X-Git-Url: https://gerrit.opnfv.org/gerrit/gitweb?a=blobdiff_plain;f=jjb%2Ffunctest%2Fxtesting.yaml;h=9b907c8da72b3e49fa3c7a3fe7bab29a1e44a7e1;hb=39104196379b50039ee7801514536837768112ee;hp=48c0952cc2447c64cfe3aca4d9fe6ec77a99c135;hpb=cab9556037490d29217a98bbb098e665da9fcebb;p=releng.git diff --git a/jjb/functest/xtesting.yaml b/jjb/functest/xtesting.yaml index 48c0952cc..cecd04707 100644 --- a/jjb/functest/xtesting.yaml +++ b/jjb/functest/xtesting.yaml @@ -1,7 +1,10 @@ --- -- xtesting-jobs: &xtesting-jobs - name: 'xtesting-jobs' - current-parameters: true +- xtesting-containers: &xtesting-containers + name: 'xtesting-containers' + repo: '{repo}' + port: '{port}' + container: '{container}' + tag: '{tag}' - xtesting-params: &xtesting-params name: 'xtesting-params' @@ -9,43 +12,70 @@ port: tag: - latest: + from: + build_args: branch: master - - iruya: - branch: stable/iruya - - hunter: - branch: stable/hunter + node: xtesting + dependency: 3.17 + - 2023.1: + from: + build_args: + branch: stable/2023.1 + node: xtesting + dependency: 3.17 + - zed: + from: + build_args: + branch: stable/zed + node: xtesting + dependency: 3.16 + - yoga: + from: + build_args: + branch: stable/yoga + node: xtesting + dependency: 3.16 + - xena: + from: + build_args: + branch: stable/xena + node: xtesting + dependency: 3.14 + - wallaby: + from: + build_args: + branch: stable/wallaby + node: xtesting + dependency: 3.13 + +- xtesting-jobs: &xtesting-jobs + name: 'xtesting-jobs' + current-parameters: true - parameter: - name: xtesting-slave + name: xtesting-node parameters: - label: - name: slave - default: lf-build2 + name: node + default: '{node}' - parameter: - name: xtesting-branch + name: xtesting-build_tag parameters: - - string: - name: branch - default: '{branch}' - -- xtesting-containers: &xtesting-containers - name: 'xtesting-containers' - repo: '{repo}' - port: '{port}' - container: '{container}' - tag: '{tag}' + - random-string: + name: build_tag - xtesting-run-containers: &xtesting-run-containers - name: 'xtesting-build-containers' + name: 'xtesting-run-containers' <<: *xtesting-containers test: '{test}' - -- xtesting-build-containers: &xtesting-build-containers - name: 'xtesting-build-containers' - <<: *xtesting-containers - ref_arg: '{ref_arg}' - path: '{path}' + privileged: '{privileged}' + volumes: '{volumes}' + env: '{env}' + network: '{network}' + uid: '{uid}' + gid: '{gid}' + published_ports: '{published_ports}' - builder: name: xtesting-pull-containers @@ -62,33 +92,26 @@ sudo docker pull $image - builder: - name: xtesting-build-containers + name: xtesting-run-containers builders: - shell: | set +x - if [ "{repo}" = "_" ]; then - image={container}:{tag} - elif [ "{port}" = "None" ]; then - image={repo}/{container}:{tag} - else - image={repo}:{port}/{container}:{tag} + volumes=; + if [ "{volumes}" != "None" ]; then + for i in $(echo {volumes} | tr -d '[]' |sed "s/, / /g" ); \ + do volumes="-v $i $volumes"; done fi - if [ "{ref_arg}" = "None" ]; then - build_arg="" - else - build_arg="--build-arg {ref_arg}={ref}" + env=; + if [ "{env}" != "None" ]; then + for i in $(eval echo {env} | tr -d '[]' |sed "s/, / /g" ); \ + do env="-e $i $env"; done fi - cd {path} - sudo docker build $build_arg \ - --pull=false --no-cache --force-rm=true \ - -t $image . - -- builder: - name: xtesting-run-containers - builders: - - shell: | - set +ex - [ ! -z "$WORKSPACE" ] && sudo rm -rf $WORKSPACE/* || true + published_ports=; + if [ "{published_ports}" != "None" ]; then + for i in $(echo {published_ports} | tr -d '[]' |sed "s/, / /g" ); \ + do published_ports="-p $i $published_ports"; done + fi + [ ! -z "$WORKSPACE" ] && sudo rm -rf $WORKSPACE/results || true if [ "{repo}" = "_" ]; then image={container}:{tag} elif [ "{port}" = "None" ]; then @@ -96,17 +119,24 @@ else image={repo}:{port}/{container}:{tag} fi + sudo mkdir -p $WORKSPACE/results + sudo chown {uid}:{gid} $WORKSPACE/results sudo docker run --rm \ + --privileged={privileged} \ + --network={network} \ + $volumes \ + $env \ + $published_ports \ + -e S3_ENDPOINT_URL=https://storage.googleapis.com \ + -e S3_DST_URL=s3://artifacts.opnfv.org/xtesting/$BUILD_TAG/$JOB_NAME-$BUILD_ID \ + -e HTTP_DST_URL=http://artifacts.opnfv.org/xtesting/$BUILD_TAG/$JOB_NAME-$BUILD_ID \ + -v /home/opnfv/xtesting/.boto:/etc/boto.cfg \ + -e TEST_DB_URL=http://testresults.opnfv.org/test/api/v1/results \ + -e TEST_DB_EXT_URL=http://testresults.opnfv.org/test/api/v1/results \ + -e NODE_NAME=$node \ + -e BUILD_TAG=$BUILD_TAG \ -v $WORKSPACE/../$JOB_NAME/results:/var/lib/xtesting/results \ - -e DEBUG=true \ - $image run_tests -t {test} - res=$? - gsutil -m cp -r $WORKSPACE/ \ - gs://artifacts.opnfv.org/xtesting/$JOB_NAME-$BUILD_ID > /dev/null 2>&1 - find $WORKSPACE -type f \ - -printf \ - "http://artifacts.opnfv.org/xtesting/$JOB_NAME-$BUILD_ID/%P\n" - exit $res + $image run_tests -t {test} -p -r - builder: name: xtesting-remove-images @@ -122,19 +152,11 @@ fi sudo docker rmi $image || true -- scm: - name: xtesting-scm - scm: - - git: - url: https://gerrit.opnfv.org/gerrit/functest-xtesting - refspec: '+refs/changes/*:refs/changes/*' - branches: - - '{ref}' - - job-template: name: 'xtesting-{repo}-{container}-{tag}-pull' parameters: - - xtesting-slave + - xtesting-node: + node: '{node}' builders: - xtesting-pull-containers: <<: *xtesting-containers @@ -149,7 +171,8 @@ - job-template: name: 'xtesting-{repo}-{container}-{tag}-rmi' parameters: - - xtesting-slave + - xtesting-node: + node: '{node}' builders: - xtesting-remove-images: <<: *xtesting-containers @@ -162,9 +185,12 @@ - 'xtesting-{repo}-{container}-{tag}-rmi' - job-template: - name: 'xtesting-{repo}-{container}-{tag}-{test}-run' + name: 'xtesting-opnfv-xtesting-{tag}-{test}-run' parameters: - - xtesting-slave + - xtesting-node: + node: '{node}' + - xtesting-build_tag: + build_tag: '' builders: - xtesting-run-containers: <<: *xtesting-run-containers @@ -172,6 +198,9 @@ - project: name: 'xtesting-opnfv-xtesting' <<: *xtesting-params + volumes: + env: + published_ports: container: 'xtesting' test: - first @@ -179,8 +208,92 @@ - third - fourth - fifth + - sixth + - eighth + - nineth + privileged: 'false' + network: bridge + uid: 1000 + gid: 1000 + exclude: + - tag: wallaby + test: nineth + - tag: xena + test: nineth jobs: - - 'xtesting-{repo}-{container}-{tag}-{test}-run' + - 'xtesting-opnfv-xtesting-{tag}-{test}-run' + +- builder: + name: xtesting-zip + builders: + - shell: | + set +x + volumes=; + if [ "{volumes}" != "None" ]; then + for i in $(echo {volumes} | tr -d '[]' |sed "s/, / /g" ); \ + do volumes="-v $i $volumes"; done + fi + env=; + if [ "{env}" != "None" ]; then + for i in $(eval echo {env} | tr -d '[]' |sed "s/, / /g" ); \ + do env="-e $i $env"; done + fi + published_ports=; + if [ "{published_ports}" != "None" ]; then + for i in $(echo {published_ports} | tr -d '[]' |sed "s/, / /g" ); \ + do published_ports="-p $i $published_ports"; done + fi + [ ! -z "$WORKSPACE" ] && sudo rm -rf $WORKSPACE/results || true + if [ "{repo}" = "_" ]; then + image={container}:{tag} + elif [ "{port}" = "None" ]; then + image={repo}/{container}:{tag} + else + image={repo}:{port}/{container}:{tag} + fi + sudo mkdir -p $WORKSPACE/results + sudo chown {uid}:{gid} $WORKSPACE/results + sudo docker run --rm \ + $volumes \ + $env \ + $published_ports \ + -e S3_ENDPOINT_URL=https://storage.googleapis.com \ + -e S3_DST_URL=s3://artifacts.opnfv.org/xtesting \ + -e HTTP_DST_URL=http://artifacts.opnfv.org/xtesting \ + -v /home/opnfv/xtesting/.boto:/etc/boto.cfg \ + -e TEST_DB_URL=http://testresults.opnfv.org/test/api/v1/results \ + -e TEST_DB_EXT_URL=http://testresults.opnfv.org/test/api/v1/results \ + -e BUILD_TAG=$BUILD_TAG \ + -v $WORKSPACE/../$JOB_NAME/results:/var/lib/xtesting/results \ + $image zip_campaign + +- job-template: + name: 'xtesting-{tag}-zip' + parameters: + - xtesting-node: + node: '{node}' + - xtesting-build_tag: + build_tag: '' + builders: + - xtesting-zip: + <<: *xtesting-containers + volumes: '{volumes}' + env: '{env}' + uid: '{uid}' + gid: '{gid}' + published_ports: '{published_ports}' + +- project: + name: 'xtesting-{tag}-zip' + <<: *xtesting-params + volumes: + env: + published_ports: + container: 'xtesting' + uid: 1000 + gid: 1000 + jobs: + - 'xtesting-{tag}-zip' - job-template: name: 'xtesting-{tag}-daily' @@ -188,13 +301,18 @@ triggers: - timed: '@daily' parameters: - - xtesting-slave + - xtesting-node: + node: '{node}' + - xtesting-build_tag: + build_tag: '' + # PyYAML and yamllint differ here + # see https://github.com/yaml/pyyaml/issues/234 + # yamllint disable rule:indentation properties: - build-blocker: - use-build-blocker: true - blocking-level: 'NODE' blocking-jobs: - - '^xtesting-[a-z]+-(daily|check|gate)$' + - ^xtesting-(pi-)*{tag}-(daily|docker|review)$ + # yamllint enable rule:indentation builders: - multijob: name: remove former images @@ -219,114 +337,222 @@ <<: *xtesting-jobs - name: 'xtesting-opnfv-xtesting-{tag}-fifth-run' <<: *xtesting-jobs + - name: 'xtesting-opnfv-xtesting-{tag}-sixth-run' + <<: *xtesting-jobs + - name: 'xtesting-opnfv-xtesting-{tag}-eighth-run' + <<: *xtesting-jobs + - name: 'xtesting-opnfv-xtesting-{tag}-nineth-run' + <<: *xtesting-jobs + - multijob: + name: dump all campaign data + projects: + - name: 'xtesting-{tag}-zip' + <<: *xtesting-jobs + publishers: + - email-ext: + failure: false + first-failure: true + fixed: true + recipients: cedric.ollivier@orange.com + +- project: + name: 'xtesting-daily' + <<: *xtesting-params + jobs: + - 'xtesting-{tag}-daily' + +- view: + name: xtesting + view-type: list + columns: + - status + - weather + - job + - last-success + - last-failure + - last-duration + regex: ^xtesting-[a-z0-9.]+-daily$ + +- xtesting-build-containers: &xtesting-build-containers + name: 'xtesting-build-containers' + <<: *xtesting-containers + ref_arg: '{ref_arg}' + path: '{path}' + build_args: '{build_args}' + from: '{from}' + +- builder: + name: xtesting-build-containers + builders: + - shell: | + set +x + if [ "{repo}" = "_" ]; then + image={container}:{tag} + elif [ "{port}" = "None" ]; then + image={repo}/{container}:{tag} + else + image={repo}:{port}/{container}:{tag} + fi + build_args="" + if [ "{build_args}" != "None" ]; then + for i in $(echo {build_args} | tr -d '[]' |sed "s/, / /g" ); \ + do build_args="--build-arg $i $build_args"; done + fi + if [ "{ref_arg}" != "None" ]; then + build_args="$build_args --build-arg {ref_arg}={ref}" + fi + cd {path} + if [ "{from}" != "None" ]; then + sed -i {from} Dockerfile + fi + sudo docker build $build_args \ + --pull=false --no-cache --force-rm=true \ + -t $image . + +- scm: + name: xtesting-scm + scm: + - git: + url: 'https://gerrit.opnfv.org/gerrit/functest-xtesting' + refspec: '+refs/heads/*:refs/remotes/origin/* +refs/changes/*:refs/changes/*' + branches: + - '{ref}' + +- xtesting-dep: &xtesting-dep + name: 'xtesting-containers' + repo: '{repo}' + port: '{port}' + tag: '{tag}' + dependency: '{dependency}' + +- builder: + name: xtesting-pull-dep-images + builders: + - shell: | + set +x + if [ "_" = "_" ]; then + image=alpine:{dependency} + elif [ "" = "None" ]; then + image=_/alpine:{dependency} + else + image=_:/alpine:{dependency} + fi + sudo docker pull $image || true + +- builder: + name: xtesting-remove-dep-images + builders: + - shell: | + set +x + if [ "_" = "_" ]; then + image=alpine:{dependency} + elif [ "" = "None" ]; then + image=_/alpine:{dependency} + else + image=_:/alpine:{dependency} + fi + sudo docker rmi $image || true - job-template: - name: 'xtesting-{repo}-{container}-{tag}-gate' + name: 'xtesting-{repo}-{tag}-dep-pull' parameters: - - xtesting-slave + - xtesting-node: + node: '{node}' + builders: + - xtesting-pull-dep-images: + <<: *xtesting-dep + +- project: + name: 'xtesting-{repo}-{tag}-dep-pull' + <<: *xtesting-params + jobs: + - 'xtesting-{repo}-{tag}-dep-pull' + +- job-template: + name: 'xtesting-{repo}-{tag}-dep-rmi' + parameters: + - xtesting-node: + node: '{node}' + builders: + - xtesting-remove-dep-images: + <<: *xtesting-dep + +- project: + name: 'xtesting-{repo}-{tag}-dep-rmi' + <<: *xtesting-params + jobs: + - 'xtesting-{repo}-{tag}-dep-rmi' + +- builder: + name: xtesting-tox + builders: + - shell: | + set +x + sudo apt-get -o DPkg::Lock::Timeout=300 update && \ + sudo DEBIAN_FRONTEND=noninteractive apt-get \ + -o DPkg::Lock::Timeout=300 dist-upgrade -y + sudo DEBIAN_FRONTEND=noninteractive \ + apt-get -o DPkg::Lock::Timeout=300 install software-properties-common gpg -y + sudo add-apt-repository -y ppa:deadsnakes/ppa + sudo apt-get -o DPkg::Lock::Timeout=300 update && \ + sudo DEBIAN_FRONTEND=noninteractive apt-get \ + -o DPkg::Lock::Timeout=300 install \ + libxml2-dev libxslt-dev libffi-dev libjpeg-dev \ + python3.10 python3.10-dev python3.10-distutils \ + python3.9 python3.9-dev python3.9-distutils \ + python3.8 python3.8-dev python3.8-distutils \ + python3-pip enchant-2 -y + sudo pip3 install tox tox-pip-version + + tox + +- job-template: + name: 'xtesting-{tag}-tox' scm: - xtesting-scm: ref: $GERRIT_REFSPEC + triggers: + - xtesting-patchset-created: + branch: '{branch}' + parameters: + - xtesting-node: + node: '{node}' builders: - - xtesting-build-containers: - <<: *xtesting-build-containers - ref: $GERRIT_REFSPEC + - xtesting-tox: + +- project: + name: xtesting-tox + <<: *xtesting-params + jobs: + - 'xtesting-{tag}-tox' - job-template: - name: 'xtesting-{repo}-{container}-{tag}-check' + name: 'xtesting-{repo}-{container}-{tag}-gate' parameters: - - xtesting-slave - - xtesting-branch: - branch: '{branch}' + - xtesting-node: + node: '{node}' scm: - xtesting-scm: - ref: $branch + ref: $GERRIT_REFSPEC builders: - xtesting-build-containers: <<: *xtesting-build-containers - ref: $branch - -- project: - name: 'xtesting-_-alpine-3.9-rmi' - repo: _ - port: - container: alpine - tag: 3.9 - jobs: - - 'xtesting-{repo}-{container}-{tag}-rmi' - -- project: - name: 'xtesting-_-alpine-3.9-pull' - repo: _ - port: - container: alpine - tag: 3.9 - jobs: - - 'xtesting-{repo}-{container}-{tag}-pull' + ref: $GERRIT_REFSPEC + build_args: '{build_args}' - project: - name: xtesting-opnfv-xtesting-{tag}-build + name: xtesting-opnfv-xtesting-{tag}-gate <<: *xtesting-params container: xtesting ref_arg: BRANCH - path: docker + path: docker/core jobs: - 'xtesting-{repo}-{container}-{tag}-gate' - - 'xtesting-{repo}-{container}-{tag}-check' - -- job-template: - name: 'xtesting-{tag}-check' - project-type: multijob - parameters: - - xtesting-slave - - xtesting-branch: - branch: '{branch}' - properties: - - build-blocker: - use-build-blocker: true - blocking-level: 'NODE' - blocking-jobs: - - '^xtesting-[a-z]+-(daily|check|gate)$' - builders: - - multijob: - name: remove former images - projects: - - name: 'xtesting-opnfv-xtesting-{tag}-rmi' - <<: *xtesting-jobs - - multijob: - name: remove dependencies - projects: - - name: 'xtesting-_-alpine-3.9-rmi' - <<: *xtesting-jobs - - multijob: - name: pull dependencies - projects: - - name: 'xtesting-_-alpine-3.9-pull' - <<: *xtesting-jobs - - multijob: - name: opnfv/functest-xtesting - projects: - - name: 'xtesting-opnfv-xtesting-{tag}-check' - <<: *xtesting-jobs - - multijob: - name: opnfv/xtesting:{tag} - projects: - - name: 'xtesting-opnfv-xtesting-{tag}-first-run' - <<: *xtesting-jobs - - name: 'xtesting-opnfv-xtesting-{tag}-second-run' - <<: *xtesting-jobs - - name: 'xtesting-opnfv-xtesting-{tag}-third-run' - <<: *xtesting-jobs - - name: 'xtesting-opnfv-xtesting-{tag}-fourth-run' - <<: *xtesting-jobs - - name: 'xtesting-opnfv-xtesting-{tag}-fifth-run' - <<: *xtesting-jobs - trigger: name: xtesting-patchset-created triggers: - gerrit: - server-name: 'gerrit.opnfv.org' trigger-on: - patchset-created-event - comment-added-contains-event: @@ -339,26 +565,26 @@ branches: - branch-compare-type: 'ANT' branch-pattern: '**/{branch}' - skip-vote: - successful: false - failed: false - unstable: false - notbuilt: false - job-template: - name: 'xtesting-{tag}-gate' + name: 'xtesting-{tag}-review' project-type: multijob triggers: - xtesting-patchset-created: branch: '{branch}' parameters: - - xtesting-slave + - xtesting-node: + node: '{node}' + - xtesting-build_tag: + build_tag: '' + # PyYAML and yamllint differ here + # see https://github.com/yaml/pyyaml/issues/234 + # yamllint disable rule:indentation properties: - build-blocker: - use-build-blocker: true - blocking-level: 'NODE' blocking-jobs: - - '^xtesting-[a-z]+-(daily|check|gate)$' + - ^xtesting-(pi-)*{tag}-(daily|docker|review)$ + # yamllint enable rule:indentation builders: - multijob: name: remove former images @@ -366,17 +592,17 @@ - name: 'xtesting-opnfv-xtesting-{tag}-rmi' <<: *xtesting-jobs - multijob: - name: remove dependencies + name: remove dependency projects: - - name: 'xtesting-_-alpine-3.9-rmi' + - name: 'xtesting-{repo}-{tag}-dep-rmi' <<: *xtesting-jobs - multijob: - name: pull dependencies + name: pull dependency projects: - - name: 'xtesting-_-alpine-3.9-pull' + - name: 'xtesting-{repo}-{tag}-dep-pull' <<: *xtesting-jobs - multijob: - name: opnfv/functest-xtesting + name: opnfv/xtesting