Anil Belur [Wed, 10 May 2023 01:15:38 +0000 (11:15 +1000)]
Fix: pin urllib3 to <2.0.0 for verify jobs
The latest version of module breaks compatibility
with python-jenkins.
Note: The pip upgrade eager option pulls in the newer
version of urllib3>2.0.0 unless the exact version is passed
with lftools.
Issue: RELENG-4715
Change-Id: Ib0136e8155b6a654d1b15a558796774e78a31a4d
Signed-off-by: Anil Belur <abelur@linuxfoundation.org>
Anil Belur [Sun, 7 May 2023 21:47:45 +0000 (07:47 +1000)]
Fix: pin urllib3 to <2.0.0
The latest version of module breaks compatibility
with python-jenkins.
Note: The pip upgrade eager option pulls in the newer
version of urllib3>2.0.0 unless the exact version is passed
with lftools.
Issue: RELENG-4715
Change-Id: Ie2fbc7fe1eb57e8936a50b176f7aae6e47efa7e6
Signed-off-by: Anil Belur <abelur@linuxfoundation.org>
Andrew Grimberg [Mon, 24 Apr 2023 18:10:04 +0000 (11:10 -0700)]
Fix: Correct action version
Issue: RELENG-4563
Change-Id: Ie3129c744d3774d88ed042609e6de7044f7f4de7
Signed-off-by: Andrew Grimberg <agrimberg@linuxfoundation.org>
Anil Belur [Wed, 19 Apr 2023 22:35:51 +0000 (08:35 +1000)]
Fix: Use refspec to push tag and code
The CR
365d0c0fe65 for the ODL release custom bits
uses the GERRIT_BRANCH while pushing the tag and code,
however that does not work returns an error.
error: src refspec stable/chlorine does not match any
Push the code bundle and tag as separate operations.
Issue: RELENG-4696
Change-Id: I62d472b998a2d799990605482e5433fb7c721e5f
Signed-off-by: Anil Belur <abelur@linuxfoundation.org>
Andrew Grimberg [Tue, 18 Apr 2023 16:21:08 +0000 (09:21 -0700)]
Fix: Correct bad action call
Issue: RELENG-4563
Change-Id: Idb27ec5805d2a52bb2e30e72931745e023b5ea80
Signed-off-by: Andrew Grimberg <agrimberg@linuxfoundation.org>
Anil Belur [Mon, 17 Apr 2023 22:00:14 +0000 (08:00 +1000)]
Fix: Remove recursive vars for release jobs
JJB 5x treats recursive parameters as an error.
Issue: RELENG-4686
Change-Id: I07df6e5662d1301caaafb628b0d884b7990e6809
Signed-off-by: Anil Belur <abelur@linuxfoundation.org>
Anil Belur [Mon, 17 Apr 2023 22:00:14 +0000 (08:00 +1000)]
Fix: Update JJB to 5.0.2
JJB's 5.0.1 has a bug that return an error when a macro is
set as null. This issue is resolved in 5.0.2.
TypeError: 'NoneType' object is not a mapping
Issue: RELENG-4686
Change-Id: Iba6680ca7e3d54ca88b4854d9ba40006efe3f3e2
Signed-off-by: Anil Belur <abelur@linuxfoundation.org>
Andrew Grimberg [Mon, 17 Apr 2023 17:22:41 +0000 (17:22 +0000)]
Merge "Refactor!: JJB code to comply with v5.x"
Andrew Grimberg [Wed, 12 Apr 2023 12:47:49 +0000 (05:47 -0700)]
CI: Add release GitHub Action
Issue: RELENG-4563
Change-Id: I5164d1e76df6dbd74c1b00b7e98b67519940bcda
Signed-off-by: Andrew Grimberg <agrimberg@linuxfoundation.org>
Anil Belur [Thu, 13 Apr 2023 03:20:36 +0000 (13:20 +1000)]
Refactor!: JJB code to comply with v5.x
There has been an update to the YAML parser with more fine-tuned
control over YAML parsing. YAML objects and parameter expansion logic
is in accordance with the latest YAML specification 1.2.2 (released
in Oct 2021).
Notable changes include:
- Aggressive parameter expansion. This may lead to parameters expanded
in places where they were not expanded before.
- Recursive parameters usage is being treated as error.
- Strict checking for missing parameters.
- Files included using '!include-raw:' elements and having formatting
it path ('lazy-loaded' in previous implementation) are now expanded too.
Use '!include-raw-escape:' for them instead.
NOTE: this is a beaking change would have potential impact many of jobs
in global-jjb and in ci-man repo that DO NOT use global-jjb templates.
Issue: RELENG-4686
Change-Id: Ie7417956bdcf5f4d6477dbff87baca6b1b8aeeaf
Ref: https://groups.google.com/u/2/g/jenkins-job-builder/c/1fx7PmADgXw
Signed-off-by: Anil Belur <abelur@linuxfoundation.org>
Anil Belur [Wed, 12 Apr 2023 14:17:50 +0000 (14:17 +0000)]
Merge "Refactor: pre-commit cleanups"
Andrew Grimberg [Wed, 12 Apr 2023 14:10:03 +0000 (07:10 -0700)]
Refactor: pre-commit cleanups
Cleanup errors being caught by pre-commit that is preventing GitHub
Actions runs of pre-commit (aka pre-commit run -a) from passing
Issue: RELENG-4687
Change-Id: I09636538d1d34e5ab2deeb05c112632540a17368
Signed-off-by: Andrew Grimberg <agrimberg@linuxfoundation.org>
Anil Belur [Wed, 12 Apr 2023 10:50:29 +0000 (20:50 +1000)]
Fix: Use the python3 module opt to call pip
This fixes the issue where pip is not available in the
venv path.
Error: /tmp/venv-knWF/bin/pip: No such file or directory
Issue-ID: RELENG-4688
Change-Id: I6d6edeb8c3cdf0c36f271412d3d2e96db96f6e4b
Signed-off-by: Anil Belur <abelur@linuxfoundation.org>
Andrew Grimberg [Wed, 12 Apr 2023 13:16:00 +0000 (06:16 -0700)]
CI: Disable jjb-latest tox test
JJB v5.x released this morning (April 12, 2023) and started breaking the
jjb-latest validation test. As the test is a canary test, it did the
correct thing and broke our builds alerting us to the issue.
