diff options
author | William A. Kennington III <wak@google.com> | 2021-06-02 22:48:35 +0300 |
---|---|---|
committer | Brad Bishop <bradleyb@fuzziesquirrel.com> | 2021-06-07 18:15:22 +0300 |
commit | ee32beb0333105ea120420a3556a752079ef5437 (patch) | |
tree | f16a7a13fad542ab1069569568b4c8a053e5be84 /meta-security/.gitlab-ci.yml | |
parent | a99e9b62f0adc374f48844dc94b4bb41d6a04c90 (diff) | |
download | openbmc-ee32beb0333105ea120420a3556a752079ef5437.tar.xz |
meta-security: subtree update:baca6133f9..ab239f1497
Armin Kuster (16):
build cleanup: add iam to base depend
tripwire: Blacklist pkg, upstream seems abandond
tpm2-pkcs11: Update to 1.6.0
clamav: update to tip.
ossec-hids: add UPSTREAM_CHECK_COMMITS
python3-scapy: add UPSTREAM_CHECK_COMMITS
suricata: 4.1.x add UPSTREAM_CHECK_URI
ibmswtpm2: update to 1661
ibmtpm2tss: update to tip
packagegroup-core-security: fix typo for mips
Apparmor: fix multi config build issue.
aide: Add another ids
packagegroup-core-security: add aide and ossec
.gitlab-ci: drop clean up combine alt w base
clamav: fix systemd startup
packagegroup-core-security: add clamav-daemon
Change-Id: Id941ea16208920cfa31bf6d42f8a01fc9765ec7c
Signed-off-by: William A. Kennington III <wak@google.com>
Diffstat (limited to 'meta-security/.gitlab-ci.yml')
-rw-r--r-- | meta-security/.gitlab-ci.yml | 123 |
1 files changed, 62 insertions, 61 deletions
diff --git a/meta-security/.gitlab-ci.yml b/meta-security/.gitlab-ci.yml index 32110253c..206d7241b 100644 --- a/meta-security/.gitlab-ci.yml +++ b/meta-security/.gitlab-ci.yml @@ -14,19 +14,17 @@ - done - rm -fr $CI_PROJECT_DIR/build - stages: - - build + - base - parsec - multi - - alt - musl - test -.build: +.base: before_script: - *before-my-script - stage: build + stage: base after_script: - *after-my-script @@ -45,13 +43,6 @@ stages: after_script: - *after-my-script -.alt: - before_script: - - *before-my-script - stage: alt - after_script: - - *after-my-script - .musl: before_script: - *before-my-script @@ -66,100 +57,110 @@ stages: after_script: - *after-my-script - qemux86: - extends: .build + extends: .base script: - - kas build --target security-build-image kas/$CI_JOB_NAME.yml + - kas shell kas/$CI_JOB_NAME.yml -c "bitbake -k security-build-image integrity-image-minimal" - kas build --target security-build-image kas/$CI_JOB_NAME-comp.yml - kas build --target harden-image-minimal kas/$CI_JOB_NAME-harden.yml - - kas build --target integrity-image-minimal kas/$CI_JOB_NAME-ima.yml -qemux86-64: - extends: .build +qemux86-musl: + extends: .musl + needs: ['qemux86-parsec'] script: - - kas shell kas/$CI_JOB_NAME.yml -c "bitbake -k security-build-image security-tpm-image security-tpm2-image" - - kas build --target dm-verity-image-initramfs kas/$CI_JOB_NAME-dm-verify.yml - - kas build --target integrity-image-minimal kas/$CI_JOB_NAME-ima.yml + - kas build --target security-build-image kas/$CI_JOB_NAME.yml -qemuarm: - extends: .build +qemux86-parsec: + extends: .parsec + needs: ['qemux86'] script: - kas build --target security-build-image kas/$CI_JOB_NAME.yml -qemuarm64: - extends: .build +qemux86-test: + extends: .test + needs: ['qemux86'] + allow_failure: true script: - - kas shell kas/$CI_JOB_NAME.yml -c "bitbake -k security-build-image security-tpm2-image" - - kas build --target integrity-image-minimal kas/$CI_JOB_NAME-ima.yml + - kas build --target security-test-image kas/$CI_JOB_NAME.yml + - kas build -c testimage --target security-test-image kas/$CI_JOB_NAME.yml -qemuppc: - extends: .build +qemux86-64: + extends: .base + script: + - kas shell kas/$CI_JOB_NAME.yml -c "bitbake -k security-build-image security-tpm-image security-tpm2-image integrity-image-minimal" + - kas build --target dm-verity-image-initramfs kas/$CI_JOB_NAME-dm-verify.yml + - kas build --target security-build-image kas/$CI_JOB_NAME-alt.yml + +qemux86-64-parsec: + extends: .parsec + needs: ['qemux86-64'] script: - kas build --target security-build-image kas/$CI_JOB_NAME.yml -qemumips64: - extends: .build +qemux86-64-multi: + extends: .multi + needs: ['qemux86-64'] script: - kas build --target security-build-image kas/$CI_JOB_NAME.yml -qemuriscv64: - extends: .build +qemuarm: + extends: .base script: - kas build --target security-build-image kas/$CI_JOB_NAME.yml -qemuarm64-alt: - extends: .alt +qemuarm-parsec: + extends: .parsec + needs: ['qemuarm'] script: - kas build --target security-build-image kas/$CI_JOB_NAME.yml +qemuarm64: + extends: .base + script: + - kas shell kas/$CI_JOB_NAME.yml -c "bitbake -k security-build-image security-tpm2-image integrity-image-minimal" + - kas build --target security-build-image kas/$CI_JOB_NAME-alt.yml + qemuarm64-multi: extends: .multi + needs: ['qemuarm64'] script: - kas build --target security-build-image kas/$CI_JOB_NAME.yml -qemumips64-alt: - extends: .alt +qemuarm64-musl: + extends: .musl + needs: ['qemuarm64'] script: - kas build --target security-build-image kas/$CI_JOB_NAME.yml -qemumips64-multi: - extends: .multi +qemuarm64-parsec: + extends: .parsec + needs: ['qemuarm64'] script: - kas build --target security-build-image kas/$CI_JOB_NAME.yml -qemux86-64-alt: - extends: .alt +qemuppc: + extends: .base script: - kas build --target security-build-image kas/$CI_JOB_NAME.yml -qemux86-64-multi: - extends: .multi +qemuppc-parsec: + extends: .parsec + needs: ['qemuppc'] script: - kas build --target security-build-image kas/$CI_JOB_NAME.yml -qemux86-musl: - extends: .musl +qemumips64: + extends: .base script: - kas build --target security-build-image kas/$CI_JOB_NAME.yml -qemuarm64-musl: - extends: .musl +qemumips64-multi: + extends: .multi + needs: ['qemumips64'] script: - kas build --target security-build-image kas/$CI_JOB_NAME.yml -qemux86-test: - extends: .test - allow_failure: true - script: - - kas build --target security-test-image kas/$CI_JOB_NAME.yml - - kas build -c testimage --target security-test-image kas/$CI_JOB_NAME.yml - -parsec: - extends: .parsec +qemuriscv64: + extends: .base script: - - kas build --target security-build-image kas/qemuarm-$CI_JOB_NAME.yml - - kas build --target security-build-image kas/qemuarm64-$CI_JOB_NAME.yml - - kas build --target security-build-image kas/qemux86-$CI_JOB_NAME.yml - - kas build --target security-build-image kas/qemux86-64-$CI_JOB_NAME.yml - - kas build --target security-build-image kas/qemuppc-$CI_JOB_NAME.yml + - kas build --target security-build-image kas/$CI_JOB_NAME.yml |