1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-27 03:21:53 +03:00
samba-mirror/.gitlab-ci.yml
Andrew Bartlett 4d63a1a79f bootstrap: Fix the spelling of README.md (again) and get a new GnuTLS
We re-run ./bootstrap/template.py --render to get a new GnuTLS on Fedora 32

This was missed with 7dc535995b
and so caused e0e51632cf to
break the sha1sum and so require 7077be01a3cc860ce1fcfafd9e5028829f0c1887
to fix it.

The sha1sum changes because we fixed the bug about the spelling of
README.md, which is helpful because otherwise we would not get a
new image.

This provides a GnuTLS 3.6.15 so that we still test using GnuTLS's
gnutls_aead_cipher_encryptv2() for the SMB encryption codepath.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14399

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2020-09-11 07:05:33 +00:00

358 lines
11 KiB
YAML

# see https://docs.gitlab.com/ce/ci/yaml/README.html for all available options
stages:
- images
- build
- analysis
- report
variables:
GIT_STRATEGY: fetch
GIT_DEPTH: "3"
# "--enable-coverage" or ""
SAMBA_CI_AUTOBUILD_ENABLE_COVERAGE: ""
#
# we run autobuild.py inside a samba CI docker image located on gitlab's registry
# overwrite this variable if you want use your own image registry.
#
# Or better ask for access to the shared development repository, see
# https://wiki.samba.org/index.php/Samba_CI_on_gitlab#Getting_Access
#
SAMBA_CI_CONTAINER_REGISTRY: registry.gitlab.com/samba-team/devel/samba
#
# Set this to the contents of bootstrap/sha1sum.txt
# which is generated by bootstrap/template.py --render
#
SAMBA_CI_CONTAINER_TAG: 86279163d150fb95742f4b34fce0dfc1a639f5de
#
# We use the ubuntu1804 image as default as
# it matches what we have on sn-devel-184.
#
SAMBA_CI_CONTAINER_IMAGE: ubuntu1804
#
# The following images are available
# Please see the samba-o3 sections at the end of this file!
# We should run that for each available image
#
SAMBA_CI_CONTAINER_IMAGE_ubuntu1604: ${SAMBA_CI_CONTAINER_REGISTRY}/samba-ci-ubuntu1604:${SAMBA_CI_CONTAINER_TAG}
SAMBA_CI_CONTAINER_IMAGE_ubuntu1804: ${SAMBA_CI_CONTAINER_REGISTRY}/samba-ci-ubuntu1804:${SAMBA_CI_CONTAINER_TAG}
SAMBA_CI_CONTAINER_IMAGE_ubuntu2004: ${SAMBA_CI_CONTAINER_REGISTRY}/samba-ci-ubuntu2004:${SAMBA_CI_CONTAINER_TAG}
SAMBA_CI_CONTAINER_IMAGE_debian9: ${SAMBA_CI_CONTAINER_REGISTRY}/samba-ci-debian9:${SAMBA_CI_CONTAINER_TAG}
SAMBA_CI_CONTAINER_IMAGE_debian10: ${SAMBA_CI_CONTAINER_REGISTRY}/samba-ci-debian10:${SAMBA_CI_CONTAINER_TAG}
SAMBA_CI_CONTAINER_IMAGE_opensuse150: ${SAMBA_CI_CONTAINER_REGISTRY}/samba-ci-opensuse150:${SAMBA_CI_CONTAINER_TAG}
