]>
Commit | Line | Data |
---|---|---|
fdce492e | 1 | #!/bin/sh |
de401e0e | 2 | # Build script for CI |
d151cd28 | 3 | |
e5d52774 TB |
4 | build_botan() |
5 | { | |
1bbb736e | 6 | # same revision used in the build recipe of the testing environment |
29c59885 | 7 | BOTAN_REV=2.17.1 |
da9e4fa0 | 8 | BOTAN_DIR=$DEPS_BUILD_DIR/botan |
24af02b0 | 9 | |
d4068a1d TB |
10 | if test -d "$BOTAN_DIR"; then |
11 | return | |
12 | fi | |
13 | ||
2a58030b TB |
14 | echo "$ build_botan()" |
15 | ||
e5d52774 TB |
16 | # if the leak detective is enabled we have to disable threading support |
17 | # (used for std::async) as that causes invalid frees somehow, the | |
18 | # locking allocator causes a static leak via the first function that | |
19 | # references it (e.g. crypter or hasher), so we disable that too | |
20 | if test "$LEAK_DETECTIVE" = "yes"; then | |
21 | BOTAN_CONFIG="--without-os-features=threads | |
22 | --disable-modules=locking_allocator" | |
23 | fi | |
24 | # disable some larger modules we don't need for the tests | |
da9e4fa0 TB |
25 | BOTAN_CONFIG="$BOTAN_CONFIG --disable-modules=pkcs11,tls,x509,xmss |
26 | --prefix=$DEPS_PREFIX" | |
1bbb736e TB |
27 | |
28 | git clone https://github.com/randombit/botan.git $BOTAN_DIR && | |
24af02b0 | 29 | cd $BOTAN_DIR && |
bbe72f97 | 30 | git checkout -qf $BOTAN_REV && |
24af02b0 | 31 | python ./configure.py --amalgamation $BOTAN_CONFIG && |
e5d52774 TB |
32 | make -j4 libs >/dev/null && |
33 | sudo make install >/dev/null && | |
34 | sudo ldconfig || exit $? | |
24af02b0 | 35 | cd - |
e5d52774 TB |
36 | } |
37 | ||
d50bb81c TB |
38 | build_wolfssl() |
39 | { | |
cb859676 | 40 | WOLFSSL_REV=v4.7.0-stable |
da9e4fa0 | 41 | WOLFSSL_DIR=$DEPS_BUILD_DIR/wolfssl |
d50bb81c TB |
42 | |
43 | if test -d "$WOLFSSL_DIR"; then | |
44 | return | |
45 | fi | |
46 | ||
47 | echo "$ build_wolfssl()" | |
48 | ||
839d6c8f | 49 | WOLFSSL_CFLAGS="-DWOLFSSL_PUBLIC_MP -DWOLFSSL_DES_ECB -DHAVE_ECC_BRAINPOOL" |
da9e4fa0 | 50 | WOLFSSL_CONFIG="--prefix=$DEPS_PREFIX |
7ae4ced0 | 51 | --disable-crypttests --disable-examples |
da9e4fa0 | 52 | --enable-keygen --enable-rsapss --enable-aesccm |
d50bb81c | 53 | --enable-aesctr --enable-des3 --enable-camellia |
7ae4ced0 TB |
54 | --enable-curve25519 --enable-ed25519 |
55 | --enable-curve448 --enable-ed448 | |
839d6c8f | 56 | --enable-sha3 --enable-shake256 --enable-ecccustcurves" |
d50bb81c TB |
57 | |
58 | git clone https://github.com/wolfSSL/wolfssl.git $WOLFSSL_DIR && | |
59 | cd $WOLFSSL_DIR && | |
60 | git checkout -qf $WOLFSSL_REV && | |
61 | ./autogen.sh && | |
62 | ./configure C_EXTRA_FLAGS="$WOLFSSL_CFLAGS" $WOLFSSL_CONFIG && | |
63 | make -j4 >/dev/null && | |
64 | sudo make install >/dev/null && | |
65 | sudo ldconfig || exit $? | |
66 | cd - | |
67 | } | |
68 | ||
7b46089e TB |
69 | build_tss2() |
70 | { | |
ddc5b92d | 71 | TSS2_REV=2.4.3 |
7b46089e | 72 | TSS2_PKG=tpm2-tss-$TSS2_REV |
da9e4fa0 | 73 | TSS2_DIR=$DEPS_BUILD_DIR/$TSS2_PKG |
7b46089e TB |
74 | TSS2_SRC=https://github.com/tpm2-software/tpm2-tss/releases/download/$TSS2_REV/$TSS2_PKG.tar.gz |
