JJB Verify
----------
-Runs `jenkins-jobs test` to validate JJB syntax
+Runs `jenkins-jobs test` to validate JJB syntax. Optionally validates
+build-node labels used in templates and job definitions.
:Template Names:
- {project-name}-jjb-verify
:build-concurrent: Whether or not to allow this job to run multiple jobs
simultaneously. (default: true)
:build-days-to-keep: Days to keep build logs in Jenkins. (default: 7)
+ :build-node-label-check: Whether to check build-node labels in jobs
+ against node names in cloud config files (default: false)
+ :build-node-label-list: Space-separated list of external build-node
+ labels not present in cloud config files (default: "")
:build-timeout: Timeout in minutes before aborting build. (default: 10)
:git-url: URL clone project from. (default: $GIT_URL/$PROJECT)
:jjb-cache: JJB cache location. (default: $HOME/.cache/jenkins_jobs)
:Template Names:
- {project-name}-jjb-verify-upstream-gjjb
- gerrit-jjb-verify-upstream-gjjb
+ - github-jjb-verify-upstream-gjjb
:Comment Trigger: recheck|reverify
:gerrit_verify_triggers: Override Gerrit Triggers.
+.. _lf_pipelines_verify:
+
+LF Pipelines Verify
+-------------------
+
+Verify job for the LF RelEng pipeline library. This can be implemented on any
+Jenkins machine that has the appropriate Pipelines plugins installed. It will
+look for a Gerrit system named "lf-releng" (which should be mapped to
+https://gerrit.linuxfoundation.org/infra/), and pull in the Jenkinsfile in the
+root directory of the repo.
+
+:Template Names:
+ - lf-pipelines-verify
+
+:Comment Trigger: recheck|reverify
+
.. _license-checker:
License Checker
:mvn-settings: The name of settings file containing credentials for
the project.
:platforms: Platform or distribution to build. Typically json file
- found in the packer/vars directory. (Example: centos)
- :template: System template to build. Typically shell script found in
- the packer/provision directory. (Example: java-builder)
+ found in the packer/vars directory. (Example: centos-7)
+ :templates: System template to build. Typically a yaml file or shell script
+ found in the packer/provision directory. (Example: docker)
:Optional parameters:
:branch: Git branch to fetch for the build. (default: master)
:build-days-to-keep: Days to keep build logs in Jenkins. (default: 7)
:build-timeout: Timeout in minutes before aborting build. (default: 90)
+ :gerrit_verify_triggers: Override Gerrit Triggers.
:git-url: URL clone project from. (default: $GIT_URL/$PROJECT)
:openstack: Packer template uses an OpenStack builder (default: true).
:openstack-cloud: Sets OS_CLOUD variable to the value of this parameter.
(default: 10)
:submodule-disable: Disable submodule checkout operation.
(default: false)
-
- :gerrit_verify_triggers: Override Gerrit Triggers.
- :update-cloud-image: Submit a change request to update new built cloud
+ :update-cloud-image: Submit a change request to update newly built cloud
image to Jenkins. (default: false)
Test an in-progress patch
^^^^^^^^^^^^^^^^^^^^^^^^^
-To test an in-progress patch from a GitHub Pull Request. Upload this
+To test an in-progress patch from a GitHub Pull Request, upload this
job to the :doc:`Jenkins Sandbox <lfdocs:jenkins-sandbox>`. Then when manually
-building the job replace the GERRIT_REFSPEC parameter with the GitHub Pull
+building the job, replace the GERRIT_REFSPEC parameter with the GitHub Pull
Request number of the patch you would like to test.
Example GitHub:
GERRIT_REFSPEC: origin/pr/49/merge
+
.. _gjjb-packer-verify:
Packer Verify
-------------
-Packer Verify job runs `packer validate` to verify packer configuration.
+Packer Verify job runs `packer validate` to verify packer configuration. The
+verify job checks superficial syntax of the template and other files. It does
+not attempt to build an image, and cannot detect all possible build issues.
:Template Names:
- {project-name}-packer-verify
:branch: Git branch to fetch for the build. (default: master)
:build-days-to-keep: Days to keep build logs in Jenkins. (default: 7)
:build-timeout: Timeout in minutes before aborting build. (default: 10)
+ :gerrit_trigger_file_paths: Override file paths which can be used to
+ filter which file modifications will trigger a build.
+ :gerrit_verify_triggers: Override Gerrit Triggers.
:git-url: URL clone project from. (default: $GIT_URL/$PROJECT)
:openstack: Packer template uses an OpenStack builder (default: true).