SAMBA_CI_CONTAINER_IMAGE_opensuse151: ${SAMBA_CI_CONTAINER_REGISTRY}/samba-ci-opensuse151:${SAMBA_CI_CONTAINER_TAG}
SAMBA_CI_CONTAINER_IMAGE_fedora31: ${SAMBA_CI_CONTAINER_REGISTRY}/samba-ci-fedora31:${SAMBA_CI_CONTAINER_TAG}
SAMBA_CI_CONTAINER_IMAGE_fedora32: ${SAMBA_CI_CONTAINER_REGISTRY}/samba-ci-fedora32:${SAMBA_CI_CONTAINER_TAG}
SAMBA_CI_CONTAINER_IMAGE_centos7: ${SAMBA_CI_CONTAINER_REGISTRY}/samba-ci-centos7:${SAMBA_CI_CONTAINER_TAG}
SAMBA_CI_CONTAINER_IMAGE_centos8: ${SAMBA_CI_CONTAINER_REGISTRY}/samba-ci-centos8:${SAMBA_CI_CONTAINER_TAG}
include:
# The image creation details are specified in a separate file
# See bootstrap/README.md for details
- 'bootstrap/.gitlab-ci.yml'
.shared_template:
variables:
AUTOBUILD_JOB_NAME: $CI_JOB_NAME
image: ${SAMBA_CI_CONTAINER_REGISTRY}/samba-ci-${SAMBA_CI_CONTAINER_IMAGE}:${SAMBA_CI_CONTAINER_TAG}
stage: build
tags:
- docker
- shared
cache:
key: ccache.${CI_JOB_NAME}
paths:
- ccache
before_script:
- uname -a
- lsb_release -a
- cat /etc/os-release
- mount
- df -h
- cat /proc/swaps
- free -h
# ld will fail if coverage enabled, force link ld to ld.bfd
- if [ -n "$SAMBA_CI_AUTOBUILD_ENABLE_COVERAGE" ]; then sudo ln -sf $(which ld.bfd) $(which ld); fi
# See bootstrap/.gitlab-ci.yml how to generate a new image
- echo "SAMBA_CI_CONTAINER_REGISTRY[${SAMBA_CI_CONTAINER_REGISTRY}]"
- echo "SAMBA_CI_CONTAINER_TAG[${SAMBA_CI_CONTAINER_TAG}]"
- bootstrap/template.py --sha1sum > /tmp/sha1sum-template.txt
- diff -u bootstrap/sha1sum.txt /tmp/sha1sum-template.txt
- echo "${SAMBA_CI_CONTAINER_TAG}" > /tmp/sha1sum-tag.txt
- diff -u bootstrap/sha1sum.txt /tmp/sha1sum-tag.txt
- diff -u bootstrap/sha1sum.txt /sha1sum.txt
- export CCACHE_BASEDIR="${PWD}"
- export CCACHE_DIR="${PWD}/ccache" && mkdir -pv "$CCACHE_DIR"
- export CC="ccache cc"
- export CXX="ccache c++"
- ccache -z -M 500M
- ccache -s
after_script:
- mount
- df -h
- cat /proc/swaps
- free -h
- CCACHE_BASEDIR="${PWD}" CCACHE_DIR="${PWD}/ccache" ccache -s -c
artifacts:
expire_in: 1 week
paths:
- "*.stdout"
- "*.stderr"
- "*.info"
- system-info.txt
retry:
max: 2
when:
- runner_system_failure
- stuck_or_timeout_failure
script:
# gitlab predefines CI_JOB_NAME for each job. The gitlab job usually matches the
# autobuild name, which means we can define a default template that runs most autobuild jobs
- echo "Running cmd script/autobuild.py $AUTOBUILD_JOB_NAME $SAMBA_CI_AUTOBUILD_ENABLE_COVERAGE --verbose --nocleanup --keeplogs --tail --testbase /tmp/samba-testbase"
- script/autobuild.py $AUTOBUILD_JOB_NAME $SAMBA_CI_AUTOBUILD_ENABLE_COVERAGE --verbose --nocleanup --keeplogs --tail --testbase /tmp/samba-testbase
