sudo: required services: - docker jobs: include: - stage: build docker image env: # The machine id will be passed to Dockerfile for later checks - MACHINE_ID=$(cat /var/lib/dbus/machine-id) before_script: &update # Ensure the latest version of docker is installed - sudo apt-get update - sudo apt-get -y -o Dpkg::Options::="--force-confnew" install docker-ce - docker --version - env > .env script: # Copy content of CI_DIR into WORKDIR - find $CI_DIR -maxdepth 1 -type f -exec cp -t . {} + - echo "ENV GIT_SHA ${TRAVIS_COMMIT}" >> Dockerfile - echo "ENV MACHINE_ID ${MACHINE_ID}" >> Dockerfile - echo "$(git log -1 ${TRAVIS_COMMIT})" >> COMMITINFO # Build docker container - $CI_SCRIPT_DIR/build-docker-image.sh - docker login -u="${DOCKER_USERNAME}" -p="${DOCKER_PASSWORD}" - docker push ${DOCKER_REPOSITORY} - stage: build language: c compiler: gcc env: # The machine id will be passed to container - MACHINE_ID=$(cat /var/lib/dbus/machine-id) before_script: *update script: - docker run -dit --name travis_build ${DOCKER_REPOSITORY}:${TRAVIS_COMMIT} bash - docker exec -u 0 -ti travis_build bash -c "echo ${MACHINE_ID} > /etc/machine-id" - docker exec -ti travis_build meson build - docker exec -ti travis_build ninja -C build # Commit it to the new image that will be used for testing - docker commit -m "systemd build state" -a "${AUTHOR_NAME}" travis_build ${DOCKER_REPOSITORY}:${TRAVIS_COMMIT} - docker login -u="${DOCKER_USERNAME}" -p="${DOCKER_PASSWORD}" - docker push ${DOCKER_REPOSITORY}:${TRAVIS_COMMIT} - stage: test language: c compiler: gcc before_script: *update script: - docker run --privileged --net=host -dit --name travis_test ${DOCKER_REPOSITORY}:${TRAVIS_COMMIT} bash - docker exec -ti travis_test ninja -C build test - docker commit -m "systemd test state" -a "${AUTHOR_NAME}" travis_test ${DOCKER_REPOSITORY}:${TRAVIS_COMMIT} - docker login -u="${DOCKER_USERNAME}" -p="${DOCKER_PASSWORD}" - docker push ${DOCKER_REPOSITORY}:${TRAVIS_COMMIT} - stage: coverity scan language: c compiler: gcc before_script: *update env: - COVERITY_SCAN_PROJECT_NAME="$TRAVIS_REPO_SLUG" - COVERITY_SCAN_NOTIFICATION_EMAIL="${AUTHOR_EMAIL}" - COVERITY_SCAN_BRANCH_PATTERN="$TRAVIS_BRANCH" # Disable CCACHE for cov-build to compilation units correctly - CCACHE_DISABLE=1 # Token for systemd/systemd Coverity Scan Analysis # The next declaration is the encrypted COVERITY_SCAN_TOKEN, created # via the "travis encrypt" command using the project repo's public key - secure: "UNQLspT89GYWuVKFqW5W5RyqqnYg5RvX20IrNraOddhpdV9nhKBtozrfmhGXDGZwfHGWHt6g7YROlD/NIMvDvThVJIEYvSQiXCoo2zRrwkl2siET5MjPfRG8numiLq0KX47KGmyBJISJZCgDUdNGqqGwgf7AhDN78I3XtgqjFT1z0mGl8n0wiFpKPi7i3nECvF4Mk7xCCHqwByaq0z5G9NkVlOvP1EyCxwv3B6I5Umfch7ibp7iH44YnVXILK+yEry5dMuctYwYkDouR80ChEPQQ5fhhpO4++HJmFuSpfMTeCHpucAd2xwSUijejYeN/GNQ177GxSSk/8hRBGcuSK8T/WJ+KiuJPhZObV8mw+a6+qdQssWY4F9jya5ZKbZ/yTbxjtQ0m4AgtL28P9bEze8pLh16zFMX+hIEuoFSNmJqmtNttfbD5TKyYVZml59s9wvhlvMnlNpRSQva88OAOjXtiA41g+XtTxxpfW9mgd7HYhzSBs1efNiK7PfkANgve7KIYMAmCAqasgb1IIAyX7stOlJH06QOFXNH55PmJLkkKyL3SMQzgryMDWegU+XbS8t43r0x14WLuE7sc9JtnOr/G8hthFaMRp8xLy9aCBwyEIkEsyWa50VMoZDa3Spdb4r1CKBwcGdCbyE4rCehwEIznbfrsSovhwiUds7bbhBU=" script: # Copy content of CI_DIR into WORKDIR - find $CI_DIR -maxdepth 1 -type f -exec cp -t . {} + # Build container for current user - $CI_SCRIPT_DIR/build-docker-image.sh # For kernel version 4.8+ - sudo sysctl vsyscall=emulate || true # Prepare environment for Coverity tool - | PLATFORM=`uname` export TOOL_BASE="/tmp/coverity-scan-analysis" export SCAN_URL="https://scan.coverity.com" export UPLOAD_URL="https://scan.coverity.com/builds" export TOOL_ARCHIVE="/tmp/cov-analysis-${PLATFORM}.tgz" # Get Coverity tool - $CI_TOOL_DIR/get-coverity.sh - TOOL_DIR="$(find $TOOL_BASE -type d -name 'cov-analysis*')" # Export env variables for Coverity scan - env | grep -E "TRAVIS|COV|TOOL|URL" > .cov-env - | docker run -dit --env-file .cov-env \ -v ${TOOL_BASE}:${TOOL_BASE}:ro \ --name travis_coverity_scan ${DOCKER_REPOSITORY}:${TRAVIS_COMMIT} bash # Make sure Coverity script is executable - docker cp tools/coverity.sh travis_coverity_scan:/usr/local/bin # Preconfigure with meson to prevent Coverity from capturing meson metadata # Set compiler flag to prevent emit failure - docker exec -it travis_coverity_scan sh -c "CFLAGS='-D_Float128=long\ double' meson cov-build -Dman=false" # Run Coverity Analysis - docker exec -it travis_coverity_scan coverity.sh build - docker exec -it travis_coverity_scan coverity.sh upload - stage: clean docker language: python # python: # - "3.6" Probably broken ATM env: - SIZE_LIMIT="3000" # Limit in MBs - TAG_LIMIT="3" # Number of tags to be kept at the time before-script: - sudo apt-get -y install python3 script: # Get docker-remote tool and setup venv - sudo $CI_TOOL_DIR/get-docker-remote.sh # Activate virtual environment to be able to use docker-remote safely - source venv/bin/activate # Check the size and tag limit of the repo - REPO_SIZE=$(docker-remote repository --size $DOCKER_REPOSITORY) - TAG_COUNT=$(docker-remote tags --count $DOCKER_REPOSITORY) - 'echo -e "\033[33;1mCurrent repository size: $REPO_SIZE in $TAG_COUNT tags \033[0m"' - | if [[ ${REPO_SIZE%.