This disables the test so that other work is unblocked until such time
as we can determine the correct way forward with fixes and can turn this
test back on.
Issue: RELENG-4686
Change-Id: I94f6e944356c5aabb75434165a738b4d9336d818
Signed-off-by: Andrew Grimberg <agrimberg@linuxfoundation.org>
Andrew Grimberg [Fri, 7 Apr 2023 15:48:10 +0000 (08:48 -0700)]
CI: Add GHA for verification
Issue: RELENG-4564
Change-Id: I61c91c14b2e2211fae5062ac0b5354d6e84d3feb
Signed-off-by: Andrew Grimberg <agrimberg@linuxfoundation.org>
Andrew Grimberg [Tue, 11 Apr 2023 20:26:26 +0000 (13:26 -0700)]
Fix: Newer tox needs allowlist vs whitelist
Issue: RELENG-4539
Change-Id: Id137b386671258f2c4fbdc115ea38429abfa3f43
Signed-off-by: Andrew Grimberg <agrimberg@linuxfoundation.org>
Jessica Wagantall [Mon, 3 Apr 2023 16:52:07 +0000 (16:52 +0000)]
Merge "Chore: Remove daily cron on stage jobs"
Anil Belur [Sun, 2 Apr 2023 02:34:11 +0000 (08:04 +0530)]
Fix: condition before pushing the object.
Signed-off-by: Anil Belur <abelur@linuxfoundation.org>
Change-Id: If1d091bd9e94fa5337053094b0101541bb056ca4
Anil Belur [Thu, 19 Jan 2023 11:34:27 +0000 (21:34 +1000)]
Fix: Ensure tag and object are pushed together
Address the problem where the tag is not pushed to the mainline
branch therefore causing the tag missing in the git history.
To fix this check commit count between the HEAD and
origin/${GERRIT_BRANCH} before the fetch and merge operation.
This is done to ensure that the tag lands on the target branch.
If the branch has already moved forward from the tagging point,
then a spur commit is created for the tag.
Change-Id: I675c815d4ac39244adf5168c1fbd051f8c626290
Signed-off-by: Anil Belur <abelur@linuxfoundation.org>
Jessica Wagantall [Wed, 29 Mar 2023 21:17:21 +0000 (14:17 -0700)]
Chore: Remove daily cron on stage jobs
Remove daily cron on maven-stage and maven-docker-stage
jobs. Cron triggers stay configurable.
Issue: RELENG-4666
Signed-off-by: Jessica Wagantall <jwagantall@linuxfoundation.org>
Change-Id: I15931a8d691bffa77dd0d50f638fc38590d33255
Anil Belur [Thu, 9 Mar 2023 16:18:23 +0000 (16:18 +0000)]
Merge "Fix!: Un-pin tox version from 3.27.1 and remove tox-pyenv"
Bengt Thuree [Thu, 9 Mar 2023 09:50:41 +0000 (20:50 +1100)]
FIX: Revert clm-maven plugin
Latest version of clm-maven plugin (clm-maven-plugin:2.42.0-01)
is not working in our environment.
We get the following error
Failed to execute goal com.sonatype.clm:clm-maven-plugin:2.42.0-01:index
(default-cli) on project babel: Failed to invoke Maven build.
Maven execution failed, exit code: 1 -> [Help 1]
This patch pins the previous working plugin which is 2.41.0-02
Issue-ID: IT-25225
Change-Id: I3d87d5adc954baf703f29816c0e295e0203b4f40
Signed-off-by: Bengt Thuree <bthuree@linuxfoundation.org>
Bengt Thuree [Thu, 9 Mar 2023 09:32:12 +0000 (09:32 +0000)]
Merge "Fix: Update path/location of update-alternatives"
Jessica Wagantall [Tue, 7 Mar 2023 20:54:25 +0000 (12:54 -0800)]
Feat: Add Docker Snyk CLI Scanner jobs
Introduce Docker Snyk CLI scanner jobs. These jobs can be triggered
to download the latest version of Snyk's CLI scanner and trigger a
scan for Docker based repos. These jobs produce a report which is
published into Snyk's dashboard. These reports are fetched and
reflected back into the LFX Security tool.
Issue: RELENG-4609
Signed-off-by: Jessica Wagantall <jwagantall@linuxfoundation.org>
Change-Id: Ifc9ab4c51393e893b22b06844f3701caaca06c6f
Jessica Wagantall [Tue, 7 Mar 2023 03:23:03 +0000 (19:23 -0800)]
Feat: Add Python Snyk CLI Scanner jobs
Introduce Python Snyk CLI scanner jobs. These jobs can be triggered
to download the latest version of Snyk's CLI scanner and trigger a
scan for Python based repos. These jobs produce a report which is
published into Snyk's dashboard. These reports are fetched and
reflected back into the LFX Security tool.
Issue: RELENG-4609
Signed-off-by: Jessica Wagantall <jwagantall@linuxfoundation.org>
Change-Id: I5414d04ccc7472a6b3cd2576da1cb6bc36d1ea25
Matthew Watkins [Tue, 7 Mar 2023 12:59:27 +0000 (12:59 +0000)]
Fix!: Un-pin tox version from 3.27.1 and remove tox-pyenv
Un-pin tox version from 3.27.1 and remove tox-pyenv. Testing has
demonstrated that tox-pyenv is no longer required to obtain correct
Python runtime versions when running tests. Also, removed Python 3.8
from the VENV setup where it was being specifically requested.
Due to unpinning of the tox version, tox.ini configuration files may
need modifying to reflect a change in configuration syntax; where
whitelist_externals needs to be replaced with allowlist_externals.
