1 ########################
2 # Job configuration for opnfv-lint
3 ########################
11 - 'opnfv-security-scan-verify-{stream}'
19 ########################
21 ########################
23 name: 'opnfv-security-scan-verify-{stream}'
25 disabled: '{obj:disabled}'
29 project: $GERRIT_PROJECT
35 credentials-id: '{ssh-credentials}'
36 refspec: '$GERRIT_REFSPEC'
37 choosing-strategy: 'gerrit'
41 server-name: 'gerrit.opnfv.org'
43 - patchset-created-event:
44 exclude-drafts: 'false'
45 exclude-trivial-rebase: 'false'
46 exclude-no-code-change: 'false'
47 - draft-published-event
48 - comment-added-contains-event:
49 comment-contains-value: 'recheck'
50 - comment-added-contains-event:
51 comment-contains-value: 'reverify'
53 - project-compare-type: 'REG_EXP'
54 project-pattern: 'sandbox'
56 - branch-compare-type: 'ANT'
57 branch-pattern: '**/{branch}'
68 - security-scan-python-code
69 - report-security-scan-result-to-gerrit
70 ########################
72 ########################
74 name: security-scan-python-code
81 export PATH=$PATH:/usr/local/bin/
83 # this is where the security/license scan script will be executed
86 name: report-security-scan-result-to-gerrit
93 export PATH=$PATH:/usr/local/bin/
95 # If no violations were found, no lint log will exist.
96 if [[ -e securityscan.log ]] ; then
97 echo -e "\nposting security scan report to gerrit...\n"
102 ssh -p 29418 gerrit.opnfv.org \
103 "gerrit review -p $GERRIT_PROJECT \
104 -m \"$(cat securityscan.log)\" \
105 $GERRIT_PATCHSET_REVISION \