X-Git-Url: https://gerrit.opnfv.org/gerrit/gitweb?a=blobdiff_plain;f=jjb%2Ffunctest%2Ffunctest.yaml;h=8e9de2d267e2e182cf6f0a83efec3f0ac85d6e25;hb=39104196379b50039ee7801514536837768112ee;hp=31a448cde3532477bc36581c9a24d49b2d3ddf47;hpb=771e830d60ab145538777ce8501aa09e4a2b2d1c;p=releng.git diff --git a/jjb/functest/functest.yaml b/jjb/functest/functest.yaml index 31a448cde..8e9de2d26 100644 --- a/jjb/functest/functest.yaml +++ b/jjb/functest/functest.yaml @@ -13,50 +13,50 @@ tag: - latest: from: - buildargs: + build_args: branch: master - slave: lf-pod4-2 + node: lf-pod4 + DASHBOARD_URL: http://172.30.12.83 + dependency: 3.14 + - zed: + from: + build_args: + branch: stable/zed + node: lf-virtual9 + DASHBOARD_URL: http://172.30.13.94 + dependency: 3.14 + - yoga: + from: + build_args: + branch: stable/yoga + node: lf-pod4-3 + DASHBOARD_URL: http://172.30.12.88 + dependency: 3.14 + - xena: + from: + build_args: + branch: stable/xena + node: lf-pod4-2 DASHBOARD_URL: http://172.30.12.85 dependency: 3.14 - wallaby: from: - buildargs: + build_args: branch: stable/wallaby - slave: lf-virtual6 + node: lf-virtual6 DASHBOARD_URL: http://172.30.13.91 dependency: 3.13 - - leguer: - from: - buildargs: - branch: stable/leguer - slave: lf-virtual9 - DASHBOARD_URL: http://172.30.13.94 - dependency: 3.12 - - kali: - from: - buildargs: - branch: stable/kali - slave: lf-pod4-3 - DASHBOARD_URL: http://172.30.12.88 - dependency: 3.11 - - jerma: - from: - buildargs: - branch: stable/jerma - slave: lf-pod4 - DASHBOARD_URL: http://172.30.12.83 - dependency: 3.10 - functest-jobs: &functest-jobs name: 'functest-jobs' current-parameters: true - parameter: - name: functest-slave + name: functest-node parameters: - label: - name: slave - default: '{slave}' + name: node + default: '{node}' - parameter: name: functest-build_tag @@ -93,6 +93,9 @@ volumes: '{volumes}' env: '{env}' network: '{network}' + uid: '{uid}' + gid: '{gid}' + published_ports: '{published_ports}' DASHBOARD_URL: '{DASHBOARD_URL}' - builder: @@ -116,11 +119,18 @@ set +x volumes=; if [ "{volumes}" != "None" ]; then - for i in $(echo {volumes} | tr -d '[]' |sed "s/, / /g" ); do volumes="-v $i $volumes"; done + for i in $(echo {volumes} | tr -d '[]' |sed "s/, / /g" ); \ + do volumes="-v $i $volumes"; done fi env=; if [ "{env}" != "None" ]; then - for i in $(eval echo {env} | tr -d '[]' |sed "s/, / /g" ); do env="-e $i $env"; done + for i in $(eval echo {env} | tr -d '[]' |sed "s/, / /g" ); \ + do env="-e $i $env"; done + fi + published_ports=; + if [ "{published_ports}" != "None" ]; then + for i in $(echo {published_ports} | tr -d '[]' |sed "s/, / /g" ); \ + do published_ports="-p $i $published_ports"; done fi [ ! -z "$WORKSPACE" ] && sudo rm -rf $WORKSPACE/results || true if [ "{repo}" = "_" ]; then @@ -130,18 +140,21 @@ else image={repo}:{port}/{container}:{tag} fi + sudo mkdir -p $WORKSPACE/results + sudo chown {uid}:{gid} $WORKSPACE/results sudo docker run --rm \ --privileged={privileged} \ --network={network} \ $volumes \ $env \ + $published_ports \ -e S3_ENDPOINT_URL=https://storage.googleapis.com \ -e S3_DST_URL=s3://artifacts.opnfv.org/functest/$BUILD_TAG/$JOB_NAME-$BUILD_ID \ -e