Update CLM job to use Nexus Policy Evaluation

Depends on JJB plugin support:
https://review.openstack.org/584581

Change-Id: I9b790183545f64c2d535163ae0eed9ed1ad5cc1e
Issue-ID: RELENG-1086
Signed-off-by: Jessica Wagantall <jwagantall@linuxfoundation.org>

diff --git a/docs/jjb/lf-macros.rst b/docs/jjb/lf-macros.rst
index 8a4fb0c..58ec793 100644 (file)
--- a/docs/jjb/lf-macros.rst
+++ b/docs/jjb/lf-macros.rst
@@ -228,6 +228,12 @@ Forcibly removes all of the docker images.
 Parameters
 ==========
 
+lf-clm-parameters
+-------------------
+
+Provides the policy evaluation stage to run against Nexus IQ Server.
+Valid values include: 'build', 'stage-release', 'operate'.
+
 lf-cmake-parameters
 -------------------
 

diff --git a/docs/jjb/lf-maven-jobs.rst b/docs/jjb/lf-maven-jobs.rst
index 9835e66..ccd4165 100644 (file)
--- a/docs/jjb/lf-maven-jobs.rst
+++ b/docs/jjb/lf-maven-jobs.rst
@@ -131,6 +131,8 @@ Produces a CLM scan of the code into Nexus IQ Server.
     :mvn-opts: Sets MAVEN_OPTS. (default: '')
     :mvn-params: Additional mvn parameters to pass to the cli. (default: '')
     :mvn-version: Version of maven to use. (default: mvn35)
+    :nexus-iq-stage: Stage the policy evaluation will be run against on
+        the Nexus IQ Server. (default: 'build')
     :stream: Keyword that can be used to represent a release code-name.
         Often the same as the branch. (default: master)
     :submodule-recursive: Whether to checkout submodules recursively.

diff --git a/jjb/lf-macros.yaml b/jjb/lf-macros.yaml
index 801cf97..bc1ce58 100644 (file)
--- a/jjb/lf-macros.yaml
+++ b/jjb/lf-macros.yaml
@@ -252,6 +252,15 @@
 # PARAMETERS #
 ##############
 
+- parameter:
+    name: lf-clm-parameters
+    parameters:
+      - string:
+          name: NEXUS_IQ_STAGE
+          default: '{nexus-iq-stage}'
+          description: |
+              Stage the policy evaluation will be run against on the Nexus IQ Server.
+
 - parameter:
     name: lf-cmake-parameters
     # Parameters useful in CMake builds.

diff --git a/jjb/lf-maven-jobs.yaml b/jjb/lf-maven-jobs.yaml
index 0d77755..6112f91 100644 (file)
--- a/jjb/lf-maven-jobs.yaml
+++ b/jjb/lf-maven-jobs.yaml
@@ -167,14 +167,41 @@
     mvn-opts: ''
     mvn-params: ''
     mvn-version: mvn35
+    nexus-iq-stage: 'build'
     staging-profile-id: ''  # Unused in this job
     stream: master
     submodule-recursive: true
 
+    nexus-iq-scan-patterns:
+      - '**/*.ear'
+      - '**/*.jar'
+      - '**/*.tar.gz'
+      - '**/*.war'
+      - '**/*.zip'
+
     gerrit_clm_triggers:
       - comment-added-contains-event:
           comment-contains-value: run-clm$
 
+    parameters:
+      - lf-infra-parameters:
+          project: '{project}'
+          branch: '{branch}'
+          stream: '{stream}'
+          lftools-version: '{lftools-version}'
+      - lf-infra-maven-parameters:
+          mvn-opts: '{mvn-opts}'
+          mvn-params: '{mvn-params}'
+          mvn-version: '{mvn-version}'
+          # Staging repos do not make sense for CLM jobs so set it blank.
+          staging-profile-id: '{staging-profile-id}'
+      - string:
+          name: ARCHIVE_ARTIFACTS
+          default: '{archive-artifacts}'
+          description: Artifacts to archive to the logs server.
+      - lf-clm-parameters:
+          nexus-iq-stage: '{nexus-iq-stage}'
+
     #####################
     # Job Configuration #
     #####################
@@ -192,8 +219,12 @@
           - ../shell/sonatype-clm.sh
       - lf-provide-maven-settings-cleanup
       - shell: 'find . -regex ".*karaf/target" | xargs rm -rf'
-      - sonatype-clm:
-          application-name: '{project-name}'
+      - nexus-iq-policy-evaluator:
+          stage: '{nexus-iq-stage}'
+          application-type: 'manual'
+          application-id: '{project-name}'
+          scan-patterns: '{nexus-iq-scan-patterns}'
+          fail-build-network-error: true
 
 - job-template:
     name: '{project-name}-maven-clm-{stream}'