Code Review / releng.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
Leverage non-root user in Xtesting containers
[releng.git] / jjb / functest / xtesting.yaml
diff --git a/jjb/functest/xtesting.yaml b/jjb/functest/xtesting.yaml
index 13e60c4..0c75a83 100644 (file)
--- a/jjb/functest/xtesting.yaml
+++ b/jjb/functest/xtesting.yaml
@@ -111,6 +111,8 @@
           else
             image={repo}:{port}/{container}:{tag}
           fi
+          mkdir -p $WORKSPACE/results
+          chown 1000:1000 $WORKSPACE/results
           sudo docker run --rm \
             --privileged={privileged} \
             --network={network} \
@@ -367,7 +369,10 @@
             - name: 'xtesting-{tag}-zip'
               <<: *xtesting-jobs
     publishers:
-      - email:
+      - email-ext:
+          failure: false
+          first-failure: true
+          fixed: true
           recipients: cedric.ollivier@orange.com
 
 - project:
@@ -503,13 +508,15 @@
     builders:
       - shell: |
           set +x
-          sudo apt-get update && \
-          sudo DEBIAN_FRONTEND=noninteractive apt-get dist-upgrade -y
+          sudo apt-get -o DPkg::Lock::Timeout=300 update && \
+          sudo DEBIAN_FRONTEND=noninteractive apt-get \
+            -o DPkg::Lock::Timeout=300 dist-upgrade -y
           sudo DEBIAN_FRONTEND=noninteractive \
-          apt-get install software-properties-common gpg -y
+          apt-get -o DPkg::Lock::Timeout=300 install software-properties-common gpg -y
           sudo add-apt-repository -y ppa:deadsnakes/ppa
-          sudo apt-get update && sudo DEBIAN_FRONTEND=noninteractive \
-          apt-get install \
+          sudo apt-get -o DPkg::Lock::Timeout=300 update && \
+          sudo DEBIAN_FRONTEND=noninteractive apt-get \
+            -o DPkg::Lock::Timeout=300 install \
             python3.9 python3.9-dev python3.9-distutils \
             python3.8 python3.8-dev python3.8-distutils \
             python3.7 python3.7-dev python3.6 python3.6-dev \
@@ -657,7 +664,10 @@
             - name: 'xtesting-opnfv-xtesting-mts-{tag}-seventh-run'
               <<: *xtesting-jobs
     publishers:
-      - email:
+      - email-ext:
+          failure: false
+          first-failure: true
+          fixed: true
           recipients: cedric.ollivier@orange.com
 
 - project:
@@ -786,15 +796,19 @@
             - name: 'xtesting-opnfv-xtesting-mts-{tag}-build'
               <<: *xtesting-jobs
     publishers:
-      - email:
+      - email-ext:
+          failure: false
+          first-failure: true
+          fixed: true
           recipients: cedric.ollivier@orange.com
 
 - builder:
     name: xtesting-trivy
     builders:
       - shell: |
-          sudo apt-get update && sudo DEBIAN_FRONTEND=noninteractive \
-          apt-get install curl -y
+          sudo apt-get -o DPkg::Lock::Timeout=300 update && \
+          sudo DEBIAN_FRONTEND=noninteractive apt-get \
+            -o DPkg::Lock::Timeout=300 install curl -y
 
           curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sudo sh -s -- -b .
           if [ "{repo}" = "_" ]; then
@@ -817,7 +831,10 @@
       - xtesting-trivy:
           <<: *xtesting-containers
     publishers:
-      - email:
+      - email-ext:
+          failure: false
+          first-failure: true
+          fixed: true
           recipients: cedric.ollivier@orange.com
 
 - project:
@@ -834,6 +851,55 @@
     jobs:
       - 'xtesting-{repo}-{container}-{tag}-trivy'
 
+- builder:
+    name: xtesting-grype
+    builders:
+      - shell: |
+          sudo apt-get -o DPkg::Lock::Timeout=300 update && \
+          sudo DEBIAN_FRONTEND=noninteractive apt-get \
+            -o DPkg::Lock::Timeout=300 install curl -y
+
+          curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sudo sh -s -- -b .
+          if [ "{repo}" = "_" ]; then
+            image={container}:{tag}
+          elif [ "{port}" = "None" ]; then
+            image={repo}/{container}:{tag}
+          else
+            image={repo}:{port}/{container}:{tag}
+          fi
+          ./grype -q $image
+
+- job-template:
+    name: 'xtesting-{repo}-{container}-{tag}-grype'
+    triggers:
+      - timed: '@daily'
+    parameters:
+      - xtesting-slave:
+          slave: '{slave}'
+    builders:
+      - xtesting-grype:
+          <<: *xtesting-containers
+    publishers:
+      - email-ext:
+          failure: false
+          first-failure: true
+          fixed: true
+          recipients: cedric.ollivier@orange.com
+
+- project:
+    name: 'xtesting-opnfv-xtesting-grype'
+    <<: *xtesting-params
+    container: 'xtesting'
+    jobs:
+      - 'xtesting-{repo}-{container}-{tag}-grype'
+
+- project:
+    name: 'xtesting-opnfv-xtesting-mts-grype'
+    <<: *xtesting-params
+    container: 'xtesting-mts'
+    jobs:
+      - 'xtesting-{repo}-{container}-{tag}-grype'
+
 - project:
     name: 'xtesting'
     <<: *xtesting-params
@@ -863,3 +929,15 @@
       - last-failure
       - last-duration
     regex: (?!xtesting-pi)^xtesting-[a-z-0-9.]+-trivy$
+
+- view:
+    name: xtesting-grype
+    view-type: list
+    columns:
+      - status
+      - weather
+      - job
+      - last-success
+      - last-failure
+      - last-duration
+    regex: (?!xtesting-pi)^xtesting-[a-z-0-9.]+-grype$