tag:
- latest:
from:
- buildargs:
+ build_args:
branch: master
slave: lf-virtual1
- dependency: 3.13
+ dependency: 3.14
+ - xena:
+ from:
+ build_args:
+ branch: stable/xena
+ slave: lf-virtual1
+ dependency: 3.14
- wallaby:
from:
- buildargs:
+ build_args:
branch: stable/wallaby
slave: lf-virtual1
dependency: 3.13
- leguer:
from:
- buildargs:
+ build_args:
branch: stable/leguer
slave: lf-virtual1
dependency: 3.12
- kali:
from:
- buildargs:
+ build_args:
branch: stable/kali
slave: lf-virtual1
dependency: 3.11
- jerma:
from:
- buildargs:
+ build_args:
branch: stable/jerma
slave: lf-virtual1
dependency: 3.10
else
image={repo}:{port}/{container}:{tag}
fi
- docker pull $image
+ sudo docker pull $image
- builder:
name: xtesting-run-containers
builders:
- shell: |
- set -ex
- volumes=; for i in $(echo {volumes} | tr -d '[] ' |sed "s/,/ /g" ); do volumes="-v $i $volumes"; done
- env=; for i in $(eval echo {env} | tr -d '[] ' |sed "s/,/ /g" ); do env="-e $i $env"; done
- [ ! -z "$WORKSPACE" ] && rm -rf $WORKSPACE/results || true
+ set +x
+ volumes=;
+ if [ "{volumes}" != "None" ]; then
+ for i in $(echo {volumes} | tr -d '[]' |sed "s/, / /g" ); \
+ do volumes="-v $i $volumes"; done
+ fi
+ env=;
+ if [ "{env}" != "None" ]; then
+ for i in $(eval echo {env} | tr -d '[]' |sed "s/, / /g" ); \
+ do env="-e $i $env"; done
+ fi
+ [ ! -z "$WORKSPACE" ] && sudo rm -rf $WORKSPACE/results || true
if [ "{repo}" = "_" ]; then
image={container}:{tag}
elif [ "{port}" = "None" ]; then
else
image={repo}:{port}/{container}:{tag}
fi
- docker run --rm \
+ mkdir -p $WORKSPACE/results
+ chown 1000:1000 $WORKSPACE/results
+ sudo docker run --rm \
--privileged={privileged} \
--network={network} \
$volumes \
else
image={repo}:{port}/{container}:{tag}
fi
- docker rmi $image || true
+ sudo docker rmi $image || true
- job-template:
name: 'xtesting-{repo}-{container}-{tag}-pull'
builders:
- shell: |
set +x
- volumes=; for i in $(echo {volumes} | tr -d '[] ' |sed "s/,/ /g" ); do volumes="-v $i $volumes"; done
- env=; for i in $(eval echo {env} | tr -d '[] ' |sed "s/,/ /g" ); do env="-e $i $env"; done
- [ ! -z "$WORKSPACE" ] && rm -rf $WORKSPACE/results || true
+ volumes=;
+ if [ "{volumes}" != "None" ]; then
+ for i in $(echo {volumes} | tr -d '[]' |sed "s/, / /g" ); \
+ do volumes="-v $i $volumes"; done
+ fi
+ env=;
+ if [ "{env}" != "None" ]; then
+ for i in $(eval echo {env} | tr -d '[]' |sed "s/, / /g" ); \
+ do env="-e $i $env"; done
+ fi
+ [ ! -z "$WORKSPACE" ] && sudo rm -rf $WORKSPACE/results || true
if [ "{repo}" = "_" ]; then
image={container}:{tag}
elif [ "{port}" = "None" ]; then
else
image={repo}:{port}/{container}:{tag}
fi
- docker run --rm \
+ sudo docker run --rm \
$volumes \
$env \
-e S3_ENDPOINT_URL=https://storage.googleapis.com \
projects:
- name: 'xtesting-{tag}-zip'
<<: *xtesting-jobs
+ publishers:
+ - email-ext:
+ failure: false
+ first-failure: true
+ fixed: true
+ recipients: cedric.ollivier@orange.com
- project:
name: 'xtesting-daily'
<<: *xtesting-containers
ref_arg: '{ref_arg}'
path: '{path}'
- buildargs: '{buildargs}'
+ build_args: '{build_args}'
from: '{from}'
- builder:
image={repo}:{port}/{container}:{tag}
fi
build_args=""
- if [ "{buildargs}" != "None" ]; then
- build_args="{buildargs}"
+ if [ "{build_args}" != "None" ]; then
+ for i in $(echo {build_args} | tr -d '[]' |sed "s/, / /g" ); \
+ do build_args="--build-arg $i $build_args"; done
fi
if [ "{ref_arg}" != "None" ]; then
build_args="$build_args --build-arg {ref_arg}={ref}"
if [ "{from}" != "None" ]; then
sed -i {from} Dockerfile
fi
- docker build $build_args \
+ sudo docker build $build_args \
--pull=false --no-cache --force-rm=true \
-t $image .
