Docker scan allows only 10 runs per months in LFN conditions.
Change-Id: I7b28ffa13946423c610e2bb2b83b5b8f79da3a6e
Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com>
- 'functest-kubernetes-ng-{repo}-{container}-{tag}-trivy'
- builder:
- name: functest-kubernetes-ng-docker-scan
+ name: functest-kubernetes-ng-grype
builders:
- shell: |
sudo apt-get -o DPkg::Lock::Timeout=300 update && \
sudo DEBIAN_FRONTEND=noninteractive apt-get \
- -o DPkg::Lock::Timeout=300 install curl docker.io -y
+ -o DPkg::Lock::Timeout=300 install curl -y
- mkdir -p ~/.docker/cli-plugins && \
- curl https://github.com/docker/scan-cli-plugin/releases/latest/download/docker-scan_linux_amd64 \
- -L -s -S -o ~/.docker/cli-plugins/docker-scan &&\
- chmod +x ~/.docker/cli-plugins/docker-scan
+ curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sudo sh -s -- -b .
if [ "{repo}" = "_" ]; then
image={container}:{tag}
elif [ "{port}" = "None" ]; then
else
image={repo}:{port}/{container}:{tag}
fi
- sudo docker scan --accept-license $image
+ sudo grype -q $image
- job-template:
- name: 'functest-kubernetes-ng-{repo}-{container}-{tag}-docker-scan'
+ name: 'functest-kubernetes-ng-{repo}-{container}-{tag}-grype'
triggers:
- timed: '@daily'
parameters:
- functest-kubernetes-ng-slave:
slave: '{slave}'
builders:
- - functest-kubernetes-ng-docker-scan:
+ - functest-kubernetes-ng-grype:
<<: *functest-kubernetes-ng-containers
publishers:
- email-ext:
recipients: cedric.ollivier@orange.com
- project:
- name: 'functest-kubernetes-ng-opnfv-functest-kubernetes-core-docker-scan'
+ name: 'functest-kubernetes-ng-opnfv-functest-kubernetes-core-grype'
<<: *functest-kubernetes-ng-params
container: 'functest-kubernetes-core'
jobs:
- - 'functest-kubernetes-ng-{repo}-{container}-{tag}-docker-scan'
+ - 'functest-kubernetes-ng-{repo}-{container}-{tag}-grype'
- project:
- name: 'functest-kubernetes-ng-opnfv-functest-kubernetes-healthcheck-docker-scan'
+ name: 'functest-kubernetes-ng-opnfv-functest-kubernetes-healthcheck-grype'
<<: *functest-kubernetes-ng-params
container: 'functest-kubernetes-healthcheck'
jobs:
- - 'functest-kubernetes-ng-{repo}-{container}-{tag}-docker-scan'
+ - 'functest-kubernetes-ng-{repo}-{container}-{tag}-grype'
- project:
- name: 'functest-kubernetes-ng-opnfv-functest-kubernetes-cnf-docker-scan'
+ name: 'functest-kubernetes-ng-opnfv-functest-kubernetes-cnf-grype'
<<: *functest-kubernetes-ng-params
container: 'functest-kubernetes-cnf'
jobs:
- - 'functest-kubernetes-ng-{repo}-{container}-{tag}-docker-scan'
+ - 'functest-kubernetes-ng-{repo}-{container}-{tag}-grype'
- project:
- name: 'functest-kubernetes-ng-opnfv-functest-kubernetes-security-docker-scan'
+ name: 'functest-kubernetes-ng-opnfv-functest-kubernetes-security-grype'
<<: *functest-kubernetes-ng-params
container: 'functest-kubernetes-security'
jobs:
- - 'functest-kubernetes-ng-{repo}-{container}-{tag}-docker-scan'
+ - 'functest-kubernetes-ng-{repo}-{container}-{tag}-grype'
- project:
- name: 'functest-kubernetes-ng-opnfv-functest-kubernetes-smoke-docker-scan'
+ name: 'functest-kubernetes-ng-opnfv-functest-kubernetes-smoke-grype'
<<: *functest-kubernetes-ng-params
container: 'functest-kubernetes-smoke'
jobs:
- - 'functest-kubernetes-ng-{repo}-{container}-{tag}-docker-scan'
+ - 'functest-kubernetes-ng-{repo}-{container}-{tag}-grype'
- project:
- name: 'functest-kubernetes-ng-opnfv-functest-kubernetes-benchmarking-docker-scan'
