Merge "Use zuul-sudo-grep"

jenkins/scripts/jenkins-sudo-grep.sh

@@ -1,61 +0,0 @@
-#!/bin/bash
-
-# Copyright 2012 Hewlett-Packard Development Company, L.P.
-# Copyright 2013 OpenStack Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-# Find out if jenkins has attempted to run any sudo commands by checking
-# the auth.log or secure log or messages files before and after a test run.
-
-PATTERN="sudo.*jenkins.*:.*\(incorrect password attempts\|command not allowed\)"
-if [ -f /var/log/auth.log ]; then
-    OLDLOGFILE=/var/log/auth.log.1
-    LOGFILE=/var/log/auth.log
-elif [ -f /var/log/secure ]; then
-    OLDLOGFILE=$( ls /var/log/secure-* | sort | tail -n1 )
-    LOGFILE=/var/log/secure
-elif [ -f /var/log/messages ]; then
-    OLDLOGFILE=$( ls /var/log/messages-* | sort | tail -n1 )
-    LOGFILE=/var/log/messages
-else
-    echo "*** Could not find auth.log/secure/messages log for sudo tracing"
-    exit 1
-fi
-
-case "$1" in
-    pre)
-        rm -fr /tmp/jenkins-sudo-log
-        mkdir /tmp/jenkins-sudo-log
-        if [ -f "$OLDLOGFILE" ]; then
-            stat -c %Y $OLDLOGFILE > /tmp/jenkins-sudo-log/mtime-pre
-        else
-            echo "0" > /tmp/jenkins-sudo-log/mtime-pre
-        fi
-        grep -h "$PATTERN" $LOGFILE > /tmp/jenkins-sudo-log/pre
-        exit 0
-        ;;
-    post)
-        if [ -f "$OLDLOGFILE" ]; then
-            stat -c %Y $OLDLOGFILE > /tmp/jenkins-sudo-log/mtime-post
-        else
-            echo "0" > /tmp/jenkins-sudo-log/mtime-post
-        fi
-        if ! diff /tmp/jenkins-sudo-log/mtime-pre /tmp/jenkins-sudo-log/mtime-post > /dev/null; then
-            echo "diff"
-            grep -h "$PATTERN" $OLDLOGFILE > /tmp/jenkins-sudo-log/post
-        fi
-        grep -h "$PATTERN" $LOGFILE >> /tmp/jenkins-sudo-log/post
-        diff /tmp/jenkins-sudo-log/pre /tmp/jenkins-sudo-log/post
-        ;;
-esac

jenkins/scripts/run-tox.sh

@@ -74,7 +74,7 @@ function process_testr_artifacts {
 }
 
 function check_sudo_usage {
-    sudo $script_path/jenkins-sudo-grep.sh post
+    sudo $script_path/zuul-sudo-grep.sh post
     sudoresult=$?
 
     if [ $sudoresult -ne "0" ]; then
@@ -132,7 +132,7 @@ cat /etc/image-hostname.txt
 
 $script_path/jenkins-oom-grep.sh pre
 
-sudo $script_path/jenkins-sudo-grep.sh pre
+sudo $script_path/zuul-sudo-grep.sh pre
 
 tox -vv -e$venv
 result=$?

nodepool/elements/nodepool-base/install.d/59-sudoers

@@ -26,9 +26,4 @@ jenkins ALL=(ALL) NOPASSWD:ALL
 EOF
 chmod 0440 /etc/sudoers.d/jenkins-sudo
 
-cat > /etc/sudoers.d/jenkins-sudo-grep <<EOF
-jenkins ALL = NOPASSWD:/usr/local/jenkins/slave_scripts/jenkins-sudo-grep.sh
-EOF
-chmod 0440 /etc/sudoers.d/jenkins-sudo-grep
-
 visudo -c || die "Error setting jenkins sudo!"