8 files changed, 77 insertions, 17 deletions

diff --git a/global-jjb b/global-jjb
-Subproject 36bdbac77603d827912429a2db0794176564089
+Subproject e3364564e3f63cd337a5aafaadb483ba528ea4d
diff --git a/jjb/ci-management/ci-management-coverity.yaml b/jjb/ci-management/ci-management-coverity.yaml
index fadea8882..6003bf24e 100644
--- a/jjb/ci-management/ci-management-coverity.yaml
+++ b/jjb/ci-management/ci-management-coverity.yaml
@@ -41,6 +41,7 @@
     coverity-user-email: ''
     coverity-search-paths: ''
     coverity-search-exclude-regexs: ''
+    max-git-repo-age-hours: 0
     stream: master
     submodule-recursive: true
     submodule-timeout: 10
@@ -101,6 +102,14 @@
           name: DRY_RUN
           default: '{dry-run}'
           description: Do not submit results to Coverity Scan server at the end of the build.
+      - string:
+          name: 'MAX_GIT_REPO_AGE_HOURS'
+          default: '{max-git-repo-age-hours}'
+          description: >
+            If set to non-zero run the code scan only if there were no git
+            repository commits last MAX_GIT_REPO_AGE_HOURS hours.
+            It makes sense to set the value twice the 'cron' interval for the
+            job (e.g. if 'cron: @daily', then MAX_GIT_REPO_AGE_HOURS=48)
 
     triggers:
       - timed: '{obj:cron}'
diff --git a/jjb/msb/msb-discovery.yaml b/jjb/msb/msb-discovery.yaml
index 3c91a978c..3e2fe170f 100644
--- a/jjb/msb/msb-discovery.yaml
+++ b/jjb/msb/msb-discovery.yaml
@@ -14,8 +14,8 @@
           maven-versions-plugin: true
           container-public-registry: 'nexus3.onap.org:10001'
           container-staging-registry: 'nexus3.onap.org:10003'
-          mvn-pom: 'distributions/msb-apigateway/pom.xml'
-          mvn-params: '-f distributions/msb-apigateway/pom.xml -Dmaven.test.skip=true -P linux,docker'
+          mvn-pom: 'distributions/msb-discovery/pom.xml'
+          mvn-params: '-f distributions/msb-discovery/pom.xml -Dmaven.test.skip=true -P linux,docker'
     project: 'msb/discovery'
     stream:
       - 'master':
diff --git a/jjb/policy/policy-docker-base-common.yaml b/jjb/policy/policy-docker-base-common.yaml
index 196fb2b96..4551f15c8 100644
--- a/jjb/policy/policy-docker-base-common.yaml
+++ b/jjb/policy/policy-docker-base-common.yaml
@@ -22,6 +22,8 @@
     stream:
       - 'master':
           branch: 'master'
+      - 'elalto':
+          branch: 'elalto'
     mvn-settings: 'policy-docker-settings'
     files: '**'
     archive-artifacts: ''
diff --git a/jjb/sdc/sdc-jtosca.yaml b/jjb/sdc/sdc-jtosca.yaml
index 62896212f..4088aeba9 100644
--- a/jjb/sdc/sdc-jtosca.yaml
+++ b/jjb/sdc/sdc-jtosca.yaml
@@ -15,6 +15,8 @@
           sign-artifacts: true
           build-node: centos7-builder-4c-4g
           maven-versions-plugin: true
+      - '{project-name}-gerrit-release-jobs':
+          build-node: centos7-builder-4c-4g
 
     project: 'sdc/jtosca'
     stream:
diff --git a/jjb/sdc/sdc-sdc-tosca.yaml b/jjb/sdc/sdc-sdc-tosca.yaml
index 55633ee41..78c898662 100644
--- a/jjb/sdc/sdc-sdc-tosca.yaml
+++ b/jjb/sdc/sdc-sdc-tosca.yaml
@@ -15,6 +15,8 @@
           sign-artifacts: true
           build-node: centos7-builder-4c-4g
           maven-versions-plugin: true
+      - '{project-name}-gerrit-release-jobs':
+          build-node: centos7-builder-4c-4g
 
