[CI] Issue: HPCINFRA-3441 move antivirus scan to release job

Move the antivirus scan step from the regular matrix file to the release matrix file

Signed-off-by: Noam Tsemah <[email protected]>

Author: ntsemah

.ci/antivirus.sh

@@ -4,44 +4,32 @@ echo -e "\n\n**********************************"
 echo -e "\n\nStarting antivirus.sh script...\n\n"
 echo -e "**********************************\n\n"
 
-if [ -z "$1" ]; then
-    if [ -z "${release_folder}" ]; then
-        echo "ERROR: Please use the first script argument or env var 'release_folder'. Exit"
-    fi
-else
-    release_folder=$1
-fi
-if [ ! -e "${release_folder}" ] || [ ! -d "${release_folder}" ]; then
-    echo "ERROR: [${release_folder}] directory doesn't exist. Exit"
-    exit 1
-fi
-
-if [ -z "$2" ]; then
-    if [ -z "${release_version}" ]; then
-        echo "ERROR: Please use the second script argument or env var 'release_version'. Exit"
-    fi
-else
-    release_version=$2
-    echo "FULL_VERSION from script parameter: [${release_version}]"
-fi
-if [ -z "${release_version}" ]; then
-    release_version=$(git describe --tags $(git rev-list --tags --max-count=1))
+[[ -z "$WORKSPACE" ]] && { echo "ERROR: WORKSPACE variable is empty"; exit 1; }
+[[ ! -d "$WORKSPACE" ]] && { echo "ERROR: ${WORKSPACE} does not exist"; exit 1; }
+[[ -z "$release_folder" ]] && { echo "ERROR: release_folder variable is empty"; exit 1; }
+[[ ! -d "$release_folder" ]] && { echo "ERROR: ${release_folder} does not exist"; exit 1; }
+[[ -z "$release_tag" ]] && { echo "ERROR: release_tag variable is empty"; exit 1; }
+
+if [ -z "${revision}" ]; then
+    echo "WARN: 'revision' was not set, defaulting to 1"
+    revision=1
 fi
 
-mkdir -p logs
+cd "${release_folder}/${release_tag}/"
+pkg_name=$(ls -1 libxlio-"${release_tag}"-"${revision}".src.rpm)
 
-cd ${release_folder}/${release_version}/
-pkg_name=$(ls -1 libxlio-*.src.rpm)
+if ! [[ -e "$pkg_name" ]]; then
+    echo "ERROR: ${release_folder}/${release_tag}/${pkg_name} does not exist. Exit"
+    exit 1
+fi
 
-export PROJECT_SRC_PATH=${release_folder}/${release_version}/$pkg_name
-LOG=$WORKSPACE/logs/${name}_antivirus.log
+mkdir -p "${WORKSPACE}/logs/"
+LOG="${WORKSPACE}/logs/${pkg_name}_antivirus.log"
 
-sudo -E -u swx-jenkins /auto/GLIT/SCRIPTS/HELPERS/antivirus-scan.sh $PROJECT_SRC_PATH 2>&1 | tee $LOG
+sudo -E -u swx-jenkins /auto/GLIT/SCRIPTS/HELPERS/antivirus-scan.sh "${release_folder}/${release_tag}/${pkg_name}" 2>&1 | tee "$LOG"
 
-cat $LOG | grep 'Possibly Infected:.............     0'
-if [ $? -ne 0 ];then
-    status=1
+if grep -q 'Possibly Infected:.............     0' "$LOG"; then
+    exit 0
 else
-    status=0
+    exit 1
 fi
-exit $status

.ci/matrix_job.yaml

@@ -26,9 +26,6 @@ volumes:
   - {mountPath: /auto/sw_tools/Commercial, hostPath: /auto/sw_tools/Commercial}
   - {mountPath: /hpc/local/commercial, hostPath: /hpc/local/commercial}
   - {mountPath: /hpc/local/etc/modulefiles, hostPath: /hpc/local/etc/modulefiles}
-  # for Antivirus
-  - {mountPath: /auto/BACKUP/logs_of_LOGS, hostPath: /auto/BACKUP/logs_of_LOGS}
-  - {mountPath: /auto/GLIT/SCRIPTS/HELPERS, hostPath: /auto/GLIT/SCRIPTS/HELPERS}
   # Default release location
   - {mountPath: /auto/sw/release/sw_acceleration, hostPath: /auto/sw/release/sw_acceleration}
   # User profile for release
@@ -209,16 +206,6 @@ steps:
     archiveArtifacts-onfail: |
       jenkins/**/arch-*.tar.gz
 
-  - name: Antivirus
-    enable: ${do_antivirus}
-    containerSelector:
-      - "{name: 'rhel8.3-mofed-x86_64', category: 'base', variant: 1}"
-    agentSelector:
-      - "{nodeLabel: 'skip-agent'}"
-    run: |
-      env WORKSPACE=$PWD .ci/antivirus.sh ${release_folder}
-    archiveArtifacts: 'logs/'
-
   - name: Style
     enable: ${do_style}
     containerSelector:

.ci/opensource_jjb.yaml

@@ -53,10 +53,6 @@
             name: "do_package"
             default: true
             description: "Check tar, source and binary packages."
-        - bool:
-            name: "do_antivirus"
-            default: false
-            description: "Run Antivirus."
         - bool:
             name: "do_cppcheck"
             default: true

.ci/pipeline/release_jjb.yaml

@@ -35,6 +35,10 @@
             name: "do_release"
             default: true
             description: "Release build packges into the release folder, set to false for debugging"
+        - bool:
+            name: "do_antivirus"
+            default: true
+            description: "Run Antivirus."
         - string:
             name: "notification_email"
             default: "{jjb_release_email}"

.ci/pipeline/release_matrix_job.yaml

@@ -21,6 +21,8 @@ volumes:
   - {mountPath: /auto/sw/release/sw_acceleration, hostPath: /auto/sw/release/sw_acceleration}
   # User profile for release
   - {mountPath: /var/home/swx-jenkins, hostPath: /labhome/swx-jenkins}
+  # for Antivirus
+  - {mountPath: /auto/GLIT/SCRIPTS/HELPERS, hostPath: /auto/GLIT/SCRIPTS/HELPERS}
 
 runs_on_dockers:
   - {
@@ -32,7 +34,6 @@ runs_on_dockers:
       tag: '20250304'
     }
 
-
 steps:
   - name: Build-dpcp
     parallel: false
@@ -47,6 +48,12 @@ steps:
      .ci/do_release.sh
     archiveArtifacts: "**/build_pkg.log,**/packages/*.rpm"
 
+  - name: Antivirus
+    enable: ${do_antivirus}
+    run: |
+      env WORKSPACE=$PWD .ci/antivirus.sh
+    archiveArtifacts: 'logs/'
+
 pipeline_start:
     shell: action
     module: groovy