1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-25 06:04:04 +03:00
samba-mirror/.gitlab-ci.yml
Andreas Schneider d6275ebb1d gitlab-ci: Use Fedora 32 to test FIPS mode
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
2020-06-22 14:34:32 +00:00

358 lines
11 KiB
YAML

# see https://docs.gitlab.com/ce/ci/yaml/README.html for all available options
stages:
- images
- build
- analysis
- report
variables:
GIT_STRATEGY: fetch
GIT_DEPTH: "3"
# "--enable-coverage" or ""
SAMBA_CI_AUTOBUILD_ENABLE_COVERAGE: ""
#
# we run autobuild.py inside a samba CI docker image located on gitlab's registry
# overwrite this variable if you want use your own image registry.
#
# Or better ask for access to the shared development repository, see
# https://wiki.samba.org/index.php/Samba_CI_on_gitlab#Getting_Access
#
SAMBA_CI_CONTAINER_REGISTRY: registry.gitlab.com/samba-team/devel/samba
#
# Set this to the contents of bootstrap/sha1sum.txt
# which is generated by bootstrap/template.py --render
#
SAMBA_CI_CONTAINER_TAG: 1275dc52ac8c1de5981f267df88b85b6f87e299a
#
# We use the ubuntu1804 image as default as
# it matches what we have on sn-devel-184.
#
SAMBA_CI_CONTAINER_IMAGE: ubuntu1804
#
# The following images are available
# Please see the samba-o3 sections at the end of this file!
# We should run that for each available image
#
SAMBA_CI_CONTAINER_IMAGE_ubuntu1604: ${SAMBA_CI_CONTAINER_REGISTRY}/samba-ci-ubuntu1604:${SAMBA_CI_CONTAINER_TAG}
SAMBA_CI_CONTAINER_IMAGE_ubuntu1804: ${SAMBA_CI_CONTAINER_REGISTRY}/samba-ci-ubuntu1804:${SAMBA_CI_CONTAINER_TAG}
SAMBA_CI_CONTAINER_IMAGE_ubuntu2004: ${SAMBA_CI_CONTAINER_REGISTRY}/samba-ci-ubuntu2004:${SAMBA_CI_CONTAINER_TAG}
SAMBA_CI_CONTAINER_IMAGE_debian9: ${SAMBA_CI_CONTAINER_REGISTRY}/samba-ci-debian9:${SAMBA_CI_CONTAINER_TAG}
SAMBA_CI_CONTAINER_IMAGE_debian10: ${SAMBA_CI_CONTAINER_REGISTRY}/samba-ci-debian10:${SAMBA_CI_CONTAINER_TAG}
SAMBA_CI_CONTAINER_IMAGE_opensuse150: ${SAMBA_CI_CONTAINER_REGISTRY}/samba-ci-opensuse150:${SAMBA_CI_CONTAINER_TAG}
SAMBA_CI_CONTAINER_IMAGE_opensuse151: ${SAMBA_CI_CONTAINER_REGISTRY}/samba-ci-opensuse151:${SAMBA_CI_CONTAINER_TAG}
SAMBA_CI_CONTAINER_IMAGE_fedora31: ${SAMBA_CI_CONTAINER_REGISTRY}/samba-ci-fedora31:${SAMBA_CI_CONTAINER_TAG}
SAMBA_CI_CONTAINER_IMAGE_fedora32: ${SAMBA_CI_CONTAINER_REGISTRY}/samba-ci-fedora32:${SAMBA_CI_CONTAINER_TAG}
SAMBA_CI_CONTAINER_IMAGE_centos7: ${SAMBA_CI_CONTAINER_REGISTRY}/samba-ci-centos7:${SAMBA_CI_CONTAINER_TAG}
SAMBA_CI_CONTAINER_IMAGE_centos8: ${SAMBA_CI_CONTAINER_REGISTRY}/samba-ci-centos8:${SAMBA_CI_CONTAINER_TAG}
include:
# The image creation details are specified in a separate file
# See bootstrap/README.md for details
- 'bootstrap/.gitlab-ci.yml'
.shared_template:
variables:
AUTOBUILD_JOB_NAME: $CI_JOB_NAME
image: ${SAMBA_CI_CONTAINER_REGISTRY}/samba-ci-${SAMBA_CI_CONTAINER_IMAGE}:${SAMBA_CI_CONTAINER_TAG}
stage: build
tags:
- docker
- shared
cache:
key: ccache.${CI_JOB_NAME}
paths:
- ccache
before_script:
- uname -a
- lsb_release -a
- cat /etc/os-release
- mount
- df -h
- cat /proc/swaps
- free -h
# ld will fail if coverage enabled, force link ld to ld.bfd
- if [ -n "$SAMBA_CI_AUTOBUILD_ENABLE_COVERAGE" ]; then sudo ln -sf $(which ld.bfd) $(which ld); fi
# See bootstrap/.gitlab-ci.yml how to generate a new image
- echo "SAMBA_CI_CONTAINER_REGISTRY[${SAMBA_CI_CONTAINER_REGISTRY}]"
- echo "SAMBA_CI_CONTAINER_TAG[${SAMBA_CI_CONTAINER_TAG}]"
- bootstrap/template.py --sha1sum > /tmp/sha1sum-template.txt