     project: 'sdc/sdc-tosca'
     stream:
diff --git a/jjb/sdc/sdc.yaml b/jjb/sdc/sdc.yaml
index 3f37206cf..7efff8997 100644
--- a/jjb/sdc/sdc.yaml
+++ b/jjb/sdc/sdc.yaml
@@ -89,15 +89,29 @@
     mvn-opts: '-Xmx1024m'
 
 - project:
-    name: sdc-clm
+    name: sdc-clm-catalog
     jobs:
       - gerrit-maven-clm:
           build-timeout: 120
           submodule-timeout: 30
-          mvn-params: '-Dnpm.registry=https://nexus.onap.org/content/repositories/npm/'
+          mvn-params: '-P catalog -Dnpm.registry=https://nexus.onap.org/content/repositories/npm/'
     nexus-iq-namespace: 'onap-'
     project: sdc
-    project-name: 'sdc'
+    project-name: 'sdc-catalog'
+    build-node: ubuntu1604-docker-8c-8g
+    branch: 'master'
+    mvn-settings: 'sdc-settings'
+
+- project:
+    name: sdc-clm-onboarding
+    jobs:
+      - gerrit-maven-clm:
+          build-timeout: 120
+          submodule-timeout: 30
+          mvn-params: '-P onboarding -Dnpm.registry=https://nexus.onap.org/content/repositories/npm/'
+    nexus-iq-namespace: 'onap-'
+    project: sdc
+    project-name: 'sdc-onboarding'
     build-node: ubuntu1604-docker-8c-8g
     branch: 'master'
     mvn-settings: 'sdc-settings'
diff --git a/shell/maven-coverity.sh b/shell/maven-coverity.sh
index 5db7f33e4..3361d4098 100644
--- a/shell/maven-coverity.sh
+++ b/shell/maven-coverity.sh
@@ -23,6 +23,29 @@ SUBMISSION_ATTEMPTS=5
 SUBMISSION_INITIAL_REST_INTERVAL=30 # seconds, will be doubled after each attempt
 
 #-----------------------------------------------------------------------------
+# Check for git repo changes within the last $MAX_GIT_REPO_AGE_HOURS hours
+#
+# It makes sense to set the value twice the 'cron' interval for the job (e.g.
+# if 'cron: @daily', then MAX_GIT_REPO_AGE_HOURS=48)
+
+if ! [[ "${MAX_GIT_REPO_AGE_HOURS:=0}" =~ ^[0-9]+$ ]]; then
+  echo '[ERROR] MAX_GIT_REPO_AGE_HOURS must be non-negative integer.' \
+    >&2
+  exit 1
+fi
+
+if [ ${MAX_GIT_REPO_AGE_HOURS:=0} -ne 0 ]; then
+  LAST_COMMIT_AGE=$(( $(date +%s) - $(git log -1 --pretty=format:%ct) ))
+
+  if [ $LAST_COMMIT_AGE -le $(( MAX_GIT_REPO_AGE_HOURS *60*60 )) ]; then
+    echo '[NOTICE] Git repository did not have any commits last' \
+      "${MAX_GIT_REPO_AGE_HOURS} hours - no need to re-analyse it." \
+      >&2
+    exit 0
+  fi
+fi
+
+#-----------------------------------------------------------------------------
 # Process parameters for JS/TS/Python/Ruby/PHP files analysis
 
