:install-prefix: CMAKE_INSTALL_PREFIX to use for install.
(default: $BUILD_DIR/output)
:make-opts: Parameters to pass to make. (default: '')
+ :pre-build: Shell script to run before performing build. Useful for
+ setting up dependencies. (default: '')
:sonar-additional-args: Command line arguments. (default: '')
:sonar-java-opts: JVM options. For example, use option -Xmx
to increase the memory size limit. (default: '')
- :sonar-prescan-script: A shell script to run before the build and scan.
- Useful for setting up dependencies. (default: '')
:sonar-project-file: The file name with Sonar configuration properties
(default: sonar-project.properties)
:sonar-properties: Sonar configuration properties. (default: '')
:build-node: The node to run build on.
:jenkins-ssh-credential: Credential to use for SSH.
(Configure in defaults.yaml)
+ :mvn-settings: The name of settings file containing credentials for the project.
:nexus-group-id: The Maven style Group ID for the namespace of the project
in Nexus.
:staging-profile-id: The unique Nexus Staging Profile ID for the project.
:install-prefix: CMAKE_INSTALL_PREFIX to use for install.
(default: $BUILD_DIR/output)
:make-opts: Parameters to pass to make. (default: '')
+ :mvn-global-settings: The name of the Maven global settings to use for
+ Maven configuration. (default: global-settings)
:pre-build: Shell script to run before performing build. Useful for
setting up dependencies. (default: '')
:stream: Keyword that to represent a release code-name.
CMake Verify
------------
-Verify job which runs cmake && make && make install to test a project build..
+Verify job which runs cmake && make && make install to test a project build.
:Template Names:
---
+####################
+# COMMON FUNCTIONS #
+####################
+
+- lf_cmake_common: &lf_cmake_common
+ name: lf-cmake-common
+
+ #####################
+ # Job Configuration #
+ #####################
+
+ project-type: freestyle
+ node: "{build-node}"
+ disabled: "{disable-job}"
+
+ properties:
+ - lf-infra-properties:
+ build-days-to-keep: "{build-days-to-keep}"
+
+ parameters:
+ - lf-infra-parameters:
+ project: "{project}"
+ branch: "{branch}"
+ stream: "{stream}"
+ - lf-cmake-parameters:
+ build-dir: "{build-dir}"
+ cmake-opts: "{cmake-opts}"
+ install-prefix: "{install-prefix}"
+ make-opts: "{make-opts}"
+
+ wrappers:
+ - lf-infra-wrappers:
+ build-timeout: "{build-timeout}"
+ jenkins-ssh-credential: "{jenkins-ssh-credential}"
+
+ publishers:
+ - lf-infra-publish
+
###############
# CMAKE SONAR #
###############
submodule-timeout: 10
submodule-disable: false
- #####################
- # Job Configuration #
- #####################
-
- project-type: freestyle
- node: "{build-node}"
- disabled: "{disable-job}"
-
- properties:
- - lf-infra-properties:
- build-days-to-keep: "{build-days-to-keep}"
-
- parameters:
- - lf-infra-parameters:
- project: "{project}"
- branch: "{branch}"
- stream: "{stream}"
- lftools-version: "{lftools-version}"
- - lf-cmake-parameters:
- build-dir: "{build-dir}"
- cmake-opts: "{cmake-opts}"
- install-prefix: "{install-prefix}"
- make-opts: "{make-opts}"
-
- wrappers:
- - lf-infra-wrappers:
- build-timeout: "{build-timeout}"
- jenkins-ssh-credential: "{jenkins-ssh-credential}"
-
builders:
- lf-infra-pre-build
- shell: "{pre-build}"
- shell: !include-raw-escape: ../shell/cmake-sonar.sh