Issue-ID: RELENG-4539
Signed-off-by: Matthew Watkins <mwatkins@linuxfoundation.org>
Change-Id: Ifdd49de2a8e5054dad4a5d52125ede537049ad8e
Matthew Watkins [Thu, 12 Jan 2023 00:25:35 +0000 (00:25 +0000)]
Fix: Update path/location of update-alternatives
The path is different between CentOS7/8 and was incorrect for Ubuntu
Issue-ID: IT-25261
Signed-off-by: Matthew Watkins <mwatkins@linuxfoundation.org>
Change-Id: I91bfed027dcbe10c0dc39beac2ae71fb4f5f00ad
Signed-off-by: Bengt Thuree <bthuree@linuxfoundation.org>
Jessica Wagantall [Tue, 7 Mar 2023 02:24:13 +0000 (18:24 -0800)]
Fix: Add missing mark in docs
Add missing docs mark in latest "add-go-snyk-cli-scanner"
release notes.
Signed-off-by: Jessica Wagantall <jwagantall@linuxfoundation.org>
Change-Id: Id0b2ceeb849a274704dec047667d43cfc7114fc0
Jessica Wagantall [Tue, 7 Mar 2023 00:41:08 +0000 (16:41 -0800)]
Feat: Add Go Snyk CLI Scanner jobs
Introduce Go Snyk CLI scanner jobs. These jobs can be triggered to
download the latest version of Snyk's CLI scanner and trigger a scan
for Go based repos. These jobs produce a report which is published
into Snyk's dashboard. These reports are fetched and reflected back
into the LFX Security tool.
Issue: RELENG-4609
Signed-off-by: Jessica Wagantall <jwagantall@linuxfoundation.org>
Change-Id: Id1f80d255896b44977979322fae663da13c95287
Jessica Wagantall [Mon, 6 Mar 2023 21:30:43 +0000 (13:30 -0800)]
Fix: Allow SNYK scanner to take additional options
Add SNYK_CLI_OPTIONS parameter which can be used to pass additional Snyk
CLI options as per https://docs.snyk.io/snyk-cli/cli-reference.
Signed-off-by: Jessica Wagantall <jwagantall@linuxfoundation.org>
Change-Id: I7fb8157a263d03f3780beb044e2e7c5093c2877b
Jessica Wagantall [Thu, 2 Mar 2023 02:30:13 +0000 (18:30 -0800)]
Feat: Add Maven Snyk CLI Scanner
Introduce Maven Snyk CLI scanner jobs. These jobs can be triggered
to download the latest version of Snyk's CLI scanner and trigger a
scan for Maven based repos.
These jobs produce a report which is published into Snyk's dashboard.
These reports are fetched and reflected back into the LFX Security tool.
Issue: RELENG-4609
Signed-off-by: Jessica Wagantall <jwagantall@linuxfoundation.org>
Change-Id: I183bd1e8d22caa832b04b7d1d5b078b0a8946285
Matthew Watkins [Thu, 12 Jan 2023 17:04:19 +0000 (17:04 +0000)]
Fix: Update Nexus IQ script output to include Python dependencies
Script now downloads module dependencies into the target directory.
Also, print a warning if the target variable is not set/populated and
print the correct variable in the job output.
Issue-ID: RELENG-4557
Signed-off-by: Matthew Watkins <mwatkins@linuxfoundation.org>
Change-Id: I1d4bbd752dd2282fc58c10636ad1aa228ad919a8
Kevin Sandi [Fri, 20 Jan 2023 18:47:46 +0000 (12:47 -0600)]
Fix: pin setuptools to 65.7.0 everywhere
Issue-ID: RELENG-4562
Signed-off-by: Kevin Sandi <ksandi@contractor.linuxfoundation.org>
Change-Id: Idf7d1538ef38af3aeaf5444986a8932acada8904
Kevin Sandi [Fri, 20 Jan 2023 16:44:41 +0000 (10:44 -0600)]
Fix: pin setuptools to avoid version string format issues
Issue-ID: RELENG-4562
Signed-off-by: Kevin Sandi <ksandi@contractor.linuxfoundation.org>
Change-Id: I13737f8a5d671ba2c1f66cd87ae817ead8d5442c
Anil Belur [Mon, 9 Jan 2023 08:11:25 +0000 (18:11 +1000)]
Revert "Fix: Add missing sctp.h header file to sonarqube cmake/build"
This reverts commit
5c69133bfea3ca1b895219b509b9c1353e122c4c.
The changes being installed runtime through the global-jjb scripts
should be moved into the ansible-roles repo.
Change-Id: I31a03f97cee285ea1bdb1227e4f150ac1f5f8b9d
Signed-off-by: Anil Belur <abelur@linuxfoundation.org>
Matthew Watkins [Wed, 21 Dec 2022 14:57:08 +0000 (14:57 +0000)]
Fix: Add missing sctp.h header file to sonarqube cmake/build
Addresses a cmake/build failure due to a missing header file.
Adds the required platform-specific package dependency to the relevant
script.
Issue-ID: RELENG-4551
Signed-off-by: MatthewWatkins <mwatkins@linuxfoundation.org>
Change-Id: Icfef14917bf4dbc0dd4c506b44648e9ccae78131
Kevin Sandi [Mon, 12 Dec 2022 19:54:37 +0000 (13:54 -0600)]
Fix: pin tox version on rtd-verify.sh
Signed-off-by: Kevin Sandi <ksandi@contractor.linuxfoundation.org>
Change-Id: I0e29b59fd5c22bad43a7c6ef865d6d15f7ea6af3
Kevin Sandi [Fri, 9 Dec 2022 02:36:30 +0000 (20:36 -0600)]
Fix: pin tox version
Signed-off-by: Kevin Sandi <ksandi@contractor.linuxfoundation.org>
Change-Id: Ic015a210ec2d9af2d6b7ce182a6121d8c37b984b
Kevin Sandi [Thu, 1 Dec 2022 22:06:46 +0000 (16:06 -0600)]
Feat: update release note of sonarcloud token change
Signed-off-by: Kevin Sandi <ksandi@contractor.linuxfoundation.org>
Change-Id: I8f643d1b944fb6cda75997ad801835ed5381b8cf
Andrew Grimberg [Thu, 1 Dec 2022 21:35:02 +0000 (21:35 +0000)]
Merge "Feat: use credential for sonarcloud token"
Kevin Sandi [Mon, 14 Nov 2022 06:19:14 +0000 (00:19 -0600)]
Feat: use credential for sonarcloud token
Signed-off-by: Kevin Sandi <ksandi@contractor.linuxfoundation.org>
Change-Id: I4c2b513a32d44795cc40832622dc6054640940a0
Anil Belur [Wed, 30 Nov 2022 08:57:05 +0000 (18:57 +1000)]
Fix: Remove unnecessary quotes around the variable
Additional quotes changes the behavior while processing glob patterns.
