]>
Commit | Line | Data |
---|---|---|
99127d20 MČ |
1 | sudo: required |
2 | ||
3 | services: | |
4 | - docker | |
93727cf7 OK |
5 | |
6 | cache: ccache | |
99127d20 MČ |
7 | |
8 | jobs: | |
9 | include: | |
10 | - stage: build docker image | |
11 | env: | |
12 | # The machine id will be passed to Dockerfile for later checks | |
13 | - MACHINE_ID=$(cat /var/lib/dbus/machine-id) | |
14 | before_script: &update | |
15 | # Ensure the latest version of docker is installed | |
16 | - sudo apt-get update | |
17 | - sudo apt-get -y -o Dpkg::Options::="--force-confnew" install docker-ce | |
18 | - docker --version | |
19 | - env > .env | |
20 | script: | |
21 | # Copy content of CI_DIR into WORKDIR | |
22 | - find $CI_DIR -maxdepth 1 -type f -exec cp -t . {} + | |
23 | - echo "ENV GIT_SHA ${TRAVIS_COMMIT}" >> Dockerfile | |
24 | - echo "ENV MACHINE_ID ${MACHINE_ID}" >> Dockerfile | |
25 | - echo "$(git log -1 ${TRAVIS_COMMIT})" >> COMMITINFO | |
26 | # Build docker container | |
27 | - $CI_SCRIPT_DIR/build-docker-image.sh | |
28 | ||
29 | - docker login -u="${DOCKER_USERNAME}" -p="${DOCKER_PASSWORD}" | |
30 | - docker push ${DOCKER_REPOSITORY} | |
31 | ||
32 | - stage: build | |
33 | language: c | |
34 | compiler: gcc | |
35 | env: | |
36 | # The machine id will be passed to container | |
37 | - MACHINE_ID=$(cat /var/lib/dbus/machine-id) | |
38 | before_script: *update | |
39 | script: | |
93727cf7 | 40 | - docker run -v $HOME/.ccache:$HOME/.ccache -dit --name travis_build ${DOCKER_REPOSITORY}:${TRAVIS_COMMIT} bash |
99127d20 MČ |
41 | - docker exec -u 0 -ti travis_build bash -c "echo ${MACHINE_ID} > /etc/machine-id" |
42 | - docker exec -ti travis_build meson build | |
43 | - docker exec -ti travis_build ninja -C build | |
44 | # Commit it to the new image that will be used for testing | |
45 | - docker commit -m "systemd build state" -a "${AUTHOR_NAME}" travis_build ${DOCKER_REPOSITORY}:${TRAVIS_COMMIT} | |
46 | - docker login -u="${DOCKER_USERNAME}" -p="${DOCKER_PASSWORD}" | |
47 | - docker push ${DOCKER_REPOSITORY}:${TRAVIS_COMMIT} | |
48 | ||
49 | - stage: test | |
50 | language: c | |
51 | compiler: gcc | |
52 | before_script: *update | |
53 | script: | |
93727cf7 | 54 | - docker run -v $HOME/.ccache:$HOME/.ccache --privileged --net=host -dit --name travis_test ${DOCKER_REPOSITORY}:${TRAVIS_COMMIT} bash |
99127d20 MČ |
55 | - docker exec -ti travis_test ninja -C build test |
56 | - docker commit -m "systemd test state" -a "${AUTHOR_NAME}" travis_test ${DOCKER_REPOSITORY}:${TRAVIS_COMMIT} | |
57 | - docker login -u="${DOCKER_USERNAME}" -p="${DOCKER_PASSWORD}" | |
58 | - docker push ${DOCKER_REPOSITORY}:${TRAVIS_COMMIT} | |
59 | ||
60 | - stage: coverity scan | |
61 | language: c | |
62 | compiler: gcc | |
63 | before_script: *update | |
64 | env: | |
65 | - COVERITY_SCAN_PROJECT_NAME="$TRAVIS_REPO_SLUG" | |
66 | - COVERITY_SCAN_NOTIFICATION_EMAIL="${AUTHOR_EMAIL}" | |
67 | - COVERITY_SCAN_BRANCH_PATTERN="$TRAVIS_BRANCH" | |
68 | # Disable CCACHE for cov-build to compilation units correctly | |
69 | - CCACHE_DISABLE=1 | |
70 | # Token for systemd/systemd Coverity Scan Analysis | |
71 | # The next declaration is the encrypted COVERITY_SCAN_TOKEN, created | |