75 | ||
76 | if test -d "$TSS2_DIR"; then | |
77 | return | |
78 | fi | |
79 | ||
2a58030b TB |
80 | echo "$ build_tss2()" |
81 | ||
da9e4fa0 | 82 | curl -L $TSS2_SRC | tar xz -C $DEPS_BUILD_DIR && |
7b46089e | 83 | cd $TSS2_DIR && |
da9e4fa0 | 84 | ./configure --prefix=$DEPS_PREFIX --disable-doxygen-doc && |
248f3491 TB |
85 | make -j4 >/dev/null && |
86 | sudo make install >/dev/null && | |
7b46089e TB |
87 | sudo ldconfig || exit $? |
88 | cd - | |
89 | } | |
90 | ||
de401e0e TB |
91 | : ${BUILD_DIR=$PWD} |
92 | : ${DEPS_BUILD_DIR=$BUILD_DIR/..} | |
da9e4fa0 | 93 | : ${DEPS_PREFIX=/usr/local} |
d151cd28 | 94 | |
742e0f21 TB |
95 | if [ -e /etc/os-release ]; then |
96 | . /etc/os-release | |
97 | elif [ -e /usr/lib/os-release ]; then | |
98 | . /usr/lib/os-release | |
99 | fi | |
100 | ||
d151cd28 TB |
101 | TARGET=check |
102 | ||
60a0bb67 TB |
103 | DEPS="libgmp-dev" |
104 | ||
95e67e8d MW |
105 | CFLAGS="-g -O2 -Wall -Wno-format -Wno-format-security -Wno-pointer-sign -Werror" |
106 | ||
d151cd28 TB |
107 | case "$TEST" in |
108 | default) | |
316aa4b4 TB |
109 | # should be the default, but lets make sure |
110 | CONFIG="--with-printf-hooks=glibc" | |
d151cd28 | 111 | ;; |
2a58030b TB |
112 | openssl*) |
113 | CONFIG="--disable-defaults --enable-pki --enable-openssl --enable-pem" | |
885c05b0 | 114 | export TESTS_PLUGINS="test-vectors pem openssl!" |
60a0bb67 | 115 | DEPS="libssl-dev" |
d151cd28 TB |
116 | ;; |
117 | gcrypt) | |
3986c1e3 | 118 | CONFIG="--disable-defaults --enable-pki --enable-gcrypt --enable-pkcs1" |
885c05b0 | 119 | export TESTS_PLUGINS="test-vectors pkcs1 gcrypt!" |
742e0f21 TB |
120 | if [ "$ID" = "ubuntu" -a "$VERSION_ID" = "20.04" ]; then |
121 | DEPS="libgcrypt20-dev" | |
122 | else | |
123 | DEPS="libgcrypt11-dev" | |
124 | fi | |
d151cd28 | 125 | ;; |
9ee23d5e | 126 | botan) |
4bcc4bac | 127 | CONFIG="--disable-defaults --enable-pki --enable-botan --enable-pem" |
885c05b0 | 128 | export TESTS_PLUGINS="test-vectors pem botan!" |
9ee23d5e | 129 | DEPS="" |
0ff93958 | 130 | if test "$1" = "build-deps"; then |
e5d52774 | 131 | build_botan |
9ee23d5e TB |
132 | fi |
133 | ;; | |
d50bb81c TB |
134 | wolfssl) |
135 | CONFIG="--disable-defaults --enable-pki --enable-wolfssl --enable-pem" | |
885c05b0 | 136 | export TESTS_PLUGINS="test-vectors pem wolfssl!" |
d50bb81c TB |
137 | # build with custom options to enable all the features the plugin supports |
138 | DEPS="" | |
0ff93958 | 139 | if test "$1" = "build-deps"; then |
d50bb81c TB |
140 | build_wolfssl |
141 | fi | |
142 | ;; | |
316aa4b4 TB |
143 | printf-builtin) |
144 | CONFIG="--with-printf-hooks=builtin" | |
145 | ;; | |
e2d8833f | 146 | all|coverage|sonarcloud) |
f830e714 NK |
147 | if [ "$TEST" = "sonarcloud" ]; then |
148 | if [ -z "$SONAR_PROJECT" -o -z "$SONAR_ORGANIZATION" -o -z "$SONAR_TOKEN" ]; then | |
149 | echo "The SONAR_PROJECT, SONAR_ORGANIZATION and SONAR_TOKEN" \ | |
150 | "environment variables are required to run this test" | |
151 | exit 1 | |
152 | fi | |
153 | fi | |
