X-Git-Url: https://gerrit.linuxfoundation.org/infra/gitweb?a=blobdiff_plain;f=shell%2Fnexus-iq-python-cli.sh;fp=shell%2Fnexus-iq-cli.sh;h=b47bf74daab6d8952a3637710168c1c7df9df275;hb=ca2f73d0ea1773eecba0fc7378fc94e489b2fa71;hp=b4f8cef5ec8209d8a21cb32ab0e0e6e69f1b025f;hpb=3651eede873fe8b717a92f934d52faadc3a05b52;p=releng%2Fglobal-jjb.git diff --git a/shell/nexus-iq-cli.sh b/shell/nexus-iq-python-cli.sh similarity index 54% rename from shell/nexus-iq-cli.sh rename to shell/nexus-iq-python-cli.sh index b4f8cef5..b47bf74d 100644 --- a/shell/nexus-iq-cli.sh +++ b/shell/nexus-iq-python-cli.sh @@ -1,31 +1,36 @@ #!/bin/bash # SPDX-License-Identifier: EPL-1.0 ############################################################################## -# Copyright (c) 2018 The Linux Foundation and others. +# Copyright (c) 2020 The Linux Foundation and others. # # All rights reserved. This program and the accompanying materials # are made available under the terms of the Eclipse Public License v1.0 # which accompanies this distribution, and is available at # http://www.eclipse.org/legal/epl-v10.html ############################################################################## -echo "---> nexus-iq-cli.sh" +echo "---> nexus-iq-python-cli.sh" # This script downloads the specified version of the nexus-iq-cli jar, uses it -# to perform an XC Evaluation or extended report which provides a scan of python -# files within the repo starting at the root, then publishes the result to an LF -# server using the specified credentials. +# to analyze the Python project dependencies from the specified requirements file, +# then publishes the result to an LF server using the specified credentials. # stop on error or unbound variable set -eu # do not print commands, credentials should not be logged set +x +# check if tox established the prereqs for this analysis +if [[ ! -f $REQUIREMENTS_FILE ]]; then + echo "ERROR: failed to find file $REQUIREMENTS_FILE" + exit 1 +fi CLI_LOCATION="/tmp/nexus-iq-cli-${NEXUS_IQ_CLI_VERSION}.jar" echo "INFO: downloading nexus-iq-cli version $NEXUS_IQ_CLI_VERSION" wget -nv "https://download.sonatype.com/clm/scanner/nexus-iq-cli-${NEXUS_IQ_CLI_VERSION}.jar" -O "${CLI_LOCATION}" echo "-a" > cli-auth.txt -echo "${CLM_USER}:${CLM_PASSWORD}" >> cli-auth.txt -echo "INFO: running nexus-iq-cli scan on project $CLM_PROJECT_NAME" -java -jar "${CLI_LOCATION}" @cli-auth.txt -xc -i "${CLM_PROJECT_NAME}" -s https://nexus-iq.wl.linuxfoundation.org -t build . +echo "${NEXUS_IQ_USER}:${NEXUS_IQ_PASSWORD}" >> cli-auth.txt +echo "INFO: running nexus-iq-cli on project $NEXUS_IQ_PROJECT_NAME and file $REQUIREMENTS_FILE" +# result.json is a mystery +java -jar "${CLI_LOCATION}" @cli-auth.txt -s https://nexus-iq.wl.linuxfoundation.org -i "${NEXUS_IQ_PROJECT_NAME}" -t build -r result.json "${REQUIREMENTS_FILE}" rm cli-auth.txt rm "${CLI_LOCATION}" -echo "---> nexus-iq-cli.sh ends" +echo "---> nexus-iq-python-cli.sh ends"