From fbbbfccd6b83c2a47f9a8ac9b71447d01c5e67a2 Mon Sep 17 00:00:00 2001 From: Cédric Ollivier Date: Thu, 21 Apr 2022 16:57:24 +0200 Subject: Fix trivy calls MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Trivy remove the exit code option. It also takes into account last XtestingCI updates. Change-Id: I33c7a0c8651dc1805af1f3f743cd58618b2b7d3c Signed-off-by: Cédric Ollivier --- jjb/functest/functest-kubernetes-ng.yaml | 2 +- jjb/functest/functest-kubernetes-pi.yaml | 20 ++++++++++++++++++++ jjb/functest/functest-kubernetes.yaml | 22 +++++++++++++++++++++- jjb/functest/functest-pi.yaml | 21 +++++++++++++++++++++ jjb/functest/functest.yaml | 23 ++++++++++++++++++++++- jjb/functest/xtesting-pi.yaml | 17 +++++++++++++++++ jjb/functest/xtesting.yaml | 19 ++++++++++++++++++- 7 files changed, 120 insertions(+), 4 deletions(-) diff --git a/jjb/functest/functest-kubernetes-ng.yaml b/jjb/functest/functest-kubernetes-ng.yaml index 170014bc8..b9353f98f 100644 --- a/jjb/functest/functest-kubernetes-ng.yaml +++ b/jjb/functest/functest-kubernetes-ng.yaml @@ -320,7 +320,7 @@ else image={repo}:{port}/{container}:{tag} fi - ./trivy --exit-code 1 $image + ./trivy $image - job-template: name: 'functest-kubernetes-ng-{repo}-{container}-{tag}-trivy' diff --git a/jjb/functest/functest-kubernetes-pi.yaml b/jjb/functest/functest-kubernetes-pi.yaml index 21c298f1c..9dc8dcb21 100644 --- a/jjb/functest/functest-kubernetes-pi.yaml +++ b/jjb/functest/functest-kubernetes-pi.yaml @@ -89,6 +89,7 @@ network: '{network}' uid: '{uid}' gid: '{gid}' + published_ports: '{published_ports}' - builder: name: functest-kubernetes-pi-pull-containers @@ -119,6 +120,11 @@ for i in $(eval echo {env} | tr -d '[]' |sed "s/, / /g" ); \ do env="-e $i $env"; done fi + published_ports=; + if [ "{published_ports}" != "None" ]; then + for i in $(echo {published_ports} | tr -d '[]' |sed "s/, / /g" ); \ + do published_ports="-p $i $published_ports"; done + fi [ ! -z "$WORKSPACE" ] && rm -rf $WORKSPACE/results || true if [ "{repo}" = "_" ]; then image={container}:{tag} @@ -134,6 +140,7 @@ --network={network} \ $volumes \ $env \ + $published_ports \ -e S3_ENDPOINT_URL=https://storage.googleapis.com \ -e S3_DST_URL=s3://artifacts.opnfv.org/functest-kubernetes/$BUILD_TAG/$JOB_NAME-$BUILD_ID \ -e HTTP_DST_URL=http://artifacts.opnfv.org/functest-kubernetes/$BUILD_TAG/$JOB_NAME-$BUILD_ID \ @@ -270,6 +277,7 @@ env: - DEPLOY_SCENARIO=$DEPLOY_SCENARIO - E2E_TEST_OPTS=$E2E_TEST_OPTS + published_ports: container: 'functest-kubernetes-healthcheck' test: - k8s_quick @@ -304,6 +312,7 @@ env: - DEPLOY_SCENARIO=$DEPLOY_SCENARIO - E2E_TEST_OPTS=$E2E_TEST_OPTS + published_ports: container: 'functest-kubernetes-smoke' test: - xrally_kubernetes @@ -379,6 +388,7 @@ env: - DEPLOY_SCENARIO=$DEPLOY_SCENARIO - E2E_TEST_OPTS=$E2E_TEST_OPTS + published_ports: container: 'functest-kubernetes-security' test: - kube_hunter @@ -414,6 +424,7 @@ env: - DEPLOY_SCENARIO=$DEPLOY_SCENARIO - E2E_TEST_OPTS=$E2E_TEST_OPTS + published_ports: container: 'functest-kubernetes-benchmarking' test: - xrally_kubernetes_full @@ -448,6 +459,7 @@ env: - DEPLOY_SCENARIO=$DEPLOY_SCENARIO - E2E_TEST_OPTS=$E2E_TEST_OPTS + published_ports: container: 'functest-kubernetes-cnf' test: - k8s_vims @@ -475,6 +487,11 @@ for i in $(eval echo {env} | tr -d '[]' |sed "s/, / /g" ); \ do env="-e $i $env"; done fi + published_ports=; + if [ "{published_ports}" != "None" ]; then + for i in $(echo {published_ports} | tr -d '[]' |sed "s/, / /g" ); \ + do published_ports="-p $i $published_ports"; done + fi [ ! -z "$WORKSPACE" ] && rm -rf $WORKSPACE/results || true if [ "{repo}" = "_" ]; then image={container}:{tag} @@ -488,6 +505,7 @@ docker run --rm \ $volumes \ $env \ + $published_ports \ -e S3_ENDPOINT_URL=https://storage.googleapis.com \ -e S3_DST_URL=s3://artifacts.opnfv.org/functest-kubernetes \ -e HTTP_DST_URL=http://artifacts.opnfv.org/functest-kubernetes \ @@ -516,6 +534,7 @@ env: '{env}' uid: '{uid}' gid: '{gid}' + published_ports: '{published_ports}' - project: name: 'functest-kubernetes-pi-{tag}-zip' @@ -525,6 +544,7 @@ env: - DEPLOY_SCENARIO=$DEPLOY_SCENARIO - E2E_TEST_OPTS=$E2E_TEST_OPTS + published_ports: container: 'functest-kubernetes-healthcheck' uid: 1000 gid: 1000 diff --git a/jjb/functest/functest-kubernetes.yaml b/jjb/functest/functest-kubernetes.yaml index 91c93e691..6cf3093ad 100644 --- a/jjb/functest/functest-kubernetes.yaml +++ b/jjb/functest/functest-kubernetes.yaml @@ -89,6 +89,7 @@ network: '{network}' uid: '{uid}' gid: '{gid}' + published_ports: '{published_ports}' - builder: name: functest-kubernetes-pull-containers @@ -119,6 +120,11 @@ for i in $(eval echo {env} | tr -d '[]' |sed "s/, / /g" ); \ do env="-e $i $env"; done fi + published_ports=; + if [ "{published_ports}" != "None" ]; then + for i in $(echo {published_ports} | tr -d '[]' |sed "s/, / /g" ); \ + do published_ports="-p $i $published_ports"; done + fi [ ! -z "$WORKSPACE" ] && rm -rf $WORKSPACE/results || true if [ "{repo}" = "_" ]; then image={container}:{tag} @@ -134,6 +140,7 @@ --network={network} \ $volumes \ $env \ + $published_ports \ -e S3_ENDPOINT_URL=https://storage.googleapis.com \ -e S3_DST_URL=s3://artifacts.opnfv.org/functest-kubernetes/$BUILD_TAG/$JOB_NAME-$BUILD_ID \ -e HTTP_DST_URL=http://artifacts.opnfv.org/functest-kubernetes/$BUILD_TAG/$JOB_NAME-$BUILD_ID \ @@ -270,6 +277,7 @@ env: - DEPLOY_SCENARIO=$DEPLOY_SCENARIO - E2E_TEST_OPTS=$E2E_TEST_OPTS + published_ports: container: 'functest-kubernetes-healthcheck' test: - k8s_quick @@ -304,6 +312,7 @@ env: - DEPLOY_SCENARIO=$DEPLOY_SCENARIO - E2E_TEST_OPTS=$E2E_TEST_OPTS + published_ports: container: 'functest-kubernetes-smoke' test: - xrally_kubernetes @@ -361,6 +370,7 @@ env: - DEPLOY_SCENARIO=$DEPLOY_SCENARIO - E2E_TEST_OPTS=$E2E_TEST_OPTS + published_ports: container: 'functest-kubernetes-security' test: - kube_hunter @@ -396,6 +406,7 @@ env: - DEPLOY_SCENARIO=$DEPLOY_SCENARIO - E2E_TEST_OPTS=$E2E_TEST_OPTS + published_ports: container: 'functest-kubernetes-benchmarking' test: - xrally_kubernetes_full @@ -430,6 +441,7 @@ env: - DEPLOY_SCENARIO=$DEPLOY_SCENARIO - E2E_TEST_OPTS=$E2E_TEST_OPTS + published_ports: container: 'functest-kubernetes-cnf' test: - k8s_vims @@ -457,6 +469,11 @@ for i in $(eval echo {env} | tr -d '[]' |sed "s/, / /g" ); \ do env="-e $i $env"; done fi + published_ports=; + if [ "{published_ports}" != "None" ]; then + for i in $(echo {published_ports} | tr -d '[]' |sed "s/, / /g" ); \ + do published_ports="-p $i $published_ports"; done + fi [ ! -z "$WORKSPACE" ] && rm -rf $WORKSPACE/results || true if [ "{repo}" = "_" ]; then image={container}:{tag} @@ -470,6 +487,7 @@ docker run --rm \ $volumes \ $env \ + $published_ports \ -e S3_ENDPOINT_URL=https://storage.googleapis.com \ -e S3_DST_URL=s3://artifacts.opnfv.org/functest-kubernetes \ -e HTTP_DST_URL=http://artifacts.opnfv.org/functest-kubernetes \ @@ -498,6 +516,7 @@ env: '{env}' uid: '{uid}' gid: '{gid}' + published_ports: '{published_ports}' - project: name: 'functest-kubernetes-{tag}-zip' @@ -507,6 +526,7 @@ env: - DEPLOY_SCENARIO=$DEPLOY_SCENARIO - E2E_TEST_OPTS=$E2E_TEST_OPTS + published_ports: container: 'functest-kubernetes-healthcheck' uid: 1000 gid: 1000 @@ -1241,7 +1261,7 @@ else image={repo}:{port}/{container}:{tag} fi - ./trivy --exit-code 1 $image + ./trivy $image - job-template: name: 'functest-kubernetes-{repo}-{container}-{tag}-trivy' diff --git a/jjb/functest/functest-pi.yaml b/jjb/functest/functest-pi.yaml index 6fb2ed86a..241884e72 100644 --- a/jjb/functest/functest-pi.yaml +++ b/jjb/functest/functest-pi.yaml @@ -114,6 +114,7 @@ network: '{network}' uid: '{uid}' gid: '{gid}' + published_ports: '{published_ports}' DASHBOARD_URL: '{DASHBOARD_URL}' - builder: @@ -145,6 +146,11 @@ for i in $(eval echo {env} | tr -d '[]' |sed "s/, / /g" ); \ do env="-e $i $env"; done fi + published_ports=; + if [ "{published_ports}" != "None" ]; then + for i in $(echo {published_ports} | tr -d '[]' |sed "s/, / /g" ); \ + do published_ports="-p $i $published_ports"; done + fi [ ! -z "$WORKSPACE" ] && sudo rm -rf $WORKSPACE/results || true if [ "{repo}" = "_" ]; then image={container}:{tag} @@ -160,6 +166,7 @@ --network={network} \ $volumes \ $env \ + $published_ports \ -e S3_ENDPOINT_URL=https://storage.googleapis.com \ -e S3_DST_URL=s3://artifacts.opnfv.org/functest/$BUILD_TAG/$JOB_NAME-$BUILD_ID \ -e HTTP_DST_URL=http://artifacts.opnfv.org/functest/$BUILD_TAG/$JOB_NAME-$BUILD_ID \ @@ -315,6 +322,7 @@ - EXTERNAL_NETWORK=$EXTERNAL_NETWORK - VOLUME_DEVICE_NAME=$VOLUME_DEVICE_NAME - IMAGE_PROPERTIES=$IMAGE_PROPERTIES + published_ports: container: 'functest-healthcheck' test: - connection_check @@ -364,6 +372,7 @@ - EXTERNAL_NETWORK=$EXTERNAL_NETWORK - VOLUME_DEVICE_NAME=$VOLUME_DEVICE_NAME - IMAGE_PROPERTIES=$IMAGE_PROPERTIES + published_ports: container: 'functest-smoke' test: - tempest_neutron @@ -597,6 +606,7 @@ - EXTERNAL_NETWORK=$EXTERNAL_NETWORK - VOLUME_DEVICE_NAME=$VOLUME_DEVICE_NAME - IMAGE_PROPERTIES=$IMAGE_PROPERTIES + published_ports: container: 'functest-smoke-cntt' test: - tempest_neutron_cntt @@ -641,6 +651,7 @@ - EXTERNAL_NETWORK=$EXTERNAL_NETWORK - VOLUME_DEVICE_NAME=$VOLUME_DEVICE_NAME - IMAGE_PROPERTIES=$IMAGE_PROPERTIES + published_ports: container: 'functest-benchmarking' test: - rally_full @@ -681,6 +692,7 @@ - EXTERNAL_NETWORK=$EXTERNAL_NETWORK - VOLUME_DEVICE_NAME=$VOLUME_DEVICE_NAME - IMAGE_PROPERTIES=$IMAGE_PROPERTIES + published_ports: container: 'functest-benchmarking-cntt' test: - rally_full_cntt @@ -719,6 +731,7 @@ - EXTERNAL_NETWORK=$EXTERNAL_NETWORK - VOLUME_DEVICE_NAME=$VOLUME_DEVICE_NAME - IMAGE_PROPERTIES=$IMAGE_PROPERTIES + published_ports: container: 'functest-vnf' test: - cloudify @@ -748,6 +761,11 @@ for i in $(eval echo {env} | tr -d '[]' |sed "s/, / /g" ); \ do env="-e $i $env"; done fi + published_ports=; + if [ "{published_ports}" != "None" ]; then + for i in $(echo {published_ports} | tr -d '[]' |sed "s/, / /g" ); \ + do published_ports="-p $i $published_ports"; done + fi [ ! -z "$WORKSPACE" ] && sudo rm -rf $WORKSPACE/results || true if [ "{repo}" = "_" ]; then image={container}:{tag} @@ -761,6 +779,7 @@ sudo docker run --rm \ $volumes \ $env \ + $published_ports \ -e S3_ENDPOINT_URL=https://storage.googleapis.com \ -e S3_DST_URL=s3://artifacts.opnfv.org/functest \ -e HTTP_DST_URL=http://artifacts.opnfv.org/functest \ @@ -791,6 +810,7 @@ env: '{env}' uid: '{uid}' gid: '{gid}' + published_ports: '{published_ports}' - project: name: 'functest-pi-{tag}-zip' @@ -802,6 +822,7 @@ - EXTERNAL_NETWORK=$EXTERNAL_NETWORK - VOLUME_DEVICE_NAME=$VOLUME_DEVICE_NAME - IMAGE_PROPERTIES=$IMAGE_PROPERTIES + published_ports: container: 'functest-healthcheck' uid: 1000 gid: 1000 diff --git a/jjb/functest/functest.yaml b/jjb/functest/functest.yaml index 33f685039..c0d57d10b 100644 --- a/jjb/functest/functest.yaml +++ b/jjb/functest/functest.yaml @@ -102,6 +102,7 @@ network: '{network}' uid: '{uid}' gid: '{gid}' + published_ports: '{published_ports}' DASHBOARD_URL: '{DASHBOARD_URL}' - builder: @@ -133,6 +134,11 @@ for i in $(eval echo {env} | tr -d '[]' |sed "s/, / /g" ); \ do env="-e $i $env"; done fi + published_ports=; + if [ "{published_ports}" != "None" ]; then + for i in $(echo {published_ports} | tr -d '[]' |sed "s/, / /g" ); \ + do published_ports="-p $i $published_ports"; done + fi [ ! -z "$WORKSPACE" ] && sudo rm -rf $WORKSPACE/results || true if [ "{repo}" = "_" ]; then image={container}:{tag} @@ -148,6 +154,7 @@ --network={network} \ $volumes \ $env \ + $published_ports \ -e S3_ENDPOINT_URL=https://storage.googleapis.com \ -e S3_DST_URL=s3://artifacts.opnfv.org/functest/$BUILD_TAG/$JOB_NAME-$BUILD_ID \ -e HTTP_DST_URL=http://artifacts.opnfv.org/functest/$BUILD_TAG/$JOB_NAME-$BUILD_ID \ @@ -303,6 +310,7 @@ - EXTERNAL_NETWORK=$EXTERNAL_NETWORK - VOLUME_DEVICE_NAME=$VOLUME_DEVICE_NAME - IMAGE_PROPERTIES=$IMAGE_PROPERTIES + published_ports: container: 'functest-healthcheck' test: - connection_check @@ -352,6 +360,7 @@ - EXTERNAL_NETWORK=$EXTERNAL_NETWORK - VOLUME_DEVICE_NAME=$VOLUME_DEVICE_NAME - IMAGE_PROPERTIES=$IMAGE_PROPERTIES + published_ports: container: 'functest-smoke' test: - tempest_neutron @@ -469,6 +478,7 @@ - EXTERNAL_NETWORK=$EXTERNAL_NETWORK - VOLUME_DEVICE_NAME=$VOLUME_DEVICE_NAME - IMAGE_PROPERTIES=$IMAGE_PROPERTIES + published_ports: container: 'functest-smoke-cntt' test: - tempest_neutron_cntt @@ -513,6 +523,7 @@ - EXTERNAL_NETWORK=$EXTERNAL_NETWORK - VOLUME_DEVICE_NAME=$VOLUME_DEVICE_NAME - IMAGE_PROPERTIES=$IMAGE_PROPERTIES + published_ports: container: 'functest-benchmarking' test: - rally_full @@ -553,6 +564,7 @@ - EXTERNAL_NETWORK=$EXTERNAL_NETWORK - VOLUME_DEVICE_NAME=$VOLUME_DEVICE_NAME - IMAGE_PROPERTIES=$IMAGE_PROPERTIES + published_ports: container: 'functest-benchmarking-cntt' test: - rally_full_cntt @@ -591,6 +603,7 @@ - EXTERNAL_NETWORK=$EXTERNAL_NETWORK - VOLUME_DEVICE_NAME=$VOLUME_DEVICE_NAME - IMAGE_PROPERTIES=$IMAGE_PROPERTIES + published_ports: container: 'functest-vnf' test: - cloudify @@ -620,6 +633,11 @@ for i in $(eval echo {env} | tr -d '[]' |sed "s/, / /g" ); \ do env="-e $i $env"; done fi + published_ports=; + if [ "{published_ports}" != "None" ]; then + for i in $(echo {published_ports} | tr -d '[]' |sed "s/, / /g" ); \ + do published_ports="-p $i $published_ports"; done + fi [ ! -z "$WORKSPACE" ] && sudo rm -rf $WORKSPACE/results || true if [ "{repo}" = "_" ]; then image={container}:{tag} @@ -633,6 +651,7 @@ sudo docker run --rm \ $volumes \ $env \ + $published_ports \ -e S3_ENDPOINT_URL=https://storage.googleapis.com \ -e S3_DST_URL=s3://artifacts.opnfv.org/functest \ -e HTTP_DST_URL=http://artifacts.opnfv.org/functest \ @@ -663,6 +682,7 @@ env: '{env}' uid: '{uid}' gid: '{gid}' + published_ports: '{published_ports}' - project: name: 'functest-{tag}-zip' @@ -674,6 +694,7 @@ - EXTERNAL_NETWORK=$EXTERNAL_NETWORK - VOLUME_DEVICE_NAME=$VOLUME_DEVICE_NAME - IMAGE_PROPERTIES=$IMAGE_PROPERTIES + published_ports: container: 'functest-healthcheck' uid: 1000 gid: 1000 @@ -1592,7 +1613,7 @@ else image={repo}:{port}/{container}:{tag} fi - ./trivy --exit-code 1 $image + ./trivy $image - job-template: name: 'functest-{repo}-{container}-{tag}-trivy' diff --git a/jjb/functest/xtesting-pi.yaml b/jjb/functest/xtesting-pi.yaml index 9d2482e55..9fb4ded14 100644 --- a/jjb/functest/xtesting-pi.yaml +++ b/jjb/functest/xtesting-pi.yaml @@ -75,6 +75,7 @@ network: '{network}' uid: '{uid}' gid: '{gid}' + published_ports: '{published_ports}' - builder: name: xtesting-pi-pull-containers @@ -105,6 +106,11 @@ for i in $(eval echo {env} | tr -d '[]' |sed "s/, / /g" ); \ do env="-e $i $env"; done fi + published_ports=; + if [ "{published_ports}" != "None" ]; then + for i in $(echo {published_ports} | tr -d '[]' |sed "s/, / /g" ); \ + do published_ports="-p $i $published_ports"; done + fi [ ! -z "$WORKSPACE" ] && sudo rm -rf $WORKSPACE/results || true if [ "{repo}" = "_" ]; then image={container}:{tag} @@ -120,6 +126,7 @@ --network={network} \ $volumes \ $env \ + $published_ports \ -e S3_ENDPOINT_URL=https://storage.googleapis.com \ -e S3_DST_URL=s3://artifacts.opnfv.org/xtesting/$BUILD_TAG/$JOB_NAME-$BUILD_ID \ -e HTTP_DST_URL=http://artifacts.opnfv.org/xtesting/$BUILD_TAG/$JOB_NAME-$BUILD_ID \ @@ -207,6 +214,7 @@ <<: *xtesting-pi-params volumes: env: + published_ports: container: 'xtesting' test: - first @@ -258,6 +266,7 @@ <<: *xtesting-pi-params volumes: env: + published_ports: container: 'xtesting-mts' test: - seventh @@ -283,6 +292,11 @@ for i in $(eval echo {env} | tr -d '[]' |sed "s/, / /g" ); \ do env="-e $i $env"; done fi + published_ports=; + if [ "{published_ports}" != "None" ]; then + for i in $(echo {published_ports} | tr -d '[]' |sed "s/, / /g" ); \ + do published_ports="-p $i $published_ports"; done + fi [ ! -z "$WORKSPACE" ] && sudo rm -rf $WORKSPACE/results || true if [ "{repo}" = "_" ]; then image={container}:{tag} @@ -296,6 +310,7 @@ sudo docker run --rm \ $volumes \ $env \ + $published_ports \ -e S3_ENDPOINT_URL=https://storage.googleapis.com \ -e S3_DST_URL=s3://artifacts.opnfv.org/xtesting \ -e HTTP_DST_URL=http://artifacts.opnfv.org/xtesting \ @@ -320,12 +335,14 @@ env: '{env}' uid: '{uid}' gid: '{gid}' + published_ports: '{published_ports}' - project: name: 'xtesting-pi-{tag}-zip' <<: *xtesting-pi-params volumes: env: + published_ports: container: 'xtesting' uid: 1000 gid: 1000 diff --git a/jjb/functest/xtesting.yaml b/jjb/functest/xtesting.yaml index 07b0eb3a9..e4000a45b 100644 --- a/jjb/functest/xtesting.yaml +++ b/jjb/functest/xtesting.yaml @@ -75,6 +75,7 @@ network: '{network}' uid: '{uid}' gid: '{gid}' + published_ports: '{published_ports}' - builder: name: xtesting-pull-containers @@ -105,6 +106,11 @@ for i in $(eval echo {env} | tr -d '[]' |sed "s/, / /g" ); \ do env="-e $i $env"; done fi + published_ports=; + if [ "{published_ports}" != "None" ]; then + for i in $(echo {published_ports} | tr -d '[]' |sed "s/, / /g" ); \ + do published_ports="-p $i $published_ports"; done + fi [ ! -z "$WORKSPACE" ] && sudo rm -rf $WORKSPACE/results || true if [ "{repo}" = "_" ]; then image={container}:{tag} @@ -120,6 +126,7 @@ --network={network} \ $volumes \ $env \ + $published_ports \ -e S3_ENDPOINT_URL=https://storage.googleapis.com \ -e S3_DST_URL=s3://artifacts.opnfv.org/xtesting/$BUILD_TAG/$JOB_NAME-$BUILD_ID \ -e HTTP_DST_URL=http://artifacts.opnfv.org/xtesting/$BUILD_TAG/$JOB_NAME-$BUILD_ID \ @@ -207,6 +214,7 @@ <<: *xtesting-params volumes: env: + published_ports: container: 'xtesting' test: - first @@ -246,6 +254,7 @@ <<: *xtesting-params volumes: env: + published_ports: container: 'xtesting-mts' test: - seventh @@ -271,6 +280,11 @@ for i in $(eval echo {env} | tr -d '[]' |sed "s/, / /g" ); \ do env="-e $i $env"; done fi + published_ports=; + if [ "{published_ports}" != "None" ]; then + for i in $(echo {published_ports} | tr -d '[]' |sed "s/, / /g" ); \ + do published_ports="-p $i $published_ports"; done + fi [ ! -z "$WORKSPACE" ] && sudo rm -rf $WORKSPACE/results || true if [ "{repo}" = "_" ]; then image={container}:{tag} @@ -284,6 +298,7 @@ sudo docker run --rm \ $volumes \ $env \ + $published_ports \ -e S3_ENDPOINT_URL=https://storage.googleapis.com \ -e S3_DST_URL=s3://artifacts.opnfv.org/xtesting \ -e HTTP_DST_URL=http://artifacts.opnfv.org/xtesting \ @@ -308,12 +323,14 @@ env: '{env}' uid: '{uid}' gid: '{gid}' + published_ports: '{published_ports}' - project: name: 'xtesting-{tag}-zip' <<: *xtesting-params volumes: env: + published_ports: container: 'xtesting' uid: 1000 gid: 1000 @@ -830,7 +847,7 @@ else image={repo}:{port}/{container}:{tag} fi - ./trivy --exit-code 1 $image + ./trivy $image - job-template: name: 'xtesting-{repo}-{container}-{tag}-trivy' -- cgit 1.2.3-korg