d151cd28 | 154 | CONFIG="--enable-all --disable-android-dns --disable-android-log |
66c4735f | 155 | --disable-kernel-pfroute --disable-keychain |
157742be | 156 | --disable-lock-profiler --disable-padlock --disable-fuzzing |
e4fd163a | 157 | --disable-osx-attr --disable-tkm --disable-uci |
5833bc4b | 158 | --disable-unwind-backtraces |
4732e29a | 159 | --disable-svc --disable-dbghelp-backtraces --disable-socket-win |
de401e0e TB |
160 | --disable-kernel-wfp --disable-kernel-iph --disable-winhttp |
161 | --disable-python-eggs-install" | |
d151cd28 TB |
162 | # not enabled on the build server |
163 | CONFIG="$CONFIG --disable-af-alg" | |
42f7c989 TB |
164 | if test "$TEST" != "coverage"; then |
165 | CONFIG="$CONFIG --disable-coverage" | |
166 | else | |
167 | # not actually required but configure checks for it | |
168 | DEPS="$DEPS lcov" | |
169 | fi | |
de401e0e | 170 | # Botan requires newer compilers, so disable it on Ubuntu 16.04 |
742e0f21 | 171 | if [ "$ID" = "ubuntu" -a "$VERSION_ID" = "16.04" ]; then |
e0b1b120 TB |
172 | CONFIG="$CONFIG --disable-botan" |
173 | fi | |
60a0bb67 TB |
174 | DEPS="$DEPS libcurl4-gnutls-dev libsoup2.4-dev libunbound-dev libldns-dev |
175 | libmysqlclient-dev libsqlite3-dev clearsilver-dev libfcgi-dev | |
de401e0e | 176 | libldap2-dev libpcsclite-dev libpam0g-dev binutils-dev libnm-dev |
742e0f21 TB |
177 | libgcrypt20-dev libjson-c-dev python3-pip libtspi-dev libsystemd-dev" |
178 | if [ "$ID" = "ubuntu" -a "$VERSION_ID" = "20.04" ]; then | |
179 | DEPS="$DEPS libiptc-dev" | |
180 | else | |
181 | DEPS="$DEPS iptables-dev" | |
182 | fi | |
ead067e7 | 183 | PYDEPS="tox" |
0ff93958 | 184 | if test "$1" = "build-deps"; then |
742e0f21 | 185 | if [ "$ID" != "ubuntu" -o "$VERSION_ID" != "16.04" ]; then |
e0b1b120 TB |
186 | build_botan |
187 | fi | |
d50bb81c | 188 | build_wolfssl |
7b46089e | 189 | build_tss2 |
e5d52774 | 190 | fi |
d151cd28 | 191 | ;; |
fd372e13 MW |
192 | win*) |
193 | CONFIG="--disable-defaults --enable-svc --enable-ikev2 | |
d930d184 MW |
194 | --enable-ikev1 --enable-static --enable-test-vectors --enable-nonce |
195 | --enable-constraints --enable-revocation --enable-pem --enable-pkcs1 | |
196 | --enable-pkcs8 --enable-x509 --enable-pubkey --enable-acert | |
197 | --enable-eap-tnc --enable-eap-ttls --enable-eap-identity | |
14a0c082 | 198 | --enable-updown --enable-ext-auth --enable-libipsec --enable-pkcs11 |
d930d184 MW |
199 | --enable-tnccs-20 --enable-imc-attestation --enable-imv-attestation |
200 | --enable-imc-os --enable-imv-os --enable-tnc-imv --enable-tnc-imc | |
cfdab423 TB |
201 | --enable-pki --enable-swanctl --enable-socket-win |
202 | --enable-kernel-iph --enable-kernel-wfp --enable-winhttp" | |
6eb7dd11 TB |
203 | # no make check for Windows binaries unless we run on a windows host |
204 | if test "$APPVEYOR" != "True"; then | |
205 | TARGET= | |
09662628 TB |
206 | else |
207 | CONFIG="$CONFIG --enable-openssl" | |
a5f4b996 TB |
208 | CFLAGS="$CFLAGS -I$OPENSSL_DIR/include" |
209 | LDFLAGS="-L$OPENSSL_DIR" | |
09662628 | 210 | export LDFLAGS |
