Merge "Add pull request verification job for UP4"
diff --git a/jjb/cord-macros.yaml b/jjb/cord-macros.yaml
index 05dd931..e49239d 100644
--- a/jjb/cord-macros.yaml
+++ b/jjb/cord-macros.yaml
@@ -192,3 +192,35 @@
files:
- file-id: known_hosts
target: '$HOME/.ssh/known_hosts'
+
+# Sets permissions for job to be visible to AetherAccess only
+# (for Aether member-only repos).
+- property:
+ name: cord-infra-aether-private
+ properties:
+ - raw:
+ xml: |
+ <hudson.security.AuthorizationMatrixProperty>
+ <inheritanceStrategy class="org.jenkinsci.plugins.matrixauth.inheritance.NonInheritingStrategy"/>
+ <permission>com.cloudbees.plugins.credentials.CredentialsProvider.Create:JenkinsPowerusers</permission>
+ <permission>com.cloudbees.plugins.credentials.CredentialsProvider.Delete:JenkinsPowerusers</permission>
+ <permission>com.cloudbees.plugins.credentials.CredentialsProvider.ManageDomains:JenkinsPowerusers</permission>
+ <permission>com.cloudbees.plugins.credentials.CredentialsProvider.Update:JenkinsPowerusers</permission>
+ <permission>com.cloudbees.plugins.credentials.CredentialsProvider.View:JenkinsPowerusers</permission>
+ <permission>hudson.model.Item.Build:JenkinsPowerusers</permission>
+ <permission>hudson.model.Item.Cancel:JenkinsPowerusers</permission>
+ <permission>hudson.model.Item.Configure:JenkinsPowerusers</permission>
+ <permission>hudson.model.Item.Delete:JenkinsPowerusers</permission>
+ <permission>hudson.model.Item.Discover:JenkinsPowerusers</permission>
+ <permission>hudson.model.Item.ExtendedRead:JenkinsPowerusers</permission>
+ <permission>hudson.model.Item.Move:JenkinsPowerusers</permission>
+ <permission>hudson.model.Item.Read:JenkinsPowerusers</permission>
+ <permission>hudson.model.Item.Workspace:JenkinsPowerusers</permission>
+ <permission>hudson.model.Run.Delete:JenkinsPowerusers</permission>
+ <permission>hudson.model.Run.Replay:JenkinsPowerusers</permission>
+ <permission>hudson.model.Run.Update:JenkinsPowerusers</permission>
+ <permission>hudson.model.Item.Discover:AetherAccess</permission>
+ <permission>hudson.model.Item.Discover:anonymous</permission>
+ <permission>hudson.model.Item.Read:AetherAccess</permission>
+ <permission>hudson.model.Item.ViewStatus:anonymous</permission>
+ </hudson.security.AuthorizationMatrixProperty>
diff --git a/jjb/verify/up4.yaml b/jjb/verify/up4.yaml
new file mode 100644
index 0000000..524fa39
--- /dev/null
+++ b/jjb/verify/up4.yaml
@@ -0,0 +1,74 @@
+---
+# jobs for https://github.com/omec-project/up4
+
+- project:
+ name: up4
+ project: "{name}"
+ github-organization: "omec-project"
+ github_pr_auth_id: "64fe2b1a-b33a-4f13-8442-ad8360434003"
+ github_pr_org_list:
+ - "omec-project"
+ jobs:
+ - "up4-jobs":
+ stream: "master"
+ # As we run integration tests with 3 ONOS instances,
+ # we need a beefy node.
+ build-node: "ubuntu16.04-basebuild-8c-15g"
+
+- job-group:
+ name: "up4-jobs"
+ jobs:
+ - "up4-pr-verify"
+
+- job-template:
+ id: "up4-pr-verify"
+ name: "up4-pr-verify"
+ description: |
+ Created by {id} job-template from ci-management/up4.yaml<br/>
+
+ project-type: pipeline
+ concurrent: true
+
+ properties:
+ # Visibility restricted to Aether members only.
+ - cord-infra-aether-private:
+ - cord-infra-properties:
+ build-days-to-keep: "15"
+ artifact-num-to-keep: "-1"
+ - github:
+ url: "https://github.com/{github-organization}/{project}"
+
+ parameters:
+ - string:
+ name: buildNode
+ default: "{build-node}"
+ description: "Name of the Jenkins executor node to run the job on."
+ - string:
+ name: sha1
+ default: "origin/{stream}"
+ description: "The actual commit or branch to build."
+
+ # Run pipeline that is checked-in in the same PR we want to verify.
+ pipeline-scm:
+ script-path: ".jenkins/Jenkinsfile"
+ scm:
+ - git:
+ url: "git@github.com:{github-organization}/{project}.git"
+ credentials-id: "github-onf-bot-ssh-key"
+ refspec: "+refs/pull/*:refs/remotes/origin/pr/*"
+ branches:
+ - "$sha1"
+ submodule:
+ disable: true
+ shallow-clone: true
+
+ triggers:
+ - cord-infra-github-pr-trigger:
+ github_pr_org_list: "{obj:github_pr_org_list}"
+ github_pr_auth_id: "{github_pr_auth_id}"
+ status_context: "up4-pr-verify"
+
+ wrappers:
+ - lf-infra-wrappers:
+ build-timeout: "{build-timeout}"
+ jenkins-ssh-credential: "{jenkins-ssh-credential}"