:openstack-cloud: Sets OS_CLOUD variable to the value of this parameter.
:submodule-disable: Disable submodule checkout operation.
(default: false)
- :gerrit_verify_triggers: Override Gerrit Triggers.
- :gerrit_trigger_file_paths: Override file paths which can be used to
- filter which file modifications will trigger a build.
+
+.. _gjjb-packer-verify-build:
+
+Packer Verify Build
+-------------------
+
+Packer Verify Build job is essentially the same as the
+:ref:`Packer Merge job<gjjb-packer-merge>`. It is triggered only by its keyword,
+and will build a useable image. If the last patch set before a merge has a
+successful verify build, the merge job will not build the same image.
+
+:Template Names:
+ - {project-name}-packer-verify-build-{platforms}-{templates}
+ - gerrit-packer-verify-build
+ - github-packer-verify-build
+
+:Comment Trigger: verify-build|packer-build
+
+:Required parameters:
+
+ :build-node: The node to run build on.
+ :jenkins-ssh-credential: Credential to use for SSH. (Generally should
+ be configured in defaults.yaml)
+ :mvn-settings: The name of settings file containing credentials for
+ the project.
+ :platforms: Platform or distribution to build. Typically json file
+ found in the packer/vars directory. (Example: centos-7)
+ :templates: System template to build. Typically a yaml file or shell script
+ found in the packer/provision directory. (Example: docker)
+
+:Optional parameters:
+
+ :branch: Git branch to fetch for the build. (default: master)
+ :build-days-to-keep: Days to keep build logs in Jenkins. (default: 7)
+ :build-timeout: Timeout in minutes before aborting build. (default: 10)
+ :gerrit_trigger_file_paths: Override file paths which can be used to
+ filter which file modifications will trigger a build.
+ :gerrit_verify_triggers: Override Gerrit Triggers.
+ :git-url: URL clone project from. (default: $GIT_URL/$PROJECT)
+ :openstack: Packer template uses an OpenStack builder (default: true).
+ :openstack-cloud: Sets OS_CLOUD variable to the value of this parameter.
+ (default: vex).
+ :packer-cloud-settings: Name of settings file containing credentials
+ for the cloud that packer will build on. (default: packer-cloud-env)
+ :packer-version: Version of packer to install / use in build. (default: 1.0.2)
+ :stream: Keyword that can be used to represent a release code-name.
+ Often the same as the branch. (default: master)
+ :submodule-recursive: Whether to checkout submodules recursively.
+ (default: true)
+ :submodule-timeout: Timeout (in minutes) for checkout operation.
+ (default: 10)
+ :submodule-disable: Disable submodule checkout operation.
+ (default: false)
+ :update-cloud-image: Submit a change request to update new built cloud
+ image to Jenkins. (default: false)
Puppet Verify
Sonar
-----
-Runs Jenkins Sonarqube plug-in to review for bugs, code smells,
-and security vulnerabilities.
+Runs the Jenkins SonarQube Scanner plug-in to analyze code for bugs,
+code smells and security vulnerabilities, and to upload the result
+(possibly including code-coverage statistics) to a SonarQube server
+or to SonarCloud.io.
Requires ``SonarQube Scanner for Jenkins``
+One of the optional parameters sonar-project-file and sonar-properties
+must be supplied; they cannot both be empty.
+
Plug-in configurations
Manage Jenkins --> Configure System --> SonarQube servers
- Name: Sonar (fixed)
:sonar-properties: Sonar configuration properties. (default: "")
:sonar-java-opts: JVM options. (default: "")
:sonar-additional-args: Additional command line arguments. (default: "")
+
+
+Sonar with Prescan Script
+-------------------------
+
+The same as the Sonar job above, except the caller must supply a shell script
+to run prior to the Sonar scan. This is commonly used to install prerequisites,
+build the project, execute unit tests and generate a code-coverage report.
+
+:Template Names:
+
+ - {project-name}-sonar-prescan-script
+ - gerrit-sonar-prescan-script
+ - github-sonar-prescan-script
+
+:Required Parameters:
+ :sonar-prescan-script: A shell script that will run prior to the Sonar scan.
+
+:Optional Parameters:
+ :sonar-task: Sonar task to run. (default: "")
+ :sonar-project-file: The filename for the project's properties.
+ (default: "sonar-project.properties")
+ :sonar-properties: Sonar configuration properties. (default: "")
+ :sonar-java-opts: JVM options. (default: "")
+ :sonar-additional-args: Additional command line arguments. (default: "")