jjb/ci_gate_security/anteater-report-to-gerrit.sh


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28

#!/bin/bash
# SPDX-license-identifier: Apache-2.0
set -o pipefail
export PATH=$PATH:/usr/local/bin/
EXITSTATUS=0

# This Log should always exist
if [[ -e securityaudit.log ]] ; then
    echo -e "\nposting security audit report to gerrit...\n"

    #check if log has errors
    if grep ERROR securityaudit.log; then
        EXITSTATUS=1
    fi

    grep 'ERROR' securityaudit.log | awk -F"ERROR - " '{ print $2 }' | tr -d "\'\"" > shortlog

    # Only report to Gerrit when there are errors to report.
    if [[ -s shortlog ]]; then
        ssh -p 29418 gerrit.opnfv.org \
            "gerrit review -p $GERRIT_PROJECT \
            -m \"$(cat shortlog)\" \
            $GERRIT_PATCHSET_REVISION \
            --notify NONE"
    fi

    exit $EXITSTATUS
fi