Merge "Report low, medium, high bandit issues"
diff --git a/gerrit/client/init.yml b/gerrit/client/init.yml
index 5456900..8b097ee 100644
--- a/gerrit/client/init.yml
+++ b/gerrit/client/init.yml
@@ -7,8 +7,6 @@
client:
enabled: True
try_login: ${_param:gerrit_try_login}
- source:
- engine: pip
dir:
git: /srv/volumes/gerrit/git
gerrit_config: /srv/volumes/gerrit/etc/gerrit.config
diff --git a/jenkins/client/job/debian/packages/extra.yml b/jenkins/client/job/debian/packages/extra.yml
index df9e76e..61d7ee2 100644
--- a/jenkins/client/job/debian/packages/extra.yml
+++ b/jenkins/client/job/debian/packages/extra.yml
@@ -193,6 +193,10 @@
dist: xenial
build: pipeline
branch: debian/xenial
+ - package: python-pygerrit2
+ dist: xenial
+ build: pipeline
+ branch: debian/xenial
- package: jeepyb
dist: xenial
build: pipeline
diff --git a/jenkins/client/job/debian/packages/salt.yml b/jenkins/client/job/debian/packages/salt.yml
index 846a3c8..7b0dc68 100644
--- a/jenkins/client/job/debian/packages/salt.yml
+++ b/jenkins/client/job/debian/packages/salt.yml
@@ -266,6 +266,9 @@
- name: rundeck
upload_source_package: false
dist: trusty
+ - name: runtest
+ upload_source_package: false
+ dist: trusty
- name: sahara
upload_source_package: false
dist: trusty
@@ -584,6 +587,9 @@
- name: rsyslog
upload_source_package: true
dist: xenial
+ - name: runtest
+ upload_source_package: true
+ dist: xenial
- name: sahara
upload_source_package: true
dist: xenial
diff --git a/jenkins/client/job/docker/oss/init.yml b/jenkins/client/job/docker/oss/init.yml
index 9b1e49b..94e138c 100644
--- a/jenkins/client/job/docker/oss/init.yml
+++ b/jenkins/client/job/docker/oss/init.yml
@@ -1,13 +1,14 @@
classes:
- system.jenkins.client.job.docker.oss.cis-collectors
- system.jenkins.client.job.docker.oss.devops-portal
+ - system.jenkins.client.job.docker.oss.hce-codebase
+ - system.jenkins.client.job.docker.oss.hce-docker
- system.jenkins.client.job.docker.oss.janitor-monkey-codebase
- system.jenkins.client.job.docker.oss.janitor-monkey-docker
- - system.jenkins.client.job.docker.oss.pushkin-docker
- system.jenkins.client.job.docker.oss.pushkin-codebase
- system.jenkins.client.job.docker.oss.pushkin-codebase-ext
- - system.jenkins.client.job.docker.oss.hce-docker
- - system.jenkins.client.job.docker.oss.hce-codebase
+ - system.jenkins.client.job.docker.oss.pushkin-docker
- system.jenkins.client.job.docker.oss.rundeck
- - system.jenkins.client.job.docker.oss.security-monkey-docker
+ - system.jenkins.client.job.docker.oss.security-monkey-codebase
- system.jenkins.client.job.docker.oss.security-monkey-codebase-openstack
+ - system.jenkins.client.job.docker.oss.security-monkey-docker
diff --git a/jenkins/client/job/docker/oss/security-monkey-codebase.yml b/jenkins/client/job/docker/oss/security-monkey-codebase.yml
new file mode 100644
index 0000000..93a79e6
--- /dev/null
+++ b/jenkins/client/job/docker/oss/security-monkey-codebase.yml
@@ -0,0 +1,73 @@
+parameters:
+ jenkins:
+ client:
+ job:
+ docker-build-images-security-monkey-codebase:
+ name: docker-build-images-security-monkey-codebase
+ discard:
+ build:
+ keep_num: 25
+ artifact:
+ keep_num: 25
+ type: workflow-scm
+ concurrent: true
+ scm:
+ type: git
+ url: "${_param:jenkins_gerrit_url}/oss/jenkins/pipelines"
+ credentials: "gerrit"
+ script: docker-build-image-security-monkey-pipeline.groovy
+ trigger:
+ gerrit:
+ project:
+ "oss/security-monkey":
+ branches:
+ - mirantis_0_9_2
+ skip_vote:
+ - successful
+ - failed
+ - unstable
+ - not_built
+ event:
+ patchset:
+ - created:
+ excludeDrafts: false
+ excludeNoCodeChange: false
+ change:
+ - merged
+ comment:
+ - addedContains:
+ commentAddedCommentContains: 'rebuild'
+ param:
+ IMAGE_NAME:
+ type: string
+ default: "security-monkey"
+ IMAGE_TAGS:
+ type: string
+ default: ""
+ CREDENTIALS_ID:
+ type: string
+ default: "gerrit"
+ DOCKER_REGISTRY:
+ type: string
+ default: "docker-dev-virtual.docker.mirantis.net"
+ PROJECT_NAMESPACE:
+ type: string
+ default: "oss"
+ DOCKERFILE_PATH:
+ type: string
+ default: "security-monkey/Dockerfile"
+ CONTEXT_PATH:
+ type: string
+ default: "."
