+
+.. _gjjb-packer-verify-build:
+
+Packer Verify Build
+-------------------
+
+Packer Verify Build job is essentially the same as the
+:ref:`Packer Merge job<gjjb-packer-merge>`. It is triggered only by its keyword,
+and will build a useable image. If the last patch set before a merge has a
+successful verify build, the merge job will not build the same image.
+
+:Template Names:
+ - {project-name}-packer-verify-build-{platforms}-{templates}
+ - gerrit-packer-verify-build
+ - github-packer-verify-build
+
+:Comment Trigger: verify-build|packer-build
+
+:Required parameters:
+
+ :build-node: The node to run build on.
+ :jenkins-ssh-credential: Credential to use for SSH. (Generally should
+ be configured in defaults.yaml)
+ :mvn-settings: The name of settings file containing credentials for
+ the project.
+ :platforms: Platform or distribution to build. Typically json file
+ found in the packer/vars directory. (Example: centos-7)
+ :templates: System template to build. Typically a yaml file or shell script
+ found in the packer/provision directory. (Example: docker)
+
+:Optional parameters:
+
+ :branch: Git branch to fetch for the build. (default: master)
+ :build-days-to-keep: Days to keep build logs in Jenkins. (default: 7)
+ :build-timeout: Timeout in minutes before aborting build. (default: 10)
+ :gerrit_trigger_file_paths: Override file paths which can be used to
+ filter which file modifications will trigger a build.
+ :gerrit_verify_triggers: Override Gerrit Triggers.
+ :git-url: URL clone project from. (default: $GIT_URL/$PROJECT)
+ :openstack: Packer template uses an OpenStack builder (default: true).
+ :openstack-cloud: Sets OS_CLOUD variable to the value of this parameter.
+ (default: vex).
+ :packer-cloud-settings: Name of settings file containing credentials
+ for the cloud that packer will build on. (default: packer-cloud-env)
+ :packer-version: Version of packer to install / use in build. (default: 1.0.2)
+ :stream: Keyword that can be used to represent a release code-name.
+ Often the same as the branch. (default: master)
+ :submodule-recursive: Whether to checkout submodules recursively.
+ (default: true)
+ :submodule-timeout: Timeout (in minutes) for checkout operation.
+ (default: 10)
+ :submodule-disable: Disable submodule checkout operation.
+ (default: false)
+ :update-cloud-image: Submit a change request to update new built cloud
+ image to Jenkins. (default: false)
+
+
+Puppet Verify
+-------------
+
+Runs puppet-lint in the ``puppet-dir`` directory. puppet-lint runs recursively,
+the base directory is usually the best place to run from.
+
+:Template Names:
+
+ - {project-name}-puppet-verify
+ - gerrit-puppet-verify
+ - github-puppet-verify
+
+:Comment Trigger: recheck|reverify
+
+:Required Parameters:
+
+ :build-node: The node to run build on.
+ :jenkins-ssh-credential: Credential to use for SSH. (Generally set
+ in defaults.yaml)
+
+:Optional Parameters:
+
+ :branch: The branch to build against. (default: master)
+ :build-days-to-keep: Days to keep build logs in Jenkins. (default: 7)
+ :build-timeout: Timeout in minutes before aborting build. (default: 15)
+ :gerrit_trigger_file_paths: Override file paths which used to filter which
+ file modifications will trigger a build. Refer to JJB documentation for
+ "file-path" details.
+ https://docs.openstack.org/infra/jenkins-job-builder/triggers.html#triggers.gerrit
+ :git-url: URL clone project from. (default: $GIT_URL/$GERRIT_PROJECT)
+ :puppet-dir: Directory containing the project's puppet module(s) relative
+ to the workspace.
+ (default: '')
+ :puppet-lint-version: Version of puppet-lint to use for testing.
+ (default: 2.3.6)
+ :stream: Keyword representing a release code-name.
+ Often the same as the branch. (default: master)
+ :submodule-recursive: Whether to checkout submodules recursively.
+ (default: true)
+ :submodule-timeout: Timeout (in minutes) for checkout operation.
+ (default: 10)
+ :submodule-disable: Disable submodule checkout operation.
+ (default: false)
+
+
+Sonar
+-----
+
+Runs the Jenkins SonarQube Scanner plug-in to analyze code for bugs,
+code smells and security vulnerabilities, and to upload the result
+(possibly including code-coverage statistics) to a SonarQube server
+or to SonarCloud.io.
+
+Requires ``SonarQube Scanner for Jenkins``
+
+One of the optional parameters sonar-project-file and sonar-properties
+must be supplied; they cannot both be empty.
+
+Plug-in configurations
+ Manage Jenkins --> Configure System --> SonarQube servers
+ - Name: Sonar (fixed)
+ - Server URL: https://sonar.server.org/ or https://sonarcloud.io
+ - Server authentication token: none for local, API token (saved as a
+ "secret text" credential) for Sonarcloud
+
+ Manage Jenkins --> Global Tool Configuration --> SonarQube Scanner
+ - Name: SonarQube Scanner (fixed)
+ - Install automatically
+ - Select latest version
+
+.. note:: Sonar properties can be set directly in the job definition by
+ setting the sonar-project-file to ``""`` and adding all properties under
+ ``sonar-properties``.
+
+:Template Names:
+
+ - {project-name}-sonar
+ - gerrit-sonar
+ - github-sonar
+
+:Optional Parameters:
+ :sonar-task: Sonar task to run. (default: "")
+ :sonar-project-file: The filename for the project's properties
+ (default: "sonar-project.properties")
+ :sonar-properties: Sonar configuration properties. (default: "")
+ :sonar-java-opts: JVM options. (default: "")
+ :sonar-additional-args: Additional command line arguments. (default: "")
+
+
+Sonar with Prescan
+------------------
+
+The same as the Sonar job above, except the caller also defines a builder
+called ``lf-sonar-prescan``, in which they can put any builders that they want
+to run prior to the Sonar scan.
+
+.. code-block:: yaml
+
+ - builder:
+ name: lf-sonar-prescan
+ builders:
+ - shell: "# Pre-scan shell script"
+
+:Template Names:
+
+ - {project-name}-sonar-prescan
+ - gerrit-sonar-prescan
+ - github-sonar-prescan
+
+:Required Parameters:
+ :lf-sonar-prescan: A builder that will run prior to the Sonar scan.
+
+:Optional Parameters:
+ :sonar-task: Sonar task to run. (default: "")
+ :sonar-project-file: The filename for the project's properties
+ (default: "sonar-project.properties")
+ :sonar-properties: Sonar configuration properties. (default: "")
+ :sonar-java-opts: JVM options. (default: "")
+ :sonar-additional-args: Additional command line arguments. (default: "")
+
+
+Sonar with Prescan Script
+-------------------------
+
+The same as the Sonar job above, except the caller must supply a shell script
+to run prior to the Sonar scan. This is commonly used to install prerequisites,
+build the project, execute unit tests and generate a code-coverage report.
+
+:Template Names:
+
+ - {project-name}-sonar-prescan-script
+ - gerrit-sonar-prescan-script
+ - github-sonar-prescan-script
+
+:Required Parameters:
+ :sonar-prescan-script: A shell script that will run prior to the Sonar scan.
+
+:Optional Parameters:
+ :sonar-task: Sonar task to run. (default: "")
+ :sonar-project-file: The filename for the project's properties.
+ (default: "sonar-project.properties")
+ :sonar-properties: Sonar configuration properties. (default: "")
+ :sonar-java-opts: JVM options. (default: "")
+ :sonar-additional-args: Additional command line arguments. (default: "")