]>
Commit | Line | Data |
---|---|---|
fdce492e | 1 | #!/bin/sh |
de401e0e | 2 | # Build script for CI |
d151cd28 | 3 | |
e5d52774 TB |
4 | build_botan() |
5 | { | |
1bbb736e | 6 | # same revision used in the build recipe of the testing environment |
1bb05006 | 7 | BOTAN_REV=2.19.1 |
da9e4fa0 | 8 | BOTAN_DIR=$DEPS_BUILD_DIR/botan |
24af02b0 | 9 | |
d4068a1d TB |
10 | if test -d "$BOTAN_DIR"; then |
11 | return | |
12 | fi | |
13 | ||
2a58030b TB |
14 | echo "$ build_botan()" |
15 | ||
e5d52774 TB |
16 | # if the leak detective is enabled we have to disable threading support |
17 | # (used for std::async) as that causes invalid frees somehow, the | |
18 | # locking allocator causes a static leak via the first function that | |
19 | # references it (e.g. crypter or hasher), so we disable that too | |
20 | if test "$LEAK_DETECTIVE" = "yes"; then | |
21 | BOTAN_CONFIG="--without-os-features=threads | |
22 | --disable-modules=locking_allocator" | |
23 | fi | |
24 | # disable some larger modules we don't need for the tests | |
da9e4fa0 TB |
25 | BOTAN_CONFIG="$BOTAN_CONFIG --disable-modules=pkcs11,tls,x509,xmss |
26 | --prefix=$DEPS_PREFIX" | |
1bbb736e TB |
27 | |
28 | git clone https://github.com/randombit/botan.git $BOTAN_DIR && | |
24af02b0 | 29 | cd $BOTAN_DIR && |
bbe72f97 | 30 | git checkout -qf $BOTAN_REV && |
24af02b0 | 31 | python ./configure.py --amalgamation $BOTAN_CONFIG && |
e5d52774 TB |
32 | make -j4 libs >/dev/null && |
33 | sudo make install >/dev/null && | |
34 | sudo ldconfig || exit $? | |
24af02b0 | 35 | cd - |
e5d52774 TB |
36 | } |
37 | ||
d50bb81c TB |
38 | build_wolfssl() |
39 | { | |
cd0c9919 | 40 | WOLFSSL_REV=v5.1.1-stable |
da9e4fa0 | 41 | WOLFSSL_DIR=$DEPS_BUILD_DIR/wolfssl |
d50bb81c TB |
42 | |
43 | if test -d "$WOLFSSL_DIR"; then | |
44 | return | |
45 | fi | |
46 | ||
47 | echo "$ build_wolfssl()" | |
48 | ||
19611b1d TB |
49 | WOLFSSL_CFLAGS="-DWOLFSSL_PUBLIC_MP -DWOLFSSL_DES_ECB -DHAVE_AES_ECB \ |
50 | -DHAVE_ECC_BRAINPOOL -DWOLFSSL_MIN_AUTH_TAG_SZ=8" | |
da9e4fa0 | 51 | WOLFSSL_CONFIG="--prefix=$DEPS_PREFIX |
7ae4ced0 | 52 | --disable-crypttests --disable-examples |
19611b1d TB |
53 | --enable-aesccm --enable-aesctr --enable-camellia |
54 | --enable-curve25519 --enable-curve448 --enable-des3 | |
55 | --enable-ecccustcurves --enable-ed25519 --enable-ed448 | |
56 | --enable-keygen --enable-md4 --enable-rsapss --enable-sha3 | |
57 | --enable-shake256" | |
d50bb81c TB |
58 | |
59 | git clone https://github.com/wolfSSL/wolfssl.git $WOLFSSL_DIR && | |
60 | cd $WOLFSSL_DIR && | |
61 | git checkout -qf $WOLFSSL_REV && | |
62 | ./autogen.sh && | |
63 | ./configure C_EXTRA_FLAGS="$WOLFSSL_CFLAGS" $WOLFSSL_CONFIG && | |
64 | make -j4 >/dev/null && | |
65 | sudo make install >/dev/null && | |
66 | sudo ldconfig || exit $? | |
67 | cd - | |
68 | } | |
69 | ||
7b46089e TB |
70 | build_tss2() |
71 | { | |
ddc5b92d | 72 | TSS2_REV=2.4.3 |
7b46089e | 73 | TSS2_PKG=tpm2-tss-$TSS2_REV |
da9e4fa0 | 74 | TSS2_DIR=$DEPS_BUILD_DIR/$TSS2_PKG |
7b46089e TB |
