X-Git-Url: https://gerrit.opnfv.org/gerrit/gitweb?a=blobdiff_plain;f=jjb%2Ffunctest%2Ffunctest.yaml;h=f9bf67669c8ee171240a717b3ed102e76657c47c;hb=d690ac4926c91c207740de3c91823fd5139f05e8;hp=8fa1b00f6447cd21409071b52a158848d94d3a8a;hpb=876cd53e23632d587dc1229fa29ade3352ccae7c;p=releng.git diff --git a/jjb/functest/functest.yaml b/jjb/functest/functest.yaml index 8fa1b00f6..f9bf67669 100644 --- a/jjb/functest/functest.yaml +++ b/jjb/functest/functest.yaml @@ -12,35 +12,47 @@ port: tag: - latest: + from: + build_args: branch: master - slave: lf-virtual9 - DASHBOARD_URL: http://172.30.13.94 + slave: lf-pod4-2 + DASHBOARD_URL: http://172.30.12.85 + dependency: 3.14 + - xena: + from: + build_args: + branch: stable/xena + slave: lf-pod4-2 + DASHBOARD_URL: http://172.30.12.85 + dependency: 3.14 + - wallaby: + from: + build_args: + branch: stable/wallaby + slave: lf-virtual6 + DASHBOARD_URL: http://172.30.13.91 dependency: 3.13 - leguer: + from: + build_args: branch: stable/leguer slave: lf-virtual9 DASHBOARD_URL: http://172.30.13.94 dependency: 3.12 - kali: + from: + build_args: branch: stable/kali slave: lf-pod4-3 DASHBOARD_URL: http://172.30.12.88 dependency: 3.11 - jerma: + from: + build_args: branch: stable/jerma slave: lf-pod4 DASHBOARD_URL: http://172.30.12.83 dependency: 3.10 - - iruya: - branch: stable/iruya - slave: lf-virtual4 - DASHBOARD_URL: http://172.30.13.89 - dependency: 3.9 - - hunter: - branch: stable/hunter - slave: lf-virtual6 - DASHBOARD_URL: http://172.30.13.91 - dependency: 3.9 - functest-jobs: &functest-jobs name: 'functest-jobs' @@ -65,12 +77,14 @@ - string: name: EXTERNAL_NETWORK default: public + - parameter: name: functest-VOLUME_DEVICE_NAME parameters: - string: name: VOLUME_DEVICE_NAME default: sdb + - parameter: name: functest-IMAGE_PROPERTIES parameters: @@ -83,6 +97,8 @@ <<: *functest-containers test: '{test}' privileged: '{privileged}' + volumes: '{volumes}' + env: '{env}' network: '{network}' DASHBOARD_URL: '{DASHBOARD_URL}' @@ -105,6 +121,16 @@ builders: - shell: | set +x + volumes=; + if [ "{volumes}" != "None" ]; then + for i in $(echo {volumes} | tr -d '[]' |sed "s/, / /g" ); \ + do volumes="-v $i $volumes"; done + fi + env=; + if [ "{env}" != "None" ]; then + for i in $(eval echo {env} | tr -d '[]' |sed "s/, / /g" ); \ + do env="-e $i $env"; done + fi [ ! -z "$WORKSPACE" ] && sudo rm -rf $WORKSPACE/results || true if [ "{repo}" = "_" ]; then image={container}:{tag} @@ -116,6 +142,8 @@ sudo docker run --rm \ --privileged={privileged} \ --network={network} \ + $volumes \ + $env \ -e S3_ENDPOINT_URL=https://storage.googleapis.com \ -e S3_DST_URL=s3://artifacts.opnfv.org/functest/$BUILD_TAG/$JOB_NAME-$BUILD_ID \ -e HTTP_DST_URL=http://artifacts.opnfv.org/functest/$BUILD_TAG/$JOB_NAME-$BUILD_ID \ @@ -125,12 +153,7 @@ -e NODE_NAME=$slave \ -e BUILD_TAG=$BUILD_TAG \ -v $WORKSPACE/../$JOB_NAME/results:/var/lib/xtesting/results \ - -e EXTERNAL_NETWORK=$EXTERNAL_NETWORK \ - -e VOLUME_DEVICE_NAME=$VOLUME_DEVICE_NAME \ - -e IMAGE_PROPERTIES=$IMAGE_PROPERTIES \ -e DASHBOARD_URL={DASHBOARD_URL} \ - -v /home/opnfv/functest/openstack.creds:/home/opnfv/functest/conf/env_file \ - -v /home/opnfv/functest/images:/home/opnfv/functest/images \ $image