+ name: 'functest-kubernetes-ng-opnfv-functest-kubernetes-benchmarking-grype'
<<: *functest-kubernetes-ng-params
container: 'functest-kubernetes-benchmarking'
jobs:
- - 'functest-kubernetes-ng-{repo}-{container}-{tag}-docker-scan'
+ - 'functest-kubernetes-ng-{repo}-{container}-{tag}-grype'
- project:
name: 'functest-kubernetes-ng'
regex: ^functest-kubernetes-ng-[a-z0-9-.]+-trivy$
- view:
- name: functest-kubernetes-ng-docker-scan
+ name: functest-kubernetes-ng-grype
view-type: list
columns:
- status
- last-success
- last-failure
- last-duration
- regex: ^functest-kubernetes-ng-[a-z0-9.]+-docker-scan$
+ regex: ^functest-kubernetes-ng-[a-z0-9.]+-grype$
- 'functest-kubernetes-{repo}-{container}-{tag}-trivy'
- builder:
- name: functest-kubernetes-docker-scan
+ name: functest-kubernetes-grype
builders:
- shell: |
apt-get -o DPkg::Lock::Timeout=300 update && \
DEBIAN_FRONTEND=noninteractive apt-get \
- -o DPkg::Lock::Timeout=300 install curl docker.io -y
+ -o DPkg::Lock::Timeout=300 install curl -y
- mkdir -p ~/.docker/cli-plugins && \
- curl https://github.com/docker/scan-cli-plugin/releases/latest/download/docker-scan_linux_amd64 \
- -L -s -S -o ~/.docker/cli-plugins/docker-scan &&\
- chmod +x ~/.docker/cli-plugins/docker-scan
+ curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sh -s -- -b .
if [ "{repo}" = "_" ]; then
image={container}:{tag}
elif [ "{port}" = "None" ]; then
else
image={repo}:{port}/{container}:{tag}
fi
- docker scan --accept-license $image
+ grype -q $image
- job-template:
- name: 'functest-kubernetes-{repo}-{container}-{tag}-docker-scan'
+ name: 'functest-kubernetes-{repo}-{container}-{tag}-grype'
triggers:
- timed: '@weekly'
parameters:
- functest-kubernetes-slave:
slave: '{slave}'
builders:
- - functest-kubernetes-docker-scan:
+ - functest-kubernetes-grype:
<<: *functest-kubernetes-containers
publishers:
- email-ext:
recipients: cedric.ollivier@orange.com
- project:
- name: 'functest-kubernetes-opnfv-functest-kubernetes-core-docker-scan'
+ name: 'functest-kubernetes-opnfv-functest-kubernetes-core-grype'
<<: *functest-kubernetes-params
container: 'functest-kubernetes-core'
jobs:
- - 'functest-kubernetes-{repo}-{container}-{tag}-docker-scan'
+ - 'functest-kubernetes-{repo}-{container}-{tag}-grype'
- project:
- name: 'functest-kubernetes-opnfv-functest-kubernetes-healthcheck-docker-scan'
+ name: 'functest-kubernetes-opnfv-functest-kubernetes-healthcheck-grype'
<<: *functest-kubernetes-params
container: 'functest-kubernetes-healthcheck'
jobs:
- - 'functest-kubernetes-{repo}-{container}-{tag}-docker-scan'
+ - 'functest-kubernetes-{repo}-{container}-{tag}-grype'
- project:
- name: 'functest-kubernetes-opnfv-functest-kubernetes-cnf-docker-scan'
+ name: 'functest-kubernetes-opnfv-functest-kubernetes-cnf-grype'
<<: *functest-kubernetes-params
container: 'functest-kubernetes-cnf'
jobs:
- - 'functest-kubernetes-{repo}-{container}-{tag}-docker-scan'
+ - 'functest-kubernetes-{repo}-{container}-{tag}-grype'
- project:
- name: 'functest-kubernetes-opnfv-functest-kubernetes-security-docker-scan'
+ name: 'functest-kubernetes-opnfv-functest-kubernetes-security-grype'
<<: *functest-kubernetes-params
container: 'functest-kubernetes-security'
jobs:
- - 'functest-kubernetes-{repo}-{container}-{tag}-docker-scan'
+ - 'functest-kubernetes-{repo}-{container}-{tag}-grype'
- project:
- name: 'functest-kubernetes-opnfv-functest-kubernetes-smoke-docker-scan'
+ name: 'functest-kubernetes-opnfv-functest-kubernetes-smoke-grype'