 if [ -n "${SEARCH_PATHS:=}" ]; then
@@ -30,7 +53,9 @@ if [ -n "${SEARCH_PATHS:=}" ]; then
     if [ -d "${SEARCH_PATH}" ]; then
       FS_CAPTURE_SEARCH_PARAMS="${FS_CAPTURE_SEARCH_PARAMS:=} --fs-capture-search '${SEARCH_PATH}'"
     else
-      echo "'${SEARCH_PATH}' from \$SEARCH_PATHS is not an existing directory." >&2
+      echo "[ERROR] '${SEARCH_PATH}' from \$SEARCH_PATHS is not an" \
+        "existing directory." \
+        >&2
       exit 1
     fi
   done
@@ -69,7 +94,9 @@ if [ "${DRY_RUN}" != 'true' ]; then
     | jq '.upload_permitted'
   )
   if [ x"${IS_COVERITY_UPLOAD_PERMITTED}" != x'true' ]; then
-    echo "Upload quota reached. Next upload permitted at "$(echo "${CURL_OUTPUT}" | jq '.next_upload_permitted_at') >&2
+    echo "[WARNING] Upload quota reached. Next upload permitted at" \
+      $(echo "${CURL_OUTPUT}" | jq '.next_upload_permitted_at') \
+      >&2
     exit 1
   fi
 fi
@@ -84,7 +111,7 @@ curl \
   --fail \
   --form "project=${COVERITY_PROJECT_NAME}" \
   --form "token=${COVERITY_TOKEN}" \
-  --output 'coverity_tool.tgz' \
+  --output '/tmp/coverity_tool.tgz' \
   'https://scan.coverity.com/download/linux64'
 
 curl \
@@ -95,23 +122,24 @@ curl \
   --form "project=${COVERITY_PROJECT_NAME}" \
   --form "token=${COVERITY_TOKEN}" \
   --form 'md5=1' \
-  --output 'coverity_tool.md5' \
+  --output '/tmp/coverity_tool.md5' \
   'https://scan.coverity.com/download/linux64'
 
-echo -n ' coverity_tool.tgz' >> 'coverity_tool.md5'
-md5sum --check 'coverity_tool.md5'
+echo -n ' /tmp/coverity_tool.tgz' >> '/tmp/coverity_tool.md5'
+md5sum --check '/tmp/coverity_tool.md5'
 
 tar \
   --extract \
   --gunzip \
-  --file='coverity_tool.tgz'
+  --file='/tmp/coverity_tool.tgz' \
+  --directory='/tmp'
 
-COVERITY_BUILD_TOOL_DIRECTORY=$(
+COVERITY_BUILD_TOOL_DIRECTORY='/tmp/'$(
   head -1 <( \
     tar \
       --list \
       --gunzip \
-      --file='coverity_tool.tgz'
+      --file='/tmp/coverity_tool.tgz'
   )
 )
 COVERITY_BINARY_DIRECTORY="${COVERITY_BUILD_TOOL_DIRECTORY}bin"
@@ -119,7 +147,7 @@ test -d "${COVERITY_BINARY_DIRECTORY}" \
   || exit 1
 export PATH="${PATH}:${COVERITY_BINARY_DIRECTORY}"
 
-rm 'coverity_tool.tgz'
+rm '/tmp/coverity_tool.tgz'
 
 #-----------------------------------------------------------------------------
 # Build
@@ -220,11 +248,14 @@ if [ "${DRY_RUN}" != 'true' ]; then
 
   HTTP_RESPONSE=$(echo -n "${CURL_OUTPUT}" | head -n -1 | tr -d '\n')
   if [ x"${HTTP_RESPONSE}" != x"Build successfully submitted." ]; then
-    echo "Coverity Scan service responded with '${HTTP_RESPONSE}' while 'Build successfully submitted.' expected." >&2
+    echo "[ERROR] Coverity Scan service responded with '${HTTP_RESPONSE}'" \
+      "while 'Build successfully submitted.' expected." \
+      >&2
     exit 1
   fi
+
+  echo "[INFO] Build successfully submitted to Coverity Scan server." >&2
 fi
 
 #-----------------------------------------------------------------------------
-
 exit 0