75 | TSS2_SRC=https://github.com/tpm2-software/tpm2-tss/releases/download/$TSS2_REV/$TSS2_PKG.tar.gz |
76 | ||
77 | if test -d "$TSS2_DIR"; then | |
78 | return | |
79 | fi | |
80 | ||
2a58030b TB |
81 | echo "$ build_tss2()" |
82 | ||
da9e4fa0 | 83 | curl -L $TSS2_SRC | tar xz -C $DEPS_BUILD_DIR && |
7b46089e | 84 | cd $TSS2_DIR && |
da9e4fa0 | 85 | ./configure --prefix=$DEPS_PREFIX --disable-doxygen-doc && |
248f3491 TB |
86 | make -j4 >/dev/null && |
87 | sudo make install >/dev/null && | |
7b46089e TB |
88 | sudo ldconfig || exit $? |
89 | cd - | |
90 | } | |
91 | ||
de401e0e TB |
92 | : ${BUILD_DIR=$PWD} |
93 | : ${DEPS_BUILD_DIR=$BUILD_DIR/..} | |
da9e4fa0 | 94 | : ${DEPS_PREFIX=/usr/local} |
d151cd28 | 95 | |
742e0f21 TB |
96 | if [ -e /etc/os-release ]; then |
97 | . /etc/os-release | |
98 | elif [ -e /usr/lib/os-release ]; then | |
99 | . /usr/lib/os-release | |
100 | fi | |
101 | ||
d151cd28 TB |
102 | TARGET=check |
103 | ||
60a0bb67 TB |
104 | DEPS="libgmp-dev" |
105 | ||
95e67e8d MW |
106 | CFLAGS="-g -O2 -Wall -Wno-format -Wno-format-security -Wno-pointer-sign -Werror" |
107 | ||
d151cd28 TB |
108 | case "$TEST" in |
109 | default) | |
316aa4b4 TB |
110 | # should be the default, but lets make sure |
111 | CONFIG="--with-printf-hooks=glibc" | |
d151cd28 | 112 | ;; |
2a58030b TB |
113 | openssl*) |
114 | CONFIG="--disable-defaults --enable-pki --enable-openssl --enable-pem" | |
885c05b0 | 115 | export TESTS_PLUGINS="test-vectors pem openssl!" |
60a0bb67 | 116 | DEPS="libssl-dev" |
d151cd28 TB |
117 | ;; |
118 | gcrypt) | |
b50e8a88 AS |
119 | CONFIG="--disable-defaults --enable-pki --enable-gcrypt --enable-pkcs1 --enable-pkcs8" |
120 | export TESTS_PLUGINS="test-vectors pkcs1 pkcs8 gcrypt!" | |
742e0f21 TB |
121 | if [ "$ID" = "ubuntu" -a "$VERSION_ID" = "20.04" ]; then |
122 | DEPS="libgcrypt20-dev" | |
123 | else | |
124 | DEPS="libgcrypt11-dev" | |
125 | fi | |
d151cd28 | 126 | ;; |
9ee23d5e | 127 | botan) |
4bcc4bac | 128 | CONFIG="--disable-defaults --enable-pki --enable-botan --enable-pem" |
885c05b0 | 129 | export TESTS_PLUGINS="test-vectors pem botan!" |
9ee23d5e | 130 | DEPS="" |
0ff93958 | 131 | if test "$1" = "build-deps"; then |
e5d52774 | 132 | build_botan |
9ee23d5e TB |
133 | fi |
134 | ;; | |
d50bb81c TB |
135 | wolfssl) |
136 | CONFIG="--disable-defaults --enable-pki --enable-wolfssl --enable-pem" | |
885c05b0 | 137 | export TESTS_PLUGINS="test-vectors pem wolfssl!" |
d50bb81c TB |
138 | # build with custom options to enable all the features the plugin supports |
139 | DEPS="" | |
0ff93958 | 140 | if test "$1" = "build-deps"; then |
d50bb81c TB |
141 | build_wolfssl |
142 | fi | |
143 | ;; | |
316aa4b4 TB |
144 | printf-builtin) |
145 | CONFIG="--with-printf-hooks=builtin" | |
146 | ;; | |
e2d8833f | 147 | all|coverage|sonarcloud) |
f830e714 NK |
148 | if [ "$TEST" = "sonarcloud" ]; then |
149 | if [ -z "$SONAR_PROJECT" -o -z "$SONAR_ORGANIZATION" -o -z "$SONAR_TOKEN" ]; then | |
150 | echo "The SONAR_PROJECT, SONAR_ORGANIZATION and SONAR_TOKEN" \ | |
