summary |
shortlog | log |
commit |
commitdiff |
review |
tree
first ⋅ prev ⋅ next
Serena Feng [Tue, 2 Jan 2018 07:03:20 +0000 (07:03 +0000)]
Merge "Add exceptions for patch 48515"
lhinds [Fri, 22 Dec 2017 13:40:42 +0000 (13:40 +0000)]
Stop package installs of curl|wget getting flagged
Way to many instances of `curl \` as part of an rpm / apt-get line
are getting flagged. This removes them from being reported.
Change-Id: I4d06146f9a7d826c53e5bb4d71178223ca5e089d
Signed-off-by: lhinds <lhinds@redhat.com>
Julien [Thu, 7 Dec 2017 10:32:02 +0000 (02:32 -0800)]
Add exceptions for patch 48515
refer to: https://gerrit.opnfv.org/gerrit/#/c/48515/
Change-Id: Iea0be10f0a0401669204d27abcda8d4e46efaa66
Signed-off-by: Julien <zhang.jun3g@zte.com.cn>
lhinds [Thu, 16 Nov 2017 17:03:43 +0000 (17:03 +0000)]
Implements full path for hash checks of binaries
Previously the hash check would work only against the filename,
and not using the relative path.
This change uses the whole relative path to allow indentical
filenames in different folder locations within the same repo.
Also updated the generate-sha256.py script to introduce the same
changes.
JIRA: RELENG-303
Change-Id: I3a59e015b708eb5a966690b9839e5e15ac5b64c7
Signed-off-by: lhinds <lhinds@redhat.com>
lhinds [Thu, 16 Nov 2017 14:34:54 +0000 (14:34 +0000)]
Enter sha256 binary sum in report files
JIRA: RELENG-317
Change-Id: If1a0c1e911e2d9c9684c29379707550133146020
Signed-off-by: lhinds <lhinds@redhat.com>
Luke Hinds [Thu, 16 Nov 2017 14:27:46 +0000 (14:27 +0000)]
Merge "Utility script to help create sha256 hashes"
lhinds [Mon, 13 Nov 2017 20:00:30 +0000 (20:00 +0000)]
New filename strings
New strings for master_list.yaml
Change-Id: I69e4c27a2bacffbea51bc371efdffc61b53d05de
Signed-off-by: lhinds <lhinds@redhat.com>
lhinds [Tue, 14 Nov 2017 14:41:19 +0000 (14:41 +0000)]
Utility script to help create sha256 hashes
Simple script to make it easier for projects to generate
checksums of binary files
Change-Id: Id246036b863e025c10791fdbc51168170413afc3
Signed-off-by: lhinds <lhinds@redhat.com>
lhinds [Mon, 13 Nov 2017 13:32:48 +0000 (13:32 +0000)]
Weekly Anteater Project Additions
https://wiki.opnfv.org/display/INF/Project+Roll+Out+for+Anteater
Week begining November the 13th
Change-Id: I240292e389b24680a37bc482fb5a8aafd3971839
Signed-off-by: lhinds <lhinds@redhat.com>
lhinds [Tue, 10 Oct 2017 13:13:55 +0000 (14:13 +0100)]
Implements master ignore list
This change introduces a master ignore list, to save having
to repeat ignore strings in every project exception file.
