1
0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2025-01-25 10:03:49 +03:00
libvirt/.gitlab-ci.yml
Pavel Hrdina d9096ce998 gitlab-ci: add coverity job
Introduce new job to make a coverity build and upload coverity data to
scan.coverity.com where the analysis is then executed.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2020-11-19 14:38:13 +01:00

608 lines
15 KiB
YAML

variables:
GIT_DEPTH: 100
stages:
- containers
- builds
- sanity_checks
.script_variables: &script_variables |
export CCACHE_BASEDIR="$(pwd)"
export CCACHE_DIR="$CCACHE_BASEDIR/ccache"
export CCACHE_MAXSIZE="500M"
export PATH="$CCACHE_WRAPPERSDIR:$PATH"
# Common templates
.container_job_template: &container_job_definition
image: docker:stable
stage: containers
needs: []
services:
- docker:dind
before_script:
- export TAG="$CI_REGISTRY_IMAGE/ci-$NAME:latest"
- export COMMON_TAG="$CI_REGISTRY/libvirt/libvirt/ci-$NAME:latest"
- docker info
- docker login registry.gitlab.com -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD"
script:
- docker pull "$TAG" || docker pull "$COMMON_TAG" || true
- docker build --cache-from "$TAG" --cache-from "$COMMON_TAG" --tag "$TAG" -f "ci/containers/libvirt-$NAME.Dockerfile" ci/containers
- docker push "$TAG"
after_script:
- docker logout
# We build many containers which can be useful to debug problems but are not
# needed for the pipeline itself to complete: those sometimes fail, and when
# that happens it's mostly because of temporary issues with Debian sid. We
# don't want those failures to affect the overall pipeline status
.container_optional_job_template: &container_optional_job_definition
<<: *container_job_definition
allow_failure: true
.native_build_job_template: &native_build_job_definition
stage: builds
image: $CI_REGISTRY_IMAGE/ci-$NAME:latest
cache:
paths:
- ccache/
key: "$CI_JOB_NAME"
before_script:
- *script_variables
script:
- meson build --werror || (cat build/meson-logs/meson-log.txt && exit 1)
- if test "$DIST" != "skip";
then
ninja -C build dist;
else
ninja -C build;
ninja -C build test;
fi
- if test -x /usr/bin/rpmbuild && test "$RPM" != "skip";
then
rpmbuild --nodeps -ta build/meson-dist/libvirt-*.tar.xz;
fi
# Jobs that we delegate to Cirrus CI because they require an operating
# system other than Linux. These jobs will only run if the required
# setup has been performed on the GitLab account (see ci/README.rst).
#
# The Cirrus CI configuration is generated by replacing target-specific
# variables in a generic template: some of these variables are provided
# when the GitLab CI job is defined, others are taken from a shell
# snippet generated using lcitool.
#
# Note that the $PATH environment variable has to be treated with
# special care, because we can't just override it at the GitLab CI job
# definition level or we risk breaking it completely.
.cirrus_build_job_template: &cirrus_build_job_definition
stage: builds
image: registry.gitlab.com/libvirt/libvirt-ci/cirrus-run:master
needs: []
script:
- source ci/cirrus/libvirt-$NAME.vars
- sed -e "s|[@]CI_REPOSITORY_URL@|$CI_REPOSITORY_URL|g"
-e "s|[@]CI_COMMIT_REF_NAME@|$CI_COMMIT_REF_NAME|g"
-e "s|[@]CI_COMMIT_SHA@|$CI_COMMIT_SHA|g"
-e "s|[@]CIRRUS_VM_INSTANCE_TYPE@|$CIRRUS_VM_INSTANCE_TYPE|g"
-e "s|[@]CIRRUS_VM_IMAGE_SELECTOR@|$CIRRUS_VM_IMAGE_SELECTOR|g"
-e "s|[@]CIRRUS_VM_IMAGE_NAME@|$CIRRUS_VM_IMAGE_NAME|g"
-e "s|[@]INSTALL_COMMAND@|$INSTALL_COMMAND|g"
-e "s|[@]PATH@|$PATH_EXTRA${PATH_EXTRA:+:}\$PATH|g"
-e "s|[@]PKG_CONFIG_PATH@|$PKG_CONFIG_PATH|g"
-e "s|[@]PKGS@|$PKGS|g"
-e "s|[@]MAKE@|$MAKE|g"
-e "s|[@]PYTHON@|$PYTHON|g"
-e "s|[@]PIP@|$PIP|g"