6eb7dd11 | 211 | fi |
d930d184 | 212 | CFLAGS="$CFLAGS -mno-ms-bitfields" |
94a69986 | 213 | DEPS="gcc-mingw-w64-base" |
fd372e13 MW |
214 | case "$TEST" in |
215 | win64) | |
cfdab423 | 216 | CONFIG="--host=x86_64-w64-mingw32 $CONFIG --enable-dbghelp-backtraces" |
94a69986 | 217 | DEPS="gcc-mingw-w64-x86-64 binutils-mingw-w64-x86-64 mingw-w64-x86-64-dev $DEPS" |
de401e0e | 218 | CC="x86_64-w64-mingw32-gcc" |
fd372e13 MW |
219 | ;; |
220 | win32) | |
221 | CONFIG="--host=i686-w64-mingw32 $CONFIG" | |
cfdab423 | 222 | DEPS="gcc-mingw-w64-i686 binutils-mingw-w64-i686 mingw-w64-i686-dev $DEPS" |
de401e0e | 223 | CC="i686-w64-mingw32-gcc" |
fd372e13 MW |
224 | ;; |
225 | esac | |
d930d184 | 226 | ;; |
763f07c5 | 227 | android) |
763f07c5 TB |
228 | if test "$1" = "deps"; then |
229 | git clone git://git.strongswan.org/android-ndk-boringssl.git -b ndk-static \ | |
230 | src/frontends/android/app/src/main/jni/openssl | |
231 | fi | |
232 | TARGET=distdir | |
233 | ;; | |
de401e0e | 234 | macos) |
fd9edf7f TB |
235 | # this causes a false positive in ip-packet.c since Xcode 8.3 |
236 | CFLAGS="$CFLAGS -Wno-address-of-packed-member" | |
e36b1e2e TB |
237 | # use the same options as in the Homebrew Formula |
238 | CONFIG="--disable-defaults --enable-charon --enable-cmd --enable-constraints | |
239 | --enable-curl --enable-eap-gtc --enable-eap-identity | |
8d8739ac TB |
240 | --enable-eap-md5 --enable-eap-mschapv2 --enable-farp --enable-ikev1 |
241 | --enable-ikev2 --enable-kernel-libipsec --enable-kernel-pfkey | |
e36b1e2e TB |
242 | --enable-kernel-pfroute --enable-nonce --enable-openssl |
243 | --enable-osx-attr --enable-pem --enable-pgp --enable-pkcs1 | |
244 | --enable-pkcs8 --enable-pki --enable-pubkey --enable-revocation | |
245 | --enable-scepclient --enable-socket-default --enable-sshkey | |
246 | --enable-stroke --enable-swanctl --enable-unity --enable-updown | |
247 | --enable-x509 --enable-xauth-generic" | |
de401e0e | 248 | DEPS="automake autoconf libtool bison gettext openssl curl" |
e36b1e2e TB |
249 | BREW_PREFIX=$(brew --prefix) |
250 | export PATH=$BREW_PREFIX/opt/bison/bin:$PATH | |
251 | export ACLOCAL_PATH=$BREW_PREFIX/opt/gettext/share/aclocal:$ACLOCAL_PATH | |
252 | for pkg in openssl curl | |
253 | do | |
8486b3b4 | 254 | PKG_CONFIG_PATH=$BREW_PREFIX/opt/$pkg/lib/pkgconfig:$PKG_CONFIG_PATH |
e36b1e2e TB |
255 | CPPFLAGS="-I$BREW_PREFIX/opt/$pkg/include $CPPFLAGS" |
256 | LDFLAGS="-L$BREW_PREFIX/opt/$pkg/lib $LDFLAGS" | |
257 | done | |
258 | export PKG_CONFIG_PATH | |
259 | export CPPFLAGS | |
260 | export LDFLAGS | |
261 | ;; | |
d6949b15 TB |
262 | freebsd) |
263 | # use the options of the FreeBSD port (including options), except smp, | |
264 | # which requires a patch but is deprecated anyway, only using the builtin | |
265 | # printf hooks | |
266 | CONFIG="--enable-kernel-pfkey --enable-kernel-pfroute --disable-scripts | |
267 | --disable-kernel-netlink --enable-openssl --enable-eap-identity | |
268 | --enable-eap-md5 --enable-eap-tls --enable-eap-mschapv2 | |
