Code Review / releng.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
Merge "Integrate functest with ARM Architecture"
[releng.git] / jjb / ci_gate_security / opnfv-ci-gate-security.yml
1 # SPDX-license-identifier: Apache-2.0
2 ########################
3 # Job configuration for opnfv-anteater (security audit)
4 ########################
5 - project:
6
7     name: anteaterfw
8
9     project: anteaterfw
10
11     jobs:
12         - 'opnfv-security-audit-verify-{stream}'
13         - 'opnfv-security-audit-weekly-{stream}'
14
15     stream:
16         - master:
17             branch: '{stream}'
18             gs-pathname: ''
19             disabled: false
20
21 ########################
22 # job templates
23 ########################
24 - job-template:
25     name: 'opnfv-security-audit-weekly-{stream}'
26
27     disabled: '{obj:disabled}'
28
29     parameters:
30         - label:
31             name: SLAVE_LABEL
32             default: 'ericsson-build3'
33             description: 'Slave label on Jenkins'
34         - project-parameter:
35             project: releng
36             branch: '{branch}'
37
38     triggers:
39         - timed: '@weekly'
40
41     builders:
42         - anteater-security-audit-weekly
43
44 - job-template:
45     name: 'opnfv-security-audit-verify-{stream}'
46
47     disabled: '{obj:disabled}'
48
49     parameters:
50         - label:
51             name: SLAVE_LABEL
52             default: 'ericsson-build3'
53             description: 'Slave label on Jenkins'
54         - project-parameter:
55             project: $GERRIT_PROJECT
56             branch: '{branch}'
57         - string:
58             name: GIT_BASE
59             default: https://gerrit.opnfv.org/gerrit/$PROJECT
60             description: "Used for overriding the GIT URL coming from Global Jenkins configuration in case if the stuff is done on none-LF HW."
61
62     scm:
63         - git-scm-gerrit
64
65     triggers:
66         - gerrit:
67             server-name: 'gerrit.opnfv.org'
68             trigger-on:
69                 - patchset-created-event:
70                     exclude-drafts: 'false'
71                     exclude-trivial-rebase: 'false'
72                     exclude-no-code-change: 'false'
73                 - draft-published-event
74                 - comment-added-contains-event:
75                     comment-contains-value: 'recheck'
76                 - comment-added-contains-event:
77                     comment-contains-value: 'reverify'
78             projects:
79               - project-compare-type: 'REG_EXP'
80                 project-pattern: 'apex|armband|bamboo|barometer|bottlenecks|calipso|compass4nfv|conductor|cooper|cperf|daisy|doctor|dovetail|dpacc|enfv|escalator|fds|functest|octopus|pharos|releng|sandbox|yardstick'
81                 branches:
82                   - branch-compare-type: 'ANT'
83                     branch-pattern: '**/{branch}'
84                 file-paths:
85                   - compare-type: ANT
86                     pattern: '**'
87             skip-vote:
88                 successful: true
89                 failed: true
90                 unstable: true
91                 notbuilt: true
92
93     builders:
94         - anteater-security-audit
95         - report-security-audit-result-to-gerrit
96     publishers:
97       - archive-artifacts:
98           artifacts: ".reports/*"
99
100 ########################
101 # builder macros
102 ########################
103 - builder:
104     name: anteater-security-audit
105     builders:
106         - shell:
107             !include-raw: ./anteater-security-audit.sh
108
109 - builder:
110     name: report-security-audit-result-to-gerrit
111     builders:
112         - shell:
113             !include-raw: ./anteater-report-to-gerrit.sh
114
115 - builder:
116     name: anteater-security-audit-weekly
117     builders:
118         - shell:
119             !include-raw:
120                 - ./anteater-clone-all-repos.sh
121                 - ./anteater-security-audit-weekly.sh
122