- job:
    name: stx-zuul-jobs-linters
    parent: openstack-zuul-jobs-linters
    description: |
      This job runs against starlingx/zuul-jobs so we can properly
      lint our ansible playbooks / roles.
    required-projects:
      - opendev/base-jobs
      - openstack/openstack-zuul-jobs
      - openstack/project-config
      - opendev/system-config
      - zuul/zuul-jobs
      - zuul/zuul
    vars:
      tox_envlist: linters
      tox_environment:
        ANSIBLE_ROLES_PATH: ~/src/opendev.org/starlingx/zuul-jobs/roles:~/src/opendev.org/opendev/base-jobs/roles:~/src/opendev.org/zuul/zuul-jobs/roles:~/src/opendev.org/openstack/openstack-zuul-jobs/roles:~/src/opendev.org/openstack/project-config/roles:~/src/opendev.org/opendev/system-config/roles

- job:
    name: stx-check-specfile
    parent: tox
    description: Sanity check RPM spec files
    vars:
      tox_envlist: rpm-packaging-lint
    files: .*\.spec

- job:
    name: stx-obs-build-opensuse
    nodeset: opensuse-15
    run: playbooks/buildproject.yaml

- job:
    name: stx-obs-build-centos
    nodeset: centos-7
    run: playbooks/buildproject.yaml

- job:
    name: stx-tox-bandit-static-scan
    parent: tox
    description: |
      Static code scan of .py files for unknown Severity HIGH issues
    vars:
      tox_envlist: bandit
    files: .*\.py
    irrelevant-files:
      - ^test-requirements.txt$
      - ^.*\.rst$
      - ^doc/.*$
      - ^releasenotes/.*$
      - ^setup.cfg$
      - ^tools/(?!bandit.yml).*$
      - ^tox.ini$