Code Review
/
releng
/
global-jjb.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
review
|
tree
raw
|
inline
| side by side
Feat: Add SBOM Generator conditional step
[releng/global-jjb.git]
/
jjb
/
lf-maven-jobs.yaml
diff --git
a/jjb/lf-maven-jobs.yaml
b/jjb/lf-maven-jobs.yaml
index
ea5f608
..
528e150
100644
(file)
--- a/
jjb/lf-maven-jobs.yaml
+++ b/
jjb/lf-maven-jobs.yaml
@@
-288,7
+288,7
@@
github-hooks: true
org-list:
- "{github-org}"
github-hooks: true
org-list:
- "{github-org}"
- white-list: "{obj:github_pr_
white
list}"
+ white-list: "{obj:github_pr_
allow
list}"
admin-list: "{obj:github_pr_admin_list}"
white-list-target-branches:
- "{branch}"
admin-list: "{obj:github_pr_admin_list}"
white-list-target-branches:
- "{branch}"
@@
-420,7
+420,7
@@
github-hooks: true
org-list:
- "{github-org}"
github-hooks: true
org-list:
- "{github-org}"
- white-list: "{obj:github_pr_
white
list}"
+ white-list: "{obj:github_pr_
allow
list}"
admin-list: "{obj:github_pr_admin_list}"
white-list-target-branches:
- "{branch}"
admin-list: "{obj:github_pr_admin_list}"
white-list-target-branches:
- "{branch}"
@@
-696,7
+696,7
@@
github-hooks: true
org-list:
- "{github-org}"
github-hooks: true
org-list:
- "{github-org}"
- white-list: "{obj:github_pr_
white
list}"
+ white-list: "{obj:github_pr_
allow
list}"
admin-list: "{obj:github_pr_admin_list}"
white-list-target-branches:
- "{branch}"
admin-list: "{obj:github_pr_admin_list}"
white-list-target-branches:
- "{branch}"
@@
-807,7
+807,7
@@
github-hooks: true
org-list:
- "{github-org}"
github-hooks: true
org-list:
- "{github-org}"
- white-list: "{obj:github_pr_
white
list}"
+ white-list: "{obj:github_pr_
allow
list}"
admin-list: "{obj:github_pr_admin_list}"
white-list-target-branches:
- "{branch}"
admin-list: "{obj:github_pr_admin_list}"
white-list-target-branches:
- "{branch}"
@@
-842,6
+842,9
@@
mvn-version: mvn35
ossrh-profile-id: ""
mvn-pom: ""
mvn-version: mvn35
ossrh-profile-id: ""
mvn-pom: ""
+ sbom-flags: ""
+ sbom-generator: false
+ sbom-generator-version: "v0.0.10"
sign-artifacts: false
sign-mode: serial
stream: master
sign-artifacts: false
sign-mode: serial
stream: master
@@
-889,6
+892,10
@@
name: STAGING_PROFILE_ID
default: "{staging-profile-id}"
description: Nexus staging profile ID.
name: STAGING_PROFILE_ID
default: "{staging-profile-id}"
description: Nexus staging profile ID.
+ - string:
+ name: SBOM_GENERATOR_VERSION
+ default: "{sbom-generator-version}"
+ description: SBOM generator version to download and run.
builders:
- lf-infra-pre-build
builders:
- lf-infra-pre-build
@@
-909,6
+916,14
@@
- shell: !include-raw-escape: ../shell/maven-patch-release.sh
- lf-maven-build:
mvn-goals: "{mvn-goals}"
- shell: !include-raw-escape: ../shell/maven-patch-release.sh
- lf-maven-build:
mvn-goals: "{mvn-goals}"
+ # With SBOM Generator
+ - conditional-step:
+ condition-kind: boolean-expression
+ condition-expression: "{sbom-generator}"
+ steps:
+ - shell: echo 'Running SBOM Generator'
+ - lf-infra-maven-sbom-generator:
+ sbom-flags: "{sbom-flags}"
- lf-sigul-sign-dir:
sign-artifacts: "{sign-artifacts}"
sign-dir: "$WORKSPACE/m2repo"
- lf-sigul-sign-dir:
sign-artifacts: "{sign-artifacts}"
sign-dir: "$WORKSPACE/m2repo"
@@
-1138,6
+1153,7
@@
sonarcloud-project-key: ""
sonarcloud-project-organization: ""
sonarcloud-api-token: ""
sonarcloud-project-key: ""
sonarcloud-project-organization: ""
sonarcloud-api-token: ""
+ sonarcloud-qualitygate-wait: false
# SonarCloud scan using jdk8 will become deprecated by Oct, 2020
# Projects not compatible with jdk11 can set java-version to something else
sonarcloud-java-version: openjdk11