Issue-ID: RELENG-4530
Change-Id: Ia986e1a3d1e6cbb2ad655aa83c3a5d3c865a782a
Signed-off-by: Anil Belur <abelur@linuxfoundation.org>
Jessica Wagantall [Tue, 29 Nov 2022 19:55:03 +0000 (11:55 -0800)]
Fix: Use NEXUS_TARGET_BUILD in Nexus IQ CLI scanner
Replace Nexus IQ build Target from "${REQUIREMENTS_FILE}"
to "${NEXUS_TARGET_BUILD}".
The scanner is only including the requirements.txt
file in its scan which should not contain other information
than python package requirements.
Instead, use a "${NEXUS_TARGET_BUILD}" parameter which the
user can optionally provide to the scanner to indicate a
file or directory to include in the scan. By default, this
variable is **/*.
For more information on how to use the "Target" parameter:
https://help.sonatype.com/iqserver/integrations/nexus-iq-cli#NexusIQCLI
Issue: RELENG-4530
Signed-off-by: Jessica Wagantall <jwagantall@linuxfoundation.org>
Change-Id: Ifb6947de3d0ff282d461b12332e6d4c2f4ac0198
Anil Belur [Wed, 26 Oct 2022 23:34:26 +0000 (09:34 +1000)]
Fix: Copy the spdx file in root of the $project
The SBOM generator script creates an spdx file in the root level.
When the artifacts are pushed the spdx file gets overwritten.
Create the spdx file as ${PROJECT}-sbom-${release_version}.spdx
and then copy the spdx file under the namespace ${group_id_path} dir.
Change-Id: Ia8bd06ac160e30886c7133aef8f0c82e5aded3dd
Signed-off-by: Anil Belur <abelur@linuxfoundation.org>
Matthew Watkins [Mon, 17 Oct 2022 20:55:55 +0000 (21:55 +0100)]
Fix: Abort script earlier when no objects to cleanup
Issue-ID: RELENG-4483
Signed-off-by: Matthew Watkins <mwatkins@linuxfoundation.org>
Change-Id: I3311fc09a61f4d30fff8dd52e387c11dbcdc2aea
Eric Ball [Mon, 17 Oct 2022 17:53:38 +0000 (17:53 +0000)]
Merge "Fix: Use lf-activate-venv to reuse venv"
Anil Belur [Fri, 14 Oct 2022 23:05:52 +0000 (09:05 +1000)]
Fix: Use lf-activate-venv to reuse venv
The venv created for tox is unavailable when the semantics of the
script is split across files, therefore ensure venv is created with
--venv-file option and set.
Issue-ID: RELENG-4485
Change-Id: I18c0d255cc7bd282fca20bb31b02ba41c8a74c85
Signed-off-by: Anil Belur <abelur@linuxfoundation.org>
Matthew Watkins [Thu, 13 Oct 2022 13:24:40 +0000 (14:24 +0100)]
Fix: set correct exit status when parsing openstack port objects
Addresses a bug with the exit status of the orphaned ports script.
Mirrors the same fix to the equivalent generic objects script.
Issue: RELENG-4483
Signed-off-by: Matthew Watkins <mwatkins@linuxfoundation.org>
Change-Id: I7cb6465076817d2699970f450c2d7c8c3bda6c31
Andrew Grimberg [Tue, 11 Oct 2022 19:10:20 +0000 (19:10 +0000)]
Merge "Feat: Added a script to cleanup generic openstack objects"
Andrew Grimberg [Tue, 11 Oct 2022 19:08:18 +0000 (19:08 +0000)]
Merge "Fix: Correctly capture openstack port cli output"
Matthew Watkins [Thu, 6 Oct 2022 15:57:15 +0000 (16:57 +0100)]
Feat: Added a script to cleanup generic openstack objects
This script will by default replicate the cleanup ports script.
However, the standard behaviour can be overridden by providing
various variables that can change the objects being managed.
Issue: RELENG-4467
Signed-off-by: Matthew Watkins <mwatkins@linuxfoundation.org>
Change-Id: I8c3a6d9f6011346e08465b24aecdd068beefdb25
Matthew Watkins [Tue, 6 Sep 2022 15:09:49 +0000 (16:09 +0100)]
Fix: Correctly capture openstack port cli output
Issue: RELENG-4467
Signed-off-by: Matthew Watkins <mwatkins@linuxfoundation.org>
Change-Id: I5a0dbee41060e8786574030629f9a17e19a48d66
Vanessa Valderrama [Fri, 7 Oct 2022 17:24:26 +0000 (12:24 -0500)]
Fix: docker-push failure
Reomving the line break in the docker_push_command which is
causing the variable to not be set properly.
Signed-off-by: Vanessa Valderrama <vvalderrama@linuxfoundation.org>
Change-Id: Icfefd02eda2ec225cb74e91ff4637457b907ac7f
Vanessa Valderrama [Thu, 6 Oct 2022 18:49:03 +0000 (13:49 -0500)]
Fix: docker-push failure
Fixing a syntax error causing the docker_push_command
variable to not be set properly.
Signed-off-by: Vanessa Valderrama <vvalderrama@linuxfoundation.org>
Change-Id: Ie82a4db9b559009943017747e07101e3ae547fe7
Andrew Grimberg [Wed, 5 Oct 2022 15:57:49 +0000 (08:57 -0700)]
CI: Disable second bashate call
CI is having an issue with the second call to bashate which is supposed
to warn on lines > 80 characters. I cannot seem to get this to replicate
properly locally and bashate is still not a hard requirement for our CI,
we're disabling the extra call for now.
Issue: RELENG-4467
Change-Id: I2bf092b8026d60848796f3357e46d3e877417896
Signed-off-by: Andrew Grimberg <agrimberg@linuxfoundation.org>
Anil Belur [Tue, 4 Oct 2022 01:15:08 +0000 (11:15 +1000)]
Fix: Use pyenv for PyPI verify jobs
PyPI verify jobs requires Python 3.x. The tox run picks up default version
of python instead of the version made available through pyenv.
