from:
build_args:
branch: master
- slave: lf-virtual1
- dependency: 3.14
+ node: lf-virtual1
+ dependency: 3.16
+ - zed:
+ from:
+ build_args:
+ branch: stable/zed
+ node: lf-virtual1
+ dependency: 3.16
+ - yoga:
+ from:
+ build_args:
+ branch: stable/yoga
+ node: lf-virtual1
+ dependency: 3.16
- xena:
from:
build_args:
branch: stable/xena
- slave: lf-virtual1
+ node: lf-virtual1
dependency: 3.14
- wallaby:
from:
build_args:
branch: stable/wallaby
- slave: lf-virtual1
+ node: lf-virtual1
dependency: 3.13
- - leguer:
- from:
- build_args:
- branch: stable/leguer
- slave: lf-virtual1
- dependency: 3.12
- - kali:
- from:
- build_args:
- branch: stable/kali
- slave: lf-virtual1
- dependency: 3.11
- - jerma:
- from:
- build_args:
- branch: stable/jerma
- slave: lf-virtual1
- dependency: 3.10
- xtesting-jobs: &xtesting-jobs
name: 'xtesting-jobs'
current-parameters: true
- parameter:
- name: xtesting-slave
+ name: xtesting-node
parameters:
- label:
- name: slave
- default: '{slave}'
+ name: node
+ default: '{node}'
- parameter:
name: xtesting-build_tag
volumes: '{volumes}'
env: '{env}'
network: '{network}'
+ uid: '{uid}'
+ gid: '{gid}'
+ published_ports: '{published_ports}'
- builder:
name: xtesting-pull-containers
for i in $(eval echo {env} | tr -d '[]' |sed "s/, / /g" ); \
do env="-e $i $env"; done
fi
+ published_ports=;
+ if [ "{published_ports}" != "None" ]; then
+ for i in $(echo {published_ports} | tr -d '[]' |sed "s/, / /g" ); \
+ do published_ports="-p $i $published_ports"; done
+ fi
[ ! -z "$WORKSPACE" ] && sudo rm -rf $WORKSPACE/results || true
if [ "{repo}" = "_" ]; then
image={container}:{tag}
else
image={repo}:{port}/{container}:{tag}
fi
+ sudo mkdir -p $WORKSPACE/results
+ sudo chown {uid}:{gid} $WORKSPACE/results
sudo docker run --rm \
--privileged={privileged} \
--network={network} \
$volumes \
$env \
+ $published_ports \
-e S3_ENDPOINT_URL=https://storage.googleapis.com \
-e S3_DST_URL=s3://artifacts.opnfv.org/xtesting/$BUILD_TAG/$JOB_NAME-$BUILD_ID \
-e HTTP_DST_URL=http://artifacts.opnfv.org/xtesting/$BUILD_TAG/$JOB_NAME-$BUILD_ID \
- -v /home/opnfv/xtesting/.boto:/root/.boto \
+ -v /home/opnfv/xtesting/.boto:/etc/boto.cfg \
-e TEST_DB_URL=http://testresults.opnfv.org/test/api/v1/results \
-e TEST_DB_EXT_URL=http://testresults.opnfv.org/test/api/v1/results \
- -e NODE_NAME=$slave \
+ -e NODE_NAME=$node \
-e BUILD_TAG=$BUILD_TAG \
-v $WORKSPACE/../$JOB_NAME/results:/var/lib/xtesting/results \
$image run_tests -t {test} -p -r
- job-template:
name: 'xtesting-{repo}-{container}-{tag}-pull'
parameters:
- - xtesting-slave:
- slave: '{slave}'
+ - xtesting-node:
+ node: '{node}'
builders:
- xtesting-pull-containers:
<<: *xtesting-containers
- job-template:
name: 'xtesting-{repo}-{container}-{tag}-rmi'
parameters:
- - xtesting-slave:
- slave: '{slave}'
+ - xtesting-node:
+ node: '{node}'
builders:
- xtesting-remove-images:
<<: *xtesting-containers
- job-template:
name: 'xtesting-opnfv-xtesting-{tag}-{test}-run'
parameters:
- - xtesting-slave:
- slave: '{slave}'
+ - xtesting-node:
+ node: '{node}'
- xtesting-build_tag:
build_tag: ''
builders:
<<: *xtesting-params
volumes:
env:
+ published_ports:
container: 'xtesting'
test:
- first
- eighth
privileged: 'false'
network: bridge
- exclude:
- - tag: leguer