# SonarCloud scan using jdk8 will become deprecated by Oct, 2020
# Projects not compatible with jdk11 can set java-version to something else
sonarcloud-java-version: openjdk11
@@
-1224,6
+1240,7
@@
sonarcloud-project-organization: "{sonarcloud-project-organization}"
sonarcloud-api-token: "{sonarcloud-api-token}"
sonarcloud-java-version: "{sonarcloud-java-version}"
sonarcloud-project-organization: "{sonarcloud-project-organization}"
sonarcloud-api-token: "{sonarcloud-api-token}"
sonarcloud-java-version: "{sonarcloud-java-version}"
+ sonarcloud-qualitygate-wait: "{sonarcloud-qualitygate-wait}"
scan-dev-branch: "{scan-dev-branch}"
# With SonarQube
- conditional-step:
scan-dev-branch: "{scan-dev-branch}"
# With SonarQube
- conditional-step:
@@
-1259,6
+1276,7
@@
sonarcloud-project-organization: "{sonarcloud-project-organization}"
sonarcloud-api-token: "{sonarcloud-api-token}"
sonarcloud-java-version: "{sonarcloud-java-version}"
sonarcloud-project-organization: "{sonarcloud-project-organization}"
sonarcloud-api-token: "{sonarcloud-api-token}"
sonarcloud-java-version: "{sonarcloud-java-version}"
+ sonarcloud-qualitygate-wait: "{sonarcloud-qualitygate-wait}"
scan-dev-branch: "{scan-dev-branch}"
# With SonarQube
- conditional-step:
scan-dev-branch: "{scan-dev-branch}"
# With SonarQube
- conditional-step:
@@
-1274,6
+1292,16
@@
mvn-settings: "{mvn-settings}"
mvn-version: "{mvn-version}"
mvn-settings: "{mvn-settings}"
mvn-version: "{mvn-version}"
+- builder:
+ name: lf-infra-maven-sbom-generator
+ # Run Maven goals and trigger SPDX SBOM Generator tool
+ builders:
+ - inject:
+ properties-content: |
+ SBOM_FLAGS={sbom-flags}
+ - shell: !include-raw-escape:
+ - ../shell/sbom-generator.sh
+
- builder:
name: lf-infra-maven-sonar
# Run a Sonar build with Maven
- builder:
name: lf-infra-maven-sonar
# Run a Sonar build with Maven
@@
-1313,6
+1341,7
@@
API_TOKEN={sonarcloud-api-token}
SONARCLOUD_JAVA_VERSION={sonarcloud-java-version}
SCAN_DEV_BRANCH={scan-dev-branch}
API_TOKEN={sonarcloud-api-token}
SONARCLOUD_JAVA_VERSION={sonarcloud-java-version}
SCAN_DEV_BRANCH={scan-dev-branch}
+ SONARCLOUD_QUALITYGATE_WAIT={sonarcloud-qualitygate-wait}
- lf-provide-maven-settings:
global-settings-file: global-settings
settings-file: "{mvn-settings}"
- lf-provide-maven-settings:
global-settings-file: global-settings
settings-file: "{mvn-settings}"
@@
-1350,6
+1379,7
@@
sonarcloud: true
scan-dev-branch: true
sonarcloud: true
scan-dev-branch: true
+ sonarcloud-qualitygate-wait: false
gerrit_sonar_triggers:
- patchset-created-event:
gerrit_sonar_triggers:
- patchset-created-event:
@@
-1385,7
+1415,7
@@
submodule-recursive: "{submodule-recursive}"
submodule-timeout: "{submodule-timeout}"
submodule-disable: "{submodule-disable}"
submodule-recursive: "{submodule-recursive}"
submodule-timeout: "{submodule-timeout}"
submodule-disable: "{submodule-disable}"
- choosing-strategy:
defaul
t
+ choosing-strategy:
gerri
t
- job-template:
name: "{project-name}-sonar-prescan-script"
- job-template:
name: "{project-name}-sonar-prescan-script"
@@
-1440,7
+1470,7
@@
github-hooks: true
org-list:
- "{github-org}"
github-hooks: true
org-list:
- "{github-org}"
- white-list: "{obj:github_pr_
white
list}"
+ white-list: "{obj:github_pr_
allow
list}"
admin-list: "{obj:github_pr_admin_list}"
white-list-target-branches:
- "{branch}"
admin-list: "{obj:github_pr_admin_list}"
white-list-target-branches:
- "{branch}"
@@
-1480,7
+1510,7
@@
github-hooks: true
org-list:
- "{github-org}"
github-hooks: true
org-list:
- "{github-org}"
- white-list: "{obj:github_pr_
white
list}"
+ white-list: "{obj:github_pr_
allow
list}"
admin-list: "{obj:github_pr_admin_list}"
white-list-target-branches:
- "{branch}"
admin-list: "{obj:github_pr_admin_list}"
white-list-target-branches:
- "{branch}"