X-Git-Url: https://gerrit.linuxfoundation.org/infra/gitweb?a=blobdiff_plain;f=docs%2Fjjb%2Flf-python-jobs.rst;h=d7553ec4bc50ad1fa6169ee920343872d8b5c3b1;hb=35e5c8dbf87dc8657bfa1c2631d641f56d81ed07;hp=0f02b428b4faeb7be3725e3a9cc055a472749b22;hpb=ca2ec8e82f3cdc1eb355f1aa29a968002ec3c9e6;p=releng%2Fglobal-jjb.git diff --git a/docs/jjb/lf-python-jobs.rst b/docs/jjb/lf-python-jobs.rst index 0f02b428..d7553ec4 100644 --- a/docs/jjb/lf-python-jobs.rst +++ b/docs/jjb/lf-python-jobs.rst @@ -43,8 +43,11 @@ Creates a Tox virtual environment and invokes tox. :Required Parameters: - :parallel: Boolean. If true use detox (distributed tox); - else use regular tox. + :parallel: If different from false, try pass this parameter to tox option + "--parallel" to parallelize jobs in the envlist (and then activate the + option "--parallel-live" to display output in logs). + Possible values are "auto" (equivalent to "true" for legacy), + "all" or any integer. Any other value is equivalent to "false". Job Templates @@ -102,13 +105,15 @@ does not support multi-branch. :gerrit_nexusiq_triggers: Override Gerrit Triggers. :git-url: URL clone project from. (default: $GIT_URL/$PROJECT) :github-url: URL for Github. (default: https://github.com) - :java-version: Version of Java to use for the scan. (default: openjdk8) + :java-version: Version of Java to use for the scan. (default: openjdk11) :nexus-iq-cli-version: Nexus IQ CLI package version to download and use. (default is a string like 1.89.0-02, see file lf-python-jobs.yaml) :nexus-iq-namespace: Insert a namespace to project AppID for projects that share a Nexus IQ system to avoid project name collision. We recommend inserting a trailing - dash if using this parameter. For example 'odl-'. (default: '') + :nexus-target-build: Target directory or file for scanning by Nexus IQ CLI + (default: "\*\*/\*") :pre-build-script: Shell script to run before tox. Useful for setting up dependencies. (default: a string with a shell comment) :python-version: Python version to invoke pip install of tox-pyenv @@ -127,6 +132,150 @@ does not support multi-branch. :tox-envs: Tox environment with the appropriate pip freeze invocation. (default: 'clm') +Python Snyk CLI +--------------- + +Builds the code, downloads and runs a Snyk CLI scan of the code into the Snyk dashboard. + +:Template Names: + + - {project-name}-python-snyk-cli-{stream} + - gerrit-python-snyk-cli + - github-python-snyk-cli + +:Comment Trigger: run-snyk + +:Required parameters: + + :build-node: The node to run build on. + :jenkins-ssh-credential: Credential to use for SSH. (Generally configured in defaults.yaml) + :snyk-token-credential-id: Snyk API token to communicate with Jenkins. + :snyk-org-credential-id: Snyk organization ID. + +:Optional parameters: + + :branch: The branch to build against. (default: master) + :build-days-to-keep: Days to keep build logs in Jenkins. (default: 7) + :build-timeout: Timeout in minutes before aborting build. (default: 60) + :git-url: URL clone project from. (default: $GIT_URL/$PROJECT) + :pre-build-script: Shell script to execute before the Tox builder. + For example, install prerequisites or move files to the repo root. + (default: a string with a shell comment) + :parallel: If different from false, try pass this parameter to tox option + "--parallel" to parallelize jobs in the envlist (and then activate the + option "--parallel-live" to display output in logs). + Possible values are "auto" (equivalent to "true" for legacy), + "all" or any integer. Any other value is equivalent to "false". + (default: false, in series) + :python-version: Python version to invoke pip install of tox-pyenv + (default: python3) + :snyk-cli-options: Additional Snyk CLI options. (default: '') + :stream: Keyword representing a release code-name. + Often the same as the branch. (default: master) + :submodule-recursive: Whether to checkout submodules recursively. + (default: true) + :submodule-timeout: Timeout (in minutes) for checkout operation. + (default: 10) + :submodule-disable: Disable submodule checkout operation. + (default: false) + :tox-dir: Directory containing the project's tox.ini relative to + the workspace. The default uses tox.ini at the project root. + (default: '.') + :tox-envs: Tox environments to run. If blank run everything described + in tox.ini. (default: '') + :gerrit_trigger_file_paths: Override file paths used to filter which file + modifications trigger a build. Refer to JJB documentation for "file-path" details. + https://jenkins-job-builder.readthedocs.io/en/latest/triggers.html#triggers.gerrit + +Python Sonar with CLI +--------------------- + +Sonar scans for non Maven based repos. This job downloads the CLI +and runs a scan to publish the report to SonarCloud. + +As suggested in SonarCoud's UI instructions, the job downloads and unzips +the Sonar SLI and executes a sonar-scanner command to process the +report. + +For more details refer to sonar documentation: + +https://docs.sonarcloud.io/advanced-setup/ci-based-analysis/sonarscanner-cli/ + +:Template Names: + + - {project-name}-cli-sonar + - gerrit-cli-sonar + - github-cli-sonar + +:Comment Trigger: **run-sonar** post a comment with the trigger to launch + this job manually. Do not include any other text or vote in the + same comment. + +:Required parameters: + + :build-node: The node to run build on. + :jenkins-ssh-credential: Credential to use for SSH. (Generally should + get configured in defaults.yaml) + :mvn-settings: The name of the settings file with credentials for the project. + +.. comment Start ignoring WriteGoodLintBear + +:Optional parameters: + + :branch: Git branch, should be master (default: master) + :build-days-to-keep: Days to keep build logs in Jenkins. (default: 7) + :build-timeout: Timeout in minutes before aborting build. (default: 60) + :cron: Cron schedule when to trigger the job. This parameter also + supports multiline input via YAML pipe | character in cases where + one may want to provide more than 1 cron timer. (default: H 11 * * * + to run once a day) + :disable-job: Whether to disable the job (default: false) + :git-url: URL clone project from. (default: $GIT_URL/$PROJECT) + :github-url: URL for Github. (default: https://github.com) + :java-version: Version of Java to use for the build. (default: openjdk11) + :mvn-global-settings: The name of the Maven global settings to use + :mvn-goals: The Maven goal to run first. (default: validate) + :mvn-version: Version of maven to use. (default: mvn35) + :parallel: If different from false, try pass this parameter to tox option + "--parallel" to parallelize jobs in the envlist (and then activate the + option "--parallel-live" to display output in logs). + Possible values are "auto" (equivalent to "true" for legacy), + "all" or any integer. Any other value is equivalent to "false". + (default: false, in series) + :pre-build-script: Shell script to execute before the Sonar builder. + For example, install prerequisites or move files to the repo root. + (default: a string with a shell comment) + :python-version: Python version to invoke pip install of tox-pyenv + (default: python2) + :sonarcloud-project-key: SonarCloud project key. (default: '') + :sonarcloud-project-organization: SonarCloud project organization. + (default: '') + :sonarcloud-api-token-cred-id: Jenkins credential ID which has the SonarCloud API Token. + This one SHOULDN'T be overwritten as per we are standarizing the credential ID for all + projects (default: 'sonarcloud-api-token') + :sonar-scanner-home: Sonar scanner home directory. + (default: $WORKSPACE/.sonar/sonar-scanner-$SONAR_SCANNER_VERSION-linux) + :sonar-scanner-opts: Sonar scanner Java options. (default: '-server') + :sonar-scanner-version: Version of sonar scanner to use. (default: 4.7.0.2747) + :stream: Keyword used to represent a release code-name. + Often the same as the branch. (default: master) + :submodule-recursive: Whether to checkout submodules recursively. + (default: true) + :submodule-timeout: Timeout (in minutes) for checkout operation. + (default: 10) + :submodule-disable: Disable submodule checkout operation. + (default: false) + :tox-dir: Directory containing the project's tox.ini relative to + the workspace. The default uses tox.ini at the project root. + (default: '.') + :tox-envs: Tox environments to run. If blank run everything described + in tox.ini. (default: '') + :gerrit_sonar_triggers: Override Gerrit Triggers. + :gerrit_trigger_file_paths: Override file paths used to filter which file + modifications trigger a build. Refer to JJB documentation for "file-path" details. + https://jenkins-job-builder.readthedocs.io/en/latest/triggers.html#triggers.gerrit + +.. comment Stop ignoring Python Sonar with Tox --------------------- @@ -196,11 +345,15 @@ https://docs.sonarqube.org/display/PLUG/Python+Coverage+Results+Import :disable-job: Whether to disable the job (default: false) :git-url: URL clone project from. (default: $GIT_URL/$PROJECT) :github-url: URL for Github. (default: https://github.com) - :java-version: Version of Java to use for the build. (default: openjdk8) + :java-version: Version of Java to use for the build. (default: openjdk11) :mvn-global-settings: The name of the Maven global settings to use :mvn-goals: The Maven goal to run first. (default: validate) :mvn-version: Version of maven to use. (default: mvn35) - :parallel: Boolean indicator for tox to run tests in parallel or series. + :parallel: If different from false, try pass this parameter to tox option + "--parallel" to parallelize jobs in the envlist (and then activate the + option "--parallel-live" to display output in logs). + Possible values are "auto" (equivalent to "true" for legacy), + "all" or any integer. Any other value is equivalent to "false". (default: false, in series) :pre-build-script: Shell script to execute before the Sonar builder. For example, install prerequisites or move files to the repo root. @@ -212,7 +365,9 @@ https://docs.sonarqube.org/display/PLUG/Python+Coverage+Results+Import :sonarcloud-project-key: SonarCloud project key. (default: '') :sonarcloud-project-organization: SonarCloud project organization. (default: '') - :sonarcloud-api-token: SonarCloud API Token. (default: '') + :sonarcloud-api-token-cred-id: Jenkins credential ID which has the SonarCloud API Token. + This one SHOULDN'T be overwritten as per we are standarizing the credential ID for all + projects (default: 'sonarcloud-api-token') :sonar-mvn-goal: The Maven goal to run the Sonar plugin. (default: sonar:sonar) :stream: Keyword used to represent a release code-name. Often the same as the branch. (default: master) @@ -230,7 +385,7 @@ https://docs.sonarqube.org/display/PLUG/Python+Coverage+Results+Import :gerrit_sonar_triggers: Override Gerrit Triggers. :gerrit_trigger_file_paths: Override file paths used to filter which file modifications trigger a build. Refer to JJB documentation for "file-path" details. - https://docs.openstack.org/infra/jenkins-job-builder/triggers.html#triggers.gerrit + https://jenkins-job-builder.readthedocs.io/en/latest/triggers.html#triggers.gerrit .. comment Stop ignoring @@ -291,7 +446,11 @@ Plug-in configurations :disable-job: Whether to disable the job (default: false) :git-url: URL clone project from. (default: $GIT_URL/$PROJECT) :github-url: URL for Github. (default: https://github.com) - :parallel: Boolean indicator for tox to run tests in parallel or series. + :parallel: If different from false, try pass this parameter to tox option + "--parallel" to parallelize jobs in the envlist (and then activate the + option "--parallel-live" to display output in logs). + Possible values are "auto" (equivalent to "true" for legacy), + "all" or any integer. Any other value is equivalent to "false". (default: false, in series) :pre-build-script: Shell script to run before tox. Useful for setting up dependencies. (default: a string with a shell comment) @@ -300,6 +459,7 @@ Plug-in configurations :sonar-additional-args: Command line arguments. (default: '') :sonar-java-opts: JVM options. For example, use option -Xmx to increase the memory size limit. (default: '') + :sonar-jdk: JDK version to use. (default: openjdk17) :sonar-project-file: The file name with Sonar configuration properties (default: sonar-project.properties) :sonar-properties: Sonar configuration properties. (default: '') @@ -401,8 +561,12 @@ variables before running. :pre-build-script: Shell script to execute before the Tox builder. For example, install prerequisites or move files to the repo root. (default: a string with a shell comment) - :parallel: Boolean indicator for tox to run tests in parallel or series. - (default: false, in series) + :parallel: If different from false, try pass this parameter to tox option + "--parallel" to parallelize jobs in the envlist (and then activate the + option "--parallel-live" to display output in logs). + Possible values are "auto" (equivalent to "true" for legacy), + "all" or any integer. Any other value is equivalent to "false". + (default: false, in series) :python-version: Python version to invoke pip install of tox-pyenv (default: python2) :stream: Keyword representing a release code-name. @@ -420,7 +584,7 @@ variables before running. in tox.ini. (default: '') :gerrit_trigger_file_paths: Override file paths used to filter which file modifications trigger a build. Refer to JJB documentation for "file-path" details. - https://docs.openstack.org/infra/jenkins-job-builder/triggers.html#triggers.gerrit + https://jenkins-job-builder.readthedocs.io/en/latest/triggers.html#triggers.gerrit Tox Merge @@ -479,7 +643,7 @@ variables before running. in tox.ini. (default: '') :gerrit_trigger_file_paths: Override file paths used to filter which file modifications trigger a build. Refer to JJB documentation for "file-path" details. - https://docs.openstack.org/infra/jenkins-job-builder/triggers.html#triggers.gerrit + https://jenkins-job-builder.readthedocs.io/en/latest/triggers.html#triggers.gerrit PyPI Merge @@ -568,8 +732,12 @@ is optional, it defaults to pypi.org. :mvn-opts: Sets MAVEN_OPTS to start up the JVM running Maven. (default: '') :mvn-params: Parameters to pass to the mvn CLI. (default: '') :mvn-version: Version of maven to use. (default: mvn35) - :parallel: Boolean indicator for tox to run tests in parallel or series. - (default: false, in series) + :parallel: If different from false, try pass this parameter to tox option + "--parallel" to parallelize jobs in the envlist (and then activate the + option "--parallel-live" to display output in logs). + Possible values are "auto" (equivalent to "true" for legacy), + "all" or any integer. Any other value is equivalent to "false". + (default: false, in series) :pre-build-script: Shell script to execute before the tox builder. For example, install system prerequisites. (default: a shell comment) :pypi-repo: Key for the PyPI target repository in the .pypirc file, @@ -591,7 +759,7 @@ is optional, it defaults to pypi.org. in tox.ini. (default: '') :gerrit_trigger_file_paths: Override file paths used to filter which file modifications trigger a build. Refer to JJB documentation for "file-path" details. - https://docs.openstack.org/infra/jenkins-job-builder/triggers.html#triggers.gerrit + https://jenkins-job-builder.readthedocs.io/en/latest/triggers.html#triggers.gerrit PyPI Stage @@ -680,8 +848,12 @@ is optional, it defaults to pypi.org. :mvn-opts: Sets MAVEN_OPTS to start up the JVM running Maven. (default: '') :mvn-params: Parameters to pass to the mvn CLI. (default: '') :mvn-version: Version of maven to use. (default: mvn35) - :parallel: Boolean indicator for tox to run tests in parallel or series. - (default: false, in series) + :parallel: If different from false, try pass this parameter to tox option + "--parallel" to parallelize jobs in the envlist (and then activate the + option "--parallel-live" to display output in logs). + Possible values are "auto" (equivalent to "true" for legacy), + "all" or any integer. Any other value is equivalent to "false". + (default: false, in series) :pre-build-script: Shell script to execute before the tox builder. For example, install system prerequisites. (default: a shell comment) :pypi-repo: Key for the PyPI target repository in the .pypirc file, @@ -703,7 +875,7 @@ is optional, it defaults to pypi.org. in tox.ini. (default: '') :gerrit_trigger_file_paths: Override file paths used to filter which file modifications trigger a build. Refer to JJB documentation for "file-path" details. - https://docs.openstack.org/infra/jenkins-job-builder/triggers.html#triggers.gerrit + https://jenkins-job-builder.readthedocs.io/en/latest/triggers.html#triggers.gerrit PyPI Verify ----------- @@ -796,8 +968,12 @@ pyenv variables before running. :mvn-opts: Sets MAVEN_OPTS to start up the JVM running Maven. (default: '') :mvn-params: Parameters to pass to the mvn CLI. (default: '') :mvn-version: Version of maven to use. (default: mvn35) - :parallel: Boolean indicator for tox to run tests in parallel or series. - (default: false, in series) + :parallel: If different from false, try pass this parameter to tox option + "--parallel" to parallelize jobs in the envlist (and then activate the + option "--parallel-live" to display output in logs). + Possible values are "auto" (equivalent to "true" for legacy), + "all" or any integer. Any other value is equivalent to "false". + (default: false, in series) :pre-build-script: Shell script to execute before the tox builder. For example, install system prerequisites. (default: a shell comment) :python-version: Python version to invoke pip install of tox-pyenv @@ -817,4 +993,4 @@ pyenv variables before running. in tox.ini. (default: '') :gerrit_trigger_file_paths: Override file paths used to filter which file modifications trigger a build. Refer to JJB documentation for "file-path" details. - https://docs.openstack.org/infra/jenkins-job-builder/triggers.html#triggers.gerrit + https://jenkins-job-builder.readthedocs.io/en/latest/triggers.html#triggers.gerrit