diff options
Diffstat (limited to 'meta-security/.gitlab-ci.yml')
-rw-r--r-- | meta-security/.gitlab-ci.yml | 171 |
1 files changed, 104 insertions, 67 deletions
diff --git a/meta-security/.gitlab-ci.yml b/meta-security/.gitlab-ci.yml index f673ef698..206d7241b 100644 --- a/meta-security/.gitlab-ci.yml +++ b/meta-security/.gitlab-ci.yml @@ -1,129 +1,166 @@ -stages: - - build - -.build: - stage: build - image: crops/poky - before_script: +.before-my-script: &before-my-script - echo "$ERR_REPORT_USERNAME" > ~/.oe-send-error - echo "$ERR_REPORT_EMAIL" >> ~/.oe-send-error - export PATH=~/.local/bin:$PATH - wget https://bootstrap.pypa.io/get-pip.py - python3 get-pip.py - python3 -m pip install kas - after_script: + +.after-my-script: &after-my-script - cd $CI_PROJECT_DIR/poky - . ./oe-init-build-env $CI_PROJECT_DIR/build - for x in `ls $CI_PROJECT_DIR/build/tmp/log/error-report/ | grep error_report_`; do - send-error-report -y tmp/log/error-report/$x - done - - cd $CI_PROJECT_DIR - - rm -rf build - cache: - paths: - - layers + - rm -fr $CI_PROJECT_DIR/build + +stages: + - base + - parsec + - multi + - musl + - test + +.base: + before_script: + - *before-my-script + stage: base + after_script: + - *after-my-script + +.parsec: + before_script: + - *before-my-script + stage: parsec + after_script: + - *after-my-script + + +.multi: + before_script: + - *before-my-script + stage: multi + after_script: + - *after-my-script + +.musl: + before_script: + - *before-my-script + stage: musl + after_script: + - *after-my-script + +.test: + before_script: + - *before-my-script + stage: test + after_script: + - *after-my-script qemux86: - extends: .build + extends: .base script: - - kas build --target security-build-image kas/$CI_JOB_NAME.yml - - kas build --target security-build-image kas/$CI_JOB_NAME-parsec.yml + - kas shell kas/$CI_JOB_NAME.yml -c "bitbake -k security-build-image integrity-image-minimal" - kas build --target security-build-image kas/$CI_JOB_NAME-comp.yml - kas build --target harden-image-minimal kas/$CI_JOB_NAME-harden.yml - - kas build --target integrity-image-minimal kas/$CI_JOB_NAME-ima.yml -qemux86-64: - extends: .build +qemux86-musl: + extends: .musl + needs: ['qemux86-parsec'] script: - kas build --target security-build-image kas/$CI_JOB_NAME.yml - - kas build --target security-build-image kas/$CI_JOB_NAME-parsec.yml - - kas build --target dm-verity-image-initramfs kas/$CI_JOB_NAME-dm-verify.yml - - kas build --target integrity-image-minimal kas/$CI_JOB_NAME-ima.yml -qemuarm: - extends: .build +qemux86-parsec: + extends: .parsec + needs: ['qemux86'] script: - kas build --target security-build-image kas/$CI_JOB_NAME.yml - - kas build --target security-build-image kas/$CI_JOB_NAME-parsec.yml -qemuarm64: - extends: .build +qemux86-test: + extends: .test + needs: ['qemux86'] + allow_failure: true script: - - kas build --target security-build-image kas/$CI_JOB_NAME.yml - - kas build --target security-build-image kas/$CI_JOB_NAME-parsec.yml - - kas build --target integrity-image-minimal kas/$CI_JOB_NAME-ima.yml + - kas build --target security-test-image kas/$CI_JOB_NAME.yml + - kas build -c testimage --target security-test-image kas/$CI_JOB_NAME.yml -qemuppc: - extends: .build +qemux86-64: + extends: .base script: - - kas build --target security-build-image kas/$CI_JOB_NAME.yml - - kas build --target security-build-image kas/$CI_JOB_NAME-parsec.yml + - kas shell kas/$CI_JOB_NAME.yml -c "bitbake -k security-build-image security-tpm-image security-tpm2-image integrity-image-minimal" + - kas build --target dm-verity-image-initramfs kas/$CI_JOB_NAME-dm-verify.yml + - kas build --target security-build-image kas/$CI_JOB_NAME-alt.yml -qemumips64: - extends: .build +qemux86-64-parsec: + extends: .parsec + needs: ['qemux86-64'] script: - kas build --target security-build-image kas/$CI_JOB_NAME.yml -qemuriscv64: - extends: .build +qemux86-64-multi: + extends: .multi + needs: ['qemux86-64'] script: - kas build --target security-build-image kas/$CI_JOB_NAME.yml -qemux86-64-tpm: - extends: .build +qemuarm: + extends: .base script: - - kas build --target security-tpm-image kas/$CI_JOB_NAME.yml - - kas build --target security-tpm2-image kas/$CI_JOB_NAME2.yml + - kas build --target security-build-image kas/$CI_JOB_NAME.yml -qemuarm64-tpm2: - extends: .build +qemuarm-parsec: + extends: .parsec + needs: ['qemuarm'] script: - - kas build --target security-tpm2-image kas/$CI_JOB_NAME.yml + - kas build --target security-build-image kas/$CI_JOB_NAME.yml -qemuarm64-alt: - extends: .build +qemuarm64: + extends: .base script: - - kas build --target security-build-image kas/$CI_JOB_NAME.yml + - kas shell kas/$CI_JOB_NAME.yml -c "bitbake -k security-build-image security-tpm2-image integrity-image-minimal" + - kas build --target security-build-image kas/$CI_JOB_NAME-alt.yml qemuarm64-multi: - extends: .build + extends: .multi + needs: ['qemuarm64'] script: - kas build --target security-build-image kas/$CI_JOB_NAME.yml -qemumips64-alt: - extends: .build +qemuarm64-musl: + extends: .musl + needs: ['qemuarm64'] script: - kas build --target security-build-image kas/$CI_JOB_NAME.yml -qemumips64-multi: - extends: .build +qemuarm64-parsec: + extends: .parsec + needs: ['qemuarm64'] script: - kas build --target security-build-image kas/$CI_JOB_NAME.yml -qemux86-64-alt: - extends: .build +qemuppc: + extends: .base script: - kas build --target security-build-image kas/$CI_JOB_NAME.yml -qemux86-64-multi: - extends: .build +qemuppc-parsec: + extends: .parsec + needs: ['qemuppc'] script: - kas build --target security-build-image kas/$CI_JOB_NAME.yml -qemux86-musl: - extends: .build +qemumips64: + extends: .base script: - kas build --target security-build-image kas/$CI_JOB_NAME.yml -qemuarm64-musl: - extends: .build +qemumips64-multi: + extends: .multi + needs: ['qemumips64'] script: - kas build --target security-build-image kas/$CI_JOB_NAME.yml -qemux86-test: - extends: .build - allow_failure: true +qemuriscv64: + extends: .base script: - - kas build --target security-test-image kas/$CI_JOB_NAME.yml - - kas build -c testimage --target security-test-image kas/$CI_JOB_NAME.yml - + - kas build --target security-build-image kas/$CI_JOB_NAME.yml |