269 | --enable-eap-peap --enable-eap-ttls --enable-md4 --enable-blowfish | |
270 | --enable-addrblock --enable-whitelist --enable-cmd --enable-curl | |
271 | --enable-eap-aka --enable-eap-aka-3gpp2 --enable-eap-dynamic | |
272 | --enable-eap-radius --enable-eap-sim --enable-eap-sim-file | |
273 | --enable-gcm --enable-ipseckey --enable-kernel-libipsec | |
274 | --enable-load-tester --enable-ldap --enable-mediation | |
51f48376 TB |
275 | --enable-mysql --enable-sqlite --enable-tpm --enable-tss-tss2 |
276 | --enable-unbound --enable-unity --enable-xauth-eap --enable-xauth-pam | |
1af4ae87 TB |
277 | --with-printf-hooks=builtin --enable-attr-sql --enable-sql |
278 | --enable-farp" | |
51f48376 | 279 | DEPS="git gmp openldap-client libxml2 mysql80-client sqlite3 unbound ldns tpm2-tss" |
d6949b15 TB |
280 | export GPERF=/usr/local/bin/gperf |
281 | export LEX=/usr/local/bin/flex | |
282 | ;; | |
1ce2721d TB |
283 | fuzzing) |
284 | CFLAGS="$CFLAGS -DNO_CHECK_MEMWIPE" | |
508b3087 | 285 | CONFIG="--enable-fuzzing --enable-static --disable-shared --disable-scripts |
75181f48 | 286 | --enable-imc-test --enable-tnccs-20" |
1ce2721d TB |
287 | # don't run any of the unit tests |
288 | export TESTS_RUNNERS= | |
289 | # prepare corpora | |
290 | if test -z "$1"; then | |
291 | if test -z "$FUZZING_CORPORA"; then | |
292 | git clone --depth 1 https://github.com/strongswan/fuzzing-corpora.git fuzzing-corpora | |
de401e0e | 293 | export FUZZING_CORPORA=$BUILD_DIR/fuzzing-corpora |
1ce2721d | 294 | fi |
7421884d TB |
295 | # these are about the same as those on OSS-Fuzz (except for the |
296 | # symbolize options and strip_path_prefix) | |
297 | export ASAN_OPTIONS=redzone=16:handle_sigill=1:strict_string_check=1:\ | |
298 | allocator_release_to_os_interval_ms=500:strict_memcmp=1:detect_container_overflow=1:\ | |
299 | coverage=0:allocator_may_return_null=1:use_sigaltstack=1:detect_stack_use_after_return=1:\ | |
300 | alloc_dealloc_mismatch=0:detect_leaks=1:print_scariness=1:max_uar_stack_size_log=16:\ | |
301 | handle_abort=1:check_malloc_usable_size=0:quarantine_size_mb=10:detect_odr_violation=0:\ | |
302 | symbolize=1:handle_segv=1:fast_unwind_on_fatal=0:external_symbolizer_path=/usr/bin/llvm-symbolizer-3.5 | |
1ce2721d TB |
303 | fi |
304 | ;; | |
658b6df4 TB |
305 | nm|nm-no-glib) |
306 | DEPS="gnome-common libsecret-1-dev libgtk-3-dev libnm-dev libnma-dev" | |
307 | if test "$TEST" = "nm"; then | |
308 | DEPS="$DEPS libnm-glib-vpn-dev libnm-gtk-dev" | |
309 | else | |
310 | CONFIG="$CONFIG --without-libnm-glib" | |
311 | fi | |
312 | cd src/frontends/gnome | |
313 | # don't run ./configure with ./autogen.sh | |
314 | export NOCONFIGURE=1 | |
315 | ;; | |
d151cd28 TB |
316 | dist) |
317 | TARGET=distcheck | |
318 | ;; | |
4e8f5a18 TB |
319 | apidoc) |
320 | DEPS="doxygen" | |
321 | CONFIG="--disable-defaults" | |
322 | TARGET=apidoc | |
323 | ;; | |
c9a34303 | 324 | lgtm) |
260e7b55 NK |
325 | if [ -z "$LGTM_PROJECT" -o -z "$LGTM_TOKEN" ]; then |
326 | echo "The LGTM_PROJECT and LGTM_TOKEN environment variables" \ | |