- lf-provide-maven-settings-cleanup
- publishers:
- - lf-infra-publish
-
- job-template:
name: "{project-name}-cmake-sonar"
id: gerrit-cmake-sonar
concurrent: false
+ <<: *lf_cmake_common
<<: *lf_cmake_sonar
scm:
name: "{project-name}-cmake-sonar"
id: github-cmake-sonar
concurrent: false
+ <<: *lf_cmake_common
<<: *lf_cmake_sonar
properties:
github-url: "https://github.com"
install-prefix: "$BUILD_DIR/output"
make-opts: ""
+ pre-build: ""
stream: master
submodule-recursive: true
submodule-timeout: 10
# Sonar properties
sonar-additional-args: ""
sonar-java-opts: ""
- sonar-prescan-script: ""
sonar-project-file: "sonar-project.properties"
sonar-properties: ""
sonar-task: ""
- #####################
- # Job Configuration #
- #####################
-
- project-type: freestyle
- node: "{build-node}"
- disabled: "{disable-job}"
-
- properties:
- - lf-infra-properties:
- build-days-to-keep: "{build-days-to-keep}"
-
- wrappers:
- - lf-infra-wrappers:
- build-timeout: "{build-timeout}"
- jenkins-ssh-credential: "{jenkins-ssh-credential}"
-
parameters:
- lf-infra-parameters:
project: "{project}"
builders:
- lf-infra-pre-build
- - shell: "{sonar-prescan-script}"
+ - shell: "{pre-build}"
- shell: !include-raw-escape: ../shell/cmake-sonarqube.sh
- lf-infra-sonar:
sonar-task: "{sonar-task}"
sonar-java-opts: "{sonar-java-opts}"
sonar-additional-args: "{sonar-additional-args}"
- publishers:
- - lf-infra-publish
-
- job-template:
name: "{project-name}-cmake-sonarqube"
id: gerrit-cmake-sonarqube
concurrent: false
+ <<: *lf_cmake_common
<<: *lf_cmake_sonarqube
+ gerrit_sonar_triggers:
+ - comment-added-contains-event:
+ comment-contains-value: '^Patch Set\s+\d+:\s+run-sonar\s*$'
+
scm:
- lf-infra-gerrit-scm:
branch: "$GERRIT_BRANCH"
- timed: "{obj:cron}"
- gerrit:
server-name: "{gerrit-server-name}"
- trigger-on:
- - comment-added-contains-event:
- comment-contains-value: '^Patch Set\s+\d+:\s+run-sonar\s*$'
+ trigger-on: "{obj:gerrit_sonar_triggers}"
projects:
- project-compare-type: "ANT"
project-pattern: "{project}"
name: "{project-name}-cmake-sonarqube"
id: github-cmake-sonarqube
concurrent: false
+ <<: *lf_cmake_common
<<: *lf_cmake_sonarqube
scm:
submodule-disable: false
version: ""
- #####################
- # Job Configuration #
- #####################
-
- project-type: freestyle
- node: "{build-node}"
- disabled: "{disable-job}"
-
- properties:
- - lf-infra-properties:
- build-days-to-keep: "{build-days-to-keep}"
-
parameters:
- lf-infra-parameters:
project: "{project}"
| awk '{{print $NF}}' | awk -F')' '{{print $1}}')"
echo "${{MAJOR_VERSION}}.${{MINOR_VERSION}}.${{PATCH_VERSION}}" > /tmp/artifact_version
- wrappers:
- - lf-infra-wrappers:
- build-timeout: "{build-timeout}"
- jenkins-ssh-credential: "{jenkins-ssh-credential}"
-
builders:
- lf-infra-pre-build
- lf-provide-maven-settings:
- shell: !include-raw-escape: ../shell/cmake-stage.sh
- lf-provide-maven-settings-cleanup
- publishers:
- - lf-infra-publish
-
- job-template:
name: "{project-name}-cmake-stage-{stream}"
id: gerrit-cmake-stage
concurrent: true
+ <<: *lf_cmake_common
<<: *lf_cmake_stage
scm:
name: "{project-name}-cmake-stage-{stream}"
id: github-cmake-stage
concurrent: true
+ <<: *lf_cmake_common
<<: *lf_cmake_stage
properties:
github_included_regions:
- ".*"
- #####################
- # Job Configuration #
- #####################
