:Required Parameters:
+ :jjb-cache: Location of Jenkins Job Builder (JJB) cache used for jjb
+ jobs.
:jjb-version: Version of Jenkins Job Builder (JJB) to install and use in
the jjb jobs.
Provides jenkins_jobs.ini configuration for Jenkins.
-lf-infra-jjbini-sandbox
------------------------
-
-Provides jenkins_jobs.ini configuration for Jenkins sandbox.
-
-.. todo:: This needs to be consolidated into lf-infra-jjbini when JJB 2.0 is available
-
lf-packer-common
----------------
Gerrit file-paths for packer verify jobs.
+lf-puppet-parameters
+--------------------
+
+Parameters useful for Puppet related tasks.
+
+:Parameters:
+
+ :puppet-lint-version: Version of puppet-lint to install / use.
+ (shell: PUPPET_LINT_VERSION)
+
Job Templates
=============
+.. _gerrit-branch-lock:
+
Gerrit Branch Lock
------------------
Job submits a patch to lock or unlock a project's branch.
+This job will process lock/unlock requests for all projects and all branches
+and does not need to have per-project configuration.
+
:Template Names:
- - {project-name}-gerrit-branch-lock-{stream}
+ - {project-name}-gerrit-branch-lock
- gerrit-branch-lock
+:Comment Trigger:
+
+ * lock branch
+ * unlock branch
+
+:Required parameters:
+
+ :build-node: The node to run build on.
+ :jenkins-ssh-credential: Credential to use for SSH. (Generally configured
+ in defaults.yaml)
+
+:Optional parameters:
+
+ :git-url: URL to clone project from. (default: $GIT_URL/$GERRIT_PROJECT)
+ :submodule-timeout: Timeout (in minutes) for checkout operation.
+ (default: 10)
+ :gerrit_merge_triggers: Override Gerrit Triggers.
.. _lf-global-jjb-jenkins-cfg-merge:
Typically this template is automatically pulled in by the
"{project-name}-ci-jobs" job-group and does not need to be explicitly called if
-the job group is being used.
+you are already using the job group.
-Miniaml Example:
+Minimal Example:
.. literalinclude:: ../../.jjb-test/lf-ci-jobs/jenkins-cfg-merge-minimal.yaml
:language: yaml
Global Environment Variables
^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-Global Environment Variables are managed via the
+Manage Global Environment Variables via the
``jenkins-config/global-vars-SILO.sh`` file in ci-management. Replace SILO with
the name of the Jenkins silo the variable configuration is for.
Cloud Configuration
^^^^^^^^^^^^^^^^^^^
-This configuration requires the OpenStack Cloud plugin in Jenkins and is
-currently the only cloud plugin supported.
+This configuration requires the **OpenStack Cloud plugin** in Jenkins.
OpenStack Cloud plugin version supported:
* 2.30 - 2.34
* 2.35 - 2.37
-Cloud configuration are managed via a directory structure in ci-management as
-follows:
+Cloud configuration follows a directory structure in ci-management like this:
- jenkins-config/clouds/openstack/
-- jenkins-config/clouds/openstack/cattle/cloud.cfg
-- jenkins-config/clouds/openstack/cattle/centos7-builder-2c-2g.cfg
-- jenkins-config/clouds/openstack/cattle/centos7-builder-4c-4g.cfg
-- jenkins-config/clouds/openstack/cattle/centos7-docker-4c-4g.cfg
+- jenkins-config/clouds/openstack/**cattle**/cloud.cfg
+- jenkins-config/clouds/openstack/**cattle**/centos7-builder-2c-2g.cfg
+- jenkins-config/clouds/openstack/**cattle**/centos7-builder-4c-4g.cfg
+- jenkins-config/clouds/openstack/**cattle**/centos7-docker-4c-4g.cfg
-The directory name inside of the "openstack" directory is used as the name of
-the cloud configuration. In this case "cattle" is being used as the cloud name.
+This job uses the directory name of the directory inside of the "openstack"
+directory as the name of the cloud configuration in Jenkins. This is to support
+systems that want to use more than one cloud provider. In this example "cattle"
+is the cloud name.
The ``cloud.cfg`` file is a special file used to configure the main cloud
configuration in the format ``KEY=value``.
(default: "os-cloud")
:INSTANCE_CAP: Total number of instances the cloud will allow spin up.
(default: null)
- :SANDBOX_CAP: Total number of instances the clodu will allow to
+ :SANDBOX_CAP: Total number of instances the cloud will allow to
spin up. This applies to "sandbox" systems and overrides the
INSTANCE_CAP setting. (default: null)
.. note::
- In the case of template definitions of a parameter below is not passed
- the one defined in default clouds will be inherited.