327 | "are required to run this test" | |
2f650e08 | 328 | exit 0 |
260e7b55 | 329 | fi |
c9a34303 | 330 | DEPS="jq" |
c9a34303 | 331 | if test -z "$1"; then |
de401e0e TB |
332 | base=$COMMIT_BASE |
333 | # after rebases or for new/duplicate branches, the passed base commit | |
334 | # ID might not be valid | |
335 | git rev-parse -q --verify $base^{commit} | |
336 | if [ $? != 0 ]; then | |
337 | # this will always compare against master, while via base we | |
338 | # otherwise only contains "new" commits | |
339 | base=$(git merge-base origin/master ${COMMIT_ID}) | |
c9a34303 TB |
340 | fi |
341 | base=$(git rev-parse $base) | |
c9a34303 | 342 | |
de401e0e | 343 | echo "Starting code review for $COMMIT_ID (base $base) on lgtm.com" |
c9a34303 TB |
344 | git diff --binary $base > lgtm.patch || exit $? |
345 | curl -s -X POST --data-binary @lgtm.patch \ | |
cd7b80e8 | 346 | "https://lgtm.com/api/v1.0/codereviews/${LGTM_PROJECT}?base=${base}&external-id=${BUILD_NUMBER}" \ |
c9a34303 TB |
347 | -H 'Content-Type: application/octet-stream' \ |
348 | -H 'Accept: application/json' \ | |
349 | -H "Authorization: Bearer ${LGTM_TOKEN}" > lgtm.res || exit $? | |
350 | lgtm_check_url=$(jq -r '."task-result-url"' lgtm.res) | |
4b225bf8 TB |
351 | if [ -z "$lgtm_check_url" -o "$lgtm_check_url" = "null" ]; then |
352 | cat lgtm.res | |
c9a34303 TB |
353 | exit 1 |
354 | fi | |
355 | lgtm_url=$(jq -r '."task-result"."results-url"' lgtm.res) | |
356 | echo "Progress and full results: ${lgtm_url}" | |
357 | ||
358 | echo -n "Waiting for completion: " | |
359 | lgtm_status=pending | |
360 | while [ "$lgtm_status" = "pending" ]; do | |
361 | sleep 15 | |
362 | curl -s -X GET "${lgtm_check_url}" \ | |
363 | -H 'Accept: application/json' \ | |
364 | -H "Authorization: Bearer ${LGTM_TOKEN}" > lgtm.res | |
365 | if [ $? != 0 ]; then | |
366 | echo -n "-" | |
367 | continue | |
368 | fi | |
369 | echo -n "." | |
370 | lgtm_status=$(jq -r '.status' lgtm.res) | |
371 | done | |
372 | echo "" | |
373 | ||
374 | if [ "$lgtm_status" != "success" ]; then | |
375 | lgtm_message=$(jq -r '.["status-message"]' lgtm.res) | |
376 | echo "Code review failed: ${lgtm_message}" | |
377 | exit 1 | |
378 | fi | |
379 | lgtm_new=$(jq -r '.languages[].new' lgtm.res | awk '{t+=$1} END {print t}') | |
380 | lgtm_fixed=$(jq -r '.languages[].fixed' lgtm.res | awk '{t+=$1} END {print t}') | |
381 | echo -n "Code review complete: " | |
fdce492e | 382 | printf "%b\n" "\e[1;31m${lgtm_new}\e[0m new alerts, \e[1;32m${lgtm_fixed}\e[0m fixed" |
c9a34303 TB |
383 | exit $lgtm_new |
384 | fi | |
385 | ;; | |
d151cd28 TB |
386 | *) |
387 | echo "$0: unknown test $TEST" >&2 | |
388 | exit 1 | |
389 | ;; | |
390 | esac | |
391 | ||
0ff93958 TB |
392 | case "$1" in |
393 | deps) | |
de401e0e | 394 | case "$OS_NAME" in |
e36b1e2e TB |
395 | linux) |
396 | sudo apt-get update -qq && \ | |
397 | sudo apt-get install -qq bison flex gperf gettext $DEPS | |
398 | ;; | |
de401e0e | 399 | macos) |
e36b1e2e TB |
400 | brew update && \ |
401 | brew install $DEPS | |
