image={repo}:{port}/{container}:{tag} + fi + docker-scan $image + +- job-template: + name: 'functest-kubernetes-ng-{repo}-{container}-{tag}-docker-scan' + triggers: + - timed: '@daily' + parameters: + - functest-kubernetes-ng-slave: + slave: '{slave}' + builders: + - functest-kubernetes-ng-docker-scan: + <<: *functest-kubernetes-ng-containers + publishers: + - email-ext: + failure: false + first-failure: true + fixed: true + recipients: cedric.ollivier@orange.com + +- project: + name: 'functest-kubernetes-ng-opnfv-functest-kubernetes-core-docker-scan' + <<: *functest-kubernetes-ng-params + container: 'functest-kubernetes-core' + jobs: + - 'functest-kubernetes-ng-{repo}-{container}-{tag}-docker-scan' + +- project: + name: 'functest-kubernetes-ng-opnfv-functest-kubernetes-healthcheck-docker-scan' + <<: *functest-kubernetes-ng-params + container: 'functest-kubernetes-healthcheck' + jobs: + - 'functest-kubernetes-ng-{repo}-{container}-{tag}-docker-scan' + +- project: + name: 'functest-kubernetes-ng-opnfv-functest-kubernetes-cnf-docker-scan' + <<: *functest-kubernetes-ng-params + container: 'functest-kubernetes-cnf' + jobs: + - 'functest-kubernetes-ng-{repo}-{container}-{tag}-docker-scan' + +- project: + name: 'functest-kubernetes-ng-opnfv-functest-kubernetes-security-docker-scan' + <<: *functest-kubernetes-ng-params + container: 'functest-kubernetes-security' + jobs: + - 'functest-kubernetes-ng-{repo}-{container}-{tag}-docker-scan' + +- project: + name: 'functest-kubernetes-ng-opnfv-functest-kubernetes-smoke-docker-scan' + <<: *functest-kubernetes-ng-params + container: 'functest-kubernetes-smoke' + jobs: + - 'functest-kubernetes-ng-{repo}-{container}-{tag}-docker-scan' + +- project: + name: 'functest-kubernetes-ng-opnfv-functest-kubernetes-benchmarking-docker-scan' + <<: *functest-kubernetes-ng-params + container: 'functest-kubernetes-benchmarking' + jobs: + - 'functest-kubernetes-ng-{repo}-{container}-{tag}-docker-scan' + - project: name: 'functest-kubernetes-ng' <<: *functest-kubernetes-ng-params @@ -410,3 +490,15 @@ - last-failure - last-duration regex: ^functest-kubernetes-ng-[a-z0-9-.]+-trivy$ + +- view: + name: functest-kubernetes-ng-docker-scan + view-type: list + columns: + - status + - weather + - job + - last-success + - last-failure + - last-duration + regex: ^functest-kubernetes-ng-[a-z0-9.]+-docker-scan$ diff --git a/jjb/functest/functest-kubernetes.yaml b/jjb/functest/functest-kubernetes.yaml index 0fe4013cc..4354896aa 100644 --- a/jjb/functest/functest-kubernetes.yaml +++ b/jjb/functest/functest-kubernetes.yaml @@ -1282,6 +1282,86 @@ jobs: - 'functest-kubernetes-{repo}-{container}-{tag}-trivy' +- builder: + name: functest-kubernetes-docker-scan + builders: + - shell: | + apt-get -o DPkg::Lock::Timeout=300 update && \ + DEBIAN_FRONTEND=noninteractive apt-get -o DPkg::Lock::Timeout=300 install \ + curl docker.io -y + + mkdir -p ~/.docker/cli-plugins && \ + curl https://github.com/docker/scan-cli-plugin/releases/latest/download/docker-scan_linux_amd64 \ + -L -s -S -o ~/.docker/cli-plugins/docker-scan &&\ + chmod +x ~/.docker/cli-plugins/docker-scan + if [ "{repo}" = "_" ]; then + image={container}:{tag} + elif [ "{port}" = "None" ]; then + image={repo}/{container}:{tag} + else + image={repo}:{port}/{container}:{tag} + fi + docker-scan $image + +- job-template: + name: 'functest-kubernetes-{repo}-{container}-{tag}-docker-scan' + triggers: + - timed: '@weekly' + parameters: + - functest-kubernetes-slave: + slave: '{slave}' + builders: + - functest-kubernetes-docker-scan: + <<: *functest-kubernetes-containers + publishers: + - email-ext: + failure: false + first-failure: true + fixed: true + recipients: cedric.ollivier@orange.com + +- project: + name: 'functest-kubernetes-opnfv-functest-kubernetes-core-docker-scan' + <<: *functest-kubernetes-params + container: 'functest-kubernetes-core' + jobs: + - 'functest-kubernetes-{repo}-{container}-{tag}-docker-scan' + +- project: + name: 'functest-kubernetes-opnfv-functest-kubernetes-healthcheck-docker-scan' + <<: *functest-kubernetes-params + container: 'functest-kubernetes-healthcheck' + jobs: + - 'functest-kubernetes-{repo}-{container}-{tag}-docker-scan' + +- project: + name: 'functest-kubernetes-opnfv-functest-kubernetes-cnf-docker-scan' + <<: *functest-kubernetes-params + container: 'functest-kubernetes-cnf' + jobs: + - 'functest-kubernetes-{repo}-{container}-{tag}-docker-scan' + +- project: + name: 'functest-kubernetes-opnfv-functest-kubernetes-security-docker-scan' + <<: *functest-kubernetes-params + container: 'functest-kubernetes-security' + jobs: + - 'functest-kubernetes-{repo}-{container}-{tag}-docker-scan' + +- project: + name: 'functest-kubernetes-opnfv-functest-kubernetes-smoke-docker-scan' + <<: *functest-kubernetes-params + container: 'functest-kubernetes-smoke' + jobs: + - 'functest-kubernetes-{repo}-{container}-{tag}-docker-scan' + +- project: + name: 'functest-kubernetes-opnfv-functest-kubernetes-benchmarking-docker-scan' + <<: *functest-kubernetes-params + container: 'functest-kubernetes-benchmarking' + jobs: + - 'functest-kubernetes-{repo}-{container}-{tag}-docker-scan' + - project: name: 'functest-kubernetes' <<: *functest-kubernetes-params @@ -1311,3 +1391,15 @@ - last-failure - last-duration regex: (?!functest-kubernetes-pi)(?!functest-kubernetes-ng)^functest-kubernetes-[a-z-0-9.]+-trivy$ + +- view: + name: functest-kubernetes-docker-scan + view-type: list + columns: + - status + - weather + - job + - last-success + - last-failure + - last-duration + regex: ^functest-kubernetes-[a-z0-9.]+-docker-scan$ diff --git a/jjb/functest/functest.yaml b/jjb/functest/functest.yaml index d48bb80c1..11be70f66 100644 --- a/jjb/functest/functest.yaml +++ b/jjb/functest/functest.yaml @@ -1645,6 +1645,100 @@ jobs: - 'functest-{repo}-{container}-{tag}-trivy' +- builder: + name: functest-docker-scan + builders: + - shell: | + apt-get -o DPkg::Lock::Timeout=300 update && \ + DEBIAN_FRONTEND=noninteractive apt-get -o DPkg::Lock::Timeout=300 install \ + curl docker.io -y + + mkdir -p ~/.docker/cli-plugins && \ + curl https://github.com/docker/scan-cli-plugin/releases/latest/download/docker-scan_linux_amd64 \ + -L -s -S -o ~/.docker/cli-plugins/docker-scan &&\ + chmod +x ~/.docker/cli-plugins/docker-scan + if [ "{repo}" = "_" ]; then + image={container}:{tag} + elif [ "{port}" = "None" ]; then + image={repo}/{container}:{tag} + else + image={repo}:{port}/{container}:{tag} + fi + docker-scan $image + +- job-template: + name: 'functest-{repo}-{container}-{tag}-docker-scan' + triggers: + - timed: '@weekly' + parameters: + - functest-slave: + slave: '{slave}' + builders: + - functest-docker-scan: + <<: *functest-containers + publishers: + - email-ext: + failure: false + first-failure: true + fixed: true + recipients: cedric.ollivier@orange.com + +- project: + name: 'functest-opnfv-functest-core-docker-scan' + <<: *functest-params + container: 'functest-core' + jobs: + - 'functest-{repo}-{container}-{tag}-docker-scan' + +- project: + name: 'functest-opnfv-functest-tempest-docker-scan' + <<: *functest-params + container: 'functest-tempest' + jobs: + - 'functest-{repo}-{container}-{tag}-docker-scan' + +- project: + name: 'functest-opnfv-functest-healthcheck-docker-scan' + <<: *functest-params + container: 'functest-healthcheck' + jobs: + - 'functest-{repo}-{container}-{tag}-docker-scan' + +- project: + name: 'functest-opnfv-functest-smoke-docker-scan' + <<: *functest-params + container: 'functest-smoke' + jobs: + - 'functest-{repo}-{container}-{tag}-docker-scan' + +- project: + name: 'functest-opnfv-functest-benchmarking-docker-scan' + <<: *functest-params + container: 'functest-benchmarking' + jobs: + - 'functest-{repo}-{container}-{tag}-docker-scan' + +- project: + name: 'functest-opnfv-functest-vnf-docker-scan' + <<: *functest-params + container: 'functest-vnf' + jobs: + - 'functest-{repo}-{container}-{tag}-docker-scan' + +- project: + name: 'functest-opnfv-functest-smoke-cntt-docker-scan' + <<: *functest-params + container: 'functest-smoke-cntt' + jobs: + - 'functest-{repo}-{container}-{tag}-docker-scan' + +- project: + name: 'functest-opnfv-functest-benchmarking-cntt-docker-scan' + <<: *functest-params + container: 'functest-benchmarking-cntt' + jobs: + - 'functest-{repo}-{container}-{tag}-docker-scan' + - project: name: 'functest' <<: *functest-params @@ -1674,3 +1768,15 @@ - last-failure - last-duration regex: (?!functest-kubernetes)(?!functest-pi)^functest-[a-z-0-9.]+-trivy$ + +- view: + name: functest-docker-scan + view-type: list + columns: + - status + - weather + - job + - last-success + - last-failure + - last-duration + regex: ^functest-[a-z0-9.]+-docker-scan$ diff --git a/jjb/functest/xtesting.yaml b/jjb/functest/xtesting.yaml index ac62ad9b6..1638e5e71 100644 --- a/jjb/functest/xtesting.yaml +++ b/jjb/functest/xtesting.yaml @@ -849,6 +849,58 @@ jobs: - 'xtesting-{repo}-{container}-{tag}-trivy' +- builder: + name: xtesting-docker-scan + builders: + - shell: | + apt-get -o DPkg::Lock::Timeout=300 update && \ + DEBIAN_FRONTEND=noninteractive apt-get -o DPkg::Lock::Timeout=300 install \ + curl docker.io -y + + mkdir -p ~/.docker/cli-plugins && \ + curl https://github.com/docker/scan-cli-plugin/releases/latest/download/docker-scan_linux_amd64 \ + -L -s -S -o ~/.docker/cli-plugins/docker-scan &&\ + chmod +x ~/.docker/cli-plugins/docker-scan + if [ "{repo}" = "_" ]; then + image={container}:{tag} + elif [ "{port}" = "None" ]; then + image={repo}/{container}:{tag} + else + image={repo}:{port}/{container}:{tag} + fi + docker-scan $image + +- job-template: + name: 'xtesting-{repo}-{container}-{tag}-docker-scan' + triggers: + - timed: '@daily' + parameters: + - xtesting-slave: + slave: '{slave}' + builders: + - xtesting-docker-scan: + <<: *xtesting-containers + publishers: + - email-ext: + failure: false + first-failure: true + fixed: true + recipients: cedric.ollivier@orange.com + +- project: + name: 'xtesting-opnfv-xtesting-docker-scan' + <<: *xtesting-params + container: 'xtesting' + jobs: + - 'xtesting-{repo}-{container}-{tag}-docker-scan' + +- project: + name: 'xtesting-opnfv-xtesting-mts-docker-scan' + <<: *xtesting-params + container: 'xtesting-mts' + jobs: + - 'xtesting-{repo}-{container}-{tag}-docker-scan' + - project: name: 'xtesting' <<: *xtesting-params @@ -878,3 +930,15 @@ - last-failure - last-duration regex: (?!xtesting-pi)^xtesting-[a-z-0-9.]+-trivy$ + +- view: + name: xtesting-docker-scan + view-type: list + columns: + - status + - weather + - job + - last-success + - last-failure + - last-duration + regex: ^xtesting-[a-z0-9.]+-docker-scan$ -- cgit 1.2.3-korg