72 | # via the "travis encrypt" command using the project repo's public key | |
73 | - secure: "UNQLspT89GYWuVKFqW5W5RyqqnYg5RvX20IrNraOddhpdV9nhKBtozrfmhGXDGZwfHGWHt6g7YROlD/NIMvDvThVJIEYvSQiXCoo2zRrwkl2siET5MjPfRG8numiLq0KX47KGmyBJISJZCgDUdNGqqGwgf7AhDN78I3XtgqjFT1z0mGl8n0wiFpKPi7i3nECvF4Mk7xCCHqwByaq0z5G9NkVlOvP1EyCxwv3B6I5Umfch7ibp7iH44YnVXILK+yEry5dMuctYwYkDouR80ChEPQQ5fhhpO4++HJmFuSpfMTeCHpucAd2xwSUijejYeN/GNQ177GxSSk/8hRBGcuSK8T/WJ+KiuJPhZObV8mw+a6+qdQssWY4F9jya5ZKbZ/yTbxjtQ0m4AgtL28P9bEze8pLh16zFMX+hIEuoFSNmJqmtNttfbD5TKyYVZml59s9wvhlvMnlNpRSQva88OAOjXtiA41g+XtTxxpfW9mgd7HYhzSBs1efNiK7PfkANgve7KIYMAmCAqasgb1IIAyX7stOlJH06QOFXNH55PmJLkkKyL3SMQzgryMDWegU+XbS8t43r0x14WLuE7sc9JtnOr/G8hthFaMRp8xLy9aCBwyEIkEsyWa50VMoZDa3Spdb4r1CKBwcGdCbyE4rCehwEIznbfrsSovhwiUds7bbhBU=" | |
74 | script: | |
75 | # Copy content of CI_DIR into WORKDIR | |
76 | - find $CI_DIR -maxdepth 1 -type f -exec cp -t . {} + | |
77 | # Build container for current user | |
78 | - $CI_SCRIPT_DIR/build-docker-image.sh | |
79 | ||
80 | # For kernel version 4.8+ | |
81 | - sudo sysctl vsyscall=emulate || true | |
82 | # Prepare environment for Coverity tool | |
83 | - | | |
84 | PLATFORM=`uname` | |
85 | export TOOL_BASE="/tmp/coverity-scan-analysis" | |
86 | export SCAN_URL="https://scan.coverity.com" | |
87 | export UPLOAD_URL="https://scan.coverity.com/builds" | |
88 | export TOOL_ARCHIVE="/tmp/cov-analysis-${PLATFORM}.tgz" | |
89 | ||
90 | # Get Coverity tool | |
91 | - $CI_TOOL_DIR/get-coverity.sh | |
92 | - TOOL_DIR="$(find $TOOL_BASE -type d -name 'cov-analysis*')" | |
93 | ||
94 | # Export env variables for Coverity scan | |
95 | - env | grep -E "TRAVIS|COV|TOOL|URL" > .cov-env | |
96 | - | | |
97 | docker run -dit --env-file .cov-env \ | |
98 | -v ${TOOL_BASE}:${TOOL_BASE}:ro \ | |
99 | --name travis_coverity_scan ${DOCKER_REPOSITORY}:${TRAVIS_COMMIT} bash | |
100 | # Make sure Coverity script is executable | |
748c59b1 | 101 | - docker cp tools/coverity.sh travis_coverity_scan:/usr/local/bin |
99127d20 MČ |
102 | # Preconfigure with meson to prevent Coverity from capturing meson metadata |
103 | # Set compiler flag to prevent emit failure | |
104 | - docker exec -it travis_coverity_scan sh -c "CFLAGS='-D_Float128=long\ double' meson cov-build -Dman=false" | |
105 | # Run Coverity Analysis | |
106 | - docker exec -it travis_coverity_scan coverity.sh build | |
107 | - docker exec -it travis_coverity_scan coverity.sh upload | |
108 | ||
109 | - stage: clean docker | |
110 | language: python | |
111 | # python: | |
112 | # - "3.6" Probably broken ATM | |
113 | env: | |
114 | - SIZE_LIMIT="3000" # Limit in MBs | |
115 | - TAG_LIMIT="3" # Number of tags to be kept at the time | |
116 | before-script: | |
117 | - sudo apt-get -y install python3 | |
118 | script: | |
119 | # Get docker-remote tool and setup venv | |
120 | - sudo $CI_TOOL_DIR/get-docker-remote.sh | |
121 | # Activate virtual environment to be able to use docker-remote safely | |
122 | - source venv/bin/activate | |
123 | # Check the size and tag limit of the repo | |
124 | - REPO_SIZE=$(docker-remote repository --size $DOCKER_REPOSITORY) | |
125 | - TAG_COUNT=$(docker-remote tags --count $DOCKER_REPOSITORY) | |
126 | - 'echo -e "\033[33;1mCurrent repository size: $REPO_SIZE in $TAG_COUNT tags \033[0m"' | |