To fix this Re-factor lf-activate-venv() to skip a return, while the venv is
re-used, so that the PATH can be set.
Update the tox install and run script to Call lf-avtivate-venv().
Issue-ID: https://jira.linuxfoundation.org/browse/RELENG-4468
Signed-off-by: Anil Belur <abelur@linuxfoundation.org>
Change-Id: Ibde3ba8beb5be75fa69c9ee6cf36a80768a8f368
Jessica Wagantall [Fri, 30 Sep 2022 20:45:26 +0000 (13:45 -0700)]
Fix: Update Sonar CLI credential ID
Sonar CLI job needs to use the credential that matches the name of the
project. That is, "sonar-token-{project-name}".
Signed-off-by: Jessica Wagantall <jwagantall@linuxfoundation.org>
Change-Id: I4e6bf5dce0b9fcfea352f9e13208698371783de8
Matthew Watkins [Wed, 28 Sep 2022 16:05:38 +0000 (17:05 +0100)]
Fix: Request Python 3 -> 3.8
Issue: RELENG-4462
Signed-off-by: Matthew Watkins <mwatkins@linuxfoundation.org>
Change-Id: Id986f183aa233879c805c52f3839b36087ab1e84
Jessica Wagantall [Mon, 15 Aug 2022 19:30:10 +0000 (12:30 -0700)]
Feat: Add CLI Sonar scanner job
Add gerrit-cli-sonar and github-cli-sonar scanner job for
non maven based repos. This job downloads a specific Sonar
CLI version and runs sonnar-scanner on the code to produce
a report which is pushed in SonarCloud.
Issue: RELENG-4427
Co-authored-by: Jessica Wagantall <jwagantall@linuxfoundation.org>
Co-authored-by: Matthew Watkins <mwatkins@linuxfoundation.org>
Signed-off-by: Matthew Watkins <mwatkins@linuxfoundation.org>
Signed-off-by: Jessica Wagantall <jwagantall@linuxfoundation.org>
Change-Id: If02a2c78bddacdcc273fb5a0b9f60b99d2da221d
Anil Belur [Sun, 18 Sep 2022 02:09:06 +0000 (12:09 +1000)]
Fix: Install missing dependency - yq
Install yq in the venv that is called by the builder scripts of
RTDv3 and docker jobs.
Effect of changes to lf-activate-venv() from CR I559f759a8dba7
Issue-ID: RELENG-4403
Signed-off-by: Anil Belur <abelur@linuxfoundation.org>
Change-Id: If9ff9ab247812b9997ba8a2d96e5bd4a50dfd54a
Anil Belur [Fri, 16 Sep 2022 12:20:48 +0000 (12:20 +0000)]
Merge "Fix: JAVA_HOME directory detection"
Sangwook Ha [Thu, 15 Sep 2022 01:12:12 +0000 (18:12 -0700)]
Fix: Address submodule update issues
There are two issues affecting the autorelease-update-submodules jobs:
- git-review tries to copy commit-msg hook to submodules with incorrect
source file path (.git/hooks/commit-msg) and fails - the path should
be ../.git/hooks/commit-msg if a relative path is used since the copy
command is run in the submodule directory
- lf-activate-venv creates a virtual environment in the current working
directory where lf-activate-venv is run. This clutters the repository
and all the files for the virtual environment are added for update.
To address the bug of git-review set 'core.hooksPath' with the absolute
path of the top-level hooks directory so that the correct source path
can be used regardless of the working directory.
The reason why a virtual environment is created in the working directory
is because the following command
$python -m venv "$install_args" "$lf_venv"
is not equivalent to
$python -m venv "$lf_venv"
even when $install_args is empty.
Hence the first command creates two virtual environments, one in the
current working directory and another one in $lf_venv.
Use the correct command depending on the $install_args value to avoid
the issue.
Signed-off-by: Sangwook Ha <sangwook.ha@verizon.com>
Change-Id: I445d010c5f5b9e3576bdafb0335ada1092de9d0c
guillaume.lambert [Thu, 1 Sep 2022 09:58:58 +0000 (11:58 +0200)]
Fix: JAVA_HOME directory detection
OpenDaylight jenkins maven jobs with jdk17 and CentOS7 currently fails
with a confusing message stating that the JAVA_HOME variable is not
correctly set.
This can happen in various cases, usually when there is a mismatch
between the jdk used by maven and the folder pointed by JAVA_HOME.
It appears that openjdk17 is not available with CentOS7 and that
the folder indeed does not exist.
To avoid misinterpretation
- add a folder existence check in related script
before propagating JAVA_HOME variable to other scripts
- if no folder was found, try to find an approaching solution
and exit in case of failure with a more relevant error message
- adapt and refactor code consequently to be more agnostic to
distribution and jdk installation specificities
Signed-off-by: guillaume.lambert <guillaume.lambert@orange.com>
Change-Id: I585cb34e8126ac5827ae33b5c1ed771fd78b3d10
Anil Belur [Fri, 9 Sep 2022 03:35:05 +0000 (13:35 +1000)]
Feat: Upgrade git-review to 2.3.1
The previous version of git-review is incompatible with the latest
version of git due to renaming flags.
Error:
Errors running git rebase -p -i remotes/gerrit/master
fatal: --preserve-merges was replaced by --rebase-merges
This is fixed in 2.2.0, upgrade to 2.3.1 its more recent.
Ref: https://review.opendev.org/c/opendev/git-review/+/818219
Issue-ID: RELENG-4418
Change-Id: I6057f4a197aa6ae38598b51d3ed62b8b0948db67
Signed-off-by: Anil Belur <abelur@linuxfoundation.org>
Anil Belur [Wed, 7 Sep 2022 12:20:28 +0000 (22:20 +1000)]
Feat!: Re-factor lf-activate-venv() to re-use venv
Add new CLI option to set venv file.
Example:
lf-activate-venv --venv-file /tmp/.robot_venv \
robotframework
Modify lf-activate-venv() to allow creation of a venv file and re-use
the venv to improve job performance. When a dependency is already
installed, pip skips the package therefore reduces the time it takes
to create venv in every script.
