+# SPDX-license-identifier: Apache-2.0
########################
-# Job configuration for opnfv-lint
+# Job configuration for opnfv-anteater (security audit)
########################
- project:
jobs:
- 'opnfv-security-audit-verify-{stream}'
+ - 'opnfv-security-audit-weekly-{stream}'
stream:
- master:
########################
# job templates
########################
+- job-template:
+ name: 'opnfv-security-audit-weekly-{stream}'
+
+ disabled: '{obj:disabled}'
+
+ parameters:
+ - label:
+ name: SLAVE_LABEL
+ default: 'ericsson-build3'
+ description: 'Slave label on Jenkins'
+ - project-parameter:
+ project: releng
+ branch: '{branch}'
+
+ triggers:
+ - timed: '@weekly'
+
+ builders:
+ - anteater-security-audit-weekly
+
- job-template:
name: 'opnfv-security-audit-verify-{stream}'
comment-contains-value: 'reverify'
projects:
- project-compare-type: 'REG_EXP'
- project-pattern: 'sandbox'
+ project-pattern: 'apex|armband|bamboo|barometer|bottlenecks|calipso|compass4nfv|conductor|cooper|functest|octopus|pharos|releng|sandbox'
branches:
- branch-compare-type: 'ANT'
branch-pattern: '**/{branch}'
- builder:
name: report-security-audit-result-to-gerrit
builders:
- - shell: |
- #!/bin/bash
- set -o errexit
- set -o pipefail
- export PATH=$PATH:/usr/local/bin/
-
- # If no violations were found, no lint log will exist.
- if [[ -e securityaudit.log ]] ; then
- echo -e "\nposting security audit report to gerrit...\n"
-
- cat securityaudit.log
- echo
-
- ssh -p 29418 gerrit.opnfv.org \
- "gerrit review -p $GERRIT_PROJECT \
- -m \"$(cat securityaudit.log)\" \
- $GERRIT_PATCHSET_REVISION \
- --notify NONE"
-
- exit 1
- fi
+ - shell:
+ !include-raw: ./anteater-report-to-gerrit.sh
+
+- builder:
+ name: anteater-security-audit-weekly
+ builders:
+ - shell:
+ !include-raw:
+ - ./anteater-clone-all-repos.sh
+ - ./anteater-security-audit-weekly.sh
+
Code Review / releng.git / blobdiff