build-timeout: 240
cron: '@daily'
disabled: false
+ dry-run: false
git-url: '$GIT_URL/$PROJECT'
java-version: openjdk8
mvn-global-settings: global-settings
name: ARCHIVE_ARTIFACTS
default: '{archive-artifacts}'
description: Artifacts to archive to the logs server.
+ - string:
+ name: SEARCH_PATHS
+ default: '{coverity-search-paths}'
+ description: >
+ Additional directories to search for files to analyse by Coverity
+ Scan service (space separated).
+ - string:
+ name: SEARCH_EXCLUDE_REGEXS
+ default: '{coverity-search-exclude-regexs}'
+ description: >
+ File path patterns to exclude from analysis by Coverity Scan
+ service (e.g. 3rd-party or auto-generated sources, space
+ separated).
+ - string:
+ name: COVERITY_USER_EMAIL
+ default: '{coverity-user-email}'
+ description: >
+ E-mail address to receive analysis status report after submittion.
+ It must be a registered user on Coverity Scan service added as a
+ member to appropriate Coverity Scan project with "Maintainer/Owner"
+ role.
+ - bool:
+ name: DRY_RUN
+ default: '{dry-run}'
+ description: Do not submit results to Coverity Scan server at the end of the build.
triggers:
- timed: '{obj:cron}'
properties-content: |
COVERITY_PROJECT_NAME={coverity-project-name}
COVERITY_TOKEN={coverity-token}
- COVERITY_USER_EMAIL={coverity-user-email}
- SEARCH_PATHS={coverity-search-paths}
- SEARCH_EXCLUDE_REGEXS={coverity-search-exclude-regexs}
- shell: !include-raw-escape:
- ../../global-jjb/shell/common-variables.sh
- ../../shell/maven-coverity.sh
---
- project:
name: dcaegen2-platform-configbinding
- project-name: 'dcaegen2-platform-configbinding'
- jobs:
- - '{project-name}-{stream}-verify-java'
- - '{project-name}-{stream}-merge-java'
- - '{project-name}-{stream}-release-version-java-daily'
-
- project: 'dcaegen2/platform/configbinding'
- stream:
- - 'master':
- branch: 'master'
- - 'el-alto':
- branch: 'el-alto'
- mvn-settings: 'dcaegen2-platform-configbinding-settings'
+ # git repo
+ project: dcaegen2/platform/configbinding
+ # jenkins job prefix
+ project-name: dcaegen2-platform-configbinding
+ # push credentials
+ mvn-settings: dcaegen2-platform-configbinding-settings
# due to a strange macro / variable translation problem this needs
# to be passed as a string block to properly get the properties
# correctly defined in the job
deployAtEnd=true
files: '**'
archive-artifacts: ''
- build-node: 'ubuntu1604-docker-8c-8g'
+ build-node: ubuntu1604-docker-8c-8g
+ jobs:
+ # clm and tox
+ - '{project-name}-python-jobs'
+ # build docker image
+ - '{project-name}-{stream}-merge-java'
+ - '{project-name}-{stream}-release-version-java-daily'
+ stream:
+ - master:
+ branch: master
+ - el-alto:
+ branch: el-alto
- project:
name: dcaegen2-platform-configbinding-sonar
- jobs:
- - gerrit-maven-sonar
+ project: dcaegen2/platform/configbinding
+ project-name: dcaegen2-platform-configbinding
cron: '@daily'
build-node: ubuntu1604-builder-4c-4g