Precedence for venv file.
a. Re-use an existing venv file if one exists.
1. Use venv file path from --venv-file
2. Use default venv file path "/tmp/.os_lf_venv"
b. Create new venv when 1. and 2. is absent
Note: The default file "/tmp/.os_lf_venv" is created by a pre-build
script (../shell/python-tools-install.sh).
In the situation where a fresh venv is required remove
"/tmp/.os_lf_venv" before calling lf-activate-venv().
Update all the required scripts that call lf-activate-venv().
Issue-ID: RELENG-4403
Change-Id: I559f759a8dba7eca0a62f8b73a360dc627699ed2
Signed-off-by: Anil Belur <abelur@linuxfoundation.org>
Anil Belur [Thu, 1 Sep 2022 03:03:24 +0000 (13:03 +1000)]
Fix: Use lf-activate-venv to install openstack dep
Using python-tools-install.sh for the pre/post build is not recommended
approach for installing python dependencies since this installs the
dependencies with `--user` option (removed in I821a86ac3b54f284e8).
Instead use lf-activate-venv to setup an venv and pull in the required
dependencies and save the path of the virtualenv in a temp file that
can be checked before attempting to create a venv.
Issue-ID: RELENG-4357
Change-Id: I00bbf08921a3ddc6349e74e9cd9d6316b0876749
Signed-off-by: Anil Belur <abelur@linuxfoundation.org>
Sangwook Ha [Wed, 31 Aug 2022 06:54:49 +0000 (23:54 -0700)]
Fix: Update pyenv version selection
lf-pyver() fails to include the currently selected version in the output
of 'pyenv versions', which makes the version change every time the local
version is set by pyenv with the version from lf-pyver().
Fix the command to extract the list of Python versions to include all
the numeric versions in the list.
Issue-ID: RELENG-4403
Change-Id: I8eb1a1842a9ccd7514f096ec6989559a5526c3b6
Signed-off-by: Sangwook Ha <sangwook.ha@verizon.com>
Signed-off-by: Anil Belur <abelur@linuxfoundation.org>
Anil Belur [Tue, 30 Aug 2022 11:31:05 +0000 (21:31 +1000)]
Fix: Install yq through lf-activate-venv
Install yq through lf-activate-venv instead of the
python tools install script.
Change-Id: Ifd36a7820854e2a1ee15447c966fc3e4629c9fe4
Issue-ID: RELENG-4357
Signed-off-by: Anil Belur <abelur@linuxfoundation.org>
Anil Belur [Tue, 30 Aug 2022 01:14:13 +0000 (11:14 +1000)]
Fix: Update python tools install
- Set the default version of python3 instead of 3.8.x since
some of the older images may not have this version installed.
The default version is only used when lf-env.sh is not
available.
- CR I821a86ac3b54f2 sets and uses python 3.x version
made available by pyenv therefore remove the --user
option which is no longer required.
Issue-ID: RELENG-4357
Change-Id: Ic01b696354434291b49c5f8a125fd6593ca37c96
Signed-off-by: Anil Belur <abelur@linuxfoundation.org>
Anil Belur [Tue, 23 Aug 2022 04:02:18 +0000 (14:02 +1000)]
Feat: Set python3 version from pyenv
Use pyenv whih is the standard way to manage, set and use a python3
installation on the system.
The required version of python3 for all jobs should be > 3.8.x, to
avoid PyPI dependencies conflicts with outdated versions. However the
lf-activate-venv() uses the system default version python installed
through packages. This can cause warning and build failures that source
lf-env.sh.
Update lf-activate-venv to use pyenv versions of python3 installed
through the lfit.python-install galaxy ansible role.
Issue-ID: RELENG-4357
Change-Id: I821a86ac3b54f284e853316f0d782ad551249925
Signed-off-by: Anil Belur <abelur@linuxfoundation.org>
Anil Belur [Tue, 9 Aug 2022 08:35:51 +0000 (18:35 +1000)]
Chore: Cleanup unused deprecated code
Cleanup lftools_activate is no longer used or supported.
Signed-off-by: Anil Belur <abelur@linuxfoundation.org>
Change-Id: Ie6a23f2697e14bbfc400ff8362a9426c984402be
Anil Belur [Tue, 9 Aug 2022 08:27:51 +0000 (18:27 +1000)]
Chore: Fix bashate warnings
./shell/common-variables.sh:21:1: E006 Line too long
./shell/common-variables.sh:26:1: E006 Line too long
./shell/docker-build.sh:20:1: E006 Line too long
./shell/docker-login.sh:50:1: E006 Line too long
./shell/docker-push.sh:18:1: E006 Line too long
./shell/gerrit-branch-lock.sh:49:1: E006 Line too long
./shell/gerrit-branch-lock.sh:50:1: E006 Line too long
./shell/gerrit-branch-lock.sh:56:1: E006 Line too long
Issue-ID: RELENG-4358
Change-Id: I37198320bc512f2c75c47346e991ea0f0a182fab
Signed-off-by: Anil Belur <abelur@linuxfoundation.org>
Anil Belur [Tue, 9 Aug 2022 07:22:42 +0000 (17:22 +1000)]
Chore: Fix bashate warnings
./shell/autotools-sonarqube.sh:59:1: E006 Line too long
./shell/check-info-votes.sh:45:1: E006 Line too long
./shell/check-info-votes.sh:54:1: E006 Line too long
./shell/check-info-votes.sh:56:1: E006 Line too long
./shell/cmake-sonar.sh:25:1: E006 Line too long
./shell/cmake-sonar.sh:31:1: E006 Line too long
./shell/cmake-sonar.sh:49:1: E006 Line too long
./shell/cmake-sonarqube.sh:31:1: E006 Line too long
./shell/cmake-sonarqube.sh:44:1: E006 Line too long
./shell/cmake-stage.sh:42:1: E006 Line too long
./shell/cmake-stage.sh:64:1: E006 Line too long
./shell/cmake-stage.sh:68:1: E006 Line too long
Issue-ID: RELENG-4358
Signed-off-by: Anil Belur <abelur@linuxfoundation.org>
Change-Id: I5f4a9dab38287901fcac9937fec111a1020de27e
Andrew Grimberg [Fri, 19 Aug 2022 17:13:56 +0000 (17:13 +0000)]
Merge "Chore: Fix bashate warnings"
Andrew Grimberg [Fri, 19 Aug 2022 17:12:06 +0000 (17:12 +0000)]
Merge "Fix: safer behaviour handling java variables"
Matthew Watkins [Tue, 16 Aug 2022 16:08:39 +0000 (17:08 +0100)]
Fix: safer behaviour handling java variables
Detect both Debian and Ubuntu when configuring java runtime parameters.
