releng-anteater: Create script to run checks and adjust jjb

Change-Id: I7f161b5f939eaeba019ce882a9977908ee0c01b8
Signed-off-by: Fatih Degirmenci <fatih.degirmenci@ericsson.com>
Signed-off-by: Trevor Bramwell <tbramwell@linuxfoundation.org>

diff --git a/jjb/ci_gate_security/anteater-security-audit.sh b/jjb/ci_gate_security/anteater-security-audit.sh
new file mode 100644 (file)
index 0000000..1ac5582
--- /dev/null
+++ b/jjb/ci_gate_security/anteater-security-audit.sh
@@ -0,0 +1,33 @@
+#!/bin/bash
+set -o pipefail
+
+cd $WORKSPACE
+echo "Generating patchset file to list changed files"
+git diff HEAD^1 --name-only | sed "s#^#/home/opnfv/anteater/$PROJECT/#" > $WORKSPACE/patchset
+echo "Changed files are"
+echo "--------------------------------------------------------"
+cat $WORKSPACE/patchset
+echo "--------------------------------------------------------"
+
+vols="-v $WORKSPACE:/home/opnfv/anteater/$PROJECT"
+envs="-e PROJECT=$PROJECT"
+
+echo "Pulling releng-anteater docker image"
+echo "--------------------------------------------------------"
+docker pull opnfv/releng-anteater
+echo "--------------------------------------------------------"
+
+cmd="docker run --user $JENKINS_USER -id $envs $vols --rm opnfv/releng-anteater /bin/bash"
+echo "Running docker command $cmd"
+container_id=$($cmd)
+echo "Container ID is $container_id"
+cmd="anteater --project $PROJECT --patchset /home/opnfv/anteater/$PROJECT/patchset"
+echo "Executing command inside container"
+echo "$cmd"
+echo "--------------------------------------------------------"
+docker exec $container_id $cmd
+exit_code=$?
+echo "--------------------------------------------------------"
+echo "Stopping docker container with ID $container_id"
+docker stop $container_id
+exit $exit_code

diff --git a/jjb/ci_gate_security/opnfv-ci-gate-security.yml b/jjb/ci_gate_security/opnfv-ci-gate-security.yml
index 732df89..8ca0983 100644 (file)
--- a/jjb/ci_gate_security/opnfv-ci-gate-security.yml
+++ b/jjb/ci_gate_security/opnfv-ci-gate-security.yml
@@ -53,7 +53,7 @@
                     branch-pattern: '**/{branch}'
                 file-paths:
                   - compare-type: ANT
-                    pattern: '**/*.py'
+                    pattern: '**'
           skip-vote:
             successful: true
             failed: true
@@ -61,23 +61,17 @@
             notbuilt: true
 
     builders:
-        - security-audit-python-code
-        - report-security-audit-result-to-gerrit
+        - anteater-security-audit
+#        - report-security-audit-result-to-gerrit
 ########################
 # builder macros
 ########################
 - builder:
-    name: security-audit-python-code
+    name: anteater-security-audit
     builders:
-        - shell: |
-            #!/bin/bash
-            set -o errexit
-            set -o pipefail
-            set -o xtrace
-            export PATH=$PATH:/usr/local/bin/
+        - shell:
+            !include-raw: ./anteater-security-audit.sh
 
-            # this is where the security/license audit script will be executed
-            echo "Hello World!"
 - builder:
     name: report-security-audit-result-to-gerrit
     builders: