-
Task
-
Resolution: Done
-
Medium
-
None
-
None
-
None
https://lists.onap.org/g/onap-ptl/message/274
On Dec 16 the TSC mandated that remediating the log4j vulnerability is the top priority for the entire ONAP community requiring immediate action to correct in both the Istanbul and master branches.
In order to enable multi branch scans in NexusIQ, PTLs will need to edit their "gerrit-maven-clm" job definition in their project's JJB files by replacing their "branch" variable to a "stream" variable with the list of branches needed to be enabled (master, honolulu, istanbul). For example:
https://github.com/onap/ci-management/blob/master/jjb/ccsdk/apps.yaml#L74
Disclaimer: NexusIQ UI will always display the most recent report that ran for each project. To access the reports accordingly for each branch, please do so through the link generated
by Jenkins maven-clm for each stream. For example:
("view report" link): https://jenkins.onap.org/view/CLM/job/ccsdk-apps-maven-clm-honolulu/
Thanks!
-kenny