151 | "environment variables are required to run this test" | |
152 | exit 1 | |
153 | fi | |
154 | fi | |
d151cd28 | 155 | CONFIG="--enable-all --disable-android-dns --disable-android-log |
66c4735f | 156 | --disable-kernel-pfroute --disable-keychain |
157742be | 157 | --disable-lock-profiler --disable-padlock --disable-fuzzing |
e4fd163a | 158 | --disable-osx-attr --disable-tkm --disable-uci |
5833bc4b | 159 | --disable-unwind-backtraces |
4732e29a | 160 | --disable-svc --disable-dbghelp-backtraces --disable-socket-win |
de401e0e TB |
161 | --disable-kernel-wfp --disable-kernel-iph --disable-winhttp |
162 | --disable-python-eggs-install" | |
d151cd28 TB |
163 | # not enabled on the build server |
164 | CONFIG="$CONFIG --disable-af-alg" | |
42f7c989 TB |
165 | if test "$TEST" != "coverage"; then |
166 | CONFIG="$CONFIG --disable-coverage" | |
167 | else | |
168 | # not actually required but configure checks for it | |
169 | DEPS="$DEPS lcov" | |
170 | fi | |
60a0bb67 TB |
171 | DEPS="$DEPS libcurl4-gnutls-dev libsoup2.4-dev libunbound-dev libldns-dev |
172 | libmysqlclient-dev libsqlite3-dev clearsilver-dev libfcgi-dev | |
de401e0e | 173 | libldap2-dev libpcsclite-dev libpam0g-dev binutils-dev libnm-dev |
742e0f21 TB |
174 | libgcrypt20-dev libjson-c-dev python3-pip libtspi-dev libsystemd-dev" |
175 | if [ "$ID" = "ubuntu" -a "$VERSION_ID" = "20.04" ]; then | |
176 | DEPS="$DEPS libiptc-dev" | |
177 | else | |
a7308732 TB |
178 | DEPS="$DEPS iptables-dev python3-setuptools" |
179 | fi | |
bf91b71f | 180 | PYDEPS="tox" |
0ff93958 | 181 | if test "$1" = "build-deps"; then |
bf91b71f | 182 | build_botan |
d50bb81c | 183 | build_wolfssl |
7b46089e | 184 | build_tss2 |
e5d52774 | 185 | fi |
d151cd28 | 186 | ;; |
fd372e13 MW |
187 | win*) |
188 | CONFIG="--disable-defaults --enable-svc --enable-ikev2 | |
d930d184 MW |
189 | --enable-ikev1 --enable-static --enable-test-vectors --enable-nonce |
190 | --enable-constraints --enable-revocation --enable-pem --enable-pkcs1 | |
191 | --enable-pkcs8 --enable-x509 --enable-pubkey --enable-acert | |
192 | --enable-eap-tnc --enable-eap-ttls --enable-eap-identity | |
14a0c082 | 193 | --enable-updown --enable-ext-auth --enable-libipsec --enable-pkcs11 |
d930d184 MW |
194 | --enable-tnccs-20 --enable-imc-attestation --enable-imv-attestation |
195 | --enable-imc-os --enable-imv-os --enable-tnc-imv --enable-tnc-imc | |
cfdab423 TB |
196 | --enable-pki --enable-swanctl --enable-socket-win |
197 | --enable-kernel-iph --enable-kernel-wfp --enable-winhttp" | |
6eb7dd11 TB |
198 | # no make check for Windows binaries unless we run on a windows host |
199 | if test "$APPVEYOR" != "True"; then | |
200 | TARGET= | |
09662628 TB |
201 | else |
202 | CONFIG="$CONFIG --enable-openssl" | |
a5f4b996 TB |
203 | CFLAGS="$CFLAGS -I$OPENSSL_DIR/include" |
204 | LDFLAGS="-L$OPENSSL_DIR" | |
09662628 | 205 | export LDFLAGS |
6eb7dd11 | 206 | fi |
d930d184 | 207 | CFLAGS="$CFLAGS -mno-ms-bitfields" |
94a69986 | 208 | DEPS="gcc-mingw-w64-base" |
fd372e13 MW |