- project: 'dcaegen2/platform/configbinding'
- project-name: 'dcaegen2-platform-configbinding'
- branch: 'master'
- mvn-settings: 'dcaegen2-platform-configbinding-settings'
+ mvn-settings: dcaegen2-platform-configbinding-settings
mvn-goals: 'clean install'
mvn-opts: '-Xmx1024m -XX:MaxPermSize=256m'
-
-- project:
- name: dcaegen2-platform-configbinding-clm
+ branch: master
jobs:
- - gerrit-maven-clm
- nexus-iq-namespace: 'onap-'
- project: dcaegen2/platform/configbinding
- build-node: ubuntu1604-docker-8c-8g
- project-name: 'dcaegen2-platform-configbinding'
- branch: 'master'
- mvn-settings: 'dcaegen2-platform-configbinding-settings'
+ # Sonar jobs require maven, even for Python
+ - gerrit-maven-sonar
- project:
name: dcaegen2-platform-configbinding-info
+ project: dcaegen2/platform/configbinding
project-name: dcaegen2-platform-configbinding
+ branch: master
jobs:
- gerrit-info-yaml-verify
- project: dcaegen2/platform/configbinding
- branch: master
mvn-goals: 'clean install'
mvn-opts: '-Xmx1024m -XX:MaxPermSize=256m'
+- project:
+ name: 'portal-coverity'
+ jobs:
+ - onap-gerrit-maven-coverity
+ cron: '@daily'
+ build-node: 'ubuntu1604-builder-4c-4g'
+ project: 'portal'
+ project-name: 'portal'
+ branch: 'master'
+ mvn-settings: 'portal-settings'
+ # FIXME: it does not build without building tests at the moment
+ #mvn-params: '-Dmaven.test.skip=true'
+ mvn-params: '-DskipTests'
+ mvn-opts: '-Xmx1024m -XX:MaxPermSize=256m'
+ coverity-project-name: 'onap-portal'
+ coverity-token: 'ViM5eI953g1mE2vb8MiHtA'
+ coverity-user-email: 'A.Naluzhnyy@samsung.com'
+ coverity-search-paths: >
+ ecomp-portal-FE-os/client
+ ecomp-portal-FE-os/mock
+ ecomp-portal-FE-os/server
+ ecomp-portal-widget-ms
+ ecomp-portal-FE-common/client/app
+ coverity-search-exclude-regexs: >
+ /cov-int/
+ /cov-analysis-
+ ^/usr/
+ ^/home/
+ /node_modules/
+ /bower_components/
+ /bower_components_external/
+ /src/test/
+ /__test__/
+
- project:
name: portal-clm
jobs:
# and have not exceeded our upload quota limits
# See also: https://scan.coverity.com/faq#frequency
-CURL_OUTPUT=$(
- curl \
- --verbose \
- --silent \
- --show-error \
- --fail \
- --form "project=${COVERITY_PROJECT_NAME}" \
- --form "token=${COVERITY_TOKEN}" \
- 'https://scan.coverity.com/api/upload_permitted'
-)
+if [ "${DRY_RUN}" != 'true' ]; then
+ CURL_OUTPUT=$(
+ curl \
+ --verbose \
+ --silent \
+ --show-error \
+ --fail \
+ --form "project=${COVERITY_PROJECT_NAME}" \
+ --form "token=${COVERITY_TOKEN}" \
+ 'https://scan.coverity.com/api/upload_permitted'
+ )
-IS_COVERITY_UPLOAD_PERMITTED=$(
- echo "${CURL_OUTPUT}" \
- | jq '.upload_permitted'
-)
-if [ x"${IS_COVERITY_UPLOAD_PERMITTED}" != x'true' ]; then
- echo "Upload quota reached. Next upload permitted at "$(echo "${CURL_OUTPUT}" | jq '.next_upload_permitted_at') >&2
- exit 1
+ IS_COVERITY_UPLOAD_PERMITTED=$(
+ echo "${CURL_OUTPUT}" \
+ | jq '.upload_permitted'
+ )
+ if [ x"${IS_COVERITY_UPLOAD_PERMITTED}" != x'true' ]; then
