Merge "[COMAC-337]: License Scan Automation"
diff --git a/jjb/cord-macros.yaml b/jjb/cord-macros.yaml
index 2410b3c..e58eab3 100644
--- a/jjb/cord-macros.yaml
+++ b/jjb/cord-macros.yaml
@@ -133,7 +133,7 @@
cancel-builds-on-update: true
auto-close-on-fail: false
only-trigger-phrase: false
- status-context: 'CORD Jenkins' # Name of testing system in PR
+ status-context: '{status_context}' # Name of testing system in PR
permit-all: false # don't trigger on every PR
org-list: '{obj:github_pr_org_list}'
allow-whitelist-orgs-as-admins: true
@@ -179,4 +179,3 @@
files:
- file-id: known_hosts
target: '$HOME/.ssh/known_hosts'
-
diff --git a/jjb/omec-ci.yaml b/jjb/omec-ci.yaml
index 9f84931..c7ef8d4 100644
--- a/jjb/omec-ci.yaml
+++ b/jjb/omec-ci.yaml
@@ -35,6 +35,10 @@
- 'omec-install':
sub-project: '{name}'
pipeline-file: 'Jenkinsfile-omec-install-ngic-rtc-vnf.groovy'
+ - 'omec-fossa':
+ pipeline-file: 'jjb/pipeline/omec-fossa-scan.groovy'
+ - 'omec-reuse':
+ pipeline-file: 'jjb/pipeline/omec-reuse-scan.groovy'
- 'docker-publish-github':
build-timeout: 30
docker-repo: 'omecproject'
@@ -61,6 +65,10 @@
- 'omec-install':
sub-project: 'c3po-hss'
pipeline-file: 'Jenkinsfile-omec-install-c3po-hss-vnf.groovy'
+ - 'omec-fossa':
+ pipeline-file: 'jjb/pipeline/omec-fossa-scan.groovy'
+ - 'omec-reuse':
+ pipeline-file: 'jjb/pipeline/omec-reuse-scan.groovy'
- 'docker-publish-github':
build-timeout: 30
docker-repo: 'omecproject'
@@ -84,6 +92,10 @@
- 'omec-install':
sub-project: '{name}'
pipeline-file: 'Jenkinsfile-omec-install-openmme-vnf.groovy'
+ - 'omec-fossa':
+ pipeline-file: 'jjb/pipeline/omec-fossa-scan.groovy'
+ - 'omec-reuse':
+ pipeline-file: 'jjb/pipeline/omec-reuse-scan.groovy'
- 'docker-publish-github':
build-timeout: 30
docker-repo: 'omecproject'
@@ -129,6 +141,7 @@
- cord-infra-github-pr-trigger:
github_pr_org_list: '{obj:github_pr_org_list}'
github_pr_auth_id: '{github_pr_auth_id}'
+ status_context: 'CORD Jenkins - Combined Steps Verification'
concurrent: false
@@ -184,6 +197,104 @@
branches:
- 'master'
+# FOSSA License Scan
+- job-template:
+ id: 'omec-fossa'
+ name: 'omec_{project}_fossa'
+ project-type: pipeline
+
+ description: |
+ <!-- Managed by Jenkins Job Builder -->
+ Created by {id} job-template from ci-management/jjb/omec-ci.yaml<br />
+
+ properties:
+ - cord-infra-properties:
+ build-days-to-keep: '{build-days-to-keep}'
+ artifact-num-to-keep: '{artifact-num-to-keep}'
+ - github:
+ url: 'https://github.com/{github-organization}/{project}'
+
+ wrappers:
+ - lf-infra-wrappers:
+ build-timeout: '{build-timeout}'
+ jenkins-ssh-credential: '{jenkins-ssh-credential}'
+
+ parameters:
+ - string:
+ name: buildNode
+ default: '{build-node}'
+ description: 'Name of the Jenkins executor node to run the job on'
+
+ - string:
+ name: project
+ default: '{project}'
+ description: 'Name of the project'
+
+ triggers:
+ - cord-infra-github-pr-trigger:
+ github_pr_org_list: '{obj:github_pr_org_list}'
+ github_pr_auth_id: '{github_pr_auth_id}'
+ status_context: 'CORD Jenkins - FOSSA Verification'
+
+ concurrent: false
+
+ pipeline-scm:
+ script-path: '{pipeline-file}'
+ scm:
+ - git:
+ url: 'https://github.com/{github-organization}/ci-management'
+ branches:
+ - 'master'
+
+# REUSE License Scan
+- job-template:
+ id: 'omec-reuse'
+ name: 'omec_{project}_reuse'
+ project-type: pipeline
+
+ description: |
+ <!-- Managed by Jenkins Job Builder -->
+ Created by {id} job-template from ci-management/jjb/omec-ci.yaml<br />
+