This is achieved via a new ignore_list.yaml file that is
merged with the project exception list and then used for the
re.search ignore statement in both patch_scan.py and
project_scan.py
Change-Id: Ifb60b8ba3091603182c2025dbbbfd1a88a72439b
Signed-off-by: lhinds <lhinds@redhat.com>
Luke Hinds [Tue, 10 Oct 2017 11:15:46 +0000 (11:15 +0000)]
Merge "Armband exception list"
lhinds [Fri, 29 Sep 2017 12:26:12 +0000 (13:26 +0100)]
Armband exception list
Change-Id: Id4b3dff9c067e50dfa9969990432fa79f6a69dc0
Signed-off-by: lhinds <lhinds@redhat.com>
lhinds [Thu, 28 Sep 2017 14:21:16 +0000 (15:21 +0100)]
Exception list for Apex
Change-Id: I85496f26aef31963430d74af0218ed8042587e61
Signed-off-by: lhinds <lhinds@redhat.com>
lhinds [Thu, 14 Sep 2017 14:39:48 +0000 (15:39 +0100)]
Introduce ignore list for content scans
Anteater was reporting fails on files which are documents and so
harmless (for example an rst file)
This patch introduces a file_ignore list in master_list.yaml
Change-Id: I87c73c80a36114a7df9e1da47d89ca14e3bf668a
Signed-off-by: lhinds <lhinds@redhat.com>
Luke Hinds [Wed, 6 Sep 2017 09:17:41 +0000 (09:17 +0000)]
Merge "Small fix for log formatting"
lhinds [Tue, 5 Sep 2017 13:25:18 +0000 (14:25 +0100)]
Add fuel project
Depends-On: I6d59197f78dfaf381d634c9d1821a7383506276c
Change-Id: I6038f606453660081701864cc299f78859a20657
Signed-off-by: lhinds <lhinds@redhat.com>
lhinds [Tue, 5 Sep 2017 13:22:04 +0000 (14:22 +0100)]
Add wget wildcard for git.opnfv.org
Add string - wget.+git\.opnfv.org
Change-Id: Ibcf8fa07b0539000a2a8cc2765292de4195bde0b
Signed-off-by: lhinds <lhinds@redhat.com>
lhinds [Tue, 5 Sep 2017 10:16:33 +0000 (11:16 +0100)]
Small fix for log formatting
A new line was missing on the content logs that was spoiling
output to .reports/
Change-Id: I2748c2848debc1fa850fc5ce27d71cbaa5e4f78f
Signed-off-by: lhinds <lhinds@redhat.com>
lhinds [Fri, 1 Sep 2017 14:32:09 +0000 (15:32 +0100)]
Add regex for all interfaces '0.0.0.0'
Listening on all interfaces can be problematic and break any
security zones or DMZ style topologies
Change-Id: Ied66dd22b668d469ddba4ee28b2999154f2005b8
Signed-off-by: lhinds <lhinds@redhat.com>
Luke Hinds [Fri, 1 Sep 2017 14:25:40 +0000 (14:25 +0000)]
Merge "Fix calipso formatting , to relaxed wild cards"
Aric Gardner [Thu, 31 Aug 2017 20:21:16 +0000 (20:21 +0000)]
Merge "desc field set to just one line"
lhinds [Wed, 30 Aug 2017 12:47:57 +0000 (13:47 +0100)]
Fix calipso formatting , to relaxed wild cards
137 and 148 were breaking regexp searches
Certain lines are far to open and allow existing risks to pass.
Change-Id: Ie80ac9370484ed0f56f6bd78cad5808b66a29b0e
Signed-off-by: lhinds <lhinds@redhat.com>
Luke Hinds [Tue, 29 Aug 2017 09:16:42 +0000 (09:16 +0000)]
Merge "Exception List for Calipso"
lhinds [Mon, 31 Jul 2017 09:53:08 +0000 (10:53 +0100)]
Exception List for Calipso
Trigger: https://gerrit.opnfv.org/gerrit/#/c/38275/
Change-Id: Ifd17f1b40fcd19800a277d1f5d4635ce9ffd9b41
Signed-off-by: lhinds <lhinds@redhat.com>
Signed-off-by: Yaron Yogev <yaronyogev@gmail.com>
lhinds [Fri, 25 Aug 2017 10:05:00 +0000 (11:05 +0100)]
Handle missing / deleted / renamed files correctly.
Previously git rm or mv'ed files would be listed in the patchset.
Anteater would then attempt to open the files and fail (as they don't
exist).
This patch resolves the issue by first not sys.exit'ing on a file not
existing, and also not logging with ERROR level (which made the
security audit job incorrectly fail).