This works around a minor OS detection bugs that applies to Docker
containers. Also, improved the handling of an unset variable when
setting the java runtime. This reduces the likelihood of rewriting a
working variable with a broken one.
Change-Id: I69c0756d740430dabef823fa8eed8cbf67e343c6
Signed-off-by: Matthew Watkins <mwatkins@linuxfoundation.org>
Anil Belur [Tue, 9 Aug 2022 04:08:11 +0000 (14:08 +1000)]
Chore: Fix bashate warnings
./jenkins-init-scripts/disable-firewall.sh:19:1: E006 Line too long
./jjb-compare-xml.sh:28:1: E006 Line too long
./jjb-compare-xml.sh:59:1: E006 Line too long
Issue-ID: RELENG-4358
Change-Id: I0ab6d09e9904ec1eb93ef9f8248ea29048c632f3
Signed-off-by: Anil Belur <abelur@linuxfoundation.org>
Andrew Grimberg [Wed, 17 Aug 2022 17:36:13 +0000 (10:36 -0700)]
CI: Require RELENG changes in commit messages
To make sure that JSD issues are not being referenced since that is not
public data, we will now start enforcing a requirement that commits have
a RELENG issue associated with them.
Issue: RELENG-4375
Change-Id: Ia7800de3097e30670d83b3fdcce0191144cea3a7
Signed-off-by: Andrew Grimberg <agrimberg@linuxfoundation.org>
Anil Belur [Wed, 17 Aug 2022 02:21:23 +0000 (02:21 +0000)]
Merge "Feat: Upgrade packer version to v1.8.2"
Anil Belur [Wed, 10 Aug 2022 00:58:41 +0000 (10:58 +1000)]
Feat: Upgrade packer version to v1.8.2
v1.8.2 addresses certain security issues which may not
directly imapact us.
Issue-ID: IT-24377
Change-Id: I275e99e8a7debdf9cae4ca943e19125293d9560b
Signed-off-by: Anil Belur <abelur@linuxfoundation.org>
Andrew Grimberg [Tue, 16 Aug 2022 23:10:46 +0000 (23:10 +0000)]
Merge "Fix: Update lf-activate-env code comment"
Anil Belur [Mon, 8 Aug 2022 11:58:24 +0000 (21:58 +1000)]
Fix: Update lf-activate-env code comment
Fix lf-activate-env code comment. The comment suggests
using just the version number ``--python <x.y>``, however
as per the code the correct format as per the code is
``--python python<x.y>``
Also update the fix in the
9915b0bb42077428478e2.
Change-Id: Ic135036ded75f0b16525ef78bdec9e90c72a5c44
Issue-ID: RELENG-4348
Signed-off-by: Anil Belur <abelur@linuxfoundation.org>
Jessica Wagantall [Mon, 8 Aug 2022 19:28:32 +0000 (12:28 -0700)]
Add SBOM report to staging package
The SBOM report should be made available as part of the
build's artifacts as well as part of the staging package.
Copy the SBOM report to the m2repo so that is signed by
SIGUL and packaged along with the staging artifacts.
Issue: RELENG-4356
Signed-off-by: Jessica Wagantall <jwagantall@linuxfoundation.org>
Change-Id: I360bb4a26e7b70d9ec6ce8848ecc3365abb8b034
Anil Belur [Tue, 2 Aug 2022 00:34:36 +0000 (10:34 +1000)]
Fix: Set lf-activate-env to use Python 3.8
Set lf-activate-env to use Python 3.8 while running lftools deploy
logs. This fixes the below warnings which when jobs try to use
default version of python 3.6 which is EOL.
CryptographyDeprecationWarning: Python 3.6 is no longer supported
by the Python core team. Therefore, support for it is deprecated in
cryptography and will be removed in a future release.
PythonDeprecationWarning: Boto3 will no longer support Python 3.6
starting May 30, 2022. To continue receiving service updates, bug
fixes, and security updates please upgrade to Python 3.7 or later.
Issue-ID: RELENG-4348
Change-Id: I7177eda0afab58bd775801e955c8759c57554ff3
Signed-off-by: Anil Belur <abelur@linuxfoundation.org>
Anil Belur [Tue, 26 Jul 2022 21:20:50 +0000 (07:20 +1000)]
Fix: Ignore unbounded variable BUILD_RESULT
Error: BUILD_RESULT: unbound variable
Change-Id: Iefbf3d6f658632990529015f35336cadb65e379c
Signed-off-by: Anil Belur <abelur@linuxfoundation.org>
Jessica Wagantall [Tue, 12 Jul 2022 22:32:09 +0000 (15:32 -0700)]
Update SBOM generator script
- Allow the usage of a maven settings file to resolve transitive
dependencies
- Update sbom file name to reflect more information
Issue: RELENG-4300
Signed-off-by: Jessica Wagantall <jwagantall@linuxfoundation.org>
Change-Id: Ibc5f636a946879282b594c3975a1ca53bc159f6a
Anil Belur [Tue, 5 Jul 2022 22:52:41 +0000 (08:52 +1000)]
Feat: Upgrade NexusIQ Client 1.140.0-01.
Issue-ID: RELENG-4306
Change-Id: Ic48cdfc7303e20a1070bfd35e26f22649520b6f0
Signed-off-by: Anil Belur <abelur@linuxfoundation.org>
Eric Ball [Wed, 8 Jun 2022 13:38:28 +0000 (06:38 -0700)]
Fix: Remove hosts file creation in sigul-install
Our Sigul bridges now have publicly accessible DNS names, so it is no
longer necessary to create an entry in the hosts file.