# Ensure when adding a new job below that you also add it to
# the dependencies for 'pages' below for the code coverage page
# generation.
others:
extends: .shared_template
script:
- script/autobuild.py ldb $SAMBA_CI_AUTOBUILD_ENABLE_COVERAGE --verbose --nocleanup --keeplogs --tail --testbase /tmp/samba-testbase
- script/autobuild.py pidl $SAMBA_CI_AUTOBUILD_ENABLE_COVERAGE --verbose --nocleanup --keeplogs --tail --testbase /tmp/samba-testbase
- script/autobuild.py replace $SAMBA_CI_AUTOBUILD_ENABLE_COVERAGE --verbose --nocleanup --keeplogs --tail --testbase /tmp/samba-testbase
- script/autobuild.py talloc $SAMBA_CI_AUTOBUILD_ENABLE_COVERAGE --verbose --nocleanup --keeplogs --tail --testbase /tmp/samba-testbase
- script/autobuild.py tdb $SAMBA_CI_AUTOBUILD_ENABLE_COVERAGE --verbose --nocleanup --keeplogs --tail --testbase /tmp/samba-testbase
- script/autobuild.py tevent $SAMBA_CI_AUTOBUILD_ENABLE_COVERAGE --verbose --nocleanup --keeplogs --tail --testbase /tmp/samba-testbase
- script/autobuild.py samba-xc $SAMBA_CI_AUTOBUILD_ENABLE_COVERAGE --verbose --nocleanup --keeplogs --tail --testbase /tmp/samba-testbase
- script/autobuild.py docs-xml $SAMBA_CI_AUTOBUILD_ENABLE_COVERAGE --verbose --nocleanup --keeplogs --tail --testbase /tmp/samba-testbase
samba:
extends: .shared_template
samba-mitkrb5:
extends: .shared_template
samba-nopython:
extends: .shared_template
samba-nopython-py2:
extends: .shared_template
samba-admem:
extends: .shared_template
samba-ad-dc-2:
extends: .shared_template
samba-ad-dc-3:
extends: .shared_template
samba-ad-dc-4:
extends: .shared_template
samba-ad-dc-5:
extends: .shared_template
samba-ad-dc-6:
extends: .shared_template
samba-libs:
extends: .shared_template
samba-static:
extends: .shared_template
samba-fuzz:
extends: .shared_template
image: ${SAMBA_CI_CONTAINER_REGISTRY}/samba-ci-ubuntu1604:${SAMBA_CI_CONTAINER_TAG}
ctdb:
extends: .shared_template
samba-ctdb:
extends: .shared_template
samba-ad-dc-ntvfs:
extends: .shared_template
samba-admem-mit:
extends: .shared_template
samba-ad-dc-4-mitkrb5:
extends: .shared_template
samba-fips:
extends: .shared_template
image: $SAMBA_CI_CONTAINER_IMAGE_fedora32
.private_template:
extends: .shared_template
tags:
- docker
- samba-ci-private
only:
variables:
# These jobs are only run if the gitlab repo has private runners available.
# To enable private jobs, you must add the following var and value to
# your gitlab repo by navigating to:
# settings -> CI/CD -> Environment variables
- $SUPPORT_PRIVATE_TEST == "yes"
samba-ad-dc-backup:
extends: .private_template
samba-fileserver:
extends: .private_template
samba-ad-dc-1:
extends: .private_template
samba-nt4:
extends: .private_template
samba-schemaupgrade:
extends: .private_template
samba-ad-dc-1-mitkrb5:
extends: .private_template
# 'pages' is a special job which can publish artifacts in `public` dir to gitlab pages
pages:
image: ${SAMBA_CI_CONTAINER_REGISTRY}/samba-ci-${SAMBA_CI_CONTAINER_IMAGE}:${SAMBA_CI_CONTAINER_TAG}
stage: report
tags:
- docker
- shared
dependencies: # tell gitlab to download artifacts for these jobs