JIRA: RELENG-302
Change-Id: I6a0c56f691f4d80aca1b3509472c1d6e56d492e1
Signed-off-by: lhinds <lhinds@redhat.com>
lhinds [Thu, 24 Aug 2017 18:51:28 +0000 (19:51 +0100)]
desc field set to just one line
using a bar `|` to set over two lines was causing issue for awk
Change-Id: I61c612a5d4fb864dea7648c893091da309aacce6
Signed-off-by: lhinds <lhinds@redhat.com>
lhinds [Thu, 24 Aug 2017 14:42:44 +0000 (15:42 +0100)]
Bump requirements.txt new version of binaryornot
Change-Id: Ibf75f265b3f8e311154bf65d68791927d6c1d236
Signed-off-by: lhinds <lhinds@redhat.com>
lhinds [Tue, 22 Aug 2017 14:13:27 +0000 (15:13 +0100)]
Get Patch utils script
A script to ease patchset file list creation neded to
replicate the anteater checks that occur at gate.
Usage is:
get-patch.sh --project sandbox --patch 39741
Where `39741` would be the refSpec number of a patchset.
This would then produce `/tmp/patchset_38275`
A user can than peform:
`anteater --project sandbox --patchset /tmp/patchset_38275`
Change-Id: Id765133607cd4840c2a9a3a61cb9d297135356e6
Signed-off-by: lhinds <lhinds@redhat.com>
lhinds [Mon, 21 Aug 2017 12:41:59 +0000 (13:41 +0100)]
Incorrect indent
gate report function incorrectly indented
Change-Id: Id1b840847c7ae4d731cc3e80c93a1497ac963a88
Signed-off-by: lhinds <lhinds@redhat.com>
lhinds [Mon, 21 Aug 2017 09:23:43 +0000 (10:23 +0100)]
Incorrect Ident
Failure = True is incorrectly formnatted, meaning the failure
is not registered within the conditonal check
Change-Id: Ib648c9d763fe1d9cbcc69dfe2f27c2aad89a68cf
Signed-off-by: lhinds <lhinds@redhat.com>
lhinds [Fri, 4 Aug 2017 13:46:24 +0000 (14:46 +0100)]
Implements Rationale Field
This change Implements a descriptive field to explain the
rationale behind a block.
In time this will be part of a sphinx auto build documentation
system, which extracts the `desc` field and places it into a
template. The user will then be provided with a url.
JIRA: RELENG-276
Change-Id: I82b4eb02fe502928726846cc08388a7a4f0ea2f6
Signed-off-by: lhinds <lhinds@redhat.com>
lhinds [Wed, 26 Jul 2017 09:13:03 +0000 (10:13 +0100)]
Implements file except handler for patchsets
Simple try / except handler in the event that an edge case occurs
and a patchset is not present.
Change-Id: Ica5df2f5b37fff98c52f79bd2a8e47ba46890e80
Signed-off-by: lhinds <lhinds@redhat.com>
lhinds [Mon, 24 Jul 2017 12:23:13 +0000 (13:23 +0100)]
Binary waiver for octopus
Trigger: https://gerrit.opnfv.org/gerrit/#/c/36977/
Change-Id: I7e701915a5e259f13cc50a6ca31fe6aa2590f16c
Signed-off-by: lhinds <lhinds@redhat.com>
lhinds [Thu, 13 Jul 2017 09:02:42 +0000 (10:02 +0100)]
Exception for functest
Trigger: https://gerrit.opnfv.org/gerrit/#/c/37263/
Change-Id: I819fd7c96c35ee544a4eb76ddf851104beb17f32
Signed-off-by: lhinds <lhinds@redhat.com>
Luke Hinds [Thu, 13 Jul 2017 08:54:05 +0000 (08:54 +0000)]
Merge "Exceptions"
Luke Hinds [Thu, 13 Jul 2017 08:53:47 +0000 (08:53 +0000)]
Merge "Fix issues with installing sdist and wheels"
Luke Hinds [Thu, 13 Jul 2017 08:51:46 +0000 (08:51 +0000)]
Merge "Update Invoke Tasks and use Twine for upload"
Trevor Bramwell [Tue, 11 Jul 2017 07:27:31 +0000 (00:27 -0700)]
Fix issues with installing sdist and wheels
A local install of the sdist and wheel found the following issues:
- sdist: Add MANIFEST.in to include missing README.md, LICENSE,
anteater.conf, master_list.yaml, and explicitly exclude exception
files.