Issue: RELENG-4269
Change-Id: I8417747b598d4fad3bfef192ccf1056899ffdf0a
Signed-off-by: Eric Ball <eball@linuxfoundation.org>
Anil Belur [Tue, 31 May 2022 23:54:05 +0000 (09:54 +1000)]
Fix: Update script and Dockerfile
Fix URL path indent, add a default ARG to the Dockerfile to
remove WARNING. Set the .asc files permissions to jenkins after
the sigul has signed the files.
Issue-ID: IT-23826
Change-Id: Idfa32e797320e7a580516a4b137202faf5bd37b0
Signed-off-by: Anil Belur <abelur@linuxfoundation.org>
Andrew Grimberg [Tue, 31 May 2022 16:00:35 +0000 (16:00 +0000)]
Merge "Fix: Sign artifacts on CentOS Stream 8/9"
Anil Belur [Thu, 26 May 2022 23:58:32 +0000 (09:58 +1000)]
Fix: Sign artifacts on CentOS Stream 8/9
Update the sigul-sign-dir.sh to sign artifacts using docker.
The docker image is built on CentOS Streams 8/9. The newer version
of sigul 1.1.1 available for CentOS 8 is not backwords compatible
with the version of sigul on CentOS 7.
As a temporary workaround build a CentOS7 docker image with
sigul installed and use it for signing artificats on platforms
where sigul is not readly available.
Issue-ID: IT-23826
Change-Id: Ie22e23240f7fe388219c0afc4d4c229f390efa9c
Signed-off-by: Anil Belur <abelur@linuxfoundation.org>
Anil Belur [Fri, 27 May 2022 03:30:16 +0000 (13:30 +1000)]
Fix: bashate E006 warnings for lines > 80 chars
Change-Id: Id0ddfbe03e2853019a53b3a76af7f63256c05582
Signed-off-by: Anil Belur <abelur@linuxfoundation.org>
Anil Belur [Tue, 24 May 2022 21:29:25 +0000 (07:29 +1000)]
Fix: Pin openstacksdk<0.99
This fixes the builder-openstack-cron job.
With the recent updates on the pypi dependencies,
some of attributes of various resources may have been
named differently to follow SDK attribute naming convention.
Issue-ID: RELENG-4243
Change-Id: Iadcfe9ddc9645ad6743bde9498ec85599f6fcf06
Signed-off-by: Anil Belur <abelur@linuxfoundation.org>
Andrew Grimberg [Thu, 19 May 2022 16:55:43 +0000 (09:55 -0700)]
Chore: Update pre-commit hooks
github.com/pre-commit/pre-commit-hooks: v4.0.1 -> v4.2.0
github.com/pre-commit/mirrors-prettier: v2.4.1 -> v2.6.2
github.com/jorisroovers/gitlint: v0.16.0 -> v0.17.0
github.com/jumanjihouse/pre-commit-hooks: 2.1.5 -> 2.1.6
github.com/btford/write-good: v1.0.4 -> v1.0.8
Change-Id: I26bff86b5b0f9c6c624b9b2ba0400b6dadb59c2c
Signed-off-by: Andrew Grimberg <agrimberg@linuxfoundation.org>
Andrew Grimberg [Wed, 18 May 2022 17:58:24 +0000 (10:58 -0700)]
Chore: Upgrade base version of JJB to 4.1.0
JJB has been pinned to v2.8.0 for nearly 2 years. It's time move on,
particularly since we've been hard at work dropping support for Python
2.7. This also brings in needed fixes to support recent changes in how
many plugins for Jenkins are getting versioned.
Change-Id: I1ee78f1b7b5a8fa019cb6fe5a322d02ff8d114e2
Signed-off-by: Andrew Grimberg <agrimberg@linuxfoundation.org>
Jessica Wagantall [Wed, 27 Apr 2022 19:09:12 +0000 (12:09 -0700)]
Fix: Add maven pre and post build scripts
Optionally run a script before and/or after maven goals.
This will help add dependencies and post process builds with more
flexibility to the project's needs.
Issue: IT-23957
Signed-off-by: Jessica Wagantall <jwagantall@linuxfoundation.org>
Change-Id: I7075972c796a2cac17d9ad7ec9e99be1699354c3
Andrew Grimberg [Wed, 27 Apr 2022 18:17:11 +0000 (18:17 +0000)]
Merge "Fix: Isolate SBOM PATH flag"
Jessica Wagantall [Wed, 27 Apr 2022 02:30:50 +0000 (19:30 -0700)]
Fix: Isolate SBOM PATH flag
SBOM's path flag does not work as expected. We need to introduce a new
flag called SBOM_PATH to isolate the path where SBOM is going to be
extracted to and executed from. By default this is set to $WORKSPACE but
some projects need to execute the sbom from a different location in their
code. See https://github.com/opensbom-generator/spdx-sbom-generator/issues/227
Issue: RELENG-4213
Signed-off-by: Jessica Wagantall <jwagantall@linuxfoundation.org>
Change-Id: Ibaaf4f89035f8aa9a773e199cf0cacb6c1e14947
Eric Ball [Thu, 21 Apr 2022 23:43:59 +0000 (16:43 -0700)]
Feat: Choose best python version to run venv
We've seen problems with capture-instance-metadata.sh choosing the
best python path, so this should help get the best version on each
builder.
If the $PYTHON variable is set, this will be used. If not, we check to
see if python3 is available, as this should point to the latest
version. If this is also not available, we run with the basic python
command.
Change-Id: I9950cc286c72fd17eac7a3c678ef8ca04ccd8921
Signed-off-by: Eric Ball <eball@linuxfoundation.org>
Anil Belur [Wed, 20 Apr 2022 23:56:25 +0000 (09:56 +1000)]
Revert "Fix: Remove "--python" flag from venv act"
This reverts commit
18d90a9e0b74515b6aa2ac8fc4a17b9d98a7680e.
The issue does not happen on C7/C8 but mostly on Ubuntu and
needs to be addressed elsewhere.
Change-Id: I54abbea2550ed6d80e3c7d75ab86d246c0ec98d2
Signed-off-by: Anil Belur <abelur@linuxfoundation.org>