else
image=_:/alpine:{dependency}
fi
- docker pull $image || true
+ sudo docker pull $image || true
- builder:
name: xtesting-remove-dep-images
else
image=_:/alpine:{dependency}
fi
- docker rmi $image || true
+ sudo docker rmi $image || true
- job-template:
name: 'xtesting-{repo}-{tag}-dep-pull'
builders:
- shell: |
set +x
- apt-get update && apt-get install \
- software-properties-common gpg -y
- add-apt-repository -y ppa:deadsnakes/ppa
- apt-get update && apt-get install python3.8 \
- python3.8-dev python3.8-distutils \
+ sudo apt-get -o DPkg::Lock::Timeout=300 update && \
+ sudo DEBIAN_FRONTEND=noninteractive apt-get \
+ -o DPkg::Lock::Timeout=300 dist-upgrade -y
+ sudo DEBIAN_FRONTEND=noninteractive \
+ apt-get -o DPkg::Lock::Timeout=300 install software-properties-common gpg -y
+ sudo add-apt-repository -y ppa:deadsnakes/ppa
+ sudo apt-get -o DPkg::Lock::Timeout=300 update && \
+ sudo DEBIAN_FRONTEND=noninteractive apt-get \
+ -o DPkg::Lock::Timeout=300 install \
+ python3.9 python3.9-dev python3.9-distutils \
+ python3.8 python3.8-dev python3.8-distutils \
python3.7 python3.7-dev python3.6 python3.6-dev \
python python-dev python3-pip enchant -y
- pip3 install tox tox-pip-version
+ sudo pip3 install tox tox-pip-version
tox
- xtesting-build-containers:
<<: *xtesting-build-containers
ref: $GERRIT_REFSPEC
- buildargs: '{buildargs}'
+ build_args: '{build_args}'
- project:
name: xtesting-opnfv-xtesting-{tag}-gate
projects:
- name: 'xtesting-opnfv-xtesting-mts-{tag}-seventh-run'
<<: *xtesting-jobs
+ publishers:
+ - email-ext:
+ failure: false
+ first-failure: true
+ fixed: true
+ recipients: cedric.ollivier@orange.com
- project:
name: 'xtesting-review'
else
image={repo}:{port}/{container}:{tag}
fi
- docker push $image
+ sudo docker push $image
- trigger:
name: xtesting-commit
- xtesting-build-containers:
<<: *xtesting-build-containers
ref: '{branch}'
- buildargs: '{buildargs}'
+ build_args: '{build_args}'
- xtesting-push-containers:
<<: *xtesting-build-containers
ref: '{branch}'
projects:
- name: 'xtesting-opnfv-xtesting-mts-{tag}-build'
<<: *xtesting-jobs
+ publishers:
+ - email-ext:
+ failure: false
+ first-failure: true
+ fixed: true
+ recipients: cedric.ollivier@orange.com
- builder:
name: xtesting-trivy
builders:
- shell: |
- apt-get update && apt-get install curl -y
+ sudo apt-get -o DPkg::Lock::Timeout=300 update && \
+ sudo DEBIAN_FRONTEND=noninteractive apt-get \
+ -o DPkg::Lock::Timeout=300 install curl -y
- curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b .
+ curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sudo sh -s -- -b .
if [ "{repo}" = "_" ]; then
image={container}:{tag}
elif [ "{port}" = "None" ]; then
builders:
- xtesting-trivy:
<<: *xtesting-containers
+ publishers:
+ - email-ext:
+ failure: false
+ first-failure: true
+ fixed: true
+ recipients: cedric.ollivier@orange.com
- project:
name: 'xtesting-opnfv-xtesting-trivy'
jobs:
- 'xtesting-{repo}-{container}-{tag}-trivy'
+- builder:
+ name: xtesting-grype
+ builders:
+ - shell: |
+ sudo apt-get -o DPkg::Lock::Timeout=300 update && \
+ sudo DEBIAN_FRONTEND=noninteractive apt-get \
+ -o DPkg::Lock::Timeout=300 install curl -y
+
+ curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sudo sh -s -- -b .
+ if [ "{repo}" = "_" ]; then
+ image={container}:{tag}
+ elif [ "{port}" = "None" ]; then
+ image={repo}/{container}:{tag}
+ else
+ image={repo}:{port}/{container}:{tag}
+ fi
+ ./grype -q $image
+
+- job-template:
+ name: 'xtesting-{repo}-{container}-{tag}-grype'
+ triggers:
+ - timed: '@daily'
+ parameters:
+ - xtesting-slave:
+ slave: '{slave}'
+ builders:
+ - xtesting-grype:
+ <<: *xtesting-containers
+ publishers:
+ - email-ext:
+ failure: false
+ first-failure: true
+ fixed: true
+ recipients: cedric.ollivier@orange.com
+
+- project:
+ name: 'xtesting-opnfv-xtesting-grype'
+ <<: *xtesting-params
+ container: 'xtesting'
+ jobs:
+ - 'xtesting-{repo}-{container}-{tag}-grype'
+
+- project:
+ name: 'xtesting-opnfv-xtesting-mts-grype'
+ <<: *xtesting-params
+ container: 'xtesting-mts'
+ jobs:
+ - 'xtesting-{repo}-{container}-{tag}-grype'
+
- project:
name: 'xtesting'
<<: *xtesting-params
- last-failure
- last-duration
regex: (?!xtesting-pi)^xtesting-[a-z-0-9.]+-trivy$
+
+- view:
+ name: xtesting-grype
+ view-type: list
+ columns:
+ - status
+ - weather
+ - job
+ - last-success
+ - last-failure
+ - last-duration
+ regex: (?!xtesting-pi)^xtesting-[a-z-0-9.]+-grype$