+ properties:
+ - cord-infra-properties:
+ build-days-to-keep: '{build-days-to-keep}'
+ artifact-num-to-keep: '{artifact-num-to-keep}'
+ - github:
+ url: 'https://github.com/{github-organization}/{project}'
+
+ wrappers:
+ - lf-infra-wrappers:
+ build-timeout: '{build-timeout}'
+ jenkins-ssh-credential: '{jenkins-ssh-credential}'
+
+ parameters:
+ - string:
+ name: buildNode
+ default: '{build-node}'
+ description: 'Name of the Jenkins executor node to run the job on'
+
+ - string:
+ name: project
+ default: '{project}'
+ description: 'Name of the project'
+
+ triggers:
+ - cord-infra-github-pr-trigger:
+ github_pr_org_list: '{obj:github_pr_org_list}'
+ github_pr_auth_id: '{github_pr_auth_id}'
+ status_context: 'CORD Jenkins - REUSE Verification'
+
+ concurrent: false
+
+ pipeline-scm:
+ script-path: '{pipeline-file}'
+ scm:
+ - git:
+ url: 'https://github.com/{github-organization}/ci-management'
+ branches:
+ - 'master'
+
# tests
- job-template:
id: 'omec-tc1'
@@ -254,4 +365,3 @@
url: 'https://github.com/omec-project/omec-project-ci'
branches:
- 'master'
-
diff --git a/jjb/pipeline/omec-fossa-scan.groovy b/jjb/pipeline/omec-fossa-scan.groovy
new file mode 100644
index 0000000..53c19e9
--- /dev/null
+++ b/jjb/pipeline/omec-fossa-scan.groovy
@@ -0,0 +1,75 @@
+// Copyright 2020-present Open Networking Foundation
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+// omec-fossa-scan.groovy
+// checks an omec-project repo against fossa in a docker container
+
+pipeline {
+
+ agent {
+ docker {
+ image "fossa-verify:latest"
+ label "${params.buildNode}"
+ }
+ }
+
+ options {
+ timeout(15)
+ }
+
+ stages {
+
+ stage ("Clean Workspace") {
+ steps {
+ sh 'rm -rf *'
+ }
+ }
+
+ stage ("Checkout Pull Request") {
+ steps {
+ checkout([
+ $class: 'GitSCM',
+ userRemoteConfigs: [[ url: "https://github.com/${params.ghprbGhRepository}", refspec: "+refs/pull/${params.ghprbPullId}/merge" ]],
+ ],
+ )
+ }
+ }
+
+ stage ("Perform License Scan") {
+ steps {
+ withCredentials([string(credentialsId: 'fossa-api-key', variable: 'FOSSA_API_KEY')]) {
+ sh """
+ #!/usr/bin/env bash
+
+ git checkout FETCH_HEAD
+ echo "Testing project: ${params.project}"
+
+ echo "Run 'fossa init'"
+ fossa init --no-ansi --verbose
+
+ echo "Contents of .fossa.yml generated by 'fossa init':"
+ cat .fossa.yml
+
+ echo "Run 'fossa analyze'"
+ fossa analyze --no-ansi --verbose
+
+ echo "Get FOSSA test results with 'fossa test'"
+ fossa test --no-ansi --verbose
+ """
+
+ }
+ }
+ }
+ }
+}
diff --git a/jjb/pipeline/omec-reuse-scan.groovy b/jjb/pipeline/omec-reuse-scan.groovy
new file mode 100644
index 0000000..dc2cf1f
--- /dev/null
+++ b/jjb/pipeline/omec-reuse-scan.groovy
@@ -0,0 +1,60 @@
+// Copyright 2020-present Open Networking Foundation
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+// omec-reuse-scan.groovy
+// checks an omec-project repo against reuse in a docker container
+
+pipeline {
+
+ agent {
+ docker {
+ image "reuse-verify:latest"
+ label "${params.buildNode}"
+ }
+ }
+
+ options {
+ timeout(15)
+ }
+
+ stages {
+
+ stage ("Clean Workspace") {
+ steps {
+ sh 'rm -rf *'
+ }
+ }
+
+ stage ("Checkout Pull Request") {
+ steps {
+ checkout([
+ $class: 'GitSCM',
+ userRemoteConfigs: [[ url: "https://github.com/${params.ghprbGhRepository}", refspec: "+refs/pull/${params.ghprbPullId}/merge" ]],
+ ],
+ )
+ }
+ }
+
+ stage("Run REUSE Linter"){
+ steps {
+ sh """
+ #!/usr/bin/env bash
+
+ git checkout FETCH_HEAD
+ reuse lint
+ """
+ }
+ }
+ }
+}