<<: *functest-kubernetes-params
container: 'functest-kubernetes-smoke'
jobs:
- - 'functest-kubernetes-{repo}-{container}-{tag}-docker-scan'
+ - 'functest-kubernetes-{repo}-{container}-{tag}-grype'
- project:
- name: 'functest-kubernetes-opnfv-functest-kubernetes-benchmarking-docker-scan'
+ name: 'functest-kubernetes-opnfv-functest-kubernetes-benchmarking-grype'
<<: *functest-kubernetes-params
container: 'functest-kubernetes-benchmarking'
jobs:
- - 'functest-kubernetes-{repo}-{container}-{tag}-docker-scan'
+ - 'functest-kubernetes-{repo}-{container}-{tag}-grype'
- project:
name: 'functest-kubernetes'
regex: (?!functest-kubernetes-pi)(?!functest-kubernetes-ng)^functest-kubernetes-[a-z-0-9.]+-trivy$
- view:
- name: functest-kubernetes-docker-scan
+ name: functest-kubernetes-grype
view-type: list
columns:
- status
- last-success
- last-failure
- last-duration
- regex: (?!functest-kubernetes-pi)(?!functest-kubernetes-ng)^functest-kubernetes-[a-z-0-9.]+-docker-scan$
+ regex: (?!functest-kubernetes-pi)(?!functest-kubernetes-ng)^functest-kubernetes-[a-z-0-9.]+-grype$
- 'functest-{repo}-{container}-{tag}-trivy'
- builder:
- name: functest-docker-scan
+ name: functest-grype
builders:
- shell: |
sudo apt-get -o DPkg::Lock::Timeout=300 update && \
sudo DEBIAN_FRONTEND=noninteractive apt-get \
- -o DPkg::Lock::Timeout=300 install curl docker.io -y
+ -o DPkg::Lock::Timeout=300 install curl -y
- mkdir -p ~/.docker/cli-plugins && \
- curl https://github.com/docker/scan-cli-plugin/releases/latest/download/docker-scan_linux_amd64 \
- -L -s -S -o ~/.docker/cli-plugins/docker-scan &&\
- chmod +x ~/.docker/cli-plugins/docker-scan
+ curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sudo sh -s -- -b .
if [ "{repo}" = "_" ]; then
image={container}:{tag}
elif [ "{port}" = "None" ]; then
else
image={repo}:{port}/{container}:{tag}
fi
- sudo docker scan --accept-license $image
+ sudo grype -q $image
- job-template:
- name: 'functest-{repo}-{container}-{tag}-docker-scan'
+ name: 'functest-{repo}-{container}-{tag}-grype'
triggers:
- timed: '@weekly'
parameters:
- functest-slave:
slave: '{slave}'
builders:
- - functest-docker-scan:
+ - functest-grype:
<<: *functest-containers
publishers:
- email-ext:
recipients: cedric.ollivier@orange.com
- project:
- name: 'functest-opnfv-functest-core-docker-scan'
+ name: 'functest-opnfv-functest-core-grype'
<<: *functest-params
container: 'functest-core'
jobs:
- - 'functest-{repo}-{container}-{tag}-docker-scan'
+ - 'functest-{repo}-{container}-{tag}-grype'
- project:
- name: 'functest-opnfv-functest-tempest-docker-scan'
+ name: 'functest-opnfv-functest-tempest-grype'
<<: *functest-params
container: 'functest-tempest'
jobs:
- - 'functest-{repo}-{container}-{tag}-docker-scan'
+ - 'functest-{repo}-{container}-{tag}-grype'
- project:
- name: 'functest-opnfv-functest-healthcheck-docker-scan'
+ name: 'functest-opnfv-functest-healthcheck-grype'
<<: *functest-params
container: 'functest-healthcheck'
jobs:
- - 'functest-{repo}-{container}-{tag}-docker-scan'
+ - 'functest-{repo}-{container}-{tag}-grype'
- project:
- name: 'functest-opnfv-functest-smoke-docker-scan'
+ name: 'functest-opnfv-functest-smoke-grype'
<<: *functest-params
container: 'functest-smoke'
jobs:
- - 'functest-{repo}-{container}-{tag}-docker-scan'
+ - 'functest-{repo}-{container}-{tag}-grype'
- project:
- name: 'functest-opnfv-functest-benchmarking-docker-scan'
+ name: 'functest-opnfv-functest-benchmarking-grype'
<<: *functest-params
container: 'functest-benchmarking'
jobs:
- - 'functest-{repo}-{container}-{tag}-docker-scan'
+ - 'functest-{repo}-{container}-{tag}-grype'
- project:
- name: 'functest-opnfv-functest-vnf-docker-scan'
+ name: 'functest-opnfv-functest-vnf-grype'
<<: *functest-params
container: 'functest-vnf'
jobs:
- - 'functest-{repo}-{container}-{tag}-docker-scan'
+ - 'functest-{repo}-{container}-{tag}-grype'
- project:
- name: 'functest-opnfv-functest-smoke-cntt-docker-scan'
+ name: 'functest-opnfv-functest-smoke-cntt-grype'
<<: *functest-params
container: 'functest-smoke-cntt'
jobs:
- - 'functest-{repo}-{container}-{tag}-docker-scan'
+ - 'functest-{repo}-{container}-{tag}-grype'
- project:
- name: 'functest-opnfv-functest-benchmarking-cntt-docker-scan'
+ name: 'functest-opnfv-functest-benchmarking-cntt-grype'
<<: *functest-params
container: 'functest-benchmarking-cntt'
jobs:
- - 'functest-{repo}-{container}-{tag}-docker-scan'
+ - 'functest-{repo}-{container}-{tag}-grype'
- project:
name: 'functest'
regex: (?!functest-kubernetes)(?!functest-pi)^functest-[a-z-0-9.]+-trivy$
- view:
- name: functest-docker-scan
+ name: functest-grype
view-type: list
columns:
- status
- last-success
- last-failure
- last-duration
- regex: (?!functest-kubernetes)(?!functest-pi)^functest-[a-z-0-9.]+-docker-scan$
+ regex: (?!functest-kubernetes)(?!functest-pi)^functest-[a-z-0-9.]+-grype$
- 'xtesting-{repo}-{container}-{tag}-trivy'
- builder:
- name: xtesting-docker-scan
+ name: xtesting-grype
builders:
- shell: |
sudo apt-get -o DPkg::Lock::Timeout=300 update && \
sudo DEBIAN_FRONTEND=noninteractive apt-get \
- -o DPkg::Lock::Timeout=300 install curl docker.io -y
+ -o DPkg::Lock::Timeout=300 install curl -y
- mkdir -p ~/.docker/cli-plugins && \
- curl https://github.com/docker/scan-cli-plugin/releases/latest/download/docker-scan_linux_amd64 \
- -L -s -S -o ~/.docker/cli-plugins/docker-scan &&\
- chmod +x ~/.docker/cli-plugins/docker-scan
+ curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sudo sh -s -- -b .
if [ "{repo}" = "_" ]; then
image={container}:{tag}
elif [ "{port}" = "None" ]; then
else
image={repo}:{port}/{container}:{tag}
fi
- sudo docker scan --accept-license $image
+ sudo grype -q $image
- job-template:
- name: 'xtesting-{repo}-{container}-{tag}-docker-scan'
+ name: 'xtesting-{repo}-{container}-{tag}-grype'
triggers:
- timed: '@daily'
parameters:
- xtesting-slave:
slave: '{slave}'
builders:
- - xtesting-docker-scan:
+ - xtesting-grype:
<<: *xtesting-containers
publishers:
- email-ext:
recipients: cedric.ollivier@orange.com
- project:
- name: 'xtesting-opnfv-xtesting-docker-scan'
+ name: 'xtesting-opnfv-xtesting-grype'
<<: *xtesting-params
container: 'xtesting'
jobs:
- - 'xtesting-{repo}-{container}-{tag}-docker-scan'
+ - 'xtesting-{repo}-{container}-{tag}-grype'
- project:
- name: 'xtesting-opnfv-xtesting-mts-docker-scan'
+ name: 'xtesting-opnfv-xtesting-mts-grype'
<<: *xtesting-params
container: 'xtesting-mts'
jobs:
- - 'xtesting-{repo}-{container}-{tag}-docker-scan'
+ - 'xtesting-{repo}-{container}-{tag}-grype'
- project:
name: 'xtesting'
regex: (?!xtesting-pi)^xtesting-[a-z-0-9.]+-trivy$
- view:
- name: xtesting-docker-scan
+ name: xtesting-grype
view-type: list
columns:
- status
- last-success
- last-failure
- last-duration
- regex: (?!xtesting-pi)^xtesting-[a-z-0-9.]+-docker-scan$
+ regex: (?!xtesting-pi)^xtesting-[a-z-0-9.]+-grype$
Code Review / releng.git / commitdiff