summaryrefslogtreecommitdiff
path: root/meta-security/.gitlab-ci.yml
diff options
context:
space:
mode:
Diffstat (limited to 'meta-security/.gitlab-ci.yml')
-rw-r--r--meta-security/.gitlab-ci.yml171
1 files changed, 104 insertions, 67 deletions
diff --git a/meta-security/.gitlab-ci.yml b/meta-security/.gitlab-ci.yml
index f673ef698..206d7241b 100644
--- a/meta-security/.gitlab-ci.yml
+++ b/meta-security/.gitlab-ci.yml
@@ -1,129 +1,166 @@
-stages:
- - build
-
-.build:
- stage: build
- image: crops/poky
- before_script:
+.before-my-script: &before-my-script
- echo "$ERR_REPORT_USERNAME" > ~/.oe-send-error
- echo "$ERR_REPORT_EMAIL" >> ~/.oe-send-error
- export PATH=~/.local/bin:$PATH
- wget https://bootstrap.pypa.io/get-pip.py
- python3 get-pip.py
- python3 -m pip install kas
- after_script:
+
+.after-my-script: &after-my-script
- cd $CI_PROJECT_DIR/poky
- . ./oe-init-build-env $CI_PROJECT_DIR/build
- for x in `ls $CI_PROJECT_DIR/build/tmp/log/error-report/ | grep error_report_`; do
- send-error-report -y tmp/log/error-report/$x
- done
- - cd $CI_PROJECT_DIR
- - rm -rf build
- cache:
- paths:
- - layers
+ - rm -fr $CI_PROJECT_DIR/build
+
+stages:
+ - base
+ - parsec
+ - multi
+ - musl
+ - test
+
+.base:
+ before_script:
+ - *before-my-script
+ stage: base
+ after_script:
+ - *after-my-script
+
+.parsec:
+ before_script:
+ - *before-my-script
+ stage: parsec
+ after_script:
+ - *after-my-script
+
+
+.multi:
+ before_script:
+ - *before-my-script
+ stage: multi
+ after_script:
+ - *after-my-script
+
+.musl:
+ before_script:
+ - *before-my-script
+ stage: musl
+ after_script:
+ - *after-my-script
+
+.test:
+ before_script:
+ - *before-my-script
+ stage: test
+ after_script:
+ - *after-my-script
qemux86:
- extends: .build
+ extends: .base
script:
- - kas build --target security-build-image kas/$CI_JOB_NAME.yml
- - kas build --target security-build-image kas/$CI_JOB_NAME-parsec.yml
+ - kas shell kas/$CI_JOB_NAME.yml -c "bitbake -k security-build-image integrity-image-minimal"
- kas build --target security-build-image kas/$CI_JOB_NAME-comp.yml
- kas build --target harden-image-minimal kas/$CI_JOB_NAME-harden.yml
- - kas build --target integrity-image-minimal kas/$CI_JOB_NAME-ima.yml
-qemux86-64:
- extends: .build
+qemux86-musl:
+ extends: .musl
+ needs: ['qemux86-parsec']
script:
- kas build --target security-build-image kas/$CI_JOB_NAME.yml
- - kas build --target security-build-image kas/$CI_JOB_NAME-parsec.yml
- - kas build --target dm-verity-image-initramfs kas/$CI_JOB_NAME-dm-verify.yml
- - kas build --target integrity-image-minimal kas/$CI_JOB_NAME-ima.yml
-qemuarm:
- extends: .build
+qemux86-parsec:
+ extends: .parsec
+ needs: ['qemux86']
script:
- kas build --target security-build-image kas/$CI_JOB_NAME.yml
- - kas build --target security-build-image kas/$CI_JOB_NAME-parsec.yml
-qemuarm64:
- extends: .build
+qemux86-test:
+ extends: .test
+ needs: ['qemux86']
+ allow_failure: true
script:
- - kas build --target security-build-image kas/$CI_JOB_NAME.yml
- - kas build --target security-build-image kas/$CI_JOB_NAME-parsec.yml
- - kas build --target integrity-image-minimal kas/$CI_JOB_NAME-ima.yml
+ - kas build --target security-test-image kas/$CI_JOB_NAME.yml
