From: Trevor Bramwell <tbramwell@linuxfoundation.org>
Date: Tue, 10 Oct 2017 23:17:14 +0000 (-0700)
Subject: Only Submit Security Scan Results that Exist
X-Git-Url: https://gerrit.opnfv.org/gerrit/gitweb?a=commitdiff_plain;h=f6255c45367f39533b589a91ca351ad0bcfd0ac9;p=releng.git

Only Submit Security Scan Results that Exist

When anteater runs it generates a shortlog containing any errors that
were encountered during it's run.

If no errors exist it will still create an empty file 'shortlog'. A
review containing no content will be attempt to be posted and fail with:

  fatal: Argument "{COMMIT | CHANGE,PATCHSET}" is required

Instead of attempting to post nothing, the job should just skip
submitting a review.

Change-Id: I3feacb15e47dea204783053b3e67a9aa81ba164d
Signed-off-by: Trevor Bramwell <tbramwell@linuxfoundation.org>
---

diff --git a/jjb/ci_gate_security/anteater-report-to-gerrit.sh b/jjb/ci_gate_security/anteater-report-to-gerrit.sh
index de1fdd745..6710862a7 100644
--- a/jjb/ci_gate_security/anteater-report-to-gerrit.sh
+++ b/jjb/ci_gate_security/anteater-report-to-gerrit.sh
@@ -15,11 +15,14 @@ if [[ -e securityaudit.log ]] ; then
 
     grep 'ERROR' securityaudit.log | awk -F"ERROR - " '{ print $2 }' | tr -d "\'\"" > shortlog
 
-    ssh -p 29418 gerrit.opnfv.org \
-        "gerrit review -p $GERRIT_PROJECT \
-        -m \"$(cat shortlog)\" \
-        $GERRIT_PATCHSET_REVISION \
-        --notify NONE"
+    # Only report to Gerrit when there are errors to report.
+    if [[ -s shortlog ]]; then
+        ssh -p 29418 gerrit.opnfv.org \
+            "gerrit review -p $GERRIT_PROJECT \
+            -m \"$(cat shortlog)\" \
+            $GERRIT_PATCHSET_REVISION \
+            --notify NONE"
+    fi
 
     exit $EXITSTATUS
 fi