Merge pull request #69 from Intel-BMC/update2021-0.63 1-0.63

Update
author: jmbills <jason.m.bills@intel.com> 2021-08-03 01:45:08 +0300
committer: GitHub <noreply@github.com> 2021-08-03 01:45:08 +0300
commit: 10ad77d5bc86709d8ff7f95e7040e39f1c153903 (patch)
tree: 307cedb87f4c0a329740c55ac364ed489d1d8fc2 /meta-security/.gitlab-ci.yml
parent: c6b1c6ba7a01b7987d65d61c262c44c320193108 (diff)
parent: 67327ddc580cb9a85219a534844832a1682780d4 (diff)
download: openbmc-10ad77d5bc86709d8ff7f95e7040e39f1c153903.tar.xz
1 files changed, 104 insertions, 67 deletions
diff --git a/meta-security/.gitlab-ci.yml b/meta-security/.gitlab-ci.yml
index f673ef698..206d7241b 100644
--- a/meta-security/.gitlab-ci.yml
+++ b/meta-security/.gitlab-ci.yml
@@ -1,129 +1,166 @@
-stages:
-  - build
-
-.build:
-  stage: build
-  image: crops/poky
-  before_script:
+.before-my-script: &before-my-script
     - echo "$ERR_REPORT_USERNAME" > ~/.oe-send-error
     - echo "$ERR_REPORT_EMAIL" >> ~/.oe-send-error
     - export PATH=~/.local/bin:$PATH
     - wget https://bootstrap.pypa.io/get-pip.py
     - python3 get-pip.py
     - python3 -m pip install kas
-  after_script:
+
+.after-my-script: &after-my-script
     - cd $CI_PROJECT_DIR/poky
     - . ./oe-init-build-env $CI_PROJECT_DIR/build
     - for x in `ls $CI_PROJECT_DIR/build/tmp/log/error-report/ | grep error_report_`; do
     - send-error-report -y tmp/log/error-report/$x
     - done
-    - cd $CI_PROJECT_DIR
-    - rm -rf build
-  cache:
-    paths:
-      - layers
+    - rm -fr $CI_PROJECT_DIR/build
+
+stages:
+  - base 
+  - parsec
+  - multi
+  - musl
+  - test
+
+.base:
+  before_script:
+    - *before-my-script
+  stage: base 
+  after_script:
+    - *after-my-script
+
+.parsec:
+  before_script:
+    - *before-my-script
+  stage: parsec 
+  after_script:
+    - *after-my-script
+
+
+.multi:
+  before_script:
+    - *before-my-script
+  stage: multi
+  after_script:
+    - *after-my-script
+
+.musl:
+  before_script:
+    - *before-my-script
+  stage: musl
+  after_script:
+    - *after-my-script
+
+.test:
+  before_script:
+    - *before-my-script
+  stage: test 
+  after_script:
+    - *after-my-script
 
 qemux86:
-  extends: .build
+  extends: .base
   script:
-  - kas build --target security-build-image kas/$CI_JOB_NAME.yml
-  - kas build --target security-build-image kas/$CI_JOB_NAME-parsec.yml
+  - kas shell kas/$CI_JOB_NAME.yml  -c "bitbake -k security-build-image integrity-image-minimal"
   - kas build --target security-build-image kas/$CI_JOB_NAME-comp.yml
   - kas build --target harden-image-minimal kas/$CI_JOB_NAME-harden.yml
-  - kas build --target integrity-image-minimal kas/$CI_JOB_NAME-ima.yml
 
-qemux86-64:
-  extends: .build
+qemux86-musl:
+  extends: .musl
+  needs: ['qemux86-parsec']
   script:
   - kas build --target security-build-image kas/$CI_JOB_NAME.yml
-  - kas build --target security-build-image kas/$CI_JOB_NAME-parsec.yml
-  - kas build --target dm-verity-image-initramfs kas/$CI_JOB_NAME-dm-verify.yml
-  - kas build --target integrity-image-minimal kas/$CI_JOB_NAME-ima.yml
 
-qemuarm:
-  extends: .build
+qemux86-parsec:
+  extends: .parsec
+  needs: ['qemux86']
   script:
   - kas build --target security-build-image kas/$CI_JOB_NAME.yml
-  - kas build --target security-build-image kas/$CI_JOB_NAME-parsec.yml
 
-qemuarm64:
-  extends: .build
+qemux86-test:
+  extends: .test
+  needs: ['qemux86']
+  allow_failure: true
   script:
-  - kas build --target security-build-image kas/$CI_JOB_NAME.yml
-  - kas build --target security-build-image kas/$CI_JOB_NAME-parsec.yml
-  - kas build --target integrity-image-minimal kas/$CI_JOB_NAME-ima.yml
+  - kas build --target security-test-image kas/$CI_JOB_NAME.yml
+  - kas build -c testimage --target security-test-image kas/$CI_JOB_NAME.yml
 
-qemuppc:
-  extends: .build
+qemux86-64:
+  extends: .base
   script:
-  - kas build --target security-build-image kas/$CI_JOB_NAME.yml
-  - kas build --target security-build-image kas/$CI_JOB_NAME-parsec.yml
+  - kas shell kas/$CI_JOB_NAME.yml  -c "bitbake -k security-build-image security-tpm-image security-tpm2-image integrity-image-minimal"
+  - kas build --target dm-verity-image-initramfs kas/$CI_JOB_NAME-dm-verify.yml
+  - kas build --target security-build-image kas/$CI_JOB_NAME-alt.yml
 
-qemumips64:
-  extends: .build
+qemux86-64-parsec:
+  extends: .parsec
+  needs: ['qemux86-64']
   script:
   - kas build --target security-build-image kas/$CI_JOB_NAME.yml
 
-qemuriscv64:
-  extends: .build
+qemux86-64-multi:
+  extends: .multi
+  needs: ['qemux86-64']
   script:
   - kas build --target security-build-image kas/$CI_JOB_NAME.yml
 
-qemux86-64-tpm:
-  extends: .build
+qemuarm:
+  extends: .base
   script:
-  - kas build --target security-tpm-image kas/$CI_JOB_NAME.yml
-  - kas build --target security-tpm2-image kas/$CI_JOB_NAME2.yml
+  - kas build --target security-build-image kas/$CI_JOB_NAME.yml
 
-qemuarm64-tpm2:
-  extends: .build
+qemuarm-parsec:
+  extends: .parsec
+  needs: ['qemuarm']
   script:
-  - kas build --target security-tpm2-image kas/$CI_JOB_NAME.yml
+  - kas build --target security-build-image kas/$CI_JOB_NAME.yml
 
-qemuarm64-alt:
-  extends: .build
+qemuarm64:
+  extends: .base
   script:
-  - kas build --target security-build-image kas/$CI_JOB_NAME.yml
+  - kas shell kas/$CI_JOB_NAME.yml  -c "bitbake -k security-build-image security-tpm2-image integrity-image-minimal"
+  - kas build --target security-build-image kas/$CI_JOB_NAME-alt.yml
 
 qemuarm64-multi:
-  extends: .build
+  extends: .multi
+  needs: ['qemuarm64']
   script:
   - kas build --target security-build-image kas/$CI_JOB_NAME.yml
 
-qemumips64-alt:
-  extends: .build
+qemuarm64-musl:
+  extends: .musl
+  needs: ['qemuarm64']
   script:
   - kas build --target security-build-image kas/$CI_JOB_NAME.yml
 
-qemumips64-multi:
-  extends: .build
+qemuarm64-parsec:
+  extends: .parsec
+  needs: ['qemuarm64']
   script:
   - kas build --target security-build-image kas/$CI_JOB_NAME.yml
 
-qemux86-64-alt:
-  extends: .build
+qemuppc:
+  extends: .base
   script:
   - kas build --target security-build-image kas/$CI_JOB_NAME.yml
 
-qemux86-64-multi:
-  extends: .build
+qemuppc-parsec:
+  extends: .parsec
+  needs: ['qemuppc']
   script:
   - kas build --target security-build-image kas/$CI_JOB_NAME.yml
 
-qemux86-musl:
-  extends: .build
+qemumips64:
+  extends: .base
   script:
   - kas build --target security-build-image kas/$CI_JOB_NAME.yml
 
-qemuarm64-musl:
-  extends: .build
+qemumips64-multi:
+  extends: .multi
+  needs: ['qemumips64']
   script:
   - kas build --target security-build-image kas/$CI_JOB_NAME.yml
 
-qemux86-test:
-  extends: .build
-  allow_failure: true
+qemuriscv64:
+  extends: .base
   script:
-  - kas build --target security-test-image kas/$CI_JOB_NAME.yml
-  - kas build -c testimage --target security-test-image kas/$CI_JOB_NAME.yml
-
+  - kas build --target security-build-image kas/$CI_JOB_NAME.yml
author	jmbills <jason.m.bills@intel.com>	2021-08-03 01:45:08 +0300
committer	GitHub <noreply@github.com>	2021-08-03 01:45:08 +0300
commit	10ad77d5bc86709d8ff7f95e7040e39f1c153903 (patch)
tree	307cedb87f4c0a329740c55ac364ed489d1d8fc2 /meta-security/.gitlab-ci.yml
parent	c6b1c6ba7a01b7987d65d61c262c44c320193108 (diff)
parent	67327ddc580cb9a85219a534844832a1682780d4 (diff)
download	openbmc-10ad77d5bc86709d8ff7f95e7040e39f1c153903.tar.xz