projects: - name: 'xtesting-opnfv-xtesting-{tag}-gate' <<: *xtesting-jobs @@ -393,17 +619,308 @@ <<: *xtesting-jobs - name: 'xtesting-opnfv-xtesting-{tag}-fifth-run' <<: *xtesting-jobs + - name: 'xtesting-opnfv-xtesting-{tag}-sixth-run' + <<: *xtesting-jobs + - name: 'xtesting-opnfv-xtesting-{tag}-eighth-run' + <<: *xtesting-jobs + - name: 'xtesting-opnfv-xtesting-{tag}-nineth-run' + <<: *xtesting-jobs + publishers: + - email-ext: + failure: false + first-failure: true + fixed: true + recipients: cedric.ollivier@orange.com + +- project: + name: 'xtesting-review' + <<: *xtesting-params + jobs: + - 'xtesting-{tag}-review' + +- view: + name: xtesting-review + view-type: list + columns: + - status + - weather + - job + - last-success + - last-failure + - last-duration + regex: ^xtesting-[a-z0-9.]+-review$ + +- view: + name: xtesting-tox + view-type: list + columns: + - status + - weather + - job + - last-success + - last-failure + - last-duration + regex: ^xtesting-[a-z0-9.]+-tox$ + +- builder: + name: xtesting-push-containers + builders: + - shell: | + set +x + if [ "{repo}" = "_" ]; then + image={container}:{tag} + elif [ "{port}" = "None" ]; then + image={repo}/{container}:{tag} + else + image={repo}:{port}/{container}:{tag} + fi + sudo docker push $image + +- trigger: + name: xtesting-commit + triggers: + - pollscm: + cron: "*/30 * * * *" + +- job-template: + name: 'xtesting-{repo}-{container}-{tag}-build' + parameters: + - xtesting-node: + node: '{node}' + scm: + - xtesting-scm: + ref: '{branch}' + builders: + - xtesting-build-containers: + <<: *xtesting-build-containers + ref: '{branch}' + build_args: '{build_args}' + - xtesting-push-containers: + <<: *xtesting-build-containers + ref: '{branch}' + +- project: + name: xtesting-opnfv-xtesting-{tag}-build + <<: *xtesting-params + container: xtesting + ref_arg: BRANCH + path: docker/core + jobs: + - 'xtesting-{repo}-{container}-{tag}-build' + +- job-template: + name: 'xtesting-{tag}-docker' + project-type: multijob + triggers: + - xtesting-commit + scm: + - xtesting-scm: + ref: '{branch}' + parameters: + - xtesting-node: + node: '{node}' + # PyYAML and yamllint differ here + # see https://github.com/yaml/pyyaml/issues/234 + # yamllint disable rule:indentation + properties: + - build-blocker: + blocking-jobs: + - ^xtesting-(pi-)*{tag}-(daily|docker|review)$ + # yamllint enable rule:indentation + builders: + - multijob: + name: remove dependency + projects: + - name: 'xtesting-{repo}-{tag}-dep-rmi' + <<: *xtesting-jobs + - multijob: + name: pull dependency + projects: + - name: 'xtesting-{repo}-{tag}-dep-pull' + <<: *xtesting-jobs + - multijob: + name: opnfv/xtesting + projects: + - name: 'xtesting-opnfv-xtesting-{tag}-build' + <<: *xtesting-jobs + publishers: + - email-ext: + failure: false + first-failure: true + fixed: true + recipients: cedric.ollivier@orange.com + +- builder: + name: xtesting-trivy + builders: + - shell: | + sudo apt-get -o DPkg::Lock::Timeout=300 update && \ + sudo DEBIAN_FRONTEND=noninteractive apt-get \ + -o DPkg::Lock::Timeout=300 install curl -y + + curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sudo sh -s -- -b . + if [ "{repo}" = "_" ]; then + image={container}:{tag} + elif [ "{port}" = "None" ]; then + image={repo}/{container}:{tag} + else + image={repo}:{port}/{container}:{tag} + fi + ./trivy image --exit-code 1 $image + +- job-template: + name: 'xtesting-{repo}-{container}-{tag}-trivy' + triggers: + - timed: '@daily' + parameters: + - xtesting-node: + node: '{node}' + builders: + - xtesting-trivy: + <<: *xtesting-containers + publishers: + - email-ext: + failure: false + first-failure: true + fixed: true + recipients: cedric.ollivier@orange.com + +- project: + name: 'xtesting-opnfv-xtesting-trivy' + <<: *xtesting-params + container: 'xtesting' + jobs: + - 'xtesting-{repo}-{container}-{tag}-trivy' + +- builder: + name: xtesting-grype + builders: + - shell: | + sudo apt-get -o DPkg::Lock::Timeout=300 update && \ + sudo DEBIAN_FRONTEND=noninteractive apt-get \ + -o DPkg::Lock::Timeout=300 install curl -y + + curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sudo sh -s -- -b . + if [ "{repo}" = "_" ]; then + image={container}:{tag} + elif [ "{port}" = "None" ]; then + image={repo}/{container}:{tag} + else + image={repo}:{port}/{container}:{tag} + fi + ./grype -q $image + +- job-template: + name: 'xtesting-{repo}-{container}-{tag}-grype' + triggers: + - timed: '@daily' + parameters: + - xtesting-node: + node: '{node}' + builders: + - xtesting-grype: + <<: *xtesting-containers + publishers: + - email-ext: + failure: false + first-failure: true + fixed: true + recipients: cedric.ollivier@orange.com + +- project: + name: 'xtesting-opnfv-xtesting-grype' + <<: *xtesting-params + container: 'xtesting' + jobs: + - 'xtesting-{repo}-{container}-{tag}-grype' + +- builder: + name: xtesting-sbom + builders: + - shell: | + sudo apt-get -o DPkg::Lock::Timeout=300 update && \ + sudo DEBIAN_FRONTEND=noninteractive apt-get \ + -o DPkg::Lock::Timeout=300 install curl -y + + sudo mkdir -p ~/.docker + curl -sSfL https://raw.githubusercontent.com/docker/sbom-cli-plugin/main/install.sh | sudo sh -s -- + if [ "{repo}" = "_" ]; then + image={container}:{tag} + elif [ "{port}" = "None" ]; then + image={repo}/{container}:{tag} + else + image={repo}:{port}/{container}:{tag} + fi + sudo docker sbom $image + +- job-template: + name: 'xtesting-{repo}-{container}-{tag}-sbom' + triggers: + - timed: '@daily' + parameters: + - xtesting-node: + node: '{node}' + builders: + - xtesting-sbom: + <<: *xtesting-containers + publishers: + - email-ext: + failure: false + first-failure: true + fixed: true + recipients: cedric.ollivier@orange.com + +- project: + name: 'xtesting-opnfv-xtesting-sbom' + <<: *xtesting-params + container: 'xtesting' + jobs: + - 'xtesting-{repo}-{container}-{tag}-sbom' - project: name: 'xtesting' <<: *xtesting-params jobs: - - 'xtesting-{tag}-daily' - - 'xtesting-{tag}-check' - - 'xtesting-{tag}-gate' + - 'xtesting-{tag}-docker' - view: - name: xtesting + name: xtesting-docker + view-type: list + columns: + - status + - weather + - job + - last-success + - last-failure + - last-duration + regex: ^xtesting-[a-z0-9.]+-docker$ + +- view: + name: xtesting-trivy + view-type: list + columns: + - status + - weather + - job + - last-success + - last-failure + - last-duration + regex: (?!xtesting-pi)^xtesting-[a-z-0-9.]+-trivy$ + +- view: + name: xtesting-grype + view-type: list + columns: + - status + - weather + - job + - last-success + - last-failure + - last-duration + regex: (?!xtesting-pi)^xtesting-[a-z-0-9.]+-grype$ + +- view: + name: xtesting-sbom view-type: list columns: - status @@ -412,4 +929,4 @@ - last-success - last-failure - last-duration - regex: ^xtesting-[a-z]+-(daily|check|gate)$ + regex: (?!xtesting-pi)^xtesting-[a-z-0-9.]+-sbom$