run_tests -t {test} -p -r - builder: @@ -250,7 +273,7 @@ - 'functest-{repo}-{container}-{tag}-rmi' - job-template: - name: 'functest-{repo}-{container}-{tag}-{test}-run' + name: 'functest-opnfv-functest-healthcheck-{tag}-{test}-run' parameters: - functest-slave: slave: '{slave}' @@ -269,6 +292,13 @@ - project: name: 'functest-opnfv-functest-healthcheck' <<: *functest-params + volumes: + - /home/opnfv/functest/openstack.creds:/home/opnfv/functest/conf/env_file + - /home/opnfv/functest/images:/home/opnfv/functest/images + env: + - EXTERNAL_NETWORK=$EXTERNAL_NETWORK + - VOLUME_DEVICE_NAME=$VOLUME_DEVICE_NAME + - IMAGE_PROPERTIES=$IMAGE_PROPERTIES container: 'functest-healthcheck' test: - connection_check @@ -287,11 +317,35 @@ privileged: 'false' network: bridge jobs: - - 'functest-{repo}-{container}-{tag}-{test}-run' + - 'functest-opnfv-functest-healthcheck-{tag}-{test}-run' + +- job-template: + name: 'functest-opnfv-functest-smoke-{tag}-{test}-run' + parameters: + - functest-slave: + slave: '{slave}' + - functest-build_tag: + build_tag: '' + - functest-EXTERNAL_NETWORK: + EXTERNAL_NETWORK: public + - functest-VOLUME_DEVICE_NAME: + VOLUME_DEVICE_NAME: sdb + - functest-IMAGE_PROPERTIES: + IMAGE_PROPERTIES: hw_scsi_model:virtio-scsi,hw_disk_bus:scsi + builders: + - functest-run-containers: + <<: *functest-run-containers - project: name: 'functest-opnfv-functest-smoke' <<: *functest-params + volumes: + - /home/opnfv/functest/openstack.creds:/home/opnfv/functest/conf/env_file + - /home/opnfv/functest/images:/home/opnfv/functest/images + env: + - EXTERNAL_NETWORK=$EXTERNAL_NETWORK + - VOLUME_DEVICE_NAME=$VOLUME_DEVICE_NAME + - IMAGE_PROPERTIES=$IMAGE_PROPERTIES container: 'functest-smoke' test: - tempest_neutron @@ -319,47 +373,94 @@ privileged: 'false' network: bridge exclude: - - {'tag': 'latest', 'test': 'refstack_defcore'} - - {'tag': 'latest', 'test': 'networking-bgpvpn'} - - {'tag': 'latest', 'test': 'networking-sfc'} - - {'tag': 'latest', 'test': 'patrole'} - - {'tag': 'leguer', 'test': 'refstack_defcore'} - - {'tag': 'leguer', 'test': 'networking-bgpvpn'} - - {'tag': 'leguer', 'test': 'networking-sfc'} - - {'tag': 'leguer', 'test': 'patrole'} - - {'tag': 'kali', 'test': 'refstack_defcore'} - - {'tag': 'kali', 'test': 'networking-bgpvpn'} - - {'tag': 'kali', 'test': 'networking-sfc'} - - {'tag': 'kali', 'test': 'patrole_admin'} - - {'tag': 'kali', 'test': 'patrole_member'} - - {'tag': 'kali', 'test': 'patrole_reader'} - - {'tag': 'jerma', 'test': 'refstack_defcore'} - - {'tag': 'jerma', 'test': 'networking-bgpvpn'} - - {'tag': 'jerma', 'test': 'networking-sfc'} - - {'tag': 'jerma', 'test': 'patrole_admin'} - - {'tag': 'jerma', 'test': 'patrole_member'} - - {'tag': 'jerma', 'test': 'patrole_reader'} - - {'tag': 'jerma', 'test': 'tempest_cyborg'} - - {'tag': 'iruya', 'test': 'refstack_defcore'} - - {'tag': 'iruya', 'test': 'patrole_admin'} - - {'tag': 'iruya', 'test': 'patrole_member'} - - {'tag': 'iruya', 'test': 'patrole_reader'} - - {'tag': 'iruya', 'test': 'tempest_cyborg'} - - {'tag': 'hunter', 'test': 'refstack_compute'} - - {'tag': 'hunter', 'test': 'refstack_object'} - - {'tag': 'hunter', 'test': 'refstack_platform'} - - {'tag': 'hunter', 'test': 