- diff -u bootstrap/sha1sum.txt /tmp/sha1sum-template.txt
- echo "${SAMBA_CI_CONTAINER_TAG}" > /tmp/sha1sum-tag.txt
- diff -u bootstrap/sha1sum.txt /tmp/sha1sum-tag.txt
- diff -u bootstrap/sha1sum.txt /sha1sum.txt
- export CCACHE_BASEDIR="${PWD}"
- export CCACHE_DIR="${PWD}/ccache" && mkdir -pv "$CCACHE_DIR"
- export CC="ccache cc"
- export CXX="ccache c++"
- ccache -z -M 500M
- ccache -s
after_script:
- mount
- df -h
- cat /proc/swaps
- free -h
- CCACHE_BASEDIR="${PWD}" CCACHE_DIR="${PWD}/ccache" ccache -s -c
artifacts:
expire_in: 1 week
paths:
- "*.stdout"
- "*.stderr"
- "*.info"
- system-info.txt
retry:
max: 2
when:
- runner_system_failure
- stuck_or_timeout_failure
script:
# gitlab predefines CI_JOB_NAME for each job. The gitlab job usually matches the
# autobuild name, which means we can define a default template that runs most autobuild jobs
- echo "Running cmd script/autobuild.py $AUTOBUILD_JOB_NAME $SAMBA_CI_AUTOBUILD_ENABLE_COVERAGE --verbose --nocleanup --keeplogs --tail --testbase /tmp/samba-testbase"
- script/autobuild.py $AUTOBUILD_JOB_NAME $SAMBA_CI_AUTOBUILD_ENABLE_COVERAGE --verbose --nocleanup --keeplogs --tail --testbase /tmp/samba-testbase
# Ensure when adding a new job below that you also add it to
# the dependencies for 'pages' below for the code coverage page
# generation.
others:
extends: .shared_template
script:
- script/autobuild.py ldb $SAMBA_CI_AUTOBUILD_ENABLE_COVERAGE --verbose --nocleanup --keeplogs --tail --testbase /tmp/samba-testbase
- script/autobuild.py pidl $SAMBA_CI_AUTOBUILD_ENABLE_COVERAGE --verbose --nocleanup --keeplogs --tail --testbase /tmp/samba-testbase
- script/autobuild.py replace $SAMBA_CI_AUTOBUILD_ENABLE_COVERAGE --verbose --nocleanup --keeplogs --tail --testbase /tmp/samba-testbase
- script/autobuild.py talloc $SAMBA_CI_AUTOBUILD_ENABLE_COVERAGE --verbose --nocleanup --keeplogs --tail --testbase /tmp/samba-testbase
- script/autobuild.py tdb $SAMBA_CI_AUTOBUILD_ENABLE_COVERAGE --verbose --nocleanup --keeplogs --tail --testbase /tmp/samba-testbase
- script/autobuild.py tevent $SAMBA_CI_AUTOBUILD_ENABLE_COVERAGE --verbose --nocleanup --keeplogs --tail --testbase /tmp/samba-testbase
- script/autobuild.py samba-xc $SAMBA_CI_AUTOBUILD_ENABLE_COVERAGE --verbose --nocleanup --keeplogs --tail --testbase /tmp/samba-testbase
- script/autobuild.py docs-xml $SAMBA_CI_AUTOBUILD_ENABLE_COVERAGE --verbose --nocleanup --keeplogs --tail --testbase /tmp/samba-testbase
samba:
extends: .shared_template
samba-mitkrb5:
extends: .shared_template
samba-nopython:
extends: .shared_template
samba-nopython-py2:
extends: .shared_template
samba-admem:
extends: .shared_template
samba-ad-dc-2:
extends: .shared_template
samba-ad-dc-3:
extends: .shared_template
samba-ad-dc-4:
extends: .shared_template
samba-ad-dc-5:
extends: .shared_template
samba-ad-dc-6:
extends: .shared_template
samba-libs:
extends: .shared_template
samba-static:
extends: .shared_template
samba-fuzz:
extends: .shared_template
image: ${SAMBA_CI_CONTAINER_REGISTRY}/samba-ci-ubuntu1604:${SAMBA_CI_CONTAINER_TAG}
ctdb:
extends: .shared_template
samba-ctdb:
extends: .shared_template
samba-ad-dc-ntvfs:
extends: .shared_template
samba-admem-mit:
extends: .shared_template
samba-ad-dc-4-mitkrb5:
extends: .shared_template
samba-fips:
extends: .shared_template
image: $SAMBA_CI_CONTAINER_IMAGE_fedora32
.private_template:
extends: .shared_template
tags:
- docker
- samba-ci-private
only:
variables:
# These jobs are only run if the gitlab repo has private runners available.
# To enable private jobs, you must add the following var and value to
# your gitlab repo by navigating to:
# settings -> CI/CD -> Environment variables
- $SUPPORT_PRIVATE_TEST == "yes"
samba-ad-dc-backup:
extends: .private_template
samba-fileserver:
extends: .private_template
samba-ad-dc-1:
extends: .private_template
samba-nt4:
extends: .private_template
samba-schemaupgrade:
extends: .private_template
samba-ad-dc-1-mitkrb5:
extends: .private_template
# 'pages' is a special job which can publish artifacts in `public` dir to gitlab pages
pages:
image: ${SAMBA_CI_CONTAINER_REGISTRY}/samba-ci-${SAMBA_CI_CONTAINER_IMAGE}:${SAMBA_CI_CONTAINER_TAG}
stage: report
tags:
- docker
- shared
dependencies: # tell gitlab to download artifacts for these jobs
- others
- samba
- samba-mitkrb5
- samba-nopython
- samba-nopython-py2
- samba-admem
- samba-ad-dc-2
- samba-ad-dc-3
- samba-ad-dc-4
- samba-ad-dc-5
- samba-ad-dc-6
- samba-libs
- samba-static
- samba-fuzz
# - ctdb # TODO
- samba-ctdb
- samba-ad-dc-ntvfs
- samba-admem-mit
- samba-ad-dc-4-mitkrb5
- samba-ad-dc-backup
- samba-fileserver
- samba-ad-dc-1
- samba-nt4
- samba-schemaupgrade
- samba-ad-dc-1-mitkrb5
- samba-fips
script:
- ./configure.developer
- make -j
- lcov $(ls *.info | xargs -I{} echo -n "-a {} ") -o all.info
- genhtml all.info --output-directory public --prefix=$(pwd) --title "coverage report for $CI_COMMIT_REF_NAME $CI_COMMIT_SHORT_SHA"
artifacts:
expire_in: 30 days
paths:
- public
only:
variables:
- $SAMBA_CI_AUTOBUILD_ENABLE_COVERAGE == "--enable-coverage"
# Coverity Scan
coverity:
stage: analysis
image: $SAMBA_CI_CONTAINER_IMAGE_fedora32
tags:
- docker
- shared
script:
- wget https://scan.coverity.com/download/linux64 --post-data "token=$COVERITY_SCAN_TOKEN&project=$COVERITY_SCAN_PROJECT_NAME" -O /tmp/coverity_tool.tgz
- tar xf /tmp/coverity_tool.tgz
- ./configure.developer --with-system-mitkrb5 --with-experimental-mit-ad-dc
- cov-analysis-linux64-*/bin/cov-build --dir cov-int make -j$(nproc)
- tar czf cov-int.tar.gz cov-int
- curl
--form token=$COVERITY_SCAN_TOKEN
--form email=$COVERITY_SCAN_EMAIL
--form file=@cov-int.tar.gz
--form version="`git describe --tags`"
--form description="CI build"
https://scan.coverity.com/builds?project=$COVERITY_SCAN_PROJECT_NAME
only:
refs:
- master
- schedules
variables:
- $COVERITY_SCAN_TOKEN != null
- $COVERITY_SCAN_PROJECT_NAME != null
- $COVERITY_SCAN_EMAIL != null
artifacts:
expire_in: 1 week
when: on_failure
paths:
- cov-int/*.txt
#
# We build samba-o3 on all supported distributions
#
.samba-o3-template:
extends: .shared_template
variables:
AUTOBUILD_JOB_NAME: samba-o3
only:
variables:
# do not run o3 for coverage since they are using different images
- $SAMBA_CI_AUTOBUILD_ENABLE_COVERAGE == ""
ubuntu1804-samba-o3:
extends: .samba-o3-template
image: $SAMBA_CI_CONTAINER_IMAGE_ubuntu1804
ubuntu2004-samba-o3:
extends: .samba-o3-template
image: $SAMBA_CI_CONTAINER_IMAGE_ubuntu2004
debian10-samba-o3:
extends: .samba-o3-template
image: $SAMBA_CI_CONTAINER_IMAGE_debian10
opensuse150-samba-o3:
extends: .samba-o3-template
image: $SAMBA_CI_CONTAINER_IMAGE_opensuse150
opensuse151-samba-o3:
extends: .samba-o3-template
image: $SAMBA_CI_CONTAINER_IMAGE_opensuse151
centos7-samba-o3:
extends: .samba-o3-template
image: $SAMBA_CI_CONTAINER_IMAGE_centos7
variables:
# Git on CentOS doesn't support shallow git cloning
GIT_DEPTH: ""
# We need a newer GnuTLS version on CentOS7
PKG_CONFIG_PATH: "/usr/lib64/compat-gnutls34/pkgconfig:/usr/lib64/compat-nettle32/pkgconfig"
centos8-samba-o3:
extends: .samba-o3-template
image: $SAMBA_CI_CONTAINER_IMAGE_centos8
fedora31-samba-o3:
extends: .samba-o3-template
image: $SAMBA_CI_CONTAINER_IMAGE_fedora31
fedora32-samba-o3:
extends: .samba-o3-template
image: $SAMBA_CI_CONTAINER_IMAGE_fedora32
#
# Keep the samba-o3 sections at the end ...
#