+ echo "Upload quota reached. Next upload permitted at "$(echo "${CURL_OUTPUT}" | jq '.next_upload_permitted_at') >&2
+ exit 1
+ fi
fi
#-----------------------------------------------------------------------------
| sort \
> 'cov-int/scm-untracked-files.txt'
+if [ -s 'cov-int/scm-untracked-files.txt' ]; then
+ echo '[WARNING] There are some files analysed but not tracked by SCM repository.' \
+ 'There might be 3rd-party or auto-generated sources. See details in' \
+ '"cov-int/scm-untracked-files.txt" file.' \
+ >&2
+fi
+
#-----------------------------------------------------------------------------
# Submit results to Coverity service
-tar \
- --create \
- --gzip \
- --file='results.tgz' \
- 'cov-int'
-
-for (( ATTEMPT=1; ATTEMPT<=SUBMISSION_ATTEMPTS; ATTEMPT++ )); do
- CURL_OUTPUT=$(
- curl \
- --verbose \
- --silent \
- --show-error \
- --fail \
- --write-out '\n%{http_code}' \
- --form "project=${COVERITY_PROJECT_NAME}" \
- --form "email=${COVERITY_USER_EMAIL}" \
- --form "token=${COVERITY_TOKEN}" \
- --form 'file=@results.tgz' \
- --form "version=${GIT_COMMIT:0:7}" \
- --form "description=${GIT_BRANCH}" \
- 'https://scan.coverity.com/builds'
- )
- HTTP_RESPONSE_CODE=$(echo -n "${CURL_OUTPUT}" | tail -1)
- test x"${HTTP_RESPONSE_CODE}" = x"200" \
- && break
-
- sleep "${SUBMISSION_REST_INTERVAL:-$SUBMISSION_INITIAL_REST_INTERVAL}"
-
- SUBMISSION_REST_INTERVAL=$(( ${SUBMISSION_REST_INTERVAL:-$SUBMISSION_INITIAL_REST_INTERVAL} * 2 ))
-done
+if [ "${DRY_RUN}" != 'true' ]; then
+ tar \
+ --create \
+ --gzip \
+ --file='results.tgz' \
+ 'cov-int'
+
+ for (( ATTEMPT=1; ATTEMPT<=SUBMISSION_ATTEMPTS; ATTEMPT++ )); do
+ CURL_OUTPUT=$(
+ curl \
+ --verbose \
+ --silent \
+ --show-error \
+ --fail \
+ --write-out '\n%{http_code}' \
+ --form "project=${COVERITY_PROJECT_NAME}" \
+ --form "email=${COVERITY_USER_EMAIL}" \
+ --form "token=${COVERITY_TOKEN}" \
+ --form 'file=@results.tgz' \
+ --form "version=${GIT_COMMIT:0:7}" \
+ --form "description=${GIT_BRANCH}" \
+ 'https://scan.coverity.com/builds'
+ )
+ HTTP_RESPONSE_CODE=$(echo -n "${CURL_OUTPUT}" | tail -1)
+ test x"${HTTP_RESPONSE_CODE}" = x"200" \
+ && break
+
+ sleep "${SUBMISSION_REST_INTERVAL:-$SUBMISSION_INITIAL_REST_INTERVAL}"
+
+ SUBMISSION_REST_INTERVAL=$(( ${SUBMISSION_REST_INTERVAL:-$SUBMISSION_INITIAL_REST_INTERVAL} * 2 ))
+ done
-HTTP_RESPONSE=$(echo -n "${CURL_OUTPUT}" | head -n -1 | tr -d '\n')
-if [ x"${HTTP_RESPONSE}" != x"Build successfully submitted." ]; then
- echo "Coverity Scan service responded with '${HTTP_RESPONSE}' while 'Build successfully submitted.' expected." >&2
- exit 1
+ HTTP_RESPONSE=$(echo -n "${CURL_OUTPUT}" | head -n -1 | tr -d '\n')
+ if [ x"${HTTP_RESPONSE}" != x"Build successfully submitted." ]; then
+ echo "Coverity Scan service responded with '${HTTP_RESPONSE}' while 'Build successfully submitted.' expected." >&2
+ exit 1
+ fi
fi
#-----------------------------------------------------------------------------