From 963997c4979d53167cd6a3a1bff64980768d8e4c Mon Sep 17 00:00:00 2001 From: Zuhayr Elahi Date: Fri, 23 Aug 2019 10:49:07 -0700 Subject: [PATCH 1/8] ADDED License scan stage to occur pre-commit in Jenkins Signed-off-by: Zuhayr Elahi --- Jenkinsfile | 17 +++++++++++++++++ Makefile | 13 +++++++++++++ vars.mk | 4 ++++ 3 files changed, 34 insertions(+) diff --git a/Jenkinsfile b/Jenkinsfile index 4ed6a4a9..f7d6d8f3 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -35,6 +35,23 @@ pipeline { } } } + stage("License Scan") { + environment { + FOSSA_API_KEY=credentials('cb07b147-32a4-4400-aaac-21c3f8c9e62e') + } + agent { + label 'ubuntu-1604-aufs-edge' + } + steps { + dir('src/github.com/docker/app') { + checkout scm + ansiColor(xterm) { + sh "BRANCH_NAME='${BRANCH_NAME}' make fossa-analyze" + sh 'make fossa-test' + } + } + } + } stage("Binaries"){ agent { label 'ubuntu-1604-aufs-edge' diff --git a/Makefile b/Makefile index 77f18b40..931e0ccb 100644 --- a/Makefile +++ b/Makefile @@ -111,6 +111,19 @@ coverage: coverage-test-unit coverage-test-e2e ## run tests with coverage go tool cover -func _build/cov/all.out go tool cover -html _build/cov/all.out -o _build/cov/coverage.html +fossa-analyze: + docker run -i --rm -e FOSSA_API_KEY=$(FOSSA_API_KEY) \ + -e GO111MODULE=off \ + -v $(CURDIR)/$*:/go/src/github.com/docker/app \ + -w /go/src/github.com/docker/app \ + $(BUILD_ANALYZER) analyze $(FOSSA_OPTS) --branch $(BRANCH_NAME) + +fossa-test: + docker run -i --rm -e FOSSA_API_KEY=$(FOSSA_API_KEY) \ + -v $(CURDIR)/$*:/go/src/github.com/docker/app \ + -w /go/src/github.com/docker/app \ + $(BUILD_ANALYZER) test --debug + clean: ## clean build artifacts $(call rmdir,bin) $(call rmdir,_build) diff --git a/vars.mk b/vars.mk index 10da1a46..5ae7f130 100644 --- a/vars.mk +++ b/vars.mk @@ -3,6 +3,10 @@ BIN_NAME ?= docker-app BIN_STANDALONE_NAME := ${BIN_NAME}-standalone E2E_NAME := $(BIN_NAME)-e2e +# Variables for fossa scan +BUILD_ANALYZER?=dockereng/fossa-analyzer +FOSSA_OPTS?=--option all-tags:true --option allow-unresolved:true + # Enable experimental features. "on" or "off" EXPERIMENTAL := off From 770325ba8592a35c30c76e7dcb4e47c3d6b6ea5f Mon Sep 17 00:00:00 2001 From: Zuhayr Elahi Date: Fri, 23 Aug 2019 15:40:58 -0700 Subject: [PATCH 2/8] Moved License Scan to Validate stage Signed-off-by: Zuhayr Elahi --- Jenkinsfile | 45 +++++++++++++++++++++------------------------ 1 file changed, 21 insertions(+), 24 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index f7d6d8f3..bc1d10dc 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -1,5 +1,12 @@ properties([buildDiscarder(logRotator(numToKeepStr: '20'))]) +hubCred = [ + $class: 'UsernamePasswordMultiBinding', + usernameVariable: 'REGISTRY_USERNAME', + passwordVariable: 'REGISTRY_PASSWORD', + credentialsId: 'orcaeng-hub.docker.com', +] + pipeline { agent { label 'linux && x86_64' @@ -17,25 +24,6 @@ pipeline { stage('Build') { parallel { stage("Validate") { - agent { - label 'ubuntu-1604-aufs-edge' - } - steps { - dir('src/github.com/docker/app') { - checkout scm - ansiColor('xterm') { - sh 'make -f docker.Makefile lint' - sh 'make -f docker.Makefile check-vendor' - } - } - } - post { - always { - deleteDir() - } - } - } - stage("License Scan") { environment { FOSSA_API_KEY=credentials('cb07b147-32a4-4400-aaac-21c3f8c9e62e') } @@ -43,14 +31,23 @@ pipeline { label 'ubuntu-1604-aufs-edge' } steps { - dir('src/github.com/docker/app') { - checkout scm - ansiColor(xterm) { - sh "BRANCH_NAME='${BRANCH_NAME}' make fossa-analyze" - sh 'make fossa-test' + withCredentials([hubCred]) { + dir('src/github.com/docker/app') { + checkout scm + ansiColor('xterm') { + sh 'make -f docker.Makefile lint' + sh 'make -f docker.Makefile check-vendor' + sh "BRANCH_NAME='${BRANCH_NAME}' make fossa-analyze" + sh 'make