- others
- samba
- samba-mitkrb5
- samba-nopython
- samba-nopython-py2
- samba-admem
- samba-ad-dc-2
- samba-ad-dc-3
- samba-ad-dc-4
- samba-ad-dc-5
- samba-ad-dc-6
- samba-libs
- samba-static
- samba-fuzz
# - ctdb # TODO
- samba-ctdb
- samba-ad-dc-ntvfs
- samba-admem-mit
- samba-ad-dc-4-mitkrb5
- samba-ad-dc-backup
- samba-fileserver
- samba-ad-dc-1
- samba-nt4
- samba-schemaupgrade
- samba-ad-dc-1-mitkrb5
- samba-fips
script:
- ./configure.developer
- make -j
- lcov $(ls *.info | xargs -I{} echo -n "-a {} ") -o all.info
- genhtml all.info --output-directory public --prefix=$(pwd) --title "coverage report for $CI_COMMIT_REF_NAME $CI_COMMIT_SHORT_SHA"
artifacts:
expire_in: 30 days
paths:
- public
only:
variables:
- $SAMBA_CI_AUTOBUILD_ENABLE_COVERAGE == "--enable-coverage"
# Coverity Scan
coverity:
stage: analysis
image: $SAMBA_CI_CONTAINER_IMAGE_fedora32
tags:
- docker
- shared
script:
- wget https://scan.coverity.com/download/linux64 --post-data "token=$COVERITY_SCAN_TOKEN&project=$COVERITY_SCAN_PROJECT_NAME" -O /tmp/coverity_tool.tgz
- tar xf /tmp/coverity_tool.tgz
- ./configure.developer --with-system-mitkrb5 --with-experimental-mit-ad-dc
- cov-analysis-linux64-*/bin/cov-build --dir cov-int make -j$(nproc)
- tar czf cov-int.tar.gz cov-int
- curl
--form token=$COVERITY_SCAN_TOKEN
--form email=$COVERITY_SCAN_EMAIL
--form file=@cov-int.tar.gz
--form version="`git describe --tags`"
--form description="CI build"
https://scan.coverity.com/builds?project=$COVERITY_SCAN_PROJECT_NAME
only:
refs:
- master
- schedules
variables:
- $COVERITY_SCAN_TOKEN != null
- $COVERITY_SCAN_PROJECT_NAME != null
- $COVERITY_SCAN_EMAIL != null
artifacts:
expire_in: 1 week
when: on_failure
paths:
- cov-int/*.txt
#
# We build samba-o3 on all supported distributions
#
.samba-o3-template:
extends: .shared_template
variables:
AUTOBUILD_JOB_NAME: samba-o3
only:
variables:
# do not run o3 for coverage since they are using different images
- $SAMBA_CI_AUTOBUILD_ENABLE_COVERAGE == ""
ubuntu1804-samba-o3:
extends: .samba-o3-template
image: $SAMBA_CI_CONTAINER_IMAGE_ubuntu1804
ubuntu2004-samba-o3:
extends: .samba-o3-template
image: $SAMBA_CI_CONTAINER_IMAGE_ubuntu2004
debian10-samba-o3:
extends: .samba-o3-template
image: $SAMBA_CI_CONTAINER_IMAGE_debian10
opensuse150-samba-o3:
extends: .samba-o3-template
image: $SAMBA_CI_CONTAINER_IMAGE_opensuse150
opensuse151-samba-o3:
extends: .samba-o3-template
image: $SAMBA_CI_CONTAINER_IMAGE_opensuse151
centos7-samba-o3:
extends: .samba-o3-template
image: $SAMBA_CI_CONTAINER_IMAGE_centos7
variables:
# Git on CentOS doesn't support shallow git cloning
GIT_DEPTH: ""
# We need a newer GnuTLS version on CentOS7
PKG_CONFIG_PATH: "/usr/lib64/compat-gnutls34/pkgconfig:/usr/lib64/compat-nettle32/pkgconfig"
centos8-samba-o3:
extends: .samba-o3-template
image: $SAMBA_CI_CONTAINER_IMAGE_centos8
fedora31-samba-o3:
extends: .samba-o3-template
image: $SAMBA_CI_CONTAINER_IMAGE_fedora31
fedora32-samba-o3:
extends: .samba-o3-template
image: $SAMBA_CI_CONTAINER_IMAGE_fedora32
#
# Keep the samba-o3 sections at the end ...
#