-
- project-type: freestyle
- node: "{build-node}"
- disabled: "{disable-job}"
-
- properties:
- - lf-infra-properties:
- build-days-to-keep: "{build-days-to-keep}"
-
- parameters:
- - lf-infra-parameters:
- project: "{project}"
- branch: "{branch}"
- stream: "{stream}"
- - lf-cmake-parameters:
- build-dir: "{build-dir}"
- cmake-opts: "{cmake-opts}"
- install-prefix: "{install-prefix}"
- make-opts: "{make-opts}"
-
- wrappers:
- - lf-infra-wrappers:
- build-timeout: "{build-timeout}"
- jenkins-ssh-credential: "{jenkins-ssh-credential}"
-
builders:
- shell: "{pre-build}"
- shell: !include-raw-escape: ../shell/cmake-build.sh
- publishers:
- - lf-infra-publish
-
- job-template:
name: "{project-name}-cmake-verify-{stream}"
id: gerrit-cmake-verify
concurrent: true
+ <<: *lf_cmake_common
<<: *lf_cmake_verify
scm:
name: "{project-name}-cmake-verify-{stream}"
id: github-cmake-verify
concurrent: true
+ <<: *lf_cmake_common
<<: *lf_cmake_verify
properties:
concurrent: false
<<: *lf_tox_sonarqube
+ ######################
+ # Default parameters #
+ ######################
+
+ gerrit_sonar_triggers:
+ - comment-added-contains-event:
+ comment-contains-value: '^Patch Set\s+\d+:\s+run-sonar\s*$'
+
scm:
- lf-infra-gerrit-scm:
branch: "$GERRIT_BRANCH"
- timed: "{obj:cron}"
- gerrit:
server-name: "{gerrit-server-name}"
- trigger-on:
- - comment-added-contains-event:
- comment-contains-value: '^Patch Set\s+\d+:\s+run-sonar\s*$'
+ trigger-on: "{obj:gerrit_sonar_triggers}"
projects:
- project-compare-type: "ANT"
project-pattern: "{project}"
--- /dev/null
+---
+fixes:
+ - |
+ Workarounds for aging python 3.5 on Ubuntu 16.04 builders
+ Ubuntu 16.04 calls a python2 version of tox we must upgrade
+ it even if we are testing with python3
+ ubuntu 16.04 runs python 3.5 we must pin the zipp package
+ more pins will be needed as packages drop support for python 3.5
+ ideally projects will move away from this distro.
--- /dev/null
+---
+fixes:
+ - |
+ Update jq validation of returned json blocks to work properly with jq v1.5.
--- /dev/null
+---
+fixes:
+ - |
+ Switch info-file-validate.sh to use lf-activate-venv
+ moves job from python2 to python3
--- /dev/null
+---
+fixes:
+ - |
+ Revise script nexus-iq-cli.sh to stop on error or unbound variable.
+ This should fail the build if the scanner returns a non-zero code,
+ for example if credentials are missing or wrong.
--- /dev/null
+---
+fixes:
+ - |
+ Refactor templates in lf-c-cpp-jobs.yaml with common anchor/alias
+ lf_cmake_common to reduce redundant configuration. This includes
+ gerrit-cmake-sonar, github-cmake-sonar, gerrit-cmake-sonarqube,
+ github-cmake-sonarqube, gerrit-cmake-stage, github-cmake-stage,
+ gerrit-cmake-verify and github-cmake-verify. No functional change.
+
+ Document maven settings parameters in g*t-cmake-stage templates.
--- /dev/null
+---
+fixes:
+ - |
+ Revise templates gerrit-cmake-sonarqube and gerrit-tox-sonarqube
+ to move the triggering comment string into a parameter that can be
+ overridden in a job definition. Github comment remains hardcoded.
+ The default is still "run-sonar".
+
+ Rename gerrit-cmake-sonarqube tempplate configuration parameter
+ from sonar-prescan-script to pre-build to be consistent with
+ existing CMake stage and verify templates. This is a breaking
+ change for any early adopters of this new template.