+ Parameters below that are not defined will inherit the ones defined in
+ the default clouds configuration.
- :IMAGE_NAME: The image name to use for this template.
- (required)
+ :IMAGE_NAME: The image name to use for this template. (required)
:HARDWARE_ID: OpenStack flavor to use. (required)
:LABELS: Labels to assign to the vm. (default: FILE_NAME)
+ :VOLUME_SIZE: Volume size to assign to vm. (default: "")
+ :HARDWARE_ID: Hardware Id to assign to vm. (default: "")
:NETWORK_ID: OpenStack network to use. (default: "")
:USER_DATA_ID: User Data to pass into the instance.
(default: jenkins-init-script)
- :INSTANCE_CAP: Total number of instances of this type that can be launched
- at one time. When defined in clouds.cfg it defines the total for the
- entire cloud. (default: null)
- :SANDBOX_CAP: Total number of instances of this type that can be launched
- at one time. When defined in clouds.cfg it defines the total for the
- entire cloud. This applies to "sandbox" systems and overrides the
+ :INSTANCE_CAP: Total number of instances of this type that is available for
+ use at one time. When defined in clouds.cfg it defines the total for
+ the entire cloud. (default: null)
+ :SANDBOX_CAP: Total number of instances of this type that is available for
+ use at one time. When defined in clouds.cfg it defines the total for
+ the entire cloud. This applies to "sandbox" systems and overrides the
INSTANCE_CAP setting. (default: null)
:FLOATING_IP_POOL: Floating ip pool to use. (default: "")
:SECURITY_GROUPS: Security group to use. (default: "default")
:AVAILABILITY_ZONE: OpenStack availability zone to use. (default: "")
- :START_TIMEOUT: Number of milliseconds to wait for the agent to be
- provisioned and connected. (default: 600000)
+ :START_TIMEOUT: Number of milliseconds to wait for agent provisioning.
+ (default: 600000)
:KEY_PAIR_NAME: SSH Public Key Pair to use for authentication.
- (default: jenkins)
+ (default: jenkins-ssh)
:NUM_EXECUTORS: Number of executors to enable for the instance.
(default: 1)
- :JVM_OPTIONS: JVM Options to pass to Java. (default: "")
+ :JVM_OPTIONS: JVM Options to pass to Java. (default: null)
:FS_ROOT: File system root for the workspace. (default: "/w")
- :RETENTION_TIME: Number of minutes to wait for an idle slave to be used
- again before it's removed. If set to -1, the slave will be kept
+ :NODE_PROPERTIES: Node properties. (default: null)
+ :RETENTION_TIME: Number of minutes to wait for an idle minion before
+ removing it from the system. If set to -1, the minion will stick around
forever. (default: 0)
:CONNECTION_TYPE: The connection type for Jenkins to connect to the build
minion. Valid options: JNLP, SSH. (default: "SSH")
+ :CONFIG_TYPE: Configuration drive. (default: null)
For a live example see the OpenDaylight project jenkins-config directory.
https://github.com/opendaylight/releng-builder/tree/master/jenkins-config
:Cloud Configuration:
- The directory ``groovy-inserts`` contains the groovy script output that is
- used to push to Jenkins. In the event of a job failure this file can be
- inspected.
+ The directory ``groovy-inserts`` contains the groovy script output used by
+ Jenkins to push the cloud configuration. In the event of a job failure use
+ this file to debug.
+
+
+ .. _lf-global-jjb-jenkins-cfg-verify:
+
+Jenkins Configuration Verify
+----------------------------
+Jenkins job to verify the Global Jenkins configuration.
+
+Requires the ``clouds-yaml`` file to be setup on the Jenkins host.
+
+:Template names:
+
+ - {project-name}-jenkins-cfg-verify
+ - gerrit-jenkins-cfg-verify
+ - github-jenkins-cfg-verify
+
+:Optional parameters:
+
+ :branch: Git branch to build against. (default: master)
+ :git-url: URL to clone project from. (default: $GIT_URL/$GERRIT_PROJECT)
+
+This job is not part of the "{project-name}-ci-jobs" group and requires
+separate configuration.
+
+Example:
+
+.. literalinclude:: ../../.jjb-test/lf-ci-jobs/jenkins-cfg-verify.yaml
+ :language: yaml
+
+
+.. _jenkins-sandbox-cleanup:
Jenkins Sandbox Cleanup
-----------------------
:Required parameters:
:build-node: The node to run build on.
- :jenkins-ssh-credential: Credential to use for SSH. (Generally
- should be configured in defaults.yaml)
+ :jenkins-ssh-credential: Credential to use for SSH. (Generally configured
+ in defaults.yaml)
:Optional parameters:
:cron: Schedule to run job. (default: '0 8 * * 6')
+.. _jjb-deploy:
+
JJB Deploy Job
--------------
-Deploy jobs to jenkins-sandbox system via code review comment
+Deploy jobs to jenkins-sandbox system via code review comment.