- sdist: Both py_modules and packages listed. Since Anteater is a Python
package, not a module, only the 'packages' argument is required for
setup().
- wheel: 'REQUIRES' in setup.py is missing dependent packages
JIRA: RELENG-275
Change-Id: I3b1447edcd7161cda4c5d581e31019bcf8eba1c8
Signed-off-by: Trevor Bramwell <tbramwell@linuxfoundation.org>
lhinds [Tue, 11 Jul 2017 16:36:38 +0000 (17:36 +0100)]
Fix for CCL 4.0 Licenses.
A follow up patch should move the patterns list into yaml
Change-Id: Id814d6fc09631d5037f6825f32daca8d74edc118
Signed-off-by: lhinds <lhinds@redhat.com>
Trevor Bramwell [Tue, 11 Jul 2017 06:38:36 +0000 (23:38 -0700)]
Update Invoke Tasks and use Twine for upload
None of the tasks generated by the boilerplate included the 'context'
argument required by the newest version of invoke.
The 'invoke publish' task has been updated to use 'twine upload' instead
of the less-secure 'python setup.py register/upload', and comments have
been added to clarify possible steps needed to publish anteater.
A 'invoke build' command has been added to build a source distribution
and binary wheel distribution.
JIRA: RELENG-237
Change-Id: I9ae705332b592ef8880d52b7d20624180e23677a
Signed-off-by: Trevor Bramwell <tbramwell@linuxfoundation.org>
lhinds [Tue, 11 Jul 2017 08:09:12 +0000 (09:09 +0100)]
Binary Exception
dynamic-flow.png:
- d0d7dfc73e0fac09d920ebbdf8cd4e0ef623f15d6246ff20d7a6d12c9a48bf41
Change-Id: Ib1c08d6f10fa6e2ee30ee94d3e6195424fbe9506
Signed-off-by: lhinds <lhinds@redhat.com>
lhinds [Tue, 11 Jul 2017 08:00:03 +0000 (09:00 +0100)]
Exceptions
- publicurl
- installer_password
Patch: https://gerrit.opnfv.org/gerrit/#/c/37143/
Change-Id: I8ba857827141fdddc2b13752c7d65015e13d7e0a
Signed-off-by: lhinds <lhinds@redhat.com>
lhinds [Tue, 11 Jul 2017 07:21:25 +0000 (08:21 +0100)]
Add weekly anteater projects
July 10 additions
https://wiki.opnfv.org/display/INF/Project+Roll+Out+for+Anteater
Change-Id: I1e6c2c3dd14012254a5a219ef223dfeb80245257
Signed-off-by: lhinds <lhinds@redhat.com>
lhinds [Sat, 8 Jul 2017 16:05:54 +0000 (17:05 +0100)]
Compass4nfv exceptions
Change-Id: I0b29b0cb8b9f4640fe4d804e1dd3c2e31f5a7d66
Signed-off-by: lhinds <lhinds@redhat.com>
lhinds [Sat, 8 Jul 2017 15:02:20 +0000 (16:02 +0100)]
Exception for curl string
Change-Id: I314d508f13ce736cb6d3d99c0b205ecc1f30abea
Signed-off-by: lhinds <lhinds@redhat.com>
lhinds [Sat, 8 Jul 2017 14:49:22 +0000 (15:49 +0100)]
Exception for Curl rvm docker RUN cmd.