402 | ;; | |
d6949b15 TB |
403 | freebsd) |
404 | pkg install -y automake autoconf libtool pkgconf && \ | |
405 | pkg install -y bison flex gperf gettext $DEPS | |
406 | ;; | |
e36b1e2e | 407 | esac |
60a0bb67 | 408 | exit $? |
0ff93958 TB |
409 | ;; |
410 | pydeps) | |
742e0f21 | 411 | test -z "$PYDEPS" || pip3 -q install --user $PYDEPS |
75a84579 | 412 | exit $? |
0ff93958 TB |
413 | ;; |
414 | build-deps) | |
415 | exit | |
416 | ;; | |
417 | *) | |
418 | ;; | |
419 | esac | |
75a84579 | 420 | |
d151cd28 | 421 | CONFIG="$CONFIG |
e36b1e2e | 422 | --disable-dependency-tracking |
d151cd28 TB |
423 | --enable-silent-rules |
424 | --enable-test-vectors | |
425 | --enable-monolithic=${MONOLITHIC-no} | |
426 | --enable-leak-detective=${LEAK_DETECTIVE-no}" | |
427 | ||
e36b1e2e TB |
428 | echo "$ ./autogen.sh" |
429 | ./autogen.sh || exit $? | |
4e8f5a18 TB |
430 | echo "$ CC=$CC CFLAGS=\"$CFLAGS\" ./configure $CONFIG" |
431 | CC="$CC" CFLAGS="$CFLAGS" ./configure $CONFIG || exit $? | |
432 | ||
433 | case "$TEST" in | |
434 | apidoc) | |
435 | exec 2>make.warnings | |
436 | ;; | |
437 | *) | |
438 | ;; | |
439 | esac | |
440 | ||
441 | echo "$ make $TARGET" | |
e2d8833f TB |
442 | case "$TEST" in |
443 | sonarcloud) | |
444 | # without target, coverage is currently not supported anyway because | |
445 | # sonarqube only supports gcov, not lcov | |
446 | build-wrapper-linux-x86-64 --out-dir bw-output make -j4 || exit $? | |
447 | ;; | |
448 | *) | |
449 | make -j4 $TARGET || exit $? | |
450 | ;; | |
451 | esac | |
4e8f5a18 TB |
452 | |
453 | case "$TEST" in | |
454 | apidoc) | |
455 | if test -s make.warnings; then | |
456 | cat make.warnings | |
457 | exit 1 | |
458 | fi | |
f36e3755 | 459 | rm make.warnings |
4e8f5a18 | 460 | ;; |
e2d8833f TB |
461 | sonarcloud) |
462 | sonar-scanner \ | |
de401e0e | 463 | -Dsonar.host.url=https://sonarcloud.io \ |
fd5cf311 TB |
464 | -Dsonar.projectKey=${SONAR_PROJECT} \ |
465 | -Dsonar.organization=${SONAR_ORGANIZATION} \ | |
de401e0e TB |
466 | -Dsonar.login=${SONAR_TOKEN} \ |
467 | -Dsonar.projectVersion=$(git describe)+${BUILD_NUMBER} \ | |
e2d8833f | 468 | -Dsonar.sources=. \ |
187ab298 | 469 | -Dsonar.cfamily.threads=2 \ |
1f2c83db TB |
470 | -Dsonar.cfamily.cache.enabled=true \ |
471 | -Dsonar.cfamily.cache.path=$HOME/.sonar-cache \ | |
e2d8833f | 472 | -Dsonar.cfamily.build-wrapper-output=bw-output || exit $? |
f36e3755 | 473 | rm -r bw-output .scannerwork |
e2d8833f | 474 | ;; |
763f07c5 TB |
475 | android) |
476 | rm -r strongswan-* | |
477 | cd src/frontends/android | |
478 | echo "$ ./gradlew build" | |
de401e0e | 479 | NDK_CCACHE=ccache ./gradlew build || exit $? |
763f07c5 | 480 | ;; |
4e8f5a18 TB |
481 | *) |
482 | ;; | |
483 | esac | |
f36e3755 TB |
484 | |
485 | # ensure there are no unignored build artifacts (or other changes) in the Git repo | |
486 | unclean="$(git status --porcelain)" | |
487 | if test -n "$unclean"; then | |
488 | echo "Unignored build artifacts or other changes:" | |
489 | echo "$unclean" | |
490 | exit 1 | |
491 | fi |