*} -gt $SIZE_LIMIT ]] || [[ $TAG_COUNT -gt $TAG_LIMIT ]] then docker-remote --login $DOCKER_USERNAME:$DOCKER_PASSWORD \ tags --assumeyes --pop-back --keep $TAG_LIMIT $DOCKER_REPOSITORY fi # Specify the order of stages and conditions stages: # Helper stage to determine whether coverity stage should be allowed - name: initialization - name: build docker image if: type != cron - name: build if: type != cron - name: test if: type != cron # These stages run separately, the resulting container will not be pushed to Docker Hub # This stage will only run on special conditions - name: coverity scan if: type = cron # Check for repository size and clean Docker repo if necessary - name: clean Docker if: type = cron env: global: # Secure Docker Hub credentials - secure: "TY61ufmEJyxCer8vuAlQ3mYwGRynFZXPCFTxKgIzobAHHyE1Zwx0bZDDwDd88Gdgz7EGnOJtMABfa0axfPOK9il5u7lYmmZ8Usa0HAvKavkpSRnw2b16zz88N98x3DyaIquvg2J8iQpHHoM32+BGiAS7P8BiYTO6r+E0CMPYC0Ylh7eHVSBGfWbR9m+yCo/mDIEAWyop6Jv4rTMN4qP9U7e6Kou7m/AJeiCWMaR7rlanpLFNQi3+qF/Mt5dbE7LVLNSOkmpg/FPw34g4RC5mfLAh+c8YBadqo6kFA6qV1b931or0aZUYVtobI6UwC9U1GGqzfCTjXuVMNgPBBQ6n3JMt91mFFkP0lXdGMxpBNbwFL/btBrt2a359L/wNtqv6PuSJwJ3oTe/FP++X6xjbM7LcAHZMWZiK+0BFefNOUcRzBpaEJ2nGNzcLKHn4Bl0pl4LwZ0uVocN8RBwHnDX+hyUwwQPoQTLJQB9tpwDweIzftt9KmrIHmL9v7KZXR4s/8CKpNfVQ/XSysdtsK+7EKK5AsnbMNrZLjpH7D0Lo/Xp92/eJ2UGyqI7awJbJGPV2FNwyGcojDEXIBUsVssUjb5+B4LpHP1x4UQe/m9SuPJdtRB0R7PKe/tyPD3GTyfVO9K7imQATDdnMY32nkWXmXej8YWo76yA732rTZRZtFAc=" - secure: "NAEzWn5Ru6IqDA1RSyTVhpIp2iQluumg0EOI111EN7qWWGUDNgAZi+QgvRI+OBNyuMpBpN/GX1Ys4YxUDos1F/fhm2vytoB4A/LG463FQsSVP3wnyMFJTSOI8H0jgK41xj79qiww7edbfq93MZ/XS95Ws4tUTi/0etUGvAgIHGgofFCPPdMNkOvSHLgzSnYfydzLuD9FVpCgvpbJnQ+47XHyN+sKoA+OlZ+EfIOVZt+Mk/dqYrsM7MRKEfplk1MvUiJpHvrw+xWTslCIiO03V6ws091fBMgedIFRpsySrsd1KwH8JIeOK6KFn5W7Q53auzZkKYk7ymknlJt4WVBy7Qg33njMQ53t3qMQYTRUIV4dcR60cdII7tatzgpKBcycxHQMAshOYPT6pYhSsO6JEKgiO+ZhOxvqWGwtEeH9Zq7P4ft8Q7GJhRkdi0X0WY7/6RjwinO/1LLj1LODim3mDFfAK7xS7e+nQW/JEOdWohT2+qm97j9IOZeQtPtdqZP9F8HJXgw6WjiGJIXMF3Ov9GkQh4uJyMYJ6hN7T3iRoenV86Dzgg6u5Ku131Ziwvlm+n94qlXF8Jl47wCcAS7VmyYxMft1gH+Zs+4Wq7KO0vysmnEk6rCqb87ZQSDOdTzBfK9HTyyAqmBCgS4Dp5x7/xOBMVXfq/SOb9c3Sh/JItA=" - DOCKER_REPOSITORY=$DOCKER_USERNAME/systemd - ADMIN_EMAIL=macermak@redhat.com - AUTHOR_NAME="$(git log -1 $TRAVIS_COMMIT --pretty=\"%aN\")" - AUTHOR_EMAIL="$(git log -1 $TRAVIS_COMMIT --pretty=\"%aE\")" - CI_DIR="$TRAVIS_BUILD_DIR/travis-ci" - CI_TOOL_DIR="$CI_DIR/tools" - CI_SCRIPT_DIR="$CI_DIR/scripts" notifications: email: recipients: - ${ADMIN_EMAIL} - ${AUTHOR_EMAIL} irc: channels: - "irc.freenode.org#systemd" on_success: change on_failure: always