set -e -o pipefail
PROJECT="${PROJECT:-None}"
-virtualenv --quiet "/tmp/v/info"
-# shellcheck source=/tmp/v/info/bin/activate disable=SC1091
-source "/tmp/v/info/bin/activate"
-pip install PyYAML jsonschema rfc3987 yamllint yq
+# shellcheck disable=SC1090
+source ~/lf-env.sh
+lf-activate-venv zipp==1.1.0 PyYAML jsonschema rfc3987 yamllint yq
+pip freeze
# Download info-schema.yaml and yaml-verfy-schema.py
wget -q https://raw.githubusercontent.com/lfit/releng-global-jjb/master/schema/info-schema.yaml \
json_block=$(curl -s "$url")
# check if JSON returned and can be parsed
-if jq <<< "$json_block" > /dev/null 2>&1; then
+if jq . <<< "$json_block" > /dev/null 2>&1; then
cost=$(jq .cost <<< "$json_block")
resource=$(jq .resource <<< "$json_block" | tr -d '"')
else
# http://www.eclipse.org/legal/epl-v10.html
##############################################################################
echo "---> nexus-iq-cli.sh"
-# This script downloads nexus-iq-cli-1.44.0-01.jar and uses it to perform an
-# XC Evaluation or extended report which provides a scan of python files within
-# the repo
+# This script downloads the specified version of the nexus-iq-cli jar, uses it
+# to perform an XC Evaluation or extended report which provides a scan of python
+# files within the repo starting at the root, then publishes the result to an LF
+# server using the specified credentials.
+# stop on error or unbound variable
+set -eu
+# do not print commands, credentials should not be logged
set +x
CLI_LOCATION="/tmp/nexus-iq-cli-${NEXUS_IQ_CLI_VERSION}.jar"
+echo "INFO: downloading nexus-iq-cli version $NEXUS_IQ_CLI_VERSION"
wget -nv "https://download.sonatype.com/clm/scanner/nexus-iq-cli-${NEXUS_IQ_CLI_VERSION}.jar" -O "${CLI_LOCATION}"
echo "-a" > cli-auth.txt
echo "${CLM_USER}:${CLM_PASSWORD}" >> cli-auth.txt
+echo "INFO: running nexus-iq-cli scan on project $CLM_PROJECT_NAME"
java -jar "${CLI_LOCATION}" @cli-auth.txt -xc -i "${CLM_PROJECT_NAME}" -s https://nexus-iq.wl.linuxfoundation.org -t build .
rm cli-auth.txt
rm "${CLI_LOCATION}"
+
+echo "---> nexus-iq-cli.sh ends"
yq
EOF
+ #Python 3.5 in Ubuntu 16.04 workaround
+ if [[ -f /etc/lsb-release ]]; then
+ # shellcheck disable=SC1091
+ source /etc/lsb-release
+ if [[ $DISTRIB_RELEASE == "16.04" ]]; then
+ echo "WARNING: Python projects should move to Ubuntu 18.04 to continue receiving support"
+ echo "zipp==1.1.0" >> "$requirements_file"
+ fi
+ fi
# Use `python -m pip` to upgrade to the latest pip into user site-packages
python3 -m pip install --user --quiet --upgrade pip
python3 -m pip install --user --quiet --no-warn-script-location --upgrade setuptools
# Use -x to show value of $PYTHON in output
set -eux -o pipefail
-# Tox version is pulled in through detox to mitigate version conflict
+#Python 3.5 and python2 tox in Ubuntu 16.04 workaround
+done="False"
+if [[ -f /etc/lsb-release ]]; then
+ # shellcheck disable=SC1091
+ source /etc/lsb-release
+ if [[ $DISTRIB_RELEASE == "16.04" ]]; then
+ echo "WARNING: Python projects should move to Ubuntu 18.04 to continue receiving support"
+ python2 -m pip install --user --quiet --upgrade tox tox-pyenv virtualenv more-itertools~=5.0.0
+ python3 -m pip install --user --quiet --upgrade tox tox-pyenv virtualenv zipp==1.1.0
+ done="True"
+ fi
+fi
-if [[ $PYTHON == "python2" ]]; then
- $PYTHON -m pip install --user --quiet --upgrade tox tox-pyenv virtualenv more-itertools~=5.0.0
-else
- $PYTHON -m pip install --user --quiet --upgrade tox tox-pyenv virtualenv
+if [[ $done != "True" ]]; then
+ if [[ $PYTHON == "python2" ]]; then
+ $PYTHON -m pip install --user --quiet --upgrade tox tox-pyenv virtualenv more-itertools~=5.0.0
+ else
+ $PYTHON -m pip install --user --quiet --upgrade tox tox-pyenv virtualenv
+ fi
fi
# installs are silent, show version details in log