209 | case "$TEST" in |
210 | win64) | |
cfdab423 | 211 | CONFIG="--host=x86_64-w64-mingw32 $CONFIG --enable-dbghelp-backtraces" |
94a69986 | 212 | DEPS="gcc-mingw-w64-x86-64 binutils-mingw-w64-x86-64 mingw-w64-x86-64-dev $DEPS" |
de401e0e | 213 | CC="x86_64-w64-mingw32-gcc" |
fd372e13 MW |
214 | ;; |
215 | win32) | |
216 | CONFIG="--host=i686-w64-mingw32 $CONFIG" | |
cfdab423 | 217 | DEPS="gcc-mingw-w64-i686 binutils-mingw-w64-i686 mingw-w64-i686-dev $DEPS" |
de401e0e | 218 | CC="i686-w64-mingw32-gcc" |
fd372e13 MW |
219 | ;; |
220 | esac | |
d930d184 | 221 | ;; |
763f07c5 | 222 | android) |
763f07c5 TB |
223 | if test "$1" = "deps"; then |
224 | git clone git://git.strongswan.org/android-ndk-boringssl.git -b ndk-static \ | |
225 | src/frontends/android/app/src/main/jni/openssl | |
226 | fi | |
227 | TARGET=distdir | |
228 | ;; | |
de401e0e | 229 | macos) |
fd9edf7f TB |
230 | # this causes a false positive in ip-packet.c since Xcode 8.3 |
231 | CFLAGS="$CFLAGS -Wno-address-of-packed-member" | |
e36b1e2e TB |
232 | # use the same options as in the Homebrew Formula |
233 | CONFIG="--disable-defaults --enable-charon --enable-cmd --enable-constraints | |
234 | --enable-curl --enable-eap-gtc --enable-eap-identity | |
8d8739ac TB |
235 | --enable-eap-md5 --enable-eap-mschapv2 --enable-farp --enable-ikev1 |
236 | --enable-ikev2 --enable-kernel-libipsec --enable-kernel-pfkey | |
e36b1e2e TB |
237 | --enable-kernel-pfroute --enable-nonce --enable-openssl |
238 | --enable-osx-attr --enable-pem --enable-pgp --enable-pkcs1 | |
239 | --enable-pkcs8 --enable-pki --enable-pubkey --enable-revocation | |
240 | --enable-scepclient --enable-socket-default --enable-sshkey | |
241 | --enable-stroke --enable-swanctl --enable-unity --enable-updown | |
242 | --enable-x509 --enable-xauth-generic" | |
2fbbd05e | 243 | DEPS="automake autoconf libtool bison gettext openssl@1.1 curl" |
e36b1e2e TB |
244 | BREW_PREFIX=$(brew --prefix) |
245 | export PATH=$BREW_PREFIX/opt/bison/bin:$PATH | |
246 | export ACLOCAL_PATH=$BREW_PREFIX/opt/gettext/share/aclocal:$ACLOCAL_PATH | |
3e148e5b | 247 | for pkg in openssl@1.1 curl |
e36b1e2e | 248 | do |
8486b3b4 | 249 | PKG_CONFIG_PATH=$BREW_PREFIX/opt/$pkg/lib/pkgconfig:$PKG_CONFIG_PATH |
e36b1e2e TB |
250 | CPPFLAGS="-I$BREW_PREFIX/opt/$pkg/include $CPPFLAGS" |
251 | LDFLAGS="-L$BREW_PREFIX/opt/$pkg/lib $LDFLAGS" | |
252 | done | |
253 | export PKG_CONFIG_PATH | |
254 | export CPPFLAGS | |
255 | export LDFLAGS | |
256 | ;; | |
d6949b15 TB |
257 | freebsd) |
258 | # use the options of the FreeBSD port (including options), except smp, | |
259 | # which requires a patch but is deprecated anyway, only using the builtin | |
260 | # printf hooks | |
261 | CONFIG="--enable-kernel-pfkey --enable-kernel-pfroute --disable-scripts | |
262 | --disable-kernel-netlink --enable-openssl --enable-eap-identity | |
263 | --enable-eap-md5 --enable-eap-tls --enable-eap-mschapv2 | |
264 | --enable-eap-peap --enable-eap-ttls --enable-md4 --enable-blowfish | |