- test: eighth
- - tag: kali
- test: eighth
- - tag: jerma
- test: eighth
+ uid: 1000
+ gid: 1000
jobs:
- 'xtesting-opnfv-xtesting-{tag}-{test}-run'
- job-template:
name: 'xtesting-opnfv-xtesting-mts-{tag}-{test}-run'
parameters:
- - xtesting-slave:
- slave: '{slave}'
+ - xtesting-node:
+ node: '{node}'
- xtesting-build_tag:
build_tag: ''
builders:
<<: *xtesting-params
volumes:
env:
+ published_ports:
container: 'xtesting-mts'
test:
- seventh
privileged: 'false'
network: bridge
+ uid: 1000
+ gid: 1000
jobs:
- 'xtesting-opnfv-xtesting-mts-{tag}-{test}-run'
for i in $(eval echo {env} | tr -d '[]' |sed "s/, / /g" ); \
do env="-e $i $env"; done
fi
+ published_ports=;
+ if [ "{published_ports}" != "None" ]; then
+ for i in $(echo {published_ports} | tr -d '[]' |sed "s/, / /g" ); \
+ do published_ports="-p $i $published_ports"; done
+ fi
[ ! -z "$WORKSPACE" ] && sudo rm -rf $WORKSPACE/results || true
if [ "{repo}" = "_" ]; then
image={container}:{tag}
else
image={repo}:{port}/{container}:{tag}
fi
+ sudo mkdir -p $WORKSPACE/results
+ sudo chown {uid}:{gid} $WORKSPACE/results
sudo docker run --rm \
$volumes \
$env \
+ $published_ports \
-e S3_ENDPOINT_URL=https://storage.googleapis.com \
-e S3_DST_URL=s3://artifacts.opnfv.org/xtesting \
-e HTTP_DST_URL=http://artifacts.opnfv.org/xtesting \
- -v /home/opnfv/xtesting/.boto:/root/.boto \
+ -v /home/opnfv/xtesting/.boto:/etc/boto.cfg \
-e TEST_DB_URL=http://testresults.opnfv.org/test/api/v1/results \
-e TEST_DB_EXT_URL=http://testresults.opnfv.org/test/api/v1/results \
-e BUILD_TAG=$BUILD_TAG \
- job-template:
name: 'xtesting-{tag}-zip'
parameters:
- - xtesting-slave:
- slave: '{slave}'
+ - xtesting-node:
+ node: '{node}'
- xtesting-build_tag:
build_tag: ''
builders:
<<: *xtesting-containers
volumes: '{volumes}'
env: '{env}'
+ uid: '{uid}'
+ gid: '{gid}'
+ published_ports: '{published_ports}'
- project:
name: 'xtesting-{tag}-zip'
<<: *xtesting-params
volumes:
env:
+ published_ports:
container: 'xtesting'
+ uid: 1000
+ gid: 1000
jobs:
- 'xtesting-{tag}-zip'
triggers:
- timed: '@daily'
parameters:
- - xtesting-slave:
- slave: '{slave}'
+ - xtesting-node:
+ node: '{node}'
- xtesting-build_tag:
build_tag: ''
# PyYAML and yamllint differ here
- job-template:
name: 'xtesting-{repo}-{tag}-dep-pull'
parameters:
- - xtesting-slave:
- slave: '{slave}'
+ - xtesting-node:
+ node: '{node}'
builders:
- xtesting-pull-dep-images:
<<: *xtesting-dep
- job-template:
name: 'xtesting-{repo}-{tag}-dep-rmi'
parameters:
- - xtesting-slave:
- slave: '{slave}'
+ - xtesting-node:
+ node: '{node}'
builders:
- xtesting-remove-dep-images:
<<: *xtesting-dep
sudo apt-get -o DPkg::Lock::Timeout=300 update && \
sudo DEBIAN_FRONTEND=noninteractive apt-get \
-o DPkg::Lock::Timeout=300 install \
+ libxml2-dev libxslt-dev libffi-dev libjpeg-dev \
+ python3.10 python3.10-dev python3.10-distutils \
python3.9 python3.9-dev python3.9-distutils \
python3.8 python3.8-dev python3.8-distutils \
- python3.7 python3.7-dev python3.6 python3.6-dev \
- python python-dev python3-pip enchant -y
+ python3-pip enchant-2 -y
sudo pip3 install tox tox-pip-version
tox
- xtesting-patchset-created:
branch: '{branch}'
parameters:
- - xtesting-slave:
- slave: '{slave}'
+ - xtesting-node:
+ node: '{node}'
builders:
- xtesting-tox:
- job-template:
name: 'xtesting-{repo}-{container}-{tag}-gate'
parameters:
- - xtesting-slave:
- slave: '{slave}'
+ - xtesting-node:
+ node: '{node}'
scm:
- xtesting-scm:
ref: $GERRIT_REFSPEC
- xtesting-patchset-created:
branch: '{branch}'
parameters:
- - xtesting-slave:
- slave: '{slave}'
+ - xtesting-node:
+ node: '{node}'
- xtesting-build_tag:
build_tag: ''
# PyYAML and yamllint differ here
- job-template:
name: 'xtesting-{repo}-{container}-{tag}-build'
parameters:
- - xtesting-slave:
- slave: '{slave}'
+ - xtesting-node:
+ node: '{node}'
scm:
- xtesting-scm:
ref: '{branch}'
- xtesting-scm:
ref: '{branch}'
parameters:
- - xtesting-slave:
- slave: '{slave}'
+ - xtesting-node:
+ node: '{node}'
# PyYAML and yamllint differ here
# see https://github.com/yaml/pyyaml/issues/234
# yamllint disable rule:indentation
else
image={repo}:{port}/{container}:{tag}
fi
- ./trivy --exit-code 1 $image
+ ./trivy image --exit-code 1 $image
- job-template:
name: 'xtesting-{repo}-{container}-{tag}-trivy'
triggers:
- timed: '@daily'
parameters:
- - xtesting-slave:
- slave: '{slave}'
+ - xtesting-node:
+ node: '{node}'
builders:
- xtesting-trivy:
<<: *xtesting-containers
- 'xtesting-{repo}-{container}-{tag}-trivy'
- builder:
- name: xtesting-docker-scan
+ name: xtesting-grype
builders:
- shell: |
- apt-get -o DPkg::Lock::Timeout=300 update && \
- DEBIAN_FRONTEND=noninteractive apt-get -o DPkg::Lock::Timeout=300 install \
- curl docker.io -y
-
- mkdir -p ~/.docker/cli-plugins && \
- curl https://github.com/docker/scan-cli-plugin/releases/latest/download/docker-scan_linux_amd64 \
- -L -s -S -o ~/.docker/cli-plugins/docker-scan &&\
- chmod +x ~/.docker/cli-plugins/docker-scan
+ sudo apt-get -o DPkg::Lock::Timeout=300 update && \
+ sudo DEBIAN_FRONTEND=noninteractive apt-get \
+ -o DPkg::Lock::Timeout=300 install curl -y
+
+ curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sudo sh -s -- -b .
if [ "{repo}" = "_" ]; then
image={container}:{tag}
elif [ "{port}" = "None" ]; then
else
image={repo}:{port}/{container}:{tag}
fi
- docker-scan $image
+ ./grype -q $image
- job-template:
- name: 'xtesting-{repo}-{container}-{tag}-docker-scan'
+ name: 'xtesting-{repo}-{container}-{tag}-grype'
triggers:
- timed: '@daily'
parameters:
- - xtesting-slave:
- slave: '{slave}'
+ - xtesting-node:
+ node: '{node}'
builders:
- - xtesting-docker-scan:
+ - xtesting-grype:
<<: *xtesting-containers
publishers:
- email-ext:
recipients: cedric.ollivier@orange.com
- project:
- name: 'xtesting-opnfv-xtesting-docker-scan'
+ name: 'xtesting-opnfv-xtesting-grype'
<<: *xtesting-params
container: 'xtesting'
jobs:
- - 'xtesting-{repo}-{container}-{tag}-docker-scan'
+ - 'xtesting-{repo}-{container}-{tag}-grype'
- project:
- name: 'xtesting-opnfv-xtesting-mts-docker-scan'
+ name: 'xtesting-opnfv-xtesting-mts-grype'
<<: *xtesting-params
container: 'xtesting-mts'
jobs:
- - 'xtesting-{repo}-{container}-{tag}-docker-scan'
+ - 'xtesting-{repo}-{container}-{tag}-grype'
- project:
name: 'xtesting'
regex: (?!xtesting-pi)^xtesting-[a-z-0-9.]+-trivy$
- view:
- name: xtesting-docker-scan
+ name: xtesting-grype
view-type: list
columns:
- status
- last-success
- last-failure
- last-duration
- regex: ^xtesting-[a-z0-9.]+-docker-scan$
+ regex: (?!xtesting-pi)^xtesting-[a-z-0-9.]+-grype$