Change-Id: I3199ce91e4cc00f0f7bd1f5e2660cb2f9d6ae0b6
Signed-off-by: lhinds <lhinds@redhat.com>
lhinds [Thu, 6 Jul 2017 08:53:04 +0000 (09:53 +0100)]
Password regex generating too much false flags
Removed 'pass' from array
Change-Id: Icd4f27f7d8c3e464fae159b5e220781d8597dbec
Signed-off-by: lhinds <lhinds@redhat.com>
lhinds [Wed, 5 Jul 2017 14:19:29 +0000 (15:19 +0100)]
Readme window dressing
This is mainly to provide some information to users landing
on the github mirror of releng-anteater
Change-Id: I7ef27dd2b313e9ff0e7e103d547d07252235f128
Signed-off-by: lhinds <lhinds@redhat.com>
lhinds [Wed, 5 Jul 2017 12:20:55 +0000 (13:20 +0100)]
Exception entry for wget
Resolves false flag in:
https://gerrit.opnfv.org/gerrit/#/c/36963/
docker/smoke/Dockerfile
Change-Id: I6bfc0a47ef662253c54fd51010c39817a23ee26c
Signed-off-by: lhinds <lhinds@redhat.com>
lhinds [Wed, 5 Jul 2017 08:15:40 +0000 (09:15 +0100)]
Fixed regex to streamline wildcards
Change-Id: I5ac55820cf53eb61d6c67c22a33d05041d9fa8b3
Signed-off-by: lhinds <lhinds@redhat.com>
Luke Hinds [Wed, 5 Jul 2017 08:17:25 +0000 (08:17 +0000)]
Merge "Exception for publicURL"
lhinds [Wed, 5 Jul 2017 06:35:09 +0000 (07:35 +0100)]
Exception for publicURL
Change-Id: I273c05048bc3a5464e2016abe2a3cc6ca45446ae
Signed-off-by: lhinds <lhinds@redhat.com>
lhinds [Wed, 5 Jul 2017 06:32:06 +0000 (07:32 +0100)]
Added *_settings.py
False match
Change-Id: I55303d9b2bd39a6c7e7326b08b36409bba860f5b
Signed-off-by: lhinds <lhinds@redhat.com>
lhinds [Tue, 4 Jul 2017 13:08:49 +0000 (14:08 +0100)]
Add new master list strings
More strings added and improvements made to optimise some
existing strings
JIRA: RELENG-270
Change-Id: I7e8ba204297575b1e8d0d851e1ee957374f8c955
Signed-off-by: lhinds <lhinds@redhat.com>
Luke Hinds [Tue, 4 Jul 2017 11:49:01 +0000 (11:49 +0000)]
Merge "Remove eval as far too many false postivies"
lhinds [Tue, 4 Jul 2017 08:25:56 +0000 (09:25 +0100)]
Remove eval as far too many false postivies
Change-Id: I255c0e1048823bd628071a889c65d82746356e4b
Signed-off-by: lhinds <lhinds@redhat.com>
lhinds [Mon, 3 Jul 2017 13:42:25 +0000 (14:42 +0100)]
Add weekly anteater projects
July 2nd additions
https://wiki.opnfv.org/display/INF/Project+Roll+Out+for+Anteater
Change-Id: I3610868930f0d6033e528548dceb09b3279b6b8d
Signed-off-by: lhinds <lhinds@redhat.com>
Luke Hinds [Mon, 3 Jul 2017 13:12:07 +0000 (13:12 +0000)]
Merge "move logging to runtime init"
Ross Brattain [Thu, 22 Jun 2017 01:49:08 +0000 (18:49 -0700)]
move logging to runtime init
There are many ways to init logging, but
doing import-time logic can cause problems.
For yardstick we are doing this type of run-time
init in the main program startup.
This allows for some flexibiliy since we just
set the root loggers. Every other logger is
standard, not subclassed
Change-Id: I7004a147f03a7104f373141caf9206d8e49a5d4c
Signed-off-by: Ross Brattain <ross.b.brattain@intel.com>
Ross Brattain [Thu, 22 Jun 2017 04:51:49 +0000 (21:51 -0700)]
switch logging to proper usage
The logging methods do string interpolation themselves
The first arg to logging.debug() is formally defined to be a message
format string.
From the reference:
https://docs.python.org/2/library/logging.html#logging.Logger.debug
Logger.debug(msg, *args, **kwargs)
Logs a message with level DEBUG on this logger. The msg is the message
format string, and the args are the arguments which are merged into msg
using the string formatting operator. (Note that this means that you can
use keywords in the format string, together with a single dictionary
argument.)