265 | --enable-addrblock --enable-whitelist --enable-cmd --enable-curl | |
266 | --enable-eap-aka --enable-eap-aka-3gpp2 --enable-eap-dynamic | |
267 | --enable-eap-radius --enable-eap-sim --enable-eap-sim-file | |
268 | --enable-gcm --enable-ipseckey --enable-kernel-libipsec | |
269 | --enable-load-tester --enable-ldap --enable-mediation | |
51f48376 TB |
270 | --enable-mysql --enable-sqlite --enable-tpm --enable-tss-tss2 |
271 | --enable-unbound --enable-unity --enable-xauth-eap --enable-xauth-pam | |
1af4ae87 TB |
272 | --with-printf-hooks=builtin --enable-attr-sql --enable-sql |
273 | --enable-farp" | |
b241e944 | 274 | DEPS="git gmp openldap24-client libxml2 mysql80-client sqlite3 unbound ldns tpm2-tss" |
d6949b15 TB |
275 | export GPERF=/usr/local/bin/gperf |
276 | export LEX=/usr/local/bin/flex | |
277 | ;; | |
1ce2721d TB |
278 | fuzzing) |
279 | CFLAGS="$CFLAGS -DNO_CHECK_MEMWIPE" | |
508b3087 | 280 | CONFIG="--enable-fuzzing --enable-static --disable-shared --disable-scripts |
75181f48 | 281 | --enable-imc-test --enable-tnccs-20" |
1ce2721d TB |
282 | # don't run any of the unit tests |
283 | export TESTS_RUNNERS= | |
284 | # prepare corpora | |
285 | if test -z "$1"; then | |
286 | if test -z "$FUZZING_CORPORA"; then | |
287 | git clone --depth 1 https://github.com/strongswan/fuzzing-corpora.git fuzzing-corpora | |
de401e0e | 288 | export FUZZING_CORPORA=$BUILD_DIR/fuzzing-corpora |
1ce2721d | 289 | fi |
7421884d TB |
290 | # these are about the same as those on OSS-Fuzz (except for the |
291 | # symbolize options and strip_path_prefix) | |
292 | export ASAN_OPTIONS=redzone=16:handle_sigill=1:strict_string_check=1:\ | |
293 | allocator_release_to_os_interval_ms=500:strict_memcmp=1:detect_container_overflow=1:\ | |
294 | coverage=0:allocator_may_return_null=1:use_sigaltstack=1:detect_stack_use_after_return=1:\ | |
295 | alloc_dealloc_mismatch=0:detect_leaks=1:print_scariness=1:max_uar_stack_size_log=16:\ | |
296 | handle_abort=1:check_malloc_usable_size=0:quarantine_size_mb=10:detect_odr_violation=0:\ | |
297 | symbolize=1:handle_segv=1:fast_unwind_on_fatal=0:external_symbolizer_path=/usr/bin/llvm-symbolizer-3.5 | |
1ce2721d TB |
298 | fi |
299 | ;; | |
658b6df4 TB |
300 | nm|nm-no-glib) |
301 | DEPS="gnome-common libsecret-1-dev libgtk-3-dev libnm-dev libnma-dev" | |
302 | if test "$TEST" = "nm"; then | |
303 | DEPS="$DEPS libnm-glib-vpn-dev libnm-gtk-dev" | |
304 | else | |
305 | CONFIG="$CONFIG --without-libnm-glib" | |
306 | fi | |
307 | cd src/frontends/gnome | |
308 | # don't run ./configure with ./autogen.sh | |
309 | export NOCONFIGURE=1 | |
310 | ;; | |
d151cd28 TB |
311 | dist) |
312 | TARGET=distcheck | |
313 | ;; | |
4e8f5a18 TB |
314 | apidoc) |
315 | DEPS="doxygen" | |
316 | CONFIG="--disable-defaults" | |
317 | TARGET=apidoc | |
318 | ;; | |
c9a34303 | 319 | lgtm) |
260e7b55 NK |
320 | if [ -z "$LGTM_PROJECT" -o -z "$LGTM_TOKEN" ]; then |
321 | echo "The LGTM_PROJECT and LGTM_TOKEN environment variables" \ | |
322 | "are required to run this test" | |
2f650e08 | 323 | exit 0 |