This job checks out the current code review patch and then runs a
-`jenkins-jobs update` to push a patch defined by the comment.
+``jenkins-jobs update`` to push a patch defined by the comment.
:Template names:
.. note::
- JOB_NAME can include the * wildcard character to push multiple jobs
- matching the pattern. For example `jjb-deploy builder-jjb-*`` will push
- all builder-jjb-* jobs to the sandbox system.
+ The JJB Deploy Job is a manual job and triggers via Gerrit comment
+ which starts with the ``jjb-deploy`` keyword.
+
+ Example of a valid command in Gerrit comment that triggers the job:
+
+ ``jjb-deploy builder-jjb-*``
+
+ Example of a invalid command in Gerrit comment that would _not_ trigger
+ the job:
+
+ ``Update the job. jjb-deploy builder-jjb-*``
+
+ JOB_NAME can include the ``*`` wildcard character to push jobs matching
+ the pattern. For example ``jjb-deploy builder-jjb-*`` will push all
+ builder-jjb-* jobs to the sandbox system.
:Required parameters:
:build-node: The node to run build on.
- :jenkins-ssh-credential: Credential to use for SSH. (Generally
- should be configured in defaults.yaml)
+ :jenkins-ssh-credential: Credential to use for SSH. (Generally configured
+ in defaults.yaml)
:Optional parameters:
:gerrit_jjb_deploy_job_triggers: Override Gerrit Triggers.
+.. _jjb-merge:
+
JJB Merge
---------
-Runs `jenkins-jobs update` to update production job configuration
+Runs ``jenkins-jobs update`` to update production job configuration
:Template Names:
- {project-name}-jjb-merge
:Required parameters:
:build-node: The node to run build on.
- :jenkins-ssh-credential: Credential to use for SSH. (Generally should
- be configured in defaults.yaml)
+ :jenkins-ssh-credential: Credential to use for SSH. (Generally configured
+ in defaults.yaml)
:Optional parameters:
:build-days-to-keep: Days to keep build logs in Jenkins. (default: 7)
:build-timeout: Timeout in minutes before aborting build. (default: 10)
:git-url: URL clone project from. (default: $GIT_URL/$PROJECT)
+ :jjb-cache: JJB cache location. (default: $HOME/.cache/jenkins_jobs)
+ :jjb-workers: Number of threads to run **update** with. Set to 0 by default
+ which will use the number of available CPU cores. (default: 0)
:jjb-version: JJB version to install. (default: see job-template)
- :stream: Keyword that can be used to represent a release code-name.
+ :stream: Keyword that represents a release code-name.
Often the same as the branch. (default: master)
:submodule-recursive: Whether to checkout submodules recursively.
(default: true)
+ :submodule-timeout: Timeout (in minutes) for checkout operation.
+ (default: 10)
+ :submodule-disable: Disable submodule checkout operation.
+ (default: false)
:gerrit_merge_triggers: Override Gerrit Triggers.
- :gerrit_trigger_file_paths: Override file paths which can be used to
- filter which file modifications will trigger a build.
+ :gerrit_trigger_file_paths: Override file paths to filter which file
+ modifications will trigger a build.
(default defined by lf_jjb_common)
+.. _jjb-verify:
+
JJB Verify
----------
-Runs `jenkins-jobs test` to validate JJB syntax
+Runs ``jenkins-jobs test`` to verify JJB syntax. Optionally verifies
+build-node labels used in templates and job definitions.
:Template Names:
- {project-name}-jjb-verify
:Required parameters:
:build-node: The node to run build on.
- :jenkins-ssh-credential: Credential to use for SSH. (Generally should
- be configured in defaults.yaml)
+ :jenkins-ssh-credential: Credential to use for SSH. (Generally configured
+ in defaults.yaml)
:Optional parameters:
:branch: Git branch to fetch for the build. (default: master)
+ :build-concurrent: Set to ``true`` to allow this job to run jobs
+ simultaneously. (default: true)
:build-days-to-keep: Days to keep build logs in Jenkins. (default: 7)
+ :build-node-label-check: Whether to check build-node labels in jobs
+ against node names in cloud config files (default: false)
+ :build-node-label-list: Space-separated list of external build-node
+ labels not present in cloud config files (default: "")
:build-timeout: Timeout in minutes before aborting build. (default: 10)
:git-url: URL clone project from. (default: $GIT_URL/$PROJECT)
+ :jjb-cache: JJB cache location. (default: $HOME/.cache/jenkins_jobs)
:jjb-version: JJB version to install. (default: see job-template)
- :stream: Keyword that can be used to represent a release code-name.
