chrony-dbus-service/.gitlab-ci.yml at develop · AP-Sensing/chrony-dbus-service · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
variables:
  BUILD_WORKSPACE: "build"
  CONTAINER_BUILD_IMAGE: "fedora:41"
  CTEST:
    value: "--parallel 16 --schedule-random"
    description: "Here you can set the options for ctest-unittests. By default test involving dbus are excluded since they are not supported inside a container image."
  VERSION_MORE:
    value: "$CI_PIPELINE_IID"
    description: "The forth number of the version string: 1.2.3.X - It is the X. Will be overwritten in main, hotfix or release-branch"
  PARALLEL:
    value: "16"
    description: "Number of parallel jobs for building. Remember: More parallel jobs require more RAM."

workflow:
  name: "Build and test pipeline."

######################################
# Templates
######################################

# Required for the publish Doxygen stage to find the defined $HTML variable.
include:
  - project: "devops/docker"
    file: "/templates/global.yml"

# Prevents all jobs that extend this stage will not run during nightly builds.
.to_manual_rule_template:
  extends:
    - .container_image_template
  rules:
    - if: $CI_PIPELINE_SOURCE == "merge_request_event" # Run for merge requests...
    - if: $CI_COMMIT_BRANCH && $CI_OPEN_MERGE_REQUESTS # ... but not for a push inside a open merge request to avoid duplicate runs
      when: never
    - if: $CI_COMMIT_BRANCH  && $CI_PIPELINE_SOURCE != "schedule"

# Used to also skip manual duplicate CI runs when pushing to a PR.
.skip_manual_for_pr_template:
  rules:
    - if: $CI_PIPELINE_SOURCE == "merge_request_event" # Allow running for merge requests...
      when: manual
      allow_failure: true
    - if: $CI_COMMIT_BRANCH && $CI_OPEN_MERGE_REQUESTS # ... but not for a push inside a open merge request to avoid duplicate runs
      when: never
    - if: $CI_COMMIT_BRANCH  && $CI_PIPELINE_SOURCE != "schedule"
      when: manual
      allow_failure: true

# Will run nightly if not set to build manually.
.container_image_template:
  image:
    name: $CONTAINER_BUILD_IMAGE
    pull_policy: always
  timeout: 30 minutes # Default job timeout
  before_script:
    - dnf install -y -q boost-devel cmake cppcheck clang clang-analyzer clang-tools-extra gcc gcc-c++ git gtest gtest-devel pkgconf-pkg-config dbus-libs dbus-devel libstdc++ 2>&1 1>/dev/null
    - git config --global user.name gitlab-ci
    - git config --global user.email noreply@localhost
  tags:
    - container

# Default template where all jobs that extend this will not run during nightly builds.
.container_image_no_nightly_run_template:
  extends:
    - .container_image_template
    - .to_manual_rule_template

######################################
# Stages
######################################

stages:
  - "🏗️ Build Stage 1"
  - "🚧 Build Stage 2"
  - "🧪 Test"
  - "📦 Release"
  - "🌃 Nightly"

######################################
# 🏗️ Build Stage 1
######################################

# GCC Release Build Tests=OFF
build release gcc:
  extends:
    - .container_image_no_nightly_run_template
  stage: "🏗️ Build Stage 1"
  script:
    - rm -rf $BUILD_WORKSPACE # Ensure we start clean
    - cmake . -B $BUILD_WORKSPACE -DAPS_CHRONY_DBUS_SERVICE_FETCH_CONTENT_USE_GITLAB_CI_TOKEN=ON -DCMAKE_BUILD_TYPE=Release -DAPS_CHRONY_DBUS_SERVICE_BUILD_TESTS=OFF
    - cmake --build $BUILD_WORKSPACE --parallel $PARALLEL
  artifacts:
    name: "${CI_JOB_STAGE}_${CI_COMMIT_SHORT_SHA}"
    expose_as: "Release Build"
    paths:
      - $BUILD_WORKSPACE

# GCC Debug Build Tests=OFF
build debug gcc:
  extends:
    - .container_image_no_nightly_run_template
  stage: "🏗️ Build Stage 1"
  script:
    - rm -rf $BUILD_WORKSPACE # Ensure we start clean
    - cmake . -B $BUILD_WORKSPACE -DAPS_CHRONY_DBUS_SERVICE_FETCH_CONTENT_USE_GITLAB_CI_TOKEN=ON -DCMAKE_BUILD_TYPE=Debug -DAPS_CHRONY_DBUS_SERVICE_BUILD_TESTS=OFF
    - cmake --build $BUILD_WORKSPACE --parallel $PARALLEL
  artifacts:
    name: "${CI_JOB_STAGE}_${CI_COMMIT_SHORT_SHA}"
    expose_as: "Debug Build"
    paths:
      - $BUILD_WORKSPACE

# GCC Release Build Tests=ON
build release test gcc:
  extends:
    - .container_image_no_nightly_run_template
  stage: "🏗️ Build Stage 1"
  script:
    - dnf install -y chrony dbus-daemon systemd
    - rm -rf $BUILD_WORKSPACE # Ensure we start clean
    - cmake . -B $BUILD_WORKSPACE -DAPS_CHRONY_DBUS_SERVICE_FETCH_CONTENT_USE_GITLAB_CI_TOKEN=ON -