+ - kas build -c testimage --target security-test-image kas/$CI_JOB_NAME.yml
-qemuppc:
- extends: .build
+qemux86-64:
+ extends: .base
script:
- - kas build --target security-build-image kas/$CI_JOB_NAME.yml
- - kas build --target security-build-image kas/$CI_JOB_NAME-parsec.yml
+ - kas shell kas/$CI_JOB_NAME.yml -c "bitbake -k security-build-image security-tpm-image security-tpm2-image integrity-image-minimal"
+ - kas build --target dm-verity-image-initramfs kas/$CI_JOB_NAME-dm-verify.yml
+ - kas build --target security-build-image kas/$CI_JOB_NAME-alt.yml
-qemumips64:
- extends: .build
+qemux86-64-parsec:
+ extends: .parsec
+ needs: ['qemux86-64']
script:
- kas build --target security-build-image kas/$CI_JOB_NAME.yml
-qemuriscv64:
- extends: .build
+qemux86-64-multi:
+ extends: .multi
+ needs: ['qemux86-64']
script:
- kas build --target security-build-image kas/$CI_JOB_NAME.yml
-qemux86-64-tpm:
- extends: .build
+qemuarm:
+ extends: .base
script:
- - kas build --target security-tpm-image kas/$CI_JOB_NAME.yml
- - kas build --target security-tpm2-image kas/$CI_JOB_NAME2.yml
+ - kas build --target security-build-image kas/$CI_JOB_NAME.yml
-qemuarm64-tpm2:
- extends: .build
+qemuarm-parsec:
+ extends: .parsec
+ needs: ['qemuarm']
script:
- - kas build --target security-tpm2-image kas/$CI_JOB_NAME.yml
+ - kas build --target security-build-image kas/$CI_JOB_NAME.yml
-qemuarm64-alt:
- extends: .build
+qemuarm64:
+ extends: .base
script:
- - kas build --target security-build-image kas/$CI_JOB_NAME.yml
+ - kas shell kas/$CI_JOB_NAME.yml -c "bitbake -k security-build-image security-tpm2-image integrity-image-minimal"
+ - kas build --target security-build-image kas/$CI_JOB_NAME-alt.yml
qemuarm64-multi:
- extends: .build
+ extends: .multi
+ needs: ['qemuarm64']
script:
- kas build --target security-build-image kas/$CI_JOB_NAME.yml
-qemumips64-alt:
- extends: .build
+qemuarm64-musl:
+ extends: .musl
+ needs: ['qemuarm64']
script:
- kas build --target security-build-image kas/$CI_JOB_NAME.yml
-qemumips64-multi:
- extends: .build
+qemuarm64-parsec:
+ extends: .parsec
+ needs: ['qemuarm64']
script:
- kas build --target security-build-image kas/$CI_JOB_NAME.yml
-qemux86-64-alt:
- extends: .build
+qemuppc:
+ extends: .base
script:
- kas build --target security-build-image kas/$CI_JOB_NAME.yml
-qemux86-64-multi:
- extends: .build
+qemuppc-parsec:
+ extends: .parsec
+ needs: ['qemuppc']
script:
- kas build --target security-build-image kas/$CI_JOB_NAME.yml
-qemux86-musl:
- extends: .build
+qemumips64:
+ extends: .base
script:
- kas build --target security-build-image kas/$CI_JOB_NAME.yml
-qemuarm64-musl:
- extends: .build
+qemumips64-multi:
+ extends: .multi
+ needs: ['qemumips64']
script:
- kas build --target security-build-image kas/$CI_JOB_NAME.yml
-qemux86-test:
- extends: .build
- allow_failure: true
+qemuriscv64:
+ extends: .base
script:
- - kas build --target security-test-image kas/$CI_JOB_NAME.yml
- - kas build -c testimage --target security-test-image kas/$CI_JOB_NAME.yml
-
+ - kas build --target security-build-image kas/$CI_JOB_NAME.yml
generated by cgit v1.2.3 (git 2.39.0) at 2024-06-25 09:11:47 +0300