-
Notifications
You must be signed in to change notification settings - Fork 0
/
.gitlab-ci.yml
89 lines (85 loc) · 3.46 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
---
include: integration/ci-images.yml
stages:
- unit_test
- integration
- images
- commit
go_test:
stage: unit_test
image: golang:1.22
script:
- go build ./...
- go test -v -race ./...
- if gofmt -d . | grep . ; then false ; else true ; fi
qemu_test:
stage: integration
tags:
- longrunning
image: debian:bookworm-backports
before_script:
- apt update
# The guestfwd option is broken on Debian bookworm with QEMU version 7.2.7.
# Backporting QEMU version 8.1.1 makes the guestfwd option work though. We
# did not hunt down what the bug is, just the (non-)working versions.
- apt install -qqy -t bookworm-backports qemu-system-x86 qemu-system-common qemu-system-data golang-1.22
- apt install -qqy git python3 curl jq openssh-client make openssl unzip cpio gzip
- apt install -qqy --no-install-recommends python3-pip
- pip install --break-system-packages --user virt-firmware
- export GOPATH=$PWD/.go
- export PATH=$PATH:/usr/lib/go-1.22/bin:$GOPATH/bin
- export PATH=$PATH:$HOME/.local/bin/
script:
- ./integration/qemu.sh
- ./integration/supermicro-x11scl.sh
artifacts:
when: always
paths:
- ./integration/saved/
- ./integration/build/stprov.cpio.gz # for stage 'images'
- ./integration/build/kernel.vmlinuz # for stage 'images'
# Run tests with HEAD stboot, to detect any breaking changes. One
# complication is that existence of a go.work file interacts badly
# with building u-root itself and with u-root's building of included
# commands. Instead, we create a go.work.local file, and point to it
# via the GOWORK environment variable; that way, it can be enabled
# only when building stprov, and disabled for u-root.
#
# Same comment here as for the above qemu_test job: the the guestfwd
# feature appears broken in the bookworm version of QEMU.
qemu_head_stboot_test:
stage: integration
tags:
- longrunning
image: debian:bookworm-backports
allow_failure: true
before_script:
- apt update
- apt install -qqy -t bookworm-backports qemu-system-x86 qemu-system-common qemu-system-data golang-1.22
- apt install -qqy git python3 curl jq openssh-client make openssl unzip cpio
- apt install -qqy --no-install-recommends python3-pip
- pip install --break-system-packages --user virt-firmware
- export PATH=/usr/lib/go-1.22/bin:$PATH
- export PATH=$PATH:$HOME/.local/bin/
- git clone https://git.glasklar.is/system-transparency/core/stboot.git
- go work init && go work use . ./stboot && mv go.work go.work.local
script:
- GOWORK=$(pwd)/go.work.local SINGLE_TEST=0 ./integration/qemu.sh # static
- GOWORK=$(pwd)/go.work.local SINGLE_TEST=4 ./integration/qemu.sh # dhcp
artifacts:
when: always
paths:
- ./integration/saved/
commitlint:
stage: commit
image: node:alpine
before_script:
- apk add --no-cache git
- npm install --save-dev @commitlint/config-conventional @commitlint/cli
script:
- git fetch origin "${CI_MERGE_REQUEST_TARGET_BRANCH_NAME:=main}"
- for i in 5 10 20 40; do if git merge-base HEAD origin/"$CI_MERGE_REQUEST_TARGET_BRANCH_NAME"; then break; else git fetch --deepen=$i origin "$CI_MERGE_REQUEST_TARGET_BRANCH_NAME"; fi; done
- base_commit_id="$(git merge-base HEAD origin/"$CI_MERGE_REQUEST_TARGET_BRANCH_NAME")"
- commit_ids=$(git rev-list --no-merges "$base_commit_id"..)
- for commit_id in $commit_ids; do git log --format=%B -n1 "$commit_id" | npx commitlint; done
allow_failure: true