260e7b55 | 324 | fi |
c9a34303 | 325 | DEPS="jq" |
c9a34303 | 326 | if test -z "$1"; then |
de401e0e TB |
327 | base=$COMMIT_BASE |
328 | # after rebases or for new/duplicate branches, the passed base commit | |
329 | # ID might not be valid | |
330 | git rev-parse -q --verify $base^{commit} | |
331 | if [ $? != 0 ]; then | |
332 | # this will always compare against master, while via base we | |
333 | # otherwise only contains "new" commits | |
334 | base=$(git merge-base origin/master ${COMMIT_ID}) | |
c9a34303 TB |
335 | fi |
336 | base=$(git rev-parse $base) | |
c9a34303 | 337 | |
de401e0e | 338 | echo "Starting code review for $COMMIT_ID (base $base) on lgtm.com" |
c9a34303 TB |
339 | git diff --binary $base > lgtm.patch || exit $? |
340 | curl -s -X POST --data-binary @lgtm.patch \ | |
cd7b80e8 | 341 | "https://lgtm.com/api/v1.0/codereviews/${LGTM_PROJECT}?base=${base}&external-id=${BUILD_NUMBER}" \ |
c9a34303 TB |
342 | -H 'Content-Type: application/octet-stream' \ |
343 | -H 'Accept: application/json' \ | |
344 | -H "Authorization: Bearer ${LGTM_TOKEN}" > lgtm.res || exit $? | |
345 | lgtm_check_url=$(jq -r '."task-result-url"' lgtm.res) | |
4b225bf8 TB |
346 | if [ -z "$lgtm_check_url" -o "$lgtm_check_url" = "null" ]; then |
347 | cat lgtm.res | |
c9a34303 TB |
348 | exit 1 |
349 | fi | |
350 | lgtm_url=$(jq -r '."task-result"."results-url"' lgtm.res) | |
351 | echo "Progress and full results: ${lgtm_url}" | |
352 | ||
353 | echo -n "Waiting for completion: " | |
354 | lgtm_status=pending | |
355 | while [ "$lgtm_status" = "pending" ]; do | |
356 | sleep 15 | |
357 | curl -s -X GET "${lgtm_check_url}" \ | |
358 | -H 'Accept: application/json' \ | |
359 | -H "Authorization: Bearer ${LGTM_TOKEN}" > lgtm.res | |
360 | if [ $? != 0 ]; then | |
361 | echo -n "-" | |
362 | continue | |
363 | fi | |
364 | echo -n "." | |
365 | lgtm_status=$(jq -r '.status' lgtm.res) | |
366 | done | |
367 | echo "" | |
368 | ||
369 | if [ "$lgtm_status" != "success" ]; then | |
370 | lgtm_message=$(jq -r '.["status-message"]' lgtm.res) | |
371 | echo "Code review failed: ${lgtm_message}" | |
372 | exit 1 | |
373 | fi | |
374 | lgtm_new=$(jq -r '.languages[].new' lgtm.res | awk '{t+=$1} END {print t}') | |
375 | lgtm_fixed=$(jq -r '.languages[].fixed' lgtm.res | awk '{t+=$1} END {print t}') | |
376 | echo -n "Code review complete: " | |
fdce492e | 377 | printf "%b\n" "\e[1;31m${lgtm_new}\e[0m new alerts, \e[1;32m${lgtm_fixed}\e[0m fixed" |
c9a34303 TB |
378 | exit $lgtm_new |
379 | fi | |
380 | ;; | |
d151cd28 TB |
381 | *) |
382 | echo "$0: unknown test $TEST" >&2 | |
383 | exit 1 | |
384 | ;; | |
385 | esac | |
386 | ||
0ff93958 TB |
387 | case "$1" in |
388 | deps) | |
de401e0e | 389 | case "$OS_NAME" in |
e36b1e2e TB |
390 | linux) |
391 | sudo apt-get update -qq && \ | |
392 | sudo apt-get install -qq bison flex gperf gettext $DEPS | |
393 | ;; | |
de401e0e | 394 | macos) |
e36b1e2e TB |
395 | brew update && \ |
396 | brew install $DEPS | |
397 | ;; | |
d6949b15 TB |
398 | freebsd) |