+ :stream: Keyword that represents a release code-name.
Often the same as the branch. (default: master)
- :submodule-recursive: Whether to checkout submodules recursively.
+ :submodule-recursive: Set to ``true`` to checkout submodules recursively.
(default: true)
+ :submodule-timeout: Timeout (in minutes) for checkout operation.
+ (default: 10)
+ :submodule-disable: Disable submodule checkout operation.
+ (default: false)
+ :throttle_categories: List of categories to throttle by.
+ :throttle-enabled: Set to ``true`` to enable throttling on the job.
+ (default: true)
+ :throttle-max-per-node: Max jobs to run on the same node. (default: 1)
+ :throttle-max-total: Max jobs to run across the entire project. - 0
+ means 'unlimited' (default: 0)
+ :throttle-option: Throttle by the project or by list of categories
+ defined in the throttle plugin configuration. (options: 'project',
+ 'category'; default: project)
:gerrit_verify_triggers: Override Gerrit Triggers.
- :gerrit_trigger_file_paths: Override file paths which can be used to
- filter which file modifications will trigger a build.
+ :gerrit_trigger_file_paths: Override file paths to filter which file
+ modifications will trigger a build.
(default defined by lf_jjb_common)
.. _jjb-verify-upstream-gjjb:
JJB Verify Upstream Global JJB
------------------------------
-Runs ``jenkins-jobs test`` to validate JJB syntax for upstream global-jjb
+Runs ``jenkins-jobs test`` to verify JJB syntax for upstream global-jjb
patches. This job is useful to notify upstream that they may be breaking
project level jobs.
:Template Names:
- {project-name}-jjb-verify-upstream-gjjb
- gerrit-jjb-verify-upstream-gjjb
+ - github-jjb-verify-upstream-gjjb
:Comment Trigger: recheck|reverify
:Required parameters:
:build-node: The node to run build on.
- :jenkins-ssh-credential: Credential to use for SSH. (Generally should
- be configured in defaults.yaml)
+ :jenkins-ssh-credential: Credential to use for SSH. (Generally configured
+ in defaults.yaml)
:Optional parameters:
:build-days-to-keep: Days to keep build logs in Jenkins. (default: 7)
:build-timeout: Timeout in minutes before aborting build. (default: 10)
:git-url: URL clone project from. (default: $GIT_URL/$PROJECT)
+ :jjb-cache: JJB cache location. (default: $HOME/.cache/jenkins_jobs)
:jjb-version: JJB version to install. (default: see job-template)
- :stream: Keyword that can be used to represent a release code-name.
+ :stream: Keyword that represents a release code-name.
Often the same as the branch. (default: master)
.. _info-yaml-verify:
Info YAML Verify
----------------
-Info YAML Verify job validates that INFO.yaml file changes are kept isolated from
-other file changes. Verifies INFO.yaml files follow the schema defined in
-`global-jjb/info-schema`.
+This job verifies that ``INFO.yaml`` file changes follow the schema defined in
+`lfit/releng-global-jjb/schema/info-schema.yaml`.
+
+The ``INFO.yaml`` file changes must be independent of any other files changes.
:Template Names:
- {project-name}-info-yaml-verify
:Required parameters:
:build-node: The node to run build on.
- :jenkins-ssh-credential: Credential to use for SSH. (Generally should
- be configured in defaults.yaml)
+ :jenkins-ssh-credential: Credential to use for SSH. (Generally configured
+ in defaults.yaml)
:Optional parameters:
:build-days-to-keep: Days to keep build logs in Jenkins. (default: 7)
:build-timeout: Timeout in minutes before aborting build. (default: 10)
:git-url: URL clone project from. (default: $GIT_URL/$PROJECT)
- :stream: Keyword that can be used to represent a release code-name.
+ :stream: Keyword that represents a release code-name.
Often the same as the branch. (default: master)
:submodule-recursive: Whether to checkout submodules recursively.
(default: true)
+ :submodule-timeout: Timeout (in minutes) for checkout operation.
+ (default: 10)
+ :submodule-disable: Disable submodule checkout operation.
+ (default: false)
+
:gerrit_verify_triggers: Override Gerrit Triggers.
+.. _lf_pipelines_verify:
+
+LF Pipelines Verify
+-------------------
+
+Verify job for the LF RelEng pipeline library.
+
+Requires the Pipelines plugins installed. This job will look for a Gerrit
+system named "lf-releng" (mapped to https://gerrit.linuxfoundation.org/infra/),
+and pull in the Jenkinsfile in the root directory of the repo.