There are two keyword arguments in kwargs which are inspected: exc_info
which, if it does not evaluate as false, causes exception information to
be added to the logging message. If an exception tuple (in the format
returned by sys.exc_info()) is provided, it is used; otherwise,
sys.exc_info() is called to get the exception information
The reason logging does string interpolation it self is to implement
deferred interpolation.
String interpolation involves evaluating arguments, so it can introduce
significant computation. The logging module tries to be smart about
deferring interpolation until the last possible moment.
The logging methods check isEnabledFor for the log level and won't
interpolate if the level is not enabled.
https://github.com/python/cpython/blob/2.7/Lib/logging/__init__.py#L1178
def warning(self, msg, *args, **kwargs):
if self.isEnabledFor(WARNING):
self._log(WARNING, msg, args, **kwargs)
logging actually waits to interpolate the string in LogRecord.getMessage()
https://github.com/python/cpython/blob/2.7/Lib/logging/__init__.py#L328
if self.args:
msg = msg % self.args
Change-Id: I0090dcbc408200b6f2471748eae0c5a763da2e37
Signed-off-by: Ross Brattain <ross.b.brattain@intel.com>
Ross Brattain [Wed, 21 Jun 2017 21:57:13 +0000 (14:57 -0700)]
add Python3 support with six
switch to relative imports for package file
use absolute imports in main
this requires renaming anteater.py to main.py
to avoid absolute import name conflict
update setup.py to indicate python 3.4 support
Change-Id: I0fcaf8a9825557962dc98a6a4eef490051fbbfb0
Signed-off-by: Ross Brattain <ross.b.brattain@intel.com>
Cédric Ollivier [Wed, 28 Jun 2017 20:54:25 +0000 (22:54 +0200)]
Allow downloading files hosted by git.openstack.org
It replaces the previous exception for the cloned repositories
(github.com/openstack).
Change-Id: I920ab7ae70c4490b53a7e988e5b0b258a12ec67f
Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com>
lhinds [Wed, 28 Jun 2017 14:33:18 +0000 (15:33 +0100)]
Add exceptions for trusted domains
gerrit.opnfv.org
openstack.org
artifacts.opnfv.org
build.opnfv.org
githubusercontent.com/openstack
Change-Id: I6904c5de847b13279f0aa3feee583ff8bd987920
Signed-off-by: lhinds <lhinds@redhat.com>
Luke Hinds [Wed, 28 Jun 2017 12:31:34 +0000 (12:31 +0000)]
Merge "Add wget from artifacts.opnfv.org to exceptions"
lhinds [Tue, 27 Jun 2017 20:12:06 +0000 (21:12 +0100)]
Fixes UnboundLocalError issue.
If no hash exists in the project exception file, then `return
binary_hash` is Nonetype which throws an Unbound variable error.
This change adds some dummy text to allow try / except statements
to deal with missing entries in project exception files.
JIRA: RELENG-264
Change-Id: I98fb4b01a2930b350794326d4cf735c8e014e00a
Signed-off-by: lhinds <lhinds@redhat.com>
lhinds [Tue, 27 Jun 2017 11:38:19 +0000 (12:38 +0100)]
Add virtualenv to stop permission errors
JIRA: RELENG-260
Change-Id: I55ba731441a2167063c0f7e758cc66a973da4ec9
Signed-off-by: lhinds <lhinds@redhat.com>
Luke Hinds [Tue, 27 Jun 2017 06:48:22 +0000 (06:48 +0000)]
Merge "Implements sha256 exception functionality"
xudan [Mon, 26 Jun 2017 08:41:44 +0000 (04:41 -0400)]
Add wget from artifacts.opnfv.org to exceptions
JIRA: DOVETAIL-455
1. change build.opnfv.org to build\.opnfv\.org
2. add wget(.*)artifacts\.opnfv\.org
Change-Id: I62f0f0f3a145fa38ebab94b3852f196b530f945a
Signed-off-by: xudan <xudan16@huawei.com>
lhinds [Sun, 25 Jun 2017 17:43:51 +0000 (18:43 +0100)]
Implements sha256 exception functionality
This patch adds functionality for file checksum verfications for
binary files.
