+++ /dev/null
----
-# SPDX-license-identifier: Apache-2.0
-########################
-# Job configuration for opnfv-anteater (security audit)
-########################
-- project:
-
- name: anteaterfw
-
- project: anteaterfw
-
- repo:
- - apex
- - apex-os-net-config
- - apex-puppet-tripleo
- - apex-tripleo-heat-templates
- - armband
- - auto
- - availability
- - bamboo
- - barometer
- - bottlenecks
- - calipso
- - clover
- - container4nfv
- - cperf
- - daisy
- - doctor
- - domino
- - dovetail
- - dpacc
- - enfv
- - fds
- - fuel
- - ipv6
- - joid
- - kvmfornfv
- - models
- - moon
- - nfvbench
- - onosfw
- - opera
- - opnfvdocs
- - orchestra
- - ovn4nfv
- - ovno
- - ovsnfv
- - parser
- - pharos
- - qtip
- - releng
- - releng-anteater
- - releng-testresults
- - releng-utils
- - releng-xci
- - samplevnf
- - sdnvpn
- - securityscanning
- - sfc
- - snaps
- - stor4nfv
- - storperf
- - ves
- - vswitchperf
- - yardstick
-
- jobs:
- - 'opnfv-security-audit-verify-{stream}'
- - 'opnfv-security-audit-{repo}-weekly-{stream}'
-
- stream:
- - master:
- branch: '{stream}'
- gs-pathname: ''
- disabled: false
-
-########################
-# job templates
-########################
-- job-template:
- name: 'opnfv-security-audit-{repo}-weekly-{stream}'
-
- disabled: '{obj:disabled}'
-
- parameters:
- - opnfv-build-defaults
- - string:
- name: ANTEATER_SCAN_PATCHSET
- default: "false"
- description: "Have anteater scan patchsets (true) or full project (false)"
- - project-parameter:
- project: '{repo}'
- branch: '{branch}'
-
- scm:
- - git-scm-gerrit
-
- triggers:
- - timed: '@weekly'
-
- builders:
- - anteater-security-audit-weekly
-
- publishers:
- # defined in jjb/global/releng-macros.yml
- - 'email-{repo}-ptl':
- subject: 'OPNFV Security Scan Result: {repo}'
- - workspace-cleanup:
- fail-build: false
-
-- job-template:
- name: 'opnfv-security-audit-verify-{stream}'
-
- disabled: '{obj:disabled}'
-
- parameters:
- - label:
- name: SLAVE_LABEL
- default: 'opnfv-build'
- description: 'Slave label on Jenkins'
- all-nodes: false
- node-eligibility: 'ignore-offline'
- - project-parameter:
- project: $GERRIT_PROJECT
- branch: '{branch}'
- - string:
- name: GIT_BASE
- default: https://gerrit.opnfv.org/gerrit/$PROJECT
- # yamllint disable rule:line-length
- description: "Used for overriding the GIT URL coming from Global Jenkins configuration in case if the stuff is done on none-LF HW."
- # yamllint enable rule:line-length
-
- scm:
- - git-scm-gerrit
-
- # yamllint disable rule:line-length
- triggers:
- - gerrit:
- server-name: 'gerrit.opnfv.org'
- trigger-on:
- - patchset-created-event:
- exclude-drafts: 'false'
- exclude-trivial-rebase: 'false'
- exclude-no-code-change: 'false'
- - draft-published-event
- - comment-added-contains-event:
- comment-contains-value: 'recheck'
- projects:
- - project-compare-type: 'REG_EXP'
- project-pattern: 'apex|armband|bamboo|barometer|bottlenecks|calipso|cperf|daisy|doctor|dovetail|dpacc|enfv|fds|fuel|pharos|releng|sandbox|yardstick|infra|ipv6|kvmfornfv|models|moon'
- branches:
- - branch-compare-type: 'ANT'
- branch-pattern: '**/{branch}'
- file-paths:
- - compare-type: ANT
- pattern: '**'
- skip-vote:
- successful: true
- failed: true
- unstable: true
- notbuilt: true
- # yamllint enable rule:line-length
-
- builders:
- - anteater-security-audit
- - report-security-audit-result-to-gerrit
- publishers:
- - archive-artifacts:
- artifacts: ".reports/*"
-
-########################
-# builder macros
-########################
-- builder:
- name: anteater-security-audit
- builders:
- - shell:
- !include-raw: ./anteater-security-audit.sh
-
-- builder:
- name: report-security-audit-result-to-gerrit
- builders:
- - shell:
- !include-raw: ./anteater-report-to-gerrit.sh
-
-- builder:
- name: anteater-security-audit-weekly
- builders:
- - shell:
- !include-raw: ./anteater-security-audit-weekly.sh
Code Review / releng.git / blobdiff