'tempest_octavia'} - - {'tag': 'hunter', 'test': 'tempest_telemetry'} - - {'tag': 'hunter', 'test': 'patrole_admin'} - - {'tag': 'hunter', 'test': 'patrole_member'} - - {'tag': 'hunter', 'test': 'patrole_reader'} - - {'tag': 'hunter', 'test': 'tempest_cyborg'} + - tag: latest + test: refstack_defcore + - tag: latest + test: networking-bgpvpn + - tag: latest + test: networking-sfc + - tag: latest + test: patrole + - tag: xena + test: refstack_defcore + - tag: xena + test: networking-bgpvpn + - tag: xena + test: networking-sfc + - tag: xena + test: patrole + - tag: wallaby + test: refstack_defcore + - tag: wallaby + test: networking-bgpvpn + - tag: wallaby + test: networking-sfc + - tag: wallaby + test: patrole + - tag: leguer + test: refstack_defcore + - tag: leguer + test: networking-bgpvpn + - tag: leguer + test: networking-sfc + - tag: leguer + test: patrole + - tag: kali + test: refstack_defcore + - tag: kali + test: networking-bgpvpn + - tag: kali + test: networking-sfc + - tag: kali + test: patrole_admin + - tag: kali + test: patrole_member + - tag: kali + test: patrole_reader + - tag: jerma + test: refstack_defcore + - tag: jerma + test: networking-bgpvpn + - tag: jerma + test: networking-sfc + - tag: jerma + test: patrole_admin + - tag: jerma + test: patrole_member + - tag: jerma + test: patrole_reader + - tag: jerma + test: tempest_cyborg jobs: - - 'functest-{repo}-{container}-{tag}-{test}-run' + - 'functest-opnfv-functest-smoke-{tag}-{test}-run' + +- job-template: + name: 'functest-opnfv-functest-smoke-cntt-{tag}-{test}-run' + parameters: + - functest-slave: + slave: '{slave}' + - functest-build_tag: + build_tag: '' + - functest-EXTERNAL_NETWORK: + EXTERNAL_NETWORK: public + - functest-VOLUME_DEVICE_NAME: + VOLUME_DEVICE_NAME: sdb + - functest-IMAGE_PROPERTIES: + IMAGE_PROPERTIES: hw_scsi_model:virtio-scsi,hw_disk_bus:scsi + builders: + - functest-run-containers: + <<: *functest-run-containers - project: name: 'functest-opnfv-functest-smoke-cntt' <<: *functest-params + volumes: + - /home/opnfv/functest/openstack.creds:/home/opnfv/functest/conf/env_file + - /home/opnfv/functest/images:/home/opnfv/functest/images + env: + - EXTERNAL_NETWORK=$EXTERNAL_NETWORK + - VOLUME_DEVICE_NAME=$VOLUME_DEVICE_NAME + - IMAGE_PROPERTIES=$IMAGE_PROPERTIES container: 'functest-smoke-cntt' test: - tempest_neutron_cntt @@ -373,11 +474,35 @@ privileged: 'false' network: bridge jobs: - - 'functest-{repo}-{container}-{tag}-{test}-run' + - 'functest-opnfv-functest-smoke-cntt-{tag}-{test}-run' + +- job-template: + name: 'functest-opnfv-functest-benchmarking-{tag}-{test}-run' + parameters: + - functest-slave: + slave: '{slave}' + - functest-build_tag: + build_tag: '' + - functest-EXTERNAL_NETWORK: + EXTERNAL_NETWORK: public + - functest-VOLUME_DEVICE_NAME: + VOLUME_DEVICE_NAME: sdb + - functest-IMAGE_PROPERTIES: + IMAGE_PROPERTIES: hw_scsi_model:virtio-scsi,hw_disk_bus:scsi + builders: + - functest-run-containers: + <<: *functest-run-containers - project: name: 'functest-opnfv-functest-benchmarking' <<: *functest-params + volumes: + - /home/opnfv/functest/openstack.creds:/home/opnfv/functest/conf/env_file + - /home/opnfv/functest/images:/home/opnfv/functest/images + env: + - EXTERNAL_NETWORK=$EXTERNAL_NETWORK + - VOLUME_DEVICE_NAME=$VOLUME_DEVICE_NAME + - IMAGE_PROPERTIES=$IMAGE_PROPERTIES container: 'functest-benchmarking' test: - rally_full @@ -387,11 +512,35 @@ privileged: 'false' network: bridge jobs: - - 'functest-{repo}-{container}-{tag}-{test}-run' + - 'functest-opnfv-functest-benchmarking-{tag}-{test}-run' + +- job-template: + name: 'functest-opnfv-functest-benchmarking-cntt-{tag}-{test}-run' + parameters: + - functest-slave: + slave: '{slave}' + - functest-build_tag: + build_tag: '' + - functest-EXTERNAL_NETWORK: + EXTERNAL_NETWORK: public + - functest-VOLUME_DEVICE_NAME: + VOLUME_DEVICE_NAME: sdb + - functest-IMAGE_PROPERTIES: + IMAGE_PROPERTIES: hw_scsi_model:virtio-scsi,hw_disk_bus:scsi + builders: + - functest-run-containers: + <<: *functest-run-containers - project: name: 'functest-opnfv-functest-benchmarking-cntt' <<: *functest-params + volumes: + - /home/opnfv/functest/openstack.creds:/home/opnfv/functest/conf/env_file + - /home/opnfv/functest/images:/home/opnfv/functest/images + env: + - EXTERNAL_NETWORK=$EXTERNAL_NETWORK + - VOLUME_DEVICE_NAME=$VOLUME_DEVICE_NAME + - IMAGE_PROPERTIES=$IMAGE_PROPERTIES container: 'functest-benchmarking-cntt' test: - rally_full_cntt @@ -399,11 +548,35 @@ privileged: 'false' network: bridge jobs: - - 'functest-{repo}-{container}-{tag}-{test}-run' + - 'functest-opnfv-functest-benchmarking-cntt-{tag}-{test}-run' + +- job-template: + name: 'functest-opnfv-functest-vnf-{tag}-{test}-run' + parameters: + - functest-slave: + slave: '{slave}' + - functest-build_tag: + build_tag: '' + - functest-EXTERNAL_NETWORK: + EXTERNAL_NETWORK: public + - functest-VOLUME_DEVICE_NAME: + VOLUME_DEVICE_NAME: sdb + - functest-IMAGE_PROPERTIES: + IMAGE_PROPERTIES: hw_scsi_model:virtio-scsi,hw_disk_bus:scsi + builders: + - functest-run-containers: + <<: *functest-run-containers - project: name: 'functest-opnfv-functest-vnf' <<: *functest-params + volumes: + - /home/opnfv/functest/openstack.creds:/home/opnfv/functest/conf/env_file + - /home/opnfv/functest/images:/home/opnfv/functest/images + env: + - EXTERNAL_NETWORK=$EXTERNAL_NETWORK + - VOLUME_DEVICE_NAME=$VOLUME_DEVICE_NAME + - IMAGE_PROPERTIES=$IMAGE_PROPERTIES container: 'functest-vnf' test: - cloudify @@ -414,14 +587,23 @@ privileged: 'false' network: bridge jobs: - - 'functest-{repo}-{container}-{tag}-{test}-run' - + - 'functest-opnfv-functest-vnf-{tag}-{test}-run' - builder: name: functest-zip builders: - shell: | set +x + volumes=; + if [ "{volumes}" != "None" ]; then + for i in $(echo {volumes} | tr -d '[]' |sed "s/, / /g" ); \ + do volumes="-v $i $volumes"; done + fi + env=; + if [ "{env}" != "None" ]; then + for i in $(eval echo {env} | tr -d '[]' |sed "s/, / /g" ); \ + do env="-e $i $env"; done + fi [ ! -z "$WORKSPACE" ] && sudo rm -rf $WORKSPACE/results || true if [ "{repo}" = "_" ]; then image={container}:{tag} @@ -431,6 +613,8 @@ image={repo}:{port}/{container}:{tag} fi sudo docker run --rm \ + $volumes \ + $env \ -e S3_ENDPOINT_URL=https://storage.googleapis.com \ -e S3_DST_URL=s3://artifacts.opnfv.org/functest \ -e HTTP_DST_URL=http://artifacts.opnfv.org/functest \ @@ -439,11 +623,6 @@ -e TEST_DB_EXT_URL=http://testresults.opnfv.org/test/api/v1/results \ -e BUILD_TAG=$BUILD_TAG \ -v $WORKSPACE/../$JOB_NAME/results:/var/lib/xtesting/results \ - -e EXTERNAL_NETWORK=$EXTERNAL_NETWORK \ - -e VOLUME_DEVICE_NAME=$VOLUME_DEVICE_NAME \ - -e IMAGE_PROPERTIES=$IMAGE_PROPERTIES \ - -v /home/opnfv/functest/openstack.creds:/home/opnfv/functest/conf/env_file \ - -v /home/opnfv/functest/images:/home/opnfv/functest/images \ $image zip_campaign - job-template: @@ -462,10 +641,19 @@ builders: - functest-zip: <<: *functest-containers + volumes: '{volumes}' + env: '{env}' - project: name: 'functest-{tag}-zip' <<: *functest-params + volumes: + - /home/opnfv/functest/openstack.creds:/home/opnfv/functest/conf/env_file + - /home/opnfv/functest/images:/home/opnfv/functest/images + env: + - EXTERNAL_NETWORK=$EXTERNAL_NETWORK + - VOLUME_DEVICE_NAME=$VOLUME_DEVICE_NAME + - IMAGE_PROPERTIES=$IMAGE_PROPERTIES container: 'functest-healthcheck' jobs: - 'functest-{tag}-zip' @@ -486,12 +674,14 @@ VOLUME_DEVICE_NAME: sdb - functest-IMAGE_PROPERTIES: IMAGE_PROPERTIES: hw_scsi_model:virtio-scsi,hw_disk_bus:scsi + # PyYAML and yamllint differ here + # see https://github.com/yaml/pyyaml/issues/234 + # yamllint disable rule:indentation properties: - build-blocker: - use-build-blocker: true - blocking-level: 'NODE' blocking-jobs: - - '^functest-{tag}-(daily|docker|review)$' + - ^functest-(pi-)*{tag}-(daily|docker|review)$ + # yamllint enable rule:indentation builders: - multijob: name: remove former images @@ -654,6 +844,12 @@ projects: - name: 'functest-{tag}-zip' <<: *functest-jobs + publishers: + - email-ext: + failure: false + first-failure: true + fixed: true + recipients: cedric.ollivier@orange.com - project: name: 'functest-daily' @@ -671,13 +867,15 @@ - last-success - last-failure - last-duration - regex: ^functest-[a-z0-9]+-daily$ + regex: ^functest-[a-z0-9.]+-daily$ - functest-build-containers: &functest-build-containers name: 'functest-build-containers' <<: *functest-containers ref_arg: '{ref_arg}' path: '{path}' + build_args: '{build_args}' + from: '{from}' - builder: name: functest-build-containers @@ -691,13 +889,19 @@ else image={repo}:{port}/{container}:{tag} fi - if [ "{ref_arg}" = "None" ]; then - build_arg="" - else - build_arg="--build-arg {ref_arg}={ref}" + build_args="" + if [ "{build_args}" != "None" ]; then + for i in $(echo {build_args} | tr -d '[]' |sed "s/, / /g" ); \ + do build_args="--build-arg $i $build_args"; done + fi + if [ "{ref_arg}" != "None" ]; then + build_args="$build_args --build-arg {ref_arg}={ref}" fi cd {path} - sudo docker build $build_arg \ + if [ "{from}" != "None" ]; then + sed -i {from} Dockerfile + fi + sudo docker build $build_args \ --pull=false --no-cache --force-rm=true \ -t $image . @@ -724,10 +928,10 @@ set +x if [ "_" = "_" ]; then image=alpine:{dependency} - elif [ "_" = "None" ]; then + elif [ "None" = "None" ]; then image=_/alpine:{dependency} else - image=_:/alpine{dependency} + image=_:/alpine:{dependency} fi sudo docker pull $image || true @@ -738,10 +942,10 @@ set +x if [ "_" = "_" ]; then image=alpine:{dependency} - elif [ "_" = "None" ]; then + elif [ "" = "None" ]; then image=_/alpine:{dependency} else - image=_:/alpine{dependency} + image=_:/alpine:{dependency} fi sudo docker rmi $image || true @@ -780,13 +984,21 @@ builders: - shell: | set +x - sudo apt-get update && sudo apt-get install software-properties-common gpg -y + sudo apt-get -o DPkg::Lock::Timeout=300 update && \ + sudo DEBIAN_FRONTEND=noninteractive apt-get \ + -o DPkg::Lock::Timeout=300 dist-upgrade -y + sudo DEBIAN_FRONTEND=noninteractive \ + apt-get -o DPkg::Lock::Timeout=300 install software-properties-common gpg -y sudo add-apt-repository -y ppa:deadsnakes/ppa - sudo apt-get update && sudo apt-get install python3.8 python3.8-dev \ - python3.8-distutils \ + sudo apt-get -o DPkg::Lock::Timeout=300 update && \ + sudo DEBIAN_FRONTEND=noninteractive apt-get \ + -o DPkg::Lock::Timeout=300 install \ + python3.9 python3.9-dev python3.9-distutils \ + python3.8 python3.8-dev python3.8-distutils \ python3.7 python3.7-dev python3.6 python3.6-dev \ python python-dev python3-pip enchant -y sudo pip3 install tox tox-pip-version + tox - job-template: @@ -809,6 +1021,20 @@ jobs: - 'functest-{tag}-tox' +- job-template: + name: 'functest-{repo}-{container}-{tag}-gate' + parameters: + - functest-slave: + slave: '{slave}' + scm: + - functest-scm: + ref: $GERRIT_REFSPEC + builders: + - functest-build-containers: + <<: *functest-build-containers + ref: $GERRIT_REFSPEC + build_args: '{build_args}' + - project: name: functest-opnfv-functest-core-{tag}-gate <<: *functest-params @@ -826,6 +1052,8 @@ path: docker/tempest exclude: - {'tag': 'latest'} + - {'tag': 'xena'} + - {'tag': 'wallaby'} - {'tag': 'leguer'} - {'tag': 'kali'} - {'tag': 'jerma'} @@ -886,20 +1114,6 @@ jobs: - 'functest-{repo}-{container}-{tag}-gate' - -- job-template: - name: 'functest-{repo}-{container}-{tag}-gate' - parameters: - - functest-slave: - slave: '{slave}' - scm: - - functest-scm: - ref: $GERRIT_REFSPEC - builders: - - functest-build-containers: - <<: *functest-build-containers - ref: $GERRIT_REFSPEC - - trigger: name: functest-patchset-created triggers: @@ -934,12 +1148,14 @@ VOLUME_DEVICE_NAME: sdb - functest-IMAGE_PROPERTIES: IMAGE_PROPERTIES: hw_scsi_model:virtio-scsi,hw_disk_bus:scsi + # PyYAML and yamllint differ here + # see https://github.com/yaml/pyyaml/issues/234 + # yamllint disable rule:indentation properties: - build-blocker: - use-build-blocker: true - blocking-level: 'NODE' blocking-jobs: - - '^functest-{tag}-(daily|docker|review)$' + - ^functest-(pi-)*{tag}-(daily|docker|review)$ + # yamllint enable rule:indentation builders: - multijob: name: remove former images @@ -1120,6 +1336,12 @@ <<: *functest-jobs - name: 'functest-opnfv-functest-vnf-{tag}-juju_epc-run' <<: *functest-jobs + publishers: + - email-ext: + failure: false + first-failure: true + fixed: true + recipients: cedric.ollivier@orange.com - project: name: 'functest-review' @@ -1137,7 +1359,7 @@ - last-success - last-failure - last-duration - regex: ^functest-[a-z0-9]+-review$ + regex: ^functest-[a-z0-9.]+-review$ - view: name: functest-tox @@ -1149,7 +1371,7 @@ - last-success - last-failure - last-duration - regex: ^functest-[a-z0-9]+-tox$ + regex: ^functest-[a-z0-9.]