399 | pkg install -y automake autoconf libtool pkgconf && \ | |
400 | pkg install -y bison flex gperf gettext $DEPS | |
401 | ;; | |
e36b1e2e | 402 | esac |
60a0bb67 | 403 | exit $? |
0ff93958 TB |
404 | ;; |
405 | pydeps) | |
742e0f21 | 406 | test -z "$PYDEPS" || pip3 -q install --user $PYDEPS |
75a84579 | 407 | exit $? |
0ff93958 TB |
408 | ;; |
409 | build-deps) | |
410 | exit | |
411 | ;; | |
412 | *) | |
413 | ;; | |
414 | esac | |
75a84579 | 415 | |
d151cd28 | 416 | CONFIG="$CONFIG |
e36b1e2e | 417 | --disable-dependency-tracking |
d151cd28 TB |
418 | --enable-silent-rules |
419 | --enable-test-vectors | |
420 | --enable-monolithic=${MONOLITHIC-no} | |
421 | --enable-leak-detective=${LEAK_DETECTIVE-no}" | |
422 | ||
e36b1e2e TB |
423 | echo "$ ./autogen.sh" |
424 | ./autogen.sh || exit $? | |
4e8f5a18 TB |
425 | echo "$ CC=$CC CFLAGS=\"$CFLAGS\" ./configure $CONFIG" |
426 | CC="$CC" CFLAGS="$CFLAGS" ./configure $CONFIG || exit $? | |
427 | ||
428 | case "$TEST" in | |
429 | apidoc) | |
430 | exec 2>make.warnings | |
431 | ;; | |
432 | *) | |
433 | ;; | |
434 | esac | |
435 | ||
436 | echo "$ make $TARGET" | |
e2d8833f TB |
437 | case "$TEST" in |
438 | sonarcloud) | |
439 | # without target, coverage is currently not supported anyway because | |
440 | # sonarqube only supports gcov, not lcov | |
441 | build-wrapper-linux-x86-64 --out-dir bw-output make -j4 || exit $? | |
442 | ;; | |
443 | *) | |
444 | make -j4 $TARGET || exit $? | |
445 | ;; | |
446 | esac | |
4e8f5a18 TB |
447 | |
448 | case "$TEST" in | |
449 | apidoc) | |
450 | if test -s make.warnings; then | |
451 | cat make.warnings | |
452 | exit 1 | |
453 | fi | |
f36e3755 | 454 | rm make.warnings |
4e8f5a18 | 455 | ;; |
e2d8833f TB |
456 | sonarcloud) |
457 | sonar-scanner \ | |
de401e0e | 458 | -Dsonar.host.url=https://sonarcloud.io \ |
fd5cf311 TB |
459 | -Dsonar.projectKey=${SONAR_PROJECT} \ |
460 | -Dsonar.organization=${SONAR_ORGANIZATION} \ | |
de401e0e | 461 | -Dsonar.login=${SONAR_TOKEN} \ |
4ae9b482 | 462 | -Dsonar.projectVersion=$(git describe --exclude 'android-*')+${BUILD_NUMBER} \ |
e2d8833f | 463 | -Dsonar.sources=. \ |
187ab298 | 464 | -Dsonar.cfamily.threads=2 \ |
1f2c83db TB |
465 | -Dsonar.cfamily.cache.enabled=true \ |
466 | -Dsonar.cfamily.cache.path=$HOME/.sonar-cache \ | |
e2d8833f | 467 | -Dsonar.cfamily.build-wrapper-output=bw-output || exit $? |
f36e3755 | 468 | rm -r bw-output .scannerwork |
e2d8833f | 469 | ;; |
763f07c5 TB |
470 | android) |
471 | rm -r strongswan-* | |
472 | cd src/frontends/android | |
473 | echo "$ ./gradlew build" | |
de401e0e | 474 | NDK_CCACHE=ccache ./gradlew build || exit $? |
763f07c5 | 475 | ;; |
4e8f5a18 TB |
476 | *) |
477 | ;; | |
478 | esac | |
f36e3755 TB |
479 | |
480 | # ensure there are no unignored build artifacts (or other changes) in the Git repo | |
481 | unclean="$(git status --porcelain)" | |
482 | if test -n "$unclean"; then | |
483 | echo "Unignored build artifacts or other changes:" | |
484 | echo "$unclean" | |
485 | exit 1 | |
486 | fi |