diff options
| author | Andrew Geissler <geissonator@yahoo.com> | 2021-05-08 00:09:00 +0300 |
|---|---|---|
| committer | Brad Bishop <bradleyb@fuzziesquirrel.com> | 2021-05-27 15:46:22 +0300 |
| commit | 5e7fd51182f375f58130989e8d0e206e3e14dee1 (patch) | |
| tree | cc822efa93bc3a65d6a7a64457354fbb937cdb81 /meta-security/.gitlab-ci.yml | |
| parent | 7decfe7d938e01b8292a1f0504b87f8492a16a33 (diff) | |
| download | openbmc-5e7fd51182f375f58130989e8d0e206e3e14dee1.tar.xz | |
meta-security: subtree update:ca9264b1e1..baca6133f9
Anton Antonov (1):
gitlab-ci: Move all parsec builds into a separate job
Armin Kuster (12):
kas-security-base: Move some DISTRO_FEATURES around
*-tpm.yml: drop tpms jobs
gitlab-ci: move tpm build
.gitlab-ci: work on pipelime
gitlab-ci: cleanup after_script
gitlab-ci: add new before script
kas: cleanup some kas files
packagegroup-core-security: exclude apparmor in mips64
.gitlab-ci: use kas shell in some cases.
kas-security-base: fix feature namespace for tpm*
ossec-hids: add new pkg
libseccomp: drop recipe. In core now
Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
Change-Id: Icef0838533cbc51af188f574d4931ac3d250ba84
Diffstat (limited to 'meta-security/.gitlab-ci.yml')
| -rw-r--r-- | meta-security/.gitlab-ci.yml | 116 |
1 files changed, 76 insertions, 40 deletions
diff --git a/meta-security/.gitlab-ci.yml b/meta-security/.gitlab-ci.yml index f673ef698..32110253c 100644 --- a/meta-security/.gitlab-ci.yml +++ b/meta-security/.gitlab-ci.yml @@ -1,33 +1,76 @@ -stages: - - build - -.build: - stage: build - image: crops/poky - before_script: +.before-my-script: &before-my-script - echo "$ERR_REPORT_USERNAME" > ~/.oe-send-error - echo "$ERR_REPORT_EMAIL" >> ~/.oe-send-error - export PATH=~/.local/bin:$PATH - wget https://bootstrap.pypa.io/get-pip.py - python3 get-pip.py - python3 -m pip install kas - after_script: + +.after-my-script: &after-my-script - cd $CI_PROJECT_DIR/poky - . ./oe-init-build-env $CI_PROJECT_DIR/build - for x in `ls $CI_PROJECT_DIR/build/tmp/log/error-report/ | grep error_report_`; do - send-error-report -y tmp/log/error-report/$x - done - - cd $CI_PROJECT_DIR - - rm -rf build - cache: - paths: - - layers + - rm -fr $CI_PROJECT_DIR/build + + +stages: + - build + - parsec + - multi + - alt + - musl + - test + +.build: + before_script: + - *before-my-script + stage: build + after_script: + - *after-my-script + +.parsec: + before_script: + - *before-my-script + stage: parsec + after_script: + - *after-my-script + + +.multi: + before_script: + - *before-my-script + stage: multi + after_script: + - *after-my-script + +.alt: + before_script: + - *before-my-script + stage: alt + after_script: + - *after-my-script + +.musl: + before_script: + - *before-my-script + stage: musl + after_script: + - *after-my-script + +.test: + before_script: + - *before-my-script + stage: test + after_script: + - *after-my-script + qemux86: extends: .build script: - kas build --target security-build-image kas/$CI_JOB_NAME.yml - - kas build --target security-build-image kas/$CI_JOB_NAME-parsec.yml - kas build --target security-build-image kas/$CI_JOB_NAME-comp.yml - kas build --target harden-image-minimal kas/$CI_JOB_NAME-harden.yml - kas build --target integrity-image-minimal kas/$CI_JOB_NAME-ima.yml @@ -35,8 +78,7 @@ qemux86: qemux86-64: extends: .build script: - - kas build --target security-build-image kas/$CI_JOB_NAME.yml - - kas build --target security-build-image kas/$CI_JOB_NAME-parsec.yml + - kas shell kas/$CI_JOB_NAME.yml -c "bitbake -k security-build-image security-tpm-image security-tpm2-image" - kas build --target dm-verity-image-initramfs kas/$CI_JOB_NAME-dm-verify.yml - kas build --target integrity-image-minimal kas/$CI_JOB_NAME-ima.yml @@ -44,20 +86,17 @@ qemuarm: extends: .build script: - kas build --target security-build-image kas/$CI_JOB_NAME.yml - - kas build --target security-build-image kas/$CI_JOB_NAME-parsec.yml qemuarm64: extends: .build script: - - kas build --target security-build-image kas/$CI_JOB_NAME.yml - - kas build --target security-build-image kas/$CI_JOB_NAME-parsec.yml + - kas shell kas/$CI_JOB_NAME.yml -c "bitbake -k security-build-image security-tpm2-image" - kas build --target integrity-image-minimal kas/$CI_JOB_NAME-ima.yml qemuppc: extends: .build script: - kas build --target security-build-image kas/$CI_JOB_NAME.yml - - kas build --target security-build-image kas/$CI_JOB_NAME-parsec.yml qemumips64: extends: .build @@ -69,61 +108,58 @@ qemuriscv64: script: - kas build --target security-build-image kas/$CI_JOB_NAME.yml -qemux86-64-tpm: - extends: .build - script: - - kas build --target security-tpm-image kas/$CI_JOB_NAME.yml - - kas build --target security-tpm2-image kas/$CI_JOB_NAME2.yml - -qemuarm64-tpm2: - extends: .build - script: - - kas build --target security-tpm2-image kas/$CI_JOB_NAME.yml - qemuarm64-alt: - extends: .build + extends: .alt script: - kas build --target security-build-image kas/$CI_JOB_NAME.yml qemuarm64-multi: - extends: .build + extends: .multi script: - kas build --target security-build-image kas/$CI_JOB_NAME.yml qemumips64-alt: - extends: .build + extends: .alt script: - kas build --target security-build-image kas/$CI_JOB_NAME.yml qemumips64-multi: - extends: .build + extends: .multi script: - kas build --target security-build-image kas/$CI_JOB_NAME.yml qemux86-64-alt: - extends: .build + extends: .alt script: - kas build --target security-build-image kas/$CI_JOB_NAME.yml qemux86-64-multi: - extends: .build + extends: .multi script: - kas build --target security-build-image kas/$CI_JOB_NAME.yml qemux86-musl: - extends: .build + extends: .musl script: - kas build --target security-build-image kas/$CI_JOB_NAME.yml qemuarm64-musl: - extends: .build + extends: .musl script: - kas build --target security-build-image kas/$CI_JOB_NAME.yml qemux86-test: - extends: .build + extends: .test allow_failure: true script: - kas build --target security-test-image kas/$CI_JOB_NAME.yml - kas build -c testimage --target security-test-image kas/$CI_JOB_NAME.yml +parsec: + extends: .parsec + script: + - kas build --target security-build-image kas/qemuarm-$CI_JOB_NAME.yml + - kas build --target security-build-image kas/qemuarm64-$CI_JOB_NAME.yml + - kas build --target security-build-image kas/qemux86-$CI_JOB_NAME.yml + - kas build --target security-build-image kas/qemux86-64-$CI_JOB_NAME.yml + - kas build --target security-build-image kas/qemuppc-$CI_JOB_NAME.yml |