+ CUSTOM_GERRIT_PROJECT:
+ type: string
+ default: oss/docker-security-monkey
+ CUSTOM_GERRIT_BRANCH:
+ type: string
+ default: master
+ CI_BUILD_ARG_SECURITY_MONKEY_REPO:
+ type: string
+ default: https://gerrit.mcp.mirantis.net/oss/security-monkey
+ CI_BUILD_ARG_SECURITY_MONKEY_BRANCH:
+ type: string
+ default: mirantis_0_9_2
diff --git a/jenkins/client/job/oscore/tests.yml b/jenkins/client/job/oscore/tests.yml
index a751935..bab8804 100644
--- a/jenkins/client/job/oscore/tests.yml
+++ b/jenkins/client/job/oscore/tests.yml
@@ -657,19 +657,10 @@
- failed
- unstable
- not_built
- message:
- build_successful: "Build successful"
- build_unstable: "Build unstable"
- build_failure: "Build failed"
event:
comment:
- addedContains:
- commentAddedCommentContains: 'deploy'
- patchset:
- - created:
- excludeDrafts: true
- excludeTrivialRebase: true
- excludeNoCodeChange: true
+ commentAddedCommentContains: '^(?s:Patch Set \d+:.*(test|recheck|reverify)\s*)$'
param:
SOURCE_CREDENTIALS:
type: string
diff --git a/jenkins/client/job/salt-formulas/git-mirrors/2way.yml b/jenkins/client/job/salt-formulas/git-mirrors/2way.yml
index c605744..87f1b89 100644
--- a/jenkins/client/job/salt-formulas/git-mirrors/2way.yml
+++ b/jenkins/client/job/salt-formulas/git-mirrors/2way.yml
@@ -201,6 +201,8 @@
branches: ${_param:salt_formulas_branches}
- name: rundeck
branches: ${_param:salt_formulas_branches}
+ - name: runtest
+ branches: ${_param:salt_formulas_branches}
- name: sahara
branches: ${_param:salt_formulas_branches}
- name: salt
diff --git a/jenkins/client/job/salt-formulas/tests.yml b/jenkins/client/job/salt-formulas/tests.yml
index 2e29d65..3dd77bf 100644
--- a/jenkins/client/job/salt-formulas/tests.yml
+++ b/jenkins/client/job/salt-formulas/tests.yml
@@ -106,6 +106,7 @@
- name: rsync
- name: rsyslog
- name: rundeck
+ - name: runtest
- name: sahara
- name: salt
- name: sensu
diff --git a/jenkins/slave/salt-pepper.yml b/jenkins/slave/salt-pepper.yml
new file mode 100644
index 0000000..c5baf1f
--- /dev/null
+++ b/jenkins/slave/salt-pepper.yml
@@ -0,0 +1,8 @@
+ classes:
+ - system.jenkins.slave
+ parameters:
+ linux:
+ system:
+ package:
+ salt-pepper:
+ version: latest
diff --git a/salt/syndic/cluster.yml b/salt/syndic/cluster.yml
new file mode 100644
index 0000000..55ae6d7
--- /dev/null
+++ b/salt/syndic/cluster.yml
@@ -0,0 +1,11 @@
+classes:
+- service.salt.syndic.cluster
+parameters:
+ _param:
+ salt_syndic_master_address_01: 127.0.0.1
+ salt_syndic_master_address_02: 127.0.0.1
+ salt:
+ syndic:
+ masters:
+ - host: ${_param:salt_syndic_master_address_01}
+ - host: ${_param:salt_syndic_master_address_02}
diff --git a/salt/syndic/single.yml b/salt/syndic/single.yml
new file mode 100644
index 0000000..8c015b7
--- /dev/null
+++ b/salt/syndic/single.yml
@@ -0,0 +1,5 @@
+classes:
+- service.salt.syndic.single
+parameters:
+ _param:
+ salt_syndic_master_address: 127.0.0.1