-
Notifications
You must be signed in to change notification settings - Fork 272
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Create a Jenkinsfile to run scan on OpenSearch-projects repos #1268
Conversation
Signed-off-by: Zelin Hao <zelinhao@amazon.com>
Codecov Report
@@ Coverage Diff @@
## main #1268 +/- ##
============================================
+ Coverage 92.87% 94.09% +1.22%
- Complexity 9 11 +2
============================================
Files 97 127 +30
Lines 2441 2863 +422
Branches 3 10 +7
============================================
+ Hits 2267 2694 +427
+ Misses 170 159 -11
- Partials 4 10 +6
Continue to review full report at Codecov.
|
What do you think about moving the list of repos to scan into Jenkinsfile and use the list to generate stages that are then executed in parallel? (e.g. kicks off a job with the argument of repo to scan, then waits for all the started jobs, or maybe there's a way to create stages dynamically). |
The reason I keep the list of repos in |
Signed-off-by: Zelin Hao <zelinhao@amazon.com>
Signed-off-by: Zelin Hao <zelinhao@amazon.com>
Signed-off-by: Zelin Hao zelinhao@amazon.com
Description
Since #1181 is not working because of GHA. We will now use Jenkins to automate WhiteSource scan. All repos included in
wss-scan.config
are tested to be running properly in Jenkins. "OpenSearch" is not included since we have encountered some issues scanning it within docker container.Refer to #1157, WhiteSource integration may not work correctly at this time. They have an issue on their side. We are switching to our Plan B using Jenkins for automating WhiteSource scan based on old script from ODFE. This workflow will update the scan results in main product "OpenSearch" on WhiteSource dashboard.
Issues Resolved
part of #1157
Check List
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.