-e "s|[@]PYPI_PKGS@|$PYPI_PKGS|g"
<ci/cirrus/build.yml >ci/cirrus/$NAME.yml
- cat ci/cirrus/$NAME.yml
- cirrus-run -v --show-build-log always ci/cirrus/$NAME.yml
only:
variables:
- $CIRRUS_GITHUB_REPO
- $CIRRUS_API_TOKEN
.cross_build_default_job_template: &cross_build_job_definition
stage: builds
image: $CI_REGISTRY_IMAGE/ci-$NAME-cross-$CROSS:latest
cache:
paths:
- ccache/
key: "$CI_JOB_NAME"
before_script:
- *script_variables
script:
- meson build --werror $MESON_OPTS || (cat build/meson-logs/meson-log.txt && exit 1)
- ninja -C build
- if test "$CROSS" = "i686" ; then ninja -C build test ; fi
# Native container build jobs
x64-centos-7-container:
<<: *container_job_definition
variables:
NAME: centos-7
x64-centos-8-container:
<<: *container_job_definition
variables:
NAME: centos-8
x64-centos-stream-container:
<<: *container_job_definition
variables:
NAME: centos-stream
x64-debian-10-container:
<<: *container_job_definition
variables:
NAME: debian-10
x64-debian-sid-container:
<<: *container_job_definition
variables:
NAME: debian-sid
x64-fedora-31-container:
<<: *container_job_definition
variables:
NAME: fedora-31
x64-fedora-32-container:
<<: *container_job_definition
variables:
NAME: fedora-32
x64-fedora-rawhide-container:
<<: *container_job_definition
variables:
NAME: fedora-rawhide
x64-opensuse-151-container:
<<: *container_job_definition
variables:
NAME: opensuse-151
x64-ubuntu-1804-container:
<<: *container_job_definition
variables:
NAME: ubuntu-1804
x64-ubuntu-2004-container:
<<: *container_job_definition
variables:
NAME: ubuntu-2004
# Cross-build containers build jobs
aarch64-debian-10-container:
<<: *container_job_definition
variables:
NAME: debian-10-cross-aarch64
armv6l-debian-10-container:
<<: *container_job_definition
variables:
NAME: debian-10-cross-armv6l
armv7l-debian-10-container:
<<: *container_optional_job_definition
variables:
NAME: debian-10-cross-armv7l
i686-debian-10-container:
<<: *container_optional_job_definition
variables:
NAME: debian-10-cross-i686
mips-debian-10-container:
<<: *container_job_definition
variables:
NAME: debian-10-cross-mips
mips64el-debian-10-container:
<<: *container_job_definition
variables:
NAME: debian-10-cross-mips64el
mipsel-debian-10-container:
<<: *container_job_definition
variables:
NAME: debian-10-cross-mipsel
ppc64le-debian-10-container:
<<: *container_optional_job_definition
variables:
NAME: debian-10-cross-ppc64le
s390x-debian-10-container:
<<: *container_optional_job_definition
variables:
NAME: debian-10-cross-s390x
aarch64-debian-sid-container:
<<: *container_optional_job_definition
variables:
NAME: debian-sid-cross-aarch64
armv6l-debian-sid-container:
<<: *container_optional_job_definition
variables:
NAME: debian-sid-cross-armv6l
armv7l-debian-sid-container:
<<: *container_job_definition
variables:
NAME: debian-sid-cross-armv7l
i686-debian-sid-container:
<<: *container_job_definition
variables:
NAME: debian-sid-cross-i686
mips64el-debian-sid-container:
<<: *container_optional_job_definition
variables:
NAME: debian-sid-cross-mips64el
mipsel-debian-sid-container:
<<: *container_optional_job_definition
variables:
NAME: debian-sid-cross-mipsel
ppc64le-debian-sid-container:
<<: *container_job_definition
variables:
NAME: debian-sid-cross-ppc64le
s390x-debian-sid-container:
<<: *container_optional_job_definition
variables:
NAME: debian-sid-cross-s390x
mingw32-fedora-rawhide-container:
<<: *container_job_definition
variables:
NAME: fedora-rawhide-cross-mingw32
mingw64-fedora-rawhide-container:
<<: *container_job_definition
variables:
NAME: fedora-rawhide-cross-mingw64