+-tox$ - builder: name: functest-push-containers @@ -1183,6 +1405,7 @@ - functest-build-containers: <<: *functest-build-containers ref: '{branch}' + build_args: '{build_args}' - functest-push-containers: <<: *functest-build-containers ref: '{branch}' @@ -1204,6 +1427,8 @@ path: docker/tempest exclude: - {'tag': 'latest'} + - {'tag': 'xena'} + - {'tag': 'wallaby'} - {'tag': 'leguer'} - {'tag': 'kali'} - {'tag': 'jerma'} @@ -1264,7 +1489,6 @@ jobs: - 'functest-{repo}-{container}-{tag}-build' - - job-template: name: 'functest-{tag}-docker' project-type: multijob @@ -1276,12 +1500,14 @@ parameters: - functest-slave: slave: '{slave}' + # PyYAML and yamllint differ here + # see https://github.com/yaml/pyyaml/issues/234 + # yamllint disable rule:indentation properties: - build-blocker: - use-build-blocker: true - blocking-level: 'NODE' blocking-jobs: - - '^functest-{tag}-(daily|docker|review)$' + - ^functest-(pi-)*{tag}-(daily|docker|review)$ + # yamllint enable rule:indentation builders: - multijob: name: remove dependency @@ -1321,12 +1547,21 @@ <<: *functest-jobs - name: 'functest-opnfv-functest-benchmarking-cntt-{tag}-build' <<: *functest-jobs + publishers: + - email-ext: + failure: false + first-failure: true + fixed: true + recipients: cedric.ollivier@orange.com - builder: name: functest-trivy builders: - shell: | - sudo apt-get update && sudo apt-get install curl -y + sudo apt-get -o DPkg::Lock::Timeout=300 update && \ + sudo DEBIAN_FRONTEND=noninteractive apt-get \ + -o DPkg::Lock::Timeout=300 install curl -y + curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sudo sh -s -- -b . if [ "{repo}" = "_" ]; then image={container}:{tag} @@ -1347,6 +1582,26 @@ builders: - functest-trivy: <<: *functest-containers + publishers: + - email-ext: + failure: false + first-failure: true + fixed: true + recipients: cedric.ollivier@orange.com + +- project: + name: 'functest-opnfv-functest-core-trivy' + <<: *functest-params + container: 'functest-core' + jobs: + - 'functest-{repo}-{container}-{tag}-trivy' + +- project: + name: 'functest-opnfv-functest-tempest-trivy' + <<: *functest-params + container: 'functest-tempest' + jobs: + - 'functest-{repo}-{container}-{tag}-trivy' - project: name: 'functest-opnfv-functest-healthcheck-trivy' @@ -1354,36 +1609,135 @@ container: 'functest-healthcheck' jobs: - 'functest-{repo}-{container}-{tag}-trivy' + - project: name: 'functest-opnfv-functest-smoke-trivy' <<: *functest-params container: 'functest-smoke' jobs: - 'functest-{repo}-{container}-{tag}-trivy' + - project: - name: 'functest-opnfv-functest-smoke-cntt-trivy' + name: 'functest-opnfv-functest-benchmarking-trivy' <<: *functest-params - container: 'functest-smoke-cntt' + container: 'functest-benchmarking' jobs: - 'functest-{repo}-{container}-{tag}-trivy' + - project: - name: 'functest-opnfv-functest-benchmarking-trivy' + name: 'functest-opnfv-functest-vnf-trivy' <<: *functest-params - container: 'functest-benchmarking' + container: 'functest-vnf' jobs: - 'functest-{repo}-{container}-{tag}-trivy' + +- project: + name: 'functest-opnfv-functest-smoke-cntt-trivy' + <<: *functest-params + container: 'functest-smoke-cntt' + jobs: + - 'functest-{repo}-{container}-{tag}-trivy' + - project: name: 'functest-opnfv-functest-benchmarking-cntt-trivy' <<: *functest-params container: 'functest-benchmarking-cntt' jobs: - 'functest-{repo}-{container}-{tag}-trivy' + +- builder: + name: functest-docker-scan + builders: + - shell: | + sudo apt-get -o DPkg::Lock::Timeout=300 update && \ + sudo DEBIAN_FRONTEND=noninteractive apt-get \ + -o DPkg::Lock::Timeout=300 install curl docker.io -y + + mkdir -p ~/.docker/cli-plugins && \ + curl https://github.com/docker/scan-cli-plugin/releases/latest/download/docker-scan_linux_amd64 \ + -L -s -S -o ~/.docker/cli-plugins/docker-scan &&\ + chmod +x ~/.docker/cli-plugins/docker-scan + if [ "{repo}" = "_" ]; then + image={container}:{tag} + elif [ "{port}" = "None" ]; then + image={repo}/{container}:{tag} + else + image={repo}:{port}/{container}:{tag} + fi + sudo docker scan --accept-license $image + +- job-template: + name: 'functest-{repo}-{container}-{tag}-docker-scan' + triggers: + - timed: '@weekly' + parameters: + - functest-slave: + slave: '{slave}' + builders: + - functest-docker-scan: + <<: *functest-containers + publishers: + - email-ext: + failure: false + first-failure: true + fixed: true + recipients: cedric.ollivier@orange.com + - project: - name: 'functest-opnfv-functest-vnf-trivy' + name: 'functest-opnfv-functest-core-docker-scan' + <<: *functest-params + container: 'functest-core' + jobs: + - 'functest-{repo}-{container}-{tag}-docker-scan' + +- project: + name: 'functest-opnfv-functest-tempest-docker-scan' + <<: *functest-params + container: 'functest-tempest' + jobs: + - 'functest-{repo}-{container}-{tag}-docker-scan' + +- project: + name: 'functest-opnfv-functest-healthcheck-docker-scan' + <<: *functest-params + container: 'functest-healthcheck' + jobs: + - 'functest-{repo}-{container}-{tag}-docker-scan' + +- project: + name: 'functest-opnfv-functest-smoke-docker-scan' + <<: *functest-params + container: 'functest-smoke' + jobs: + - 'functest-{repo}-{container}-{tag}-docker-scan' + +- project: + name: 'functest-opnfv-functest-benchmarking-docker-scan' + <<: *functest-params + container: 'functest-benchmarking' + jobs: + - 'functest-{repo}-{container}-{tag}-docker-scan' + +- project: + name: 'functest-opnfv-functest-vnf-docker-scan' <<: *functest-params container: 'functest-vnf' jobs: - - 'functest-{repo}-{container}-{tag}-trivy' + - 'functest-{repo}-{container}-{tag}-docker-scan' + +- project: + name: 'functest-opnfv-functest-smoke-cntt-docker-scan' + <<: *functest-params + container: 'functest-smoke-cntt' + jobs: + - 'functest-{repo}-{container}-{tag}-docker-scan' + +- project: + name: 'functest-opnfv-functest-benchmarking-cntt-docker-scan' + <<: *functest-params + container: 'functest-benchmarking-cntt' + jobs: + - 'functest-{repo}-{container}-{tag}-docker-scan' - project: name: 'functest' @@ -1401,7 +1755,7 @@ - last-success - last-failure - last-duration - regex: ^functest-[a-z0-9]+-docker$ + regex: ^functest-[a-z0-9.]+-docker$ - view: name: functest-trivy @@ -1413,4 +1767,16 @@ - last-success - last-failure - last-duration - regex: (?!functest-kubernetes)(?!functest-pi)^functest-[a-z-0-9]+-trivy$ + regex: (?!functest-kubernetes)(?!functest-pi)^functest-[a-z-0-9.]+-trivy$ + +- view: + name: functest-docker-scan + view-type: list + columns: + - status + - weather + - job + - last-success + - last-failure + - last-duration + regex: (?!functest-kubernetes)(?!functest-pi)^functest-[a-z-0-9.]+-docker-scan$