127 | - | | |
128 | if [[ ${REPO_SIZE%.*} -gt $SIZE_LIMIT ]] || [[ $TAG_COUNT -gt $TAG_LIMIT ]] | |
129 | then | |
130 | docker-remote --login $DOCKER_USERNAME:$DOCKER_PASSWORD \ | |
131 | tags --assumeyes --pop-back --keep $TAG_LIMIT $DOCKER_REPOSITORY | |
132 | fi | |
133 | ||
134 | ||
135 | ||
136 | # Specify the order of stages and conditions | |
137 | stages: | |
138 | # Helper stage to determine whether coverity stage should be allowed | |
139 | - name: initialization | |
140 | ||
141 | - name: build docker image | |
142 | if: type != cron | |
143 | - name: build | |
144 | if: type != cron | |
145 | - name: test | |
146 | if: type != cron | |
147 | ||
148 | # These stages run separately, the resulting container will not be pushed to Docker Hub | |
149 | # This stage will only run on special conditions | |
150 | - name: coverity scan | |
151 | if: type = cron | |
152 | ||
153 | # Check for repository size and clean Docker repo if necessary | |
154 | - name: clean Docker | |
155 | if: type = cron | |
156 | ||
157 | env: | |
158 | global: | |
159 | # Secure Docker Hub credentials | |
160 | - secure: "TY61ufmEJyxCer8vuAlQ3mYwGRynFZXPCFTxKgIzobAHHyE1Zwx0bZDDwDd88Gdgz7EGnOJtMABfa0axfPOK9il5u7lYmmZ8Usa0HAvKavkpSRnw2b16zz88N98x3DyaIquvg2J8iQpHHoM32+BGiAS7P8BiYTO6r+E0CMPYC0Ylh7eHVSBGfWbR9m+yCo/mDIEAWyop6Jv4rTMN4qP9U7e6Kou7m/AJeiCWMaR7rlanpLFNQi3+qF/Mt5dbE7LVLNSOkmpg/FPw34g4RC5mfLAh+c8YBadqo6kFA6qV1b931or0aZUYVtobI6UwC9U1GGqzfCTjXuVMNgPBBQ6n3JMt91mFFkP0lXdGMxpBNbwFL/btBrt2a359L/wNtqv6PuSJwJ3oTe/FP++X6xjbM7LcAHZMWZiK+0BFefNOUcRzBpaEJ2nGNzcLKHn4Bl0pl4LwZ0uVocN8RBwHnDX+hyUwwQPoQTLJQB9tpwDweIzftt9KmrIHmL9v7KZXR4s/8CKpNfVQ/XSysdtsK+7EKK5AsnbMNrZLjpH7D0Lo/Xp92/eJ2UGyqI7awJbJGPV2FNwyGcojDEXIBUsVssUjb5+B4LpHP1x4UQe/m9SuPJdtRB0R7PKe/tyPD3GTyfVO9K7imQATDdnMY32nkWXmXej8YWo76yA732rTZRZtFAc=" | |
161 | - secure: "NAEzWn5Ru6IqDA1RSyTVhpIp2iQluumg0EOI111EN7qWWGUDNgAZi+QgvRI+OBNyuMpBpN/GX1Ys4YxUDos1F/fhm2vytoB4A/LG463FQsSVP3wnyMFJTSOI8H0jgK41xj79qiww7edbfq93MZ/XS95Ws4tUTi/0etUGvAgIHGgofFCPPdMNkOvSHLgzSnYfydzLuD9FVpCgvpbJnQ+47XHyN+sKoA+OlZ+EfIOVZt+Mk/dqYrsM7MRKEfplk1MvUiJpHvrw+xWTslCIiO03V6ws091fBMgedIFRpsySrsd1KwH8JIeOK6KFn5W7Q53auzZkKYk7ymknlJt4WVBy7Qg33njMQ53t3qMQYTRUIV4dcR60cdII7tatzgpKBcycxHQMAshOYPT6pYhSsO6JEKgiO+ZhOxvqWGwtEeH9Zq7P4ft8Q7GJhRkdi0X0WY7/6RjwinO/1LLj1LODim3mDFfAK7xS7e+nQW/JEOdWohT2+qm97j9IOZeQtPtdqZP9F8HJXgw6WjiGJIXMF3Ov9GkQh4uJyMYJ6hN7T3iRoenV86Dzgg6u5Ku131Ziwvlm+n94qlXF8Jl47wCcAS7VmyYxMft1gH+Zs+4Wq7KO0vysmnEk6rCqb87ZQSDOdTzBfK9HTyyAqmBCgS4Dp5x7/xOBMVXfq/SOb9c3Sh/JItA=" | |
162 | - DOCKER_REPOSITORY=$DOCKER_USERNAME/systemd | |
163 | ||
164 | - ADMIN_EMAIL=macermak@redhat.com | |
165 | ||
166 | - AUTHOR_NAME="$(git log -1 $TRAVIS_COMMIT --pretty=\"%aN\")" | |
167 | - AUTHOR_EMAIL="$(git log -1 $TRAVIS_COMMIT --pretty=\"%aE\")" | |
168 | ||
169 | - CI_DIR="$TRAVIS_BUILD_DIR/travis-ci" | |
170 | - CI_TOOL_DIR="$CI_DIR/tools" | |
171 | - CI_SCRIPT_DIR="$CI_DIR/scripts" | |
172 | ||
36398225 | 173 | notifications: |
99127d20 MČ |
174 | email: |
175 | recipients: | |
176 | - ${ADMIN_EMAIL} | |
177 | - ${AUTHOR_EMAIL} | |
36398225 HHPF |
178 | irc: |
179 | channels: | |
180 | - "irc.freenode.org#systemd" | |
181 | on_success: change | |
182 | on_failure: always |