jjb/ci_gate_security/anteater-security-audit.sh

   1 #!/bin/bash
   2 set -o pipefail
   3
   4 cd $WORKSPACE
   5 echo "Generating patchset file to list changed files"
   6 git diff HEAD^1 --name-only | sed "s#^#/home/opnfv/anteater/$PROJECT/#" > $WORKSPACE/patchset
   7 echo "Changed files are"
   8 echo "--------------------------------------------------------"
   9 cat $WORKSPACE/patchset
  10 echo "--------------------------------------------------------"
  11
  12 vols="-v $WORKSPACE:/home/opnfv/anteater/$PROJECT"
  13 envs="-e PROJECT=$PROJECT"
  14
  15 echo "Pulling releng-anteater docker image"
  16 echo "--------------------------------------------------------"
  17 docker pull opnfv/releng-anteater
  18 echo "--------------------------------------------------------"
  19
  20 cmd="sudo docker run --privileged=true -id $envs $vols opnfv/releng-anteater /bin/bash"
  21 echo "Running docker command $cmd"
  22 container_id=$($cmd)
  23 echo "Container ID is $container_id"
  24 cmd="anteater --project $PROJECT --patchset /home/opnfv/anteater/$PROJECT/patchset"
  25 echo "Executing command inside container"
  26 echo "$cmd"
  27 echo "--------------------------------------------------------"
  28 docker exec $container_id $cmd
  29 exit_code=$?
  30 echo "--------------------------------------------------------"
  31 echo "Stopping docker container with ID $container_id"
  32 docker stop $container_id
  33 exit $exit_code