The master_list.yaml binaries yaml directive now only contains
simple exceptions (for common artefacts that are gitignored)
Each project_exception file now has a filename and a sha256 hash.
If a binary file is not found, or the hash is mismatched,
it will output the hash for the user to include in an exception
patch.
This functionality has been added to complete project scans
and patchset scans
JIRA: RELENG-240
Change-Id: Iafa5710f4a0da192fc74335b1200b504413f8a8b
Signed-off-by: lhinds <lhinds@redhat.com>
Trevor Bramwell [Fri, 23 Jun 2017 22:30:53 +0000 (15:30 -0700)]
Fix Yamllint Violations
JIRA: RELENG-258
Change-Id: I56a45340196c06a58f7103c57120a38c9ab7d28a
Signed-off-by: Trevor Bramwell <tbramwell@linuxfoundation.org>
Luke Hinds [Fri, 23 Jun 2017 07:07:05 +0000 (07:07 +0000)]
Merge "Run Anteater under Docker as Non-Root User"
Trevor Bramwell [Wed, 21 Jun 2017 18:26:43 +0000 (11:26 -0700)]
Run Anteater under Docker as Non-Root User
Instead of violating the priciple of least privilage, anteater should
be ran by a non-root user.
Anteater doesn't need access to anything owned by root to perform
security scanning, and running as a non-root user should prevent it from
creating file owned by root in the future.
JIRA: RELENG-238
Change-Id: I7b75255ff460444763acbcc5d7752e1223860a2b
Signed-off-by: Trevor Bramwell <tbramwell@linuxfoundation.org>
lhinds [Wed, 21 Jun 2017 22:52:30 +0000 (23:52 +0100)]
Adds Pharos, Functest, Octopus to Anteater
This change adds exception files to anteater, to enable projects
Functest, Pharos, Octopus.
JIRA: RELENG-252
Change-Id: I1ac120ae2bdf868f9db34fe4dd30357efe61ce17
Signed-off-by: lhinds <lhinds@redhat.com>
lhinds [Wed, 21 Jun 2017 12:32:29 +0000 (13:32 +0100)]
rename gatechecks and project_config
gatechecks is renamed to master_list and project_config is
renamed to project_exceptions
JIRA:RELENG-251
Change-Id: Icbcc2c114d687783e0720017025cb4bb8e53e8a3
Signed-off-by: lhinds <lhinds@redhat.com>
Luke Hinds [Wed, 21 Jun 2017 12:10:06 +0000 (12:10 +0000)]
Merge "Move project's exception file to subdir"
Luke Hinds [Wed, 21 Jun 2017 12:04:06 +0000 (12:04 +0000)]
Merge "Merge some regexes into oneline"
Luke Hinds [Wed, 21 Jun 2017 12:03:57 +0000 (12:03 +0000)]
Merge "Use yaml hyphen for list declaration"
Julien [Mon, 19 Jun 2017 16:09:04 +0000 (00:09 +0800)]
Merge some regexes into oneline
Change-Id: I2f9a2c5306d8a7e8842ea442f2b0ad09f7cd71ae
Signed-off-by: Julien <zhang.jun3g@zte.com.cn>
Julien [Mon, 19 Jun 2017 15:56:56 +0000 (23:56 +0800)]
Move project's exception file to subdir
add subdir **exceptions** for project's specific exception config files
Change-Id: I57b7972706dd2e2168099e9815a0cfc3e8a33b67
Signed-off-by: Julien <zhang.jun3g@zte.com.cn>
lhinds [Mon, 19 Jun 2017 15:41:40 +0000 (16:41 +0100)]
Provides clarification that LICENSE is in repo
This change peforms a clarification that a LICENSE file exists
within the root folder of the set project repo.
This feature is only for complete project scans and not a patch
scan.