fossa-test' + } } } } + post { + always { + deleteDir() + } + } } stage("Binaries"){ agent { From f1a8f735669e78de43e1774ed8f2c0a976ab52f5 Mon Sep 17 00:00:00 2001 From: Zuhayr Elahi Date: Mon, 26 Aug 2019 09:59:12 -0700 Subject: [PATCH 3/8] Migrated fossa scans to private Jenkins Signed-off-by: Zuhayr Elahi --- Jenkinsfile | 24 +++++------------------- Jenkinsfile.baguette | 17 +++++++++++++++++ 2 files changed, 22 insertions(+), 19 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index bc1d10dc..4ed6a4a9 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -1,12 +1,5 @@ properties([buildDiscarder(logRotator(numToKeepStr: '20'))]) -hubCred = [ - $class: 'UsernamePasswordMultiBinding', - usernameVariable: 'REGISTRY_USERNAME', - passwordVariable: 'REGISTRY_PASSWORD', - credentialsId: 'orcaeng-hub.docker.com', -] - pipeline { agent { label 'linux && x86_64' @@ -24,22 +17,15 @@ pipeline { stage('Build') { parallel { stage("Validate") { - environment { - FOSSA_API_KEY=credentials('cb07b147-32a4-4400-aaac-21c3f8c9e62e') - } agent { label 'ubuntu-1604-aufs-edge' } steps { - withCredentials([hubCred]) { - dir('src/github.com/docker/app') { - checkout scm - ansiColor('xterm') { - sh 'make -f docker.Makefile lint' - sh 'make -f docker.Makefile check-vendor' - sh "BRANCH_NAME='${BRANCH_NAME}' make fossa-analyze" - sh 'make fossa-test' - } + dir('src/github.com/docker/app') { + checkout scm + ansiColor('xterm') { + sh 'make -f docker.Makefile lint' + sh 'make -f docker.Makefile check-vendor' } } } diff --git a/Jenkinsfile.baguette b/Jenkinsfile.baguette index a383b5a6..f05d60bc 100644 --- a/Jenkinsfile.baguette +++ b/Jenkinsfile.baguette @@ -56,6 +56,23 @@ pipeline { } } } + stage("License Scan") { + environment { + FOSSA_API_KEY=credentials('cb07b147-32a4-4400-aaac-21c3f8c9e62e') + } + agent { + label 'ubuntu-1604-aufs-edge' + } + steps { + dir('src/github.com/docker/app') { + checkout scm + ansiColor('xterm') { + sh "BRANCH_NAME='${BRANCH_NAME}' make fossa-analyze" + sh 'make fossa-test' + } + } + } + } stage('Invocation image'){ agent { label 'ubuntu-1804' From 814df63285d6bd0149ef21062db88ec4287f7688 Mon Sep 17 00:00:00 2001 From: Zuhayr Elahi Date: Mon, 26 Aug 2019 11:05:27 -0700 Subject: [PATCH 4/8] ADDED hub credentials for downloading fossa-image Signed-off-by: Zuhayr Elahi --- Jenkinsfile.baguette | 20 +++++++++++++++----- 1 file changed, 15 insertions(+), 5 deletions(-) diff --git a/Jenkinsfile.baguette b/Jenkinsfile.baguette index f05d60bc..b8964cc8 100644 --- a/Jenkinsfile.baguette +++ b/Jenkinsfile.baguette @@ -1,5 +1,12 @@ properties([buildDiscarder(logRotator(numToKeepStr: '20'))]) +hubCred = [ + $class: 'UsernamePasswordMultiBinding', + usernameVariable: 'REGISTRY_USERNAME', + passwordVariable: 'REGISTRY_PASSWORD', + credentialsId: 'orcaeng-hub.docker.com', +] + pipeline { agent { label 'ubuntu-1804' @@ -64,11 +71,14 @@ pipeline { label 'ubuntu-1604-aufs-edge' } steps { - dir('src/github.com/docker/app') { - checkout scm - ansiColor('xterm') { - sh "BRANCH_NAME='${BRANCH_NAME}' make fossa-analyze" - sh 'make fossa-test' + withCredentials([hubCred]) { + dir('src/github.com/docker/app') { + checkout scm + ansiColor('xterm') { + sh "docker login -u $REGISTRY_USERNAME -p $REGISTRY_PASSWORD" + sh "BRANCH_NAME='${BRANCH_NAME}' make fossa-analyze" + sh 'make fossa-test' + } } } } From 2b33692de863d3fce11b0ce7a1cad6e0b8ee07c4 Mon Sep 17 00:00:00 2001 From: Zuhayr Elahi Date: Mon, 26 Aug 2019 15:36:59 -0700 Subject: [PATCH 5/8] Removed dependencies from .fossa file and turned on GOMODULE Signed-off-by: Zuhayr Elahi --- .fossa.yml | 8 -------- Makefile | 2 +- 2 files changed, 1 insertion(+), 9 deletions(-) diff --git a/.fossa.yml b/.fossa.yml index 53301fdb..0430aa17 100644 --- a/.fossa.yml +++ b/.fossa.yml @@ -20,11 +20,3 @@ analyze: type: go target: github.com/docker/app/cmd/docker-app-standalone path: cmd/docker-app-standalone - - name: github.com/docker/app/pkg/yatee/gopher - type: go - target: github.com/docker/app/pkg/yatee/gopher - path: pkg/yatee/gopher - - name: github.com/docker/app/pkg/yatee/samples - type: go - target: github.com/docker/app/pkg/yatee/samples - path: pkg/yatee/samples diff --git a/Makefile b/Makefile index 931e0ccb..25697917 100644 --- a/Makefile +++ b/Makefile @@ -113,7 +113,7 @@ coverage: coverage-test-unit coverage-test-e2e ## run tests with coverage fossa-analyze: docker run -i --rm -e FOSSA_API_KEY=$(FOSSA_API_KEY) \ - -e GO111MODULE=off \ + -e GO111MODULE=on \ -v $(CURDIR)/$*:/go/src/github.com/docker/app \ -w /go/src/github.com/docker/app \ $(BUILD_ANALYZER) analyze $(FOSSA_OPTS) --branch $(BRANCH_NAME) From c2c17e63f9ff5bb20cdb7b6733f114e8c04946be Mon Sep 17 00:00:00 2001 From: Zuhayr Elahi Date: Thu, 12 Sep 2019 09:41:37 -0700 Subject: [PATCH 6/8] REMOVED class for password Signed-off-by: Zuhayr Elahi --- Jenkinsfile.baguette | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) diff --git a/Jenkinsfile.baguette b/Jenkinsfile.baguette index b8964cc8..0ddb099d 100644 --- a/Jenkinsfile.baguette +++ b/Jenkinsfile.baguette @@ -1,12 +1,5 @@ properties([buildDiscarder(logRotator(numToKeepStr: '20'))]) -hubCred = [ - $class: 'UsernamePasswordMultiBinding', - usernameVariable: 'REGISTRY_USERNAME', - passwordVariable: 'REGISTRY_PASSWORD', - credentialsId: 'orcaeng-hub.docker.com', -] - pipeline { agent { label 'ubuntu-1804' @@ -71,7 +64,10 @@ pipeline { label 'ubuntu-1604-aufs-edge' } steps { - withCredentials([hubCred]) { + withCredentials([ + usernamePassword(credentialsId: 'orcaeng-hub.docker.com', usernameVariable: 'REGISTRY_USERNAME', passwordVariable: 'REGISTRY_PASSWORD'), + string(credentialsId: 'fossa-api-key', variable: 'FOSSA_API_KEY') + ]) { dir('src/github.com/docker/app') { checkout scm ansiColor('xterm') { From 8c5c7b360d98b89d2e2d7b235adf712842bc1269 Mon Sep 17 00:00:00 2001 From: Zuhayr Elahi Date: Thu, 12 Sep 2019 12:33:32 -0700 Subject: [PATCH 7/8] MOVED FOSSA_API_KEY to use as credentials instead of in environment block Signed-off-by: Zuhayr Elahi --- Jenkinsfile.baguette | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/Jenkinsfile.baguette b/Jenkinsfile.baguette index 0ddb099d..cf3e1686 100644 --- a/Jenkinsfile.baguette +++ b/Jenkinsfile.baguette @@ -57,9 +57,6 @@ pipeline { } } stage("License Scan") { - environment { - FOSSA_API_KEY=credentials('cb07b147-32a4-4400-aaac-21c3f8c9e62e') - } agent { label 'ubuntu-1604-aufs-edge' } @@ -72,8 +69,8 @@ pipeline { checkout scm ansiColor('xterm') { sh "docker login -u $REGISTRY_USERNAME -p $REGISTRY_PASSWORD" - sh "BRANCH_NAME='${BRANCH_NAME}' make fossa-analyze" - sh 'make fossa-test' + sh "FOSSA_API_KEY=$FOSSA_API_KEY BRANCH_NAME='${BRANCH_NAME}' make fossa-analyze" + sh "FOSSA_API_KEY=$FOSSA_API_KEY make fossa-test" } } } From 95438afc522717dca4a9857e671201e20f0aca12 Mon Sep 17 00:00:00 2001 From: Zuhayr Elahi Date: Thu, 12 Sep 2019 15:46:31 -0700 Subject: [PATCH 8/8] Changed to use same creds as public Jenkins Signed-off-by: Zuhayr Elahi --- Jenkinsfile.baguette | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Jenkinsfile.baguette b/Jenkinsfile.baguette index cf3e1686..6bd33aa8 100644 --- a/Jenkinsfile.baguette +++ b/Jenkinsfile.baguette @@ -62,7 +62,7 @@ pipeline { } steps { withCredentials([ - usernamePassword(credentialsId: 'orcaeng-hub.docker.com', usernameVariable: 'REGISTRY_USERNAME', passwordVariable: 'REGISTRY_PASSWORD'), + usernamePassword(credentialsId: 'dockerbuildbot-hub.docker.com', usernameVariable: 'REGISTRY_USERNAME', passwordVariable: 'REGISTRY_PASSWORD'), string(credentialsId: 'fossa-api-key', variable: 'FOSSA_API_KEY') ]) { dir('src/github.com/docker/app') {