HTTP_DST_URL=http://artifacts.opnfv.org/functest/$BUILD_TAG/$JOB_NAME-$BUILD_ID \ - -v /home/opnfv/functest/.boto:/root/.boto \ + -v /home/opnfv/functest/.boto:/etc/boto.cfg \ -e TEST_DB_URL=http://testresults.opnfv.org/test/api/v1/results \ -e TEST_DB_EXT_URL=http://testresults.opnfv.org/test/api/v1/results \ - -e NODE_NAME=$slave \ + -e NODE_NAME=$node \ -e BUILD_TAG=$BUILD_TAG \ -v $WORKSPACE/../$JOB_NAME/results:/var/lib/xtesting/results \ -e DASHBOARD_URL={DASHBOARD_URL} \ @@ -164,8 +177,8 @@ - job-template: name: 'functest-{repo}-{container}-{tag}-pull' parameters: - - functest-slave: - slave: '{slave}' + - functest-node: + node: '{node}' builders: - functest-pull-containers: <<: *functest-containers @@ -215,8 +228,8 @@ - job-template: name: 'functest-{repo}-{container}-{tag}-rmi' parameters: - - functest-slave: - slave: '{slave}' + - functest-node: + node: '{node}' builders: - functest-remove-images: <<: *functest-containers @@ -266,8 +279,8 @@ - job-template: name: 'functest-opnfv-functest-healthcheck-{tag}-{test}-run' parameters: - - functest-slave: - slave: '{slave}' + - functest-node: + node: '{node}' - functest-build_tag: build_tag: '' - functest-EXTERNAL_NETWORK: @@ -290,6 +303,7 @@ - EXTERNAL_NETWORK=$EXTERNAL_NETWORK - VOLUME_DEVICE_NAME=$VOLUME_DEVICE_NAME - IMAGE_PROPERTIES=$IMAGE_PROPERTIES + published_ports: container: 'functest-healthcheck' test: - connection_check @@ -307,14 +321,16 @@ - tempest_horizon privileged: 'false' network: bridge + uid: 1000 + gid: 1000 jobs: - 'functest-opnfv-functest-healthcheck-{tag}-{test}-run' - job-template: name: 'functest-opnfv-functest-smoke-{tag}-{test}-run' parameters: - - functest-slave: - slave: '{slave}' + - functest-node: + node: '{node}' - functest-build_tag: build_tag: '' - functest-EXTERNAL_NETWORK: @@ -337,6 +353,7 @@ - EXTERNAL_NETWORK=$EXTERNAL_NETWORK - VOLUME_DEVICE_NAME=$VOLUME_DEVICE_NAME - IMAGE_PROPERTIES=$IMAGE_PROPERTIES + published_ports: container: 'functest-smoke' test: - tempest_neutron @@ -345,83 +362,30 @@ - tempest_heat - tempest_telemetry - rally_sanity - - refstack_defcore - refstack_compute - refstack_object - refstack_platform - tempest_full - tempest_scenario - tempest_slow - - patrole - patrole_admin - patrole_member - patrole_reader - - networking-bgpvpn - - networking-sfc - tempest_barbican - tempest_octavia - tempest_cyborg privileged: 'false' network: bridge - exclude: - - tag: latest - test: refstack_defcore - - tag: latest - test: networking-bgpvpn - - tag: latest - test: networking-sfc - - tag: latest - test: patrole - - tag: wallaby - test: refstack_defcore - - tag: wallaby - test: networking-bgpvpn - - tag: wallaby - test: networking-sfc - - tag: wallaby - test: patrole - - tag: leguer - test: refstack_defcore - - tag: leguer - test: networking-bgpvpn - - tag: leguer - test: networking-sfc - - tag: leguer - test: patrole - - tag: kali - test: refstack_defcore - - tag: kali - test: networking-bgpvpn - - tag: kali - test: networking-sfc - - tag: kali - test: patrole_admin - - tag: kali - test: patrole_member - - tag: kali - test: patrole_reader - - tag: jerma - test: refstack_defcore - - tag: jerma - test: networking-bgpvpn - - tag: jerma - test: networking-sfc - - tag: jerma - test: patrole_admin - - tag: jerma - test: patrole_member - - tag: jerma - test: patrole_reader - - tag: jerma - test: tempest_cyborg + uid: 1000 + gid: 1000 jobs: - 'functest-opnfv-functest-smoke-{tag}-{test}-run' - job-template: name: 'functest-opnfv-functest-smoke-cntt-{tag}-{test}-run' parameters: - - functest-slave: - slave: '{slave}' + - functest-node: + node: '{node}' - functest-build_tag: build_tag: '' - functest-EXTERNAL_NETWORK: @@ -444,6 +408,7 @@ - EXTERNAL_NETWORK=$EXTERNAL_NETWORK - VOLUME_DEVICE_NAME=$VOLUME_DEVICE_NAME - IMAGE_PROPERTIES=$IMAGE_PROPERTIES + published_ports: container: 'functest-smoke-cntt' test: - tempest_neutron_cntt @@ -456,14 +421,16 @@ - tempest_slow_cntt privileged: 'false' network: bridge + uid: 1000 + gid: 1000 jobs: - 'functest-opnfv-functest-smoke-cntt-{tag}-{test}-run' - job-template: name: 'functest-opnfv-functest-benchmarking-{tag}-{test}-run' parameters: - - functest-slave: - slave: '{slave}' + - functest-node: + node: '{node}' - functest-build_tag: build_tag: '' - functest-EXTERNAL_NETWORK: @@ -486,6 +453,7 @@ - EXTERNAL_NETWORK=$EXTERNAL_NETWORK - VOLUME_DEVICE_NAME=$VOLUME_DEVICE_NAME - IMAGE_PROPERTIES=$IMAGE_PROPERTIES + published_ports: container: 'functest-benchmarking' test: - rally_full @@ -494,14 +462,16 @@ - shaker privileged: 'false' network: bridge + uid: 1000 + gid: 1000 jobs: - 'functest-opnfv-functest-benchmarking-{tag}-{test}-run' - job-template: name: 'functest-opnfv-functest-benchmarking-cntt-{tag}-{test}-run' parameters: - - functest-slave: - slave: '{slave}' + - functest-node: + node: '{node}' - functest-build_tag: build_tag: '' - functest-EXTERNAL_NETWORK: @@ -524,20 +494,23 @@ - EXTERNAL_NETWORK=$EXTERNAL_NETWORK - VOLUME_DEVICE_NAME=$VOLUME_DEVICE_NAME - IMAGE_PROPERTIES=$IMAGE_PROPERTIES + published_ports: container: 'functest-benchmarking-cntt' test: - rally_full_cntt - rally_jobs_cntt privileged: 'false' network: bridge + uid: 1000 + gid: 1000 jobs: - 'functest-opnfv-functest-benchmarking-cntt-{tag}-{test}-run' - job-template: name: 'functest-opnfv-functest-vnf-{tag}-{test}-run' parameters: - - functest-slave: - slave: '{slave}' + - functest-node: + node: '{node}' - functest-build_tag: build_tag: '' - functest-EXTERNAL_NETWORK: @@ -560,6 +533,7 @@ - EXTERNAL_NETWORK=$EXTERNAL_NETWORK - VOLUME_DEVICE_NAME=$VOLUME_DEVICE_NAME - IMAGE_PROPERTIES=$IMAGE_PROPERTIES + published_ports: container: 'functest-vnf' test: - cloudify @@ -569,6 +543,8 @@ - juju_epc privileged: 'false' network: bridge + uid: 1000 + gid: 1000 jobs: - 'functest-opnfv-functest-vnf-{tag}-{test}-run' @@ -579,11 +555,18 @@ set +x volumes=; if [ "{volumes}" != "None" ]; then - for i in $(echo {volumes} | tr -d '[]' |sed "s/, / /g" ); do volumes="-v $i $volumes"; done + for i in $(echo {volumes} | tr -d '[]' |sed "s/, / /g" ); \ + do volumes="-v $i $volumes"; done fi env=; if [ "{env}" != "None" ]; then - for i in $(eval echo {env} | tr -d '[]' |sed "s/, / /g" ); do env="-e $i $env"; done + for i in $(eval echo {env} | tr -d '[]' |sed "s/, / /g" ); \ + do env="-e $i $env"; done + fi + published_ports=; + if [ "{published_ports}" != "None" ]; then + for i in $(echo {published_ports} | tr -d '[]' |sed "s/, / /g" ); \ + do published_ports="-p $i $published_ports"; done fi [ ! -z "$WORKSPACE" ] && sudo rm -rf $WORKSPACE/results || true if [ "{repo}" = "_" ]; then @@ -593,13 +576,16 @@ else image={repo}:{port}/{container}:{tag} fi + sudo mkdir -p $WORKSPACE/results + sudo chown {uid}:{gid} $WORKSPACE/results sudo docker run --rm \ $volumes \ $env \ + $published_ports \ -e S3_ENDPOINT_URL=https://storage.googleapis.com \ -e S3_DST_URL=s3://artifacts.opnfv.org/functest \ -e HTTP_DST_URL=http://artifacts.opnfv.org/functest \ - -v /home/opnfv/functest/.boto:/root/.boto \ + -v /home/opnfv/functest/.boto:/etc/boto.cfg \ -e TEST_DB_URL=http://testresults.opnfv.org/test/api/v1/results \ -e TEST_DB_EXT_URL=http://testresults.opnfv.org/test/api/v1/results \ -e BUILD_TAG=$BUILD_TAG \ @@ -609,8 +595,8 @@ - job-template: name: 'functest-{tag}-zip' parameters: - - functest-slave: - slave: '{slave}' + - functest-node: + node: '{node}' - functest-build_tag: build_tag: '' - functest-EXTERNAL_NETWORK: @@ -624,6 +610,9 @@ <<: *functest-containers volumes: '{volumes}' env: '{env}' + uid: '{uid}' + gid: '{gid}' + published_ports: '{published_ports}' - project: name: 'functest-{tag}-zip' @@ -635,7 +624,10 @@ - EXTERNAL_NETWORK=$EXTERNAL_NETWORK - VOLUME_DEVICE_NAME=$VOLUME_DEVICE_NAME - IMAGE_PROPERTIES=$IMAGE_PROPERTIES + published_ports: container: 'functest-healthcheck' + uid: 1000 + gid: 1000 jobs: - 'functest-{tag}-zip' @@ -645,8 +637,8 @@ triggers: - timed: '@weekly' parameters: - - functest-slave: - slave: '{slave}' + - functest-node: + node: '{node}' - functest-build_tag: build_tag: '' - functest-EXTERNAL_NETWORK: @@ -738,8 +730,6 @@ <<: *functest-jobs - name: 'functest-opnfv-functest-smoke-{tag}-rally_sanity-run' <<: *functest-jobs - - name: 'functest-opnfv-functest-smoke-{tag}-refstack_defcore-run' - <<: *functest-jobs - name: 'functest-opnfv-functest-smoke-{tag}-refstack_compute-run' <<: *functest-jobs - name: 'functest-opnfv-functest-smoke-{tag}-refstack_object-run' @@ -752,18 +742,12 @@ <<: *functest-jobs - name: 'functest-opnfv-functest-smoke-{tag}-tempest_slow-run' <<: *functest-jobs - - name: 'functest-opnfv-functest-smoke-{tag}-patrole-run' - <<: *functest-jobs - name: 'functest-opnfv-functest-smoke-{tag}-patrole_admin-run' <<: *functest-jobs - name: 'functest-opnfv-functest-smoke-{tag}-patrole_member-run' <<: *functest-jobs - name: 'functest-opnfv-functest-smoke-{tag}-patrole_reader-run' <<: *functest-jobs - - name: 'functest-opnfv-functest-smoke-{tag}-networking-bgpvpn-run' - <<: *functest-jobs - - name: 'functest-opnfv-functest-smoke-{tag}-networking-sfc-run' - <<: *functest-jobs - name: 'functest-opnfv-functest-smoke-{tag}-tempest_barbican-run' <<: *functest-jobs - name: 'functest-opnfv-functest-smoke-{tag}-tempest_octavia-run' @@ -825,6 +809,12 @@ projects: - name: 'functest-{tag}-zip' <<: *functest-jobs + publishers: + - email-ext: + failure: false + first-failure: true + fixed: true + recipients: cedric.ollivier@orange.com - project: name: 'functest-daily' @@ -849,7 +839,7 @@ <<: *functest-containers ref_arg: '{ref_arg}' path: '{path}' - buildargs: '{buildargs}' + build_args: '{build_args}' from: '{from}' - builder: @@ -865,8 +855,9 @@ image={repo}:{port}/{container}:{tag} fi build_args="" - if [ "{buildargs}" != "None" ]; then - build_args="{buildargs}" + if [ "{build_args}" != "None" ]; then + for i in $(echo {build_args} | tr -d '[]' |sed "s/, / /g" ); \ + do build_args="--build-arg $i $build_args"; done fi if [ "{ref_arg}" != "None" ]; then build_args="$build_args --build-arg {ref_arg}={ref}" @@ -926,8 +917,8 @@ - job-template: name: 'functest-{repo}-{tag}-dep-pull' parameters: - - functest-slave: - slave: '{slave}' + - functest-node: + node: '{node}' builders: - functest-pull-dep-images: <<: *functest-dep @@ -941,8 +932,8 @@ - job-template: name: 'functest-{repo}-{tag}-dep-rmi' parameters: - - functest-slave: - slave: '{slave}' + - functest-node: + node: '{node}' builders: - functest-remove-dep-images: <<: *functest-dep @@ -958,15 +949,20 @@ builders: - shell: | set +x - sudo apt-get update && sudo DEBIAN_FRONTEND=noninteractive \ - apt-get install software-properties-common gpg -y + sudo apt-get -o DPkg::Lock::Timeout=300 update && \ + sudo DEBIAN_FRONTEND=noninteractive apt-get \ + -o DPkg::Lock::Timeout=300 dist-upgrade -y + sudo DEBIAN_FRONTEND=noninteractive \ + apt-get -o DPkg::Lock::Timeout=300 install software-properties-common gpg -y sudo add-apt-repository -y ppa:deadsnakes/ppa - sudo apt-get update && sudo DEBIAN_FRONTEND=noninteractive \ - apt-get install \ + sudo apt-get -o DPkg::Lock::Timeout=300 update && \ + sudo DEBIAN_FRONTEND=noninteractive apt-get \ + -o DPkg::Lock::Timeout=300 install \ + libxml2-dev libxslt-dev libffi-dev libjpeg-dev \ + python3.10 python3.10-dev python3.10-distutils \ python3.9 python3.9-dev python3.9-distutils \ python3.8 python3.8-dev python3.8-distutils \ - python3.7 python3.7-dev python3.6 python3.6-dev \ - python python-dev python3-pip enchant -y + python3-pip enchant-2 -y sudo pip3 install tox tox-pip-version tox @@ -980,8 +976,8 @@ - functest-patchset-created: branch: '{branch}' parameters: - - functest-slave: - slave: '{slave}' + - functest-node: + node: '{node}' builders: - functest-tox: @@ -994,8 +990,8 @@ - job-template: name: 'functest-{repo}-{container}-{tag}-gate' parameters: - - functest-slave: - slave: '{slave}' + - functest-node: + node: '{node}' scm: - functest-scm: ref: $GERRIT_REFSPEC @@ -1003,7 +999,7 @@ - functest-build-containers: <<: *functest-build-containers ref: $GERRIT_REFSPEC - buildargs: '{buildargs}' + build_args: '{build_args}' - project: name: functest-opnfv-functest-core-{tag}-gate @@ -1014,21 +1010,6 @@ jobs: - 'functest-{repo}-{container}-{tag}-gate' -- project: - name: functest-opnfv-functest-tempest-{tag}-gate - <<: *functest-params - container: functest-tempest - ref_arg: BRANCH - path: docker/tempest - exclude: - - {'tag': 'latest'} - - {'tag': 'wallaby'} - - {'tag': 'leguer'} - - {'tag': 'kali'} - - {'tag': 'jerma'} - jobs: - - 'functest-{repo}-{container}-{tag}-gate' - - project: name: functest-opnfv-functest-healthcheck-{tag}-gate <<: *functest-params @@ -1107,8 +1088,8 @@ - functest-patchset-created: branch: '{branch}' parameters: - - functest-slave: - slave: '{slave}' + - functest-node: + node: '{node}' - functest-build_tag: build_tag: '' - functest-EXTERNAL_NETWORK: @@ -1156,11 +1137,6 @@ projects: - name: 'functest-opnfv-functest-core-{tag}-gate' <<: *functest-jobs - - multijob: - name: build opnfv/functest-tempest - projects: - - name: 'functest-opnfv-functest-tempest-{tag}-gate' - <<: *functest-jobs - multijob: name: build containers projects: @@ -1223,8 +1199,6 @@ <<: *functest-jobs - name: 'functest-opnfv-functest-smoke-{tag}-rally_sanity-run' <<: *functest-jobs - - name: 'functest-opnfv-functest-smoke-{tag}-refstack_defcore-run' - <<: *functest-jobs - name: 'functest-opnfv-functest-smoke-{tag}-refstack_compute-run' <<: *functest-jobs - name: 'functest-opnfv-functest-smoke-{tag}-refstack_object-run' @@ -1237,18 +1211,12 @@ <<: *functest-jobs - name: 'functest-opnfv-functest-smoke-{tag}-tempest_slow-run' <<: *functest-jobs - - name: 'functest-opnfv-functest-smoke-{tag}-patrole-run' - <<: *functest-jobs - name: 'functest-opnfv-functest-smoke-{tag}-patrole_admin-run' <<: *functest-jobs - name: 'functest-opnfv-functest-smoke-{tag}-patrole_member-run' <<: *functest-jobs - name: 'functest-opnfv-functest-smoke-{tag}-patrole_reader-run' <<: *functest-jobs - - name: 'functest-opnfv-functest-smoke-{tag}-networking-bgpvpn-run' - <<: *functest-jobs - - name: 'functest-opnfv-functest-smoke-{tag}-networking-sfc-run' - <<: *functest-jobs - name: 'functest-opnfv-functest-smoke-{tag}-tempest_barbican-run' <<: *functest-jobs - name: 'functest-opnfv-functest-smoke-{tag}-tempest_octavia-run' @@ -1305,6 +1273,12 @@ <<: *functest-jobs - name: 'functest-opnfv-functest-vnf-{tag}-juju_epc-run' <<: *functest-jobs + publishers: + - email-ext: + failure: false + first-failure: true + fixed: true + recipients: cedric.ollivier@orange.com - project: name: 'functest-review' @@ -1359,8 +1333,8 @@ - job-template: name: 'functest-{repo}-{container}-{tag}-build' parameters: - - functest-slave: - slave: '{slave}' + - functest-node: + node: '{node}' scm: - functest-scm: ref: '{branch}' @@ -1368,7 +1342,7 @@ - functest-build-containers: <<: *functest-build-containers ref: '{branch}' - buildargs: '{buildargs}' + build_args: '{build_args}' - functest-push-containers: <<: *functest-build-containers ref: '{branch}' @@ -1382,21 +1356,6 @@ jobs: - 'functest-{repo}-{container}-{tag}-build' -- project: - name: functest-opnfv-functest-tempest-{tag}-build - <<: *functest-params - container: functest-tempest - ref_arg: BRANCH - path: docker/tempest - exclude: - - {'tag': 'latest'} - - {'tag': 'wallaby'} - - {'tag': 'leguer'} - - {'tag': 'kali'} - - {'tag': 'jerma'} - jobs: - - 'functest-{repo}-{container}-{tag}-build' - - project: name: functest-opnfv-functest-healthcheck-{tag}-build <<: *functest-params @@ -1460,8 +1419,8 @@ - functest-scm: ref: '{branch}' parameters: - - functest-slave: - slave: '{slave}' + - functest-node: + node: '{node}' # PyYAML and yamllint differ here # see https://github.com/yaml/pyyaml/issues/234 # yamllint disable rule:indentation @@ -1486,11 +1445,6 @@ projects: - name: 'functest-opnfv-functest-core-{tag}-build' <<: *functest-jobs - - multijob: - name: build opnfv/functest-tempest - projects: - - name: 'functest-opnfv-functest-tempest-{tag}-build' - <<: *functest-jobs - multijob: name: build containers projects: @@ -1509,13 +1463,20 @@ <<: *functest-jobs - name: 'functest-opnfv-functest-benchmarking-cntt-{tag}-build' <<: *functest-jobs + publishers: + - email-ext: + failure: false + first-failure: true + fixed: true + recipients: cedric.ollivier@orange.com - builder: name: functest-trivy builders: - shell: | - sudo apt-get update && sudo DEBIAN_FRONTEND=noninteractive \ - apt-get install curl -y + sudo apt-get -o DPkg::Lock::Timeout=300 update && \ + sudo DEBIAN_FRONTEND=noninteractive apt-get \ + -o DPkg::Lock::Timeout=300 install curl -y curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sudo sh -s -- -b . if [ "{repo}" = "_" ]; then @@ -1525,18 +1486,24 @@ else image={repo}:{port}/{container}:{tag} fi - ./trivy --exit-code 1 $image + ./trivy image --exit-code 1 $image - job-template: name: 'functest-{repo}-{container}-{tag}-trivy' triggers: - timed: '@weekly' parameters: - - functest-slave: - slave: '{slave}' + - functest-node: + node: '{node}' builders: - functest-trivy: <<: *functest-containers + publishers: + - email-ext: + failure: false + first-failure: true + fixed: true + recipients: cedric.ollivier@orange.com - project: name: 'functest-opnfv-functest-core-trivy' @@ -1545,13 +1512,6 @@ jobs: - 'functest-{repo}-{container}-{tag}-trivy' -- project: - name: 'functest-opnfv-functest-tempest-trivy' - <<: *functest-params - container: 'functest-tempest' - jobs: - - 'functest-{repo}-{container}-{tag}-trivy' - - project: name: 'functest-opnfv-functest-healthcheck-trivy' <<: *functest-params @@ -1594,6 +1554,175 @@ jobs: - 'functest-{repo}-{container}-{tag}-trivy' +- builder: + name: functest-grype + builders: + - shell: | + sudo apt-get -o DPkg::Lock::Timeout=300 update && \ + sudo DEBIAN_FRONTEND=noninteractive apt-get \ + -o DPkg::Lock::Timeout=300 install curl -y + + curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sudo sh -s -- -b . + if [ "{repo}" = "_" ]; then + image={container}:{tag} + elif [ "{port}" = "None" ]; then + image={repo}/{container}:{tag} + else + image={repo}:{port}/{container}:{tag} + fi + ./grype -q $image + +- job-template: + name: 'functest-{repo}-{container}-{tag}-grype' + triggers: + - timed: '@weekly' + parameters: + - functest-node: + node: '{node}' + builders: + - functest-grype: + <<: *functest-containers + publishers: + - email-ext: + failure: false + first-failure: true + fixed: true + recipients: cedric.ollivier@orange.com + +- project: + name: 'functest-opnfv-functest-core-grype' + <<: *functest-params + container: 'functest-core' + jobs: + - 'functest-{repo}-{container}-{tag}-grype' + +- project: + name: 'functest-opnfv-functest-healthcheck-grype' + <<: *functest-params + container: 'functest-healthcheck' + jobs: + - 'functest-{repo}-{container}-{tag}-grype' + +- project: + name: 'functest-opnfv-functest-smoke-grype' + <<: *functest-params + container: 'functest-smoke' + jobs: + - 'functest-{repo}-{container}-{tag}-grype' + +- project: + name: 'functest-opnfv-functest-benchmarking-grype' + <<: *functest-params + container: 'functest-benchmarking' + jobs: + - 'functest-{repo}-{container}-{tag}-grype' + +- project: + name: 'functest-opnfv-functest-vnf-grype' + <<: *functest-params + container: 'functest-vnf' + jobs: + - 'functest-{repo}-{container}-{tag}-grype' + +- project: + name: 'functest-opnfv-functest-smoke-cntt-grype' + <<: *functest-params + container: 'functest-smoke-cntt' + jobs: + - 'functest-{repo}-{container}-{tag}-grype' + +- project: + name: 'functest-opnfv-functest-benchmarking-cntt-grype' + <<: *functest-params + container: 'functest-benchmarking-cntt' + jobs: + - 'functest-{repo}-{container}-{tag}-grype' + +- builder: + name: functest-sbom + builders: + - shell: | + sudo apt-get -o DPkg::Lock::Timeout=300 update && \ + sudo DEBIAN_FRONTEND=noninteractive apt-get \ + -o DPkg::Lock::Timeout=300 install curl -y + + sudo mkdir -p ~/.docker + curl -sSfL https://raw.githubusercontent.com/docker/sbom-cli-plugin/main/install.sh | sudo sh -s -- + if [ "{repo}" = "_" ]; then + image={container}:{tag} + elif [ "{port}" = "None" ]; then + image={repo}/{container}:{tag} + else + image={repo}:{port}/{container}:{tag} + fi + sudo docker sbom $image + +- job-template: + name: 'functest-{repo}-{container}-{tag}-sbom' + triggers: + - timed: '@weekly' + parameters: + - functest-node: + node: '{node}' + builders: + - functest-sbom: + <<: *functest-containers + publishers: + - email-ext: + failure: false + first-failure: true + fixed: true + recipients: cedric.ollivier@orange.com + +- project: + name: 'functest-opnfv-functest-core-sbom' + <<: *functest-params + container: 'functest-core' + jobs: + - 'functest-{repo}-{container}-{tag}-sbom' + +- project: + name: 'functest-opnfv-functest-healthcheck-sbom' + <<: *functest-params + container: 'functest-healthcheck' + jobs: + - 'functest-{repo}-{container}-{tag}-sbom' + +- project: + name: 'functest-opnfv-functest-smoke-sbom' + <<: *functest-params + container: 'functest-smoke' + jobs: + - 'functest-{repo}-{container}-{tag}-sbom' + +- project: + name: 'functest-opnfv-functest-benchmarking-sbom' + <<: *functest-params + container: 'functest-benchmarking' + jobs: + - 'functest-{repo}-{container}-{tag}-sbom' + +- project: + name: 'functest-opnfv-functest-vnf-sbom' + <<: *functest-params + container: 'functest-vnf' + jobs: + - 'functest-{repo}-{container}-{tag}-sbom' + +- project: + name: 'functest-opnfv-functest-smoke-cntt-sbom' + <<: *functest-params + container: 'functest-smoke-cntt' + jobs: + - 'functest-{repo}-{container}-{tag}-sbom' + +- project: + name: 'functest-opnfv-functest-benchmarking-cntt-sbom' + <<: *functest-params + container: 'functest-benchmarking-cntt' + jobs: + - 'functest-{repo}-{container}-{tag}-sbom' + - project: name: 'functest' <<: *functest-params @@ -1623,3 +1752,27 @@ - last-failure - last-duration regex: (?!functest-kubernetes)(?!functest-pi)^functest-[a-z-0-9.]+-trivy$ + +- view: + name: functest-grype + view-type: list + columns: + - status + - weather + - job + - last-success + - last-failure + - last-duration + regex: (?!functest-kubernetes)(?!functest-pi)^functest-[a-z-0-9.]+-grype$ + +- view: + name: functest-sbom + view-type: list + columns: + - status + - weather + - job + - last-success + - last-failure + - last-duration + regex: (?!functest-kubernetes)(?!functest-pi)^functest-[a-z-0-9.]+-sbom$