JIRA:RELENG-235
Change-Id: I6d238158f7501aaff6c21ecc59b505b5c79565f2
Signed-off-by: lhinds <lhinds@redhat.com>
Julien [Wed, 14 Jun 2017 08:56:45 +0000 (16:56 +0800)]
Use yaml hyphen for list declaration
JIRA:RELENG-236
Change-Id: I1ab32cccbf16ac62099a9b39e69238c574766980
Signed-off-by: Julien <zhang.jun3g@zte.com.cn>
lhinds [Mon, 19 Jun 2017 10:30:47 +0000 (11:30 +0100)]
Ignore all lines that start with a comment
Adds regexp to existing exception files, so that all files
that have commented lines are ignored.
Also added a template_exception file with comments added as
default
JIRA:RELENG-239
Change-Id: I0de9bf91170e6614f3e1ee9bd1d486ca1eaf830b
Signed-off-by: lhinds <lhinds@redhat.com>
Julien [Thu, 15 Jun 2017 03:24:57 +0000 (11:24 +0800)]
seperate exception rules for releng project
add optional project exception configuration file.
for one project:
configuration in project exception file and in gatechecks.yaml will be
merged together for one project
JIRA:RELENG-234
Change-Id: I7fff3082e837a478f155769fadd75533583543cd
Signed-off-by: Julien <zhang.jun3g@zte.com.cn>
Julien [Wed, 14 Jun 2017 07:33:39 +0000 (15:33 +0800)]
Fix log directory issues
1. /home/opnfv can not be created in osx
2. when the log directory is not existed, anteater_logger.py will fail
3. add new added directory .reports into .gitignore
Change-Id: If3833bfbaf160d35afab1c71d3fab060a1164da6
Signed-off-by: Julien <zhang.jun3g@zte.com.cn>
lhinds [Wed, 14 Jun 2017 07:24:13 +0000 (08:24 +0100)]
Adding all projects for weekly run.
A 'testproj' capture all variable is used for weekly runs
Change-Id: I7b55e21b885fb1b44b5309b2715c58944c10723e
Signed-off-by: lhinds <lhinds@redhat.com>
lhinds [Wed, 14 Jun 2017 06:20:57 +0000 (07:20 +0100)]
Adds Wiki URL to gerrit output
A link to a wiki page is supplied, that instructs the user on how
to make an exception patch.
Also quick fix to log format
Change-Id: Icfc8072d9764fe321e14b97080fca47d26ea8dc6
Signed-off-by: lhinds <lhinds@redhat.com>
lhinds [Tue, 13 Jun 2017 08:23:51 +0000 (09:23 +0100)]
Add sandbox project
Change-Id: I2f2ecfb38e093b0c1a77eb7a2447b98094d5be6b
Signed-off-by: lhinds <lhinds@redhat.com>
Fatih Degirmenci [Mon, 12 Jun 2017 05:56:41 +0000 (13:56 +0800)]
Fix docker build by using the build-arg BRANCH
Change-Id: If4f33edf764ba965cbefd9ce94528e78e69e345b
Signed-off-by: Fatih Degirmenci <fatih.degirmenci@ericsson.com>
lhinds [Wed, 17 May 2017 12:31:18 +0000 (13:31 +0100)]
Initial code push of Anteater
Likely far to much to cover in a commit msg.
Main bulk is the Anteater code itself, alongside
packaging requirements and build tools and Dockerfile.
Unit tests are planned as a follow up, so pushing this for now
so that efforts can get underway to integrate the tool with
jjb.
Questions on how it works, please reach me in IRC.
Change-Id: I2cd3cae391f8bf2cdc91b39c56dfc4833a1c4913
Signed-off-by: lhinds <lhinds@redhat.com>
lhinds [Fri, 12 May 2017 08:32:35 +0000 (09:32 +0100)]
Initiates new repo.
This change initiates new files required to implement the
releng-anteater project.
Change-Id: Icd195558f3f2b617a3327c8fe3734ac69bcab2f3
Signed-off-by: lhinds <lhinds@redhat.com>
Aric Gardner [Thu, 11 May 2017 18:31:42 +0000 (18:31 +0000)]
Initial empty repository
Code Review / releng-anteater.git / log