+
+:Template Names:
+ - lf-pipelines-verify
+
+:Comment Trigger: recheck|reverify
+
.. _license-checker:
License Checker
:spdx-disable: Disable the SPDX-Identifier checker. (default: false)
:lhc-version: Version of LHC to use. (default: 0.2.0)
:license-exclude-paths: Comma-separated list of paths to exclude from the
- license checker. The paths used here will be matched using a contains
- rule so it is best to be as precise with the path as possible.
- For example a path of '/src/generated/' will be searched as
- '**/src/generated/**'.
+ license checker. Matches the paths defined here using a contains rule,
+ we recommend you to configure as precisely as possible. For example
+ a path of '/src/generated/' will search as '**/src/generated/**'.
Example: org/opendaylight/yang/gen,protobuff/messages
(default: '')
:licenses-allowed: Comma-separated list of allowed licenses.
OpenStack Cron
--------------
-Cron job that runs regularly to perform periodic tasks against OpenStack.
+Cron job that runs on a schedule to perform periodic tasks against OpenStack.
This job requires a Config File Provider file named ``clouds-yaml`` available
containing the credentials for the cloud.
:Required parameters:
:build-node: The node to run build on.
- :jenkins-ssh-credential: Credential to use for SSH. (Generally should
- be configured in defaults.yaml)
+ :jenkins-ssh-credential: Credential to use for SSH. (Generally configured
+ in defaults.yaml)
+ :jenkins-urls: URLs to Jenkins systems to check for active builds.
+
+:Optional parameters:
+
+ :branch: Git branch to fetch for the build. (default: master)
+ :build-days-to-keep: Days to keep build logs in Jenkins. (default: 7)
+ :build-timeout: Timeout in minutes before aborting build. (default: 90)
+ :cron: Time when the packer image should be rebuilt (default: @hourly)
+ :git-url: URL clone project from. (default: $GIT_URL/$PROJECT)
+ :openstack-cloud: OS_CLOUD setting to pass to openstack client.
+ (default: vex)
+ :openstack-image-cleanup: Set ``true`` to run the image cleanup script.
+ (default: true)
+ :openstack-image-cleanup-age: Age in days of image before marking it for
+ removal. (default: 30)
+ :openstack-image-protect: Set ``true`` to run the image protect script.
+ (default: true)
+ :openstack-server-cleanup: Set ``true`` to run the server cleanup script.
+ (default: true)
+ :openstack-stack-cleanup: Set ``true`` to run the stack cleanup script.
+ (default: true)
+ :openstack-volume-cleanup: Set ``true`` to run the volume cleanup script.
+ (default: true)
+ :stream: Keyword that represents a release code-name.
+ Often the same as the branch. (default: master)
+ :submodule-recursive: Whether to checkout submodules recursively.
+ (default: true)
+ :submodule-timeout: Timeout (in minutes) for checkout operation.
+ (default: 10)
+ :submodule-disable: Disable submodule checkout operation.
+ (default: false)
+
+Minimal Example:
+
+.. literalinclude:: ../../.jjb-test/lf-ci-jobs/openstack-cron-minimal.yaml
+
+Full Example:
+
+.. literalinclude:: ../../.jjb-test/lf-ci-jobs/openstack-cron-full.yaml
+
+.. _gjjb-openstack-update-cloud-image:
+
+OpenStack Update Cloud Image
+----------------------------
+
+This job finds and updates OpenStack cloud images on the ci-management source
+repository.
+
+This job functions in 2 ways:
+
+1. When triggered via packer-merge job, updates the image created by the job.
+2. When triggered manually or via cron, updates all images.
+
+When triggered through an upstream packer merge job, this generates a change
+request for the new image built.
+
+When triggered manually, this job finds the latest images on OpenStack cloud
+and compares them with the images in use in the source ci-management source
+repository. If the compared images have newer time stamps are **all** updated
+through a change request.
+
+This job requires a Jenkins configuration merge and verify job setup and
+working on Jenkins.
+
+:Template Names:
+ - {project-name}-openstack-update-cloud-image
+ - gerrit-openstack-update-cloud-image
+ - github-openstack-update-cloud-image
+
+:Required parameters:
+
+ :build-node: The node to run build on.
+ :jenkins-ssh-credential: Credential to use for SSH. (Generally configured
+ in defaults.yaml)
+ :new-image-name: Name of new image name passed from packer merge job or
+ set to 'all' to update all images. (default: all)
:Optional parameters:
:branch: Git branch to fetch for the build. (default: master)
:build-days-to-keep: Days to keep build logs in Jenkins. (default: 7)
:build-timeout: Timeout in minutes before aborting build. (default: 90)
- :cron: Time when the packer image should be rebuilt (default: @daily)
:git-url: URL clone project from. (default: $GIT_URL/$PROJECT)
:openstack-cloud: OS_CLOUD setting to pass to openstack client.
(default: vex)
- :stream: Keyword that can be used to represent a release code-name.
+ :stream: Keyword that represents a release code-name.
Often the same as the branch. (default: master)
:submodule-recursive: Whether to checkout submodules recursively.
(default: true)
+ :submodule-timeout: Timeout (in minutes) for checkout operation.
+ (default: 10)
+ :submodule-disable: Disable submodule checkout operation.
+ (default: false)
+ :update-cloud-image: Submit a change request to update new built cloud
+ image to Jenkins. (default: false)
+
+Minimal Example:
+
+.. literalinclude:: ../../.jjb-test/lf-ci-jobs/openstack-update-cloud-image-minimal.yaml
+
+Full Example:
+
+.. literalinclude:: ../../.jjb-test/lf-ci-jobs/openstack-update-cloud-image-full.yaml
+
.. _gjjb-packer-merge:
Packer Merge job runs `packer build` to build system images in the cloud.
+This job requires a Config File Provider file named ``ansible-cfg`` created
+on Jenkins. The file can include ansible host configuration required for the
+environment.
+
:Template Names:
- {project-name}-packer-merge-{platforms}-{templates}
- gerrit-packer-merge
:Required parameters:
:build-node: The node to run build on.
- :jenkins-ssh-credential: Credential to use for SSH. (Generally should
- be configured in defaults.yaml)
+ :jenkins-ssh-credential: Credential to use for SSH. (Generally configured
+ in defaults.yaml)
:mvn-settings: The name of settings file containing credentials for
the project.
:platforms: Platform or distribution to build. Typically json file
- found in the packer/vars directory. (Example: centos)
- :template: System template to build. Typically shell script found in
- the packer/provision directory. (Example: java-builder)
+ found in the packer/vars directory. (Example: centos-7)
+ :templates: System template to build. Typically a yaml file or shell script
+ found in the packer/provision directory. (Example: docker)
:Optional parameters:
:branch: Git branch to fetch for the build. (default: master)
:build-days-to-keep: Days to keep build logs in Jenkins. (default: 7)
:build-timeout: Timeout in minutes before aborting build. (default: 90)
+ :gerrit_verify_triggers: Override Gerrit Triggers.
:git-url: URL clone project from. (default: $GIT_URL/$PROJECT)
+ :openstack: Packer template uses an OpenStack builder (default: true).
+ :openstack-cloud: Sets OS_CLOUD variable to the value of this parameter.
+ (default: vex).
:packer-cloud-settings: Name of settings file containing credentials
for the cloud that packer will build on. (default: packer-cloud-env)
:packer-version: Version of packer to install / use in build. (default: 1.0.2)
- :stream: Keyword that can be used to represent a release code-name.
+ :stream: Keyword that represents a release code-name.
Often the same as the branch. (default: master)
:submodule-recursive: Whether to checkout submodules recursively.
(default: true)
+ :submodule-timeout: Timeout (in minutes) for checkout operation.
+ (default: 10)
+ :submodule-disable: Disable submodule checkout operation.
+ (default: false)
+ :update-cloud-image: Submit a change request to update newly built cloud
+ image to Jenkins. (default: false)
- :gerrit_verify_triggers: Override Gerrit Triggers.
+
+Test an in-progress patch
+^^^^^^^^^^^^^^^^^^^^^^^^^
+
+To test an in-progress patch from a GitHub Pull Request, upload this
+job to the :doc:`Jenkins Sandbox <lfdocs:jenkins-sandbox>`. Then when manually
+building the job, replace the GERRIT_REFSPEC parameter with the GitHub Pull
+Request number of the patch you would like to test.
+
+Example GitHub:
+
+.. code-block:: none
+
+ GERRIT_REFSPEC: origin/pr/49/merge
.. _gjjb-packer-verify:
Packer Verify
-------------
-Packer Verify job runs `packer validate` to verify packer configuration.
+Packer Verify job runs ``packer validate`` to verify packer configuration. The
+verify job checks superficial syntax of the template and other files. It does
+not attempt to build an image, and cannot detect all possible build issues.
+
+This job requires a Config File Provider file named ``ansible-cfg`` created
+on Jenkins. The file can include ansible host configuration required for the
+environment.
:Template Names:
- {project-name}-packer-verify
:Required parameters:
:build-node: The node to run build on.
- :jenkins-ssh-credential: Credential to use for SSH. (Generally should
- be configured in defaults.yaml)
+ :jenkins-ssh-credential: Credential to use for SSH. (Generally configured
+ in defaults.yaml)
:mvn-settings: The name of settings file containing credentials for
the project.
:branch: Git branch to fetch for the build. (default: master)
:build-days-to-keep: Days to keep build logs in Jenkins. (default: 7)
:build-timeout: Timeout in minutes before aborting build. (default: 10)
+ :gerrit_trigger_file_paths: Override file paths to filter which file
+ modifications will trigger a build.
+ :gerrit_verify_triggers: Override Gerrit Triggers.
:git-url: URL clone project from. (default: $GIT_URL/$PROJECT)
+ :openstack: Packer template uses an OpenStack builder (default: true).
+ :openstack-cloud: Sets OS_CLOUD variable to the value of this parameter.
+ (default: vex).
:packer-cloud-settings: Name of settings file containing credentials
for the cloud that packer will build on. (default: packer-cloud-env)
:packer-version: Version of packer to install / use in build. (default: 1.0.2)
- :stream: Keyword that can be used to represent a release code-name.
+ :stream: Keyword that represents a release code-name.
Often the same as the branch. (default: master)
:submodule-recursive: Whether to checkout submodules recursively.
(default: true)
+ :submodule-timeout: Timeout (in minutes) for checkout operation.
+ (default: 10)
+ :submodule-disable: Disable submodule checkout operation.
+ (default: false)
+
+
+.. _gjjb-packer-verify-build:
+
+Packer Verify Build
+-------------------
+
+Packer Verify Build job is essentially the same as the
+:ref:`Packer Merge job <gjjb-packer-merge>`. Trigger using its keyword,
+and will build a useable image. If the last patch set before a merge has a
+successful verify build, the merge job will not build the same image.
+
+:Template Names:
+ - {project-name}-packer-verify-build-{platforms}-{templates}
+ - gerrit-packer-verify-build
+ - github-packer-verify-build
+
+:Comment Trigger: verify-build|packer-build
+
+:Required parameters:
+ :build-node: The node to run build on.
+ :jenkins-ssh-credential: Credential to use for SSH. (Generally configured in
+ defaults.yaml)
+ :mvn-settings: The name of settings file containing credentials for
+ the project.
+ :platforms: Platform or distribution to build. Typically json file
+ found in the packer/vars directory. (Example: centos-7)
+ :templates: System template to build. Typically a yaml file or shell script
+ found in the packer/provision directory. (Example: docker)
+
+:Optional parameters:
+
+ :branch: Git branch to fetch for the build. (default: master)
+ :build-days-to-keep: Days to keep build logs in Jenkins. (default: 7)
+ :build-timeout: Timeout in minutes before aborting build. (default: 10)
+ :gerrit_trigger_file_paths: Override file paths to filter which file
+ modifications will trigger a build.
:gerrit_verify_triggers: Override Gerrit Triggers.
- :gerrit_trigger_file_paths: Override file paths which can be used to
- filter which file modifications will trigger a build.
+ :git-url: URL clone project from. (default: $GIT_URL/$PROJECT)
+ :openstack: Packer template uses an OpenStack builder (default: true).
+ :openstack-cloud: Sets OS_CLOUD variable to the value of this parameter.
+ (default: vex).
+ :packer-cloud-settings: Name of settings file containing credentials
+ for the cloud that packer will build on. (default: packer-cloud-env)
+ :packer-version: Version of packer to install / use in build. (default: 1.0.2)
+ :stream: Keyword that represents a release code-name.
+ Often the same as the branch. (default: master)
+ :submodule-recursive: Whether to checkout submodules recursively.
+ (default: true)
+ :submodule-timeout: Timeout (in minutes) for checkout operation.
+ (default: 10)
+ :submodule-disable: Disable submodule checkout operation.
+ (default: false)
+ :update-cloud-image: Submit a change request to update new built cloud
+ image to Jenkins. (default: false)
+
+
+Puppet Verify
+-------------
+
+Runs puppet-lint in the ``puppet-dir`` directory. Since ``puppet-lint`` runs
+recursively, we recommend to run from the base directory.
+
+:Template Names:
+
+ - {project-name}-puppet-verify
+ - gerrit-puppet-verify
+ - github-puppet-verify
+
+:Comment Trigger: recheck|reverify
+
+:Required Parameters:
+
+ :build-node: The node to run build on.
+ :jenkins-ssh-credential: Credential to use for SSH. (Generally set
+ in defaults.yaml)
+
+:Optional Parameters:
+
+ :branch: The branch to build against. (default: master)
+ :build-days-to-keep: Days to keep build logs in Jenkins. (default: 7)
+ :build-timeout: Timeout in minutes before aborting build. (default: 15)
+ :gerrit_trigger_file_paths: Override file paths which used to filter which
+ file modifications will trigger a build. Refer to JJB documentation for
+ "file-path" details.
+ https://jenkins-job-builder.readthedocs.io/en/latest/triggers.html#triggers.gerrit
+ :git-url: URL clone project from. (default: $GIT_URL/$GERRIT_PROJECT)
+ :puppet-dir: Directory containing the project's puppet module(s) relative
+ to the workspace.
+ (default: '')
+ :puppet-lint-version: Version of puppet-lint to use for testing.
+ (default: 2.3.6)
+ :stream: Keyword representing a release code-name.
+ Often the same as the branch. (default: master)
+ :submodule-recursive: Whether to checkout submodules recursively.
+ (default: true)
+ :submodule-timeout: Timeout (in minutes) for checkout operation.
+ (default: 10)
+ :submodule-disable: Disable submodule checkout operation.
+ (default: false)
+
+
+Sonar
+-----
+
+Runs the Jenkins SonarQube Scanner plug-in to analyze code for bugs,
+code smells and security vulnerabilities, and to upload the result
+(possibly including code-coverage statistics) to a SonarQube server
+or to SonarCloud.io.
+
+Requires ``SonarQube Scanner for Jenkins``
+
+Configuration must set one of the parameters ``sonar-project-file`` or
+``sonar-properties``; they cannot both be empty.
+
+Plug-in configurations
+ Manage Jenkins --> Configure System --> SonarQube servers
+ - Name: Sonar (fixed)
+ - Server URL: https://sonar.server.org/ or https://sonarcloud.io
+ - Server authentication token: none for local, API token (saved as a
+ "secret text" credential) for Sonarcloud
+
+ Manage Jenkins --> Global Tool Configuration --> SonarQube Scanner
+ - Name: SonarQube Scanner (fixed)
+ - Install automatically
+ - Select latest version
+
+.. note::
+
+ Optionally, set Sonar properties directly in the job definition by
+ setting the sonar-project-file to ``""`` and adding all properties under
+ ``sonar-properties``.
+
+:Template Names:
+
+ - {project-name}-sonar
+ - gerrit-sonar
+ - github-sonar
+
+:Optional Parameters:
+ :sonar-task: Sonar task to run. (default: "")
+ :sonar-project-file: The filename for the project's properties
+ (default: "sonar-project.properties")
+ :sonar-properties: Sonar configuration properties. (default: "")
+ :sonar-java-opts: JVM options. (default: "")
+ :sonar-additional-args: Additional command line arguments. (default: "")
+ :sonarcloud-java-version: Version of Java to run the Sonar scan. (default: "openjdk13")
+
+
+Sonar with Prescan
+------------------
+
+The same as the Sonar job above, except the caller also defines a builder
+called ``lf-sonar-prescan``, in which they can put any builders that they want
+to run before the Sonar scan.
+
+.. code-block:: yaml
+
+ - builder:
+ name: lf-sonar-prescan
+ builders:
+ - shell: "# Pre-scan shell script"
+
+:Template Names:
+
+ - {project-name}-sonar-prescan
+ - gerrit-sonar-prescan
+ - github-sonar-prescan
+
+:Required Parameters:
+ :lf-sonar-prescan: A builder that will run before the Sonar scan.
+
+:Optional Parameters:
+ :sonar-task: Sonar task to run. (default: "")
+ :sonar-project-file: The filename for the project's properties
+ (default: "sonar-project.properties")
+ :sonar-properties: Sonar configuration properties. (default: "")
+ :sonar-java-opts: JVM options. (default: "")
+ :sonar-additional-args: Additional command line arguments. (default: "")
+ :sonarcloud-java-version: Version of Java to run the Sonar scan. (default: "openjdk13")
+
+
+Sonar with Prescan Script
+-------------------------
+
+The same as the Sonar job above, except the caller must supply a shell script
+to run before the Sonar scan. This is commonly used to install prerequisites,
+build the project, execute unit tests and generate a code-coverage report.
+
+:Template Names:
+
+ - {project-name}-sonar-prescan-script
+ - gerrit-sonar-prescan-script
+ - github-sonar-prescan-script
+
+:Required Parameters:
+ :sonar-prescan-script: A shell script that will run before the Sonar scan.
+
+:Optional Parameters:
+ :sonar-task: Sonar task to run. (default: "")
+ :sonar-project-file: The filename for the project's properties.
+ (default: "sonar-project.properties")
+ :sonar-properties: Sonar configuration properties. (default: "")
+ :sonar-java-opts: JVM options. (default: "")
+ :sonar-additional-args: Additional command line arguments. (default: "")
+ :sonarcloud-java-version: Version of Java to run the Sonar scan. (default: "openjdk13")
Code Review / releng / global-jjb.git / blobdiff