# Native architecture build + test jobs
x64-debian-10:
<<: *native_build_job_definition
needs:
- x64-debian-10-container
variables:
NAME: debian-10
x64-debian-10-clang:
<<: *native_build_job_definition
needs:
- x64-debian-10-container
variables:
NAME: debian-10
CC: clang
x64-debian-sid:
<<: *native_build_job_definition
needs:
- x64-debian-sid-container
variables:
NAME: debian-sid
x64-centos-7:
<<: *native_build_job_definition
needs:
- x64-centos-7-container
variables:
NAME: centos-7
# meson dist fails on CentOS 7 because of old git that fails to clone
# from shallow git repository which is done when running meson dist
DIST: skip
RPM: skip
x64-centos-8:
<<: *native_build_job_definition
needs:
- x64-centos-8-container
variables:
NAME: centos-8
RPM: skip
x64-centos-8-clang:
<<: *native_build_job_definition
needs:
- x64-centos-8-container
variables:
NAME: centos-8
CC: clang
RPM: skip
x64-centos-stream:
<<: *native_build_job_definition
needs:
- x64-centos-stream-container
variables:
NAME: centos-stream
RPM: skip
x64-fedora-31:
<<: *native_build_job_definition
needs:
- x64-fedora-31-container
variables:
NAME: fedora-31
RPM: skip
x64-fedora-32:
<<: *native_build_job_definition
needs:
- x64-fedora-32-container
variables:
NAME: fedora-32
x64-fedora-rawhide:
<<: *native_build_job_definition
needs:
- x64-fedora-rawhide-container
variables:
NAME: fedora-rawhide
x64-fedora-rawhide-clang:
<<: *native_build_job_definition
needs:
- x64-fedora-rawhide-container
variables:
NAME: fedora-rawhide
CC: clang
RPM: skip
x64-opensuse-151:
<<: *native_build_job_definition
needs:
- x64-opensuse-151-container
variables:
NAME: opensuse-151
RPM: skip
x64-ubuntu-1804:
<<: *native_build_job_definition
needs:
- x64-ubuntu-1804-container
variables:
NAME: ubuntu-1804
x64-ubuntu-2004:
<<: *native_build_job_definition
needs:
- x64-ubuntu-2004-container
variables:
NAME: ubuntu-2004
x64-freebsd-11-build:
<<: *cirrus_build_job_definition
variables:
NAME: freebsd-11
CIRRUS_VM_INSTANCE_TYPE: freebsd_instance
CIRRUS_VM_IMAGE_SELECTOR: image_family
CIRRUS_VM_IMAGE_NAME: freebsd-11-4
INSTALL_COMMAND: pkg install -y
x64-freebsd-12-build:
<<: *cirrus_build_job_definition
variables:
NAME: freebsd-12
CIRRUS_VM_INSTANCE_TYPE: freebsd_instance
CIRRUS_VM_IMAGE_SELECTOR: image_family
CIRRUS_VM_IMAGE_NAME: freebsd-12-1
INSTALL_COMMAND: pkg install -y
x64-macos-1015-build:
<<: *cirrus_build_job_definition
variables:
NAME: macos-1015
CIRRUS_VM_INSTANCE_TYPE: osx_instance
CIRRUS_VM_IMAGE_SELECTOR: image
CIRRUS_VM_IMAGE_NAME: catalina-base
INSTALL_COMMAND: brew install
PATH_EXTRA: /usr/local/opt/ccache/libexec:/usr/local/opt/gettext/bin:/usr/local/opt/libpcap/bin:/usr/local/opt/libxslt/bin:/usr/local/opt/rpcgen/bin
PKG_CONFIG_PATH: /usr/local/opt/curl/lib/pkgconfig:/usr/local/opt/libpcap/lib/pkgconfig:/usr/local/opt/libxml2/lib/pkgconfig:/usr/local/opt/ncurses/lib/pkgconfig:/usr/local/opt/readline/lib/pkgconfig
# Cross compiled build jobs
armv6l-debian-10:
<<: *cross_build_job_definition
needs:
- armv6l-debian-10-container
variables:
NAME: debian-10
CROSS: armv6l
armv7l-debian-10:
<<: *cross_build_job_definition
needs:
- armv7l-debian-10-container
variables:
NAME: debian-10
CROSS: armv7l
mips64el-debian-10:
<<: *cross_build_job_definition
needs:
- mips64el-debian-10-container
variables:
NAME: debian-10
CROSS: mips64el
mips-debian-10:
<<: *cross_build_job_definition
needs:
- mips-debian-10-container
variables:
NAME: debian-10
CROSS: mips
aarch64-debian-10:
<<: *cross_build_job_definition
needs:
- aarch64-debian-10-container
variables:
NAME: debian-10
CROSS: aarch64
mipsel-debian-10:
<<: *cross_build_job_definition
needs:
- mipsel-debian-10-container
variables:
NAME: debian-10
CROSS: mipsel
s390x-debian-sid:
<<: *cross_build_job_definition
needs:
- s390x-debian-10-container
variables:
NAME: debian-sid
CROSS: s390x
i686-debian-sid:
<<: *cross_build_job_definition
needs:
- i686-debian-sid-container
variables:
NAME: debian-sid
CROSS: i686
ppc64le-debian-sid:
<<: *cross_build_job_definition
needs:
- ppc64le-debian-10-container
variables:
NAME: debian-sid
CROSS: ppc64le
mingw32-fedora-rawhide:
<<: *cross_build_job_definition
needs:
- mingw32-fedora-rawhide-container
variables:
NAME: fedora-rawhide
CROSS: mingw32
mingw64-fedora-rawhide:
<<: *cross_build_job_definition
needs:
- mingw64-fedora-rawhide-container
variables:
NAME: fedora-rawhide
CROSS: mingw64
# This artifact published by this job is downloaded by libvirt.org to
# be deployed to the web root:
# https://gitlab.com/libvirt/libvirt/-/jobs/artifacts/master/download?job=website
website:
stage: builds
image: $CI_REGISTRY_IMAGE/ci-centos-8:latest
needs:
- x64-centos-8-container
before_script:
- *script_variables
script:
- meson build --prefix=$(pwd)/vroot || (cat build/meson-logs/meson-log.txt && exit 1)
- ninja -C build install-web
- mv vroot/share/doc/libvirt/html/ website
artifacts:
expose_as: 'Website'
name: 'website'
when: on_success
expire_in: 30 days
paths:
- website
codestyle:
stage: builds
image: $CI_REGISTRY_IMAGE/ci-opensuse-151:latest
needs:
- x64-opensuse-151-container
before_script:
- *script_variables
script:
- meson build || (cat build/meson-logs/meson-log.txt && exit 1)
- ninja -C build libvirt-pot-dep
- meson test -C build --suite syntax-check --no-rebuild || (cat build/meson-logs/testlog.txt && exit 1)
# This artifact published by this job is downloaded to push to Weblate
# for translation usage:
# https://gitlab.com/libvirt/libvirt/-/jobs/artifacts/master/download?job=potfile
potfile:
stage: builds
image: $CI_REGISTRY_IMAGE/ci-centos-8:latest
needs:
- x64-centos-8-container
only:
- master
before_script:
- *script_variables
script:
- meson build || (cat build/meson-logs/meson-log.txt && exit 1)
- ninja -C build libvirt-pot-dep
- ninja -C build libvirt-pot
- cp po/libvirt.pot libvirt.pot
artifacts:
expose_as: 'Potfile'
name: 'potfile'
when: on_success
expire_in: 30 days
paths:
- libvirt.pot
# Check that all commits are signed-off for the DCO.
# Skip on "libvirt" namespace, since we only need to run
# this test on developer's personal forks from which
# merge requests are submitted
check-dco:
stage: sanity_checks
needs: []
image: registry.gitlab.com/libvirt/libvirt-ci/check-dco:master
script:
- /check-dco
except:
variables:
- $CI_PROJECT_NAMESPACE == 'libvirt'
variables:
GIT_DEPTH: 1000
# Coverity job that is run only by schedules
coverity:
image: $CI_REGISTRY_IMAGE/ci-centos-8:latest
needs:
- x64-centos-8-container
stage: builds
script:
- curl https://scan.coverity.com/download/linux64 --form project=$COVERITY_SCAN_PROJECT_NAME --form token=$COVERITY_SCAN_TOKEN -o /tmp/cov-analysis-linux64.tgz
- tar xfz /tmp/cov-analysis-linux64.tgz
- meson build
- cov-analysis-linux64-*/bin/cov-build --dir cov-int ninja -C build
- tar cfz cov-int.tar.gz cov-int
- curl https://scan.coverity.com/builds?project=$COVERITY_SCAN_PROJECT_NAME --form token=$COVERITY_SCAN_TOKEN --form email=$GITLAB_USER_EMAIL --form file=@cov-int.tar.gz --form version="$(git describe --tags)" --form description="$(git describe --tags) / $CI_COMMIT_TITLE / $CI_COMMIT_REF_NAME:$CI_PIPELINE_ID"
only:
refs:
- schedules
variables:
- $COVERITY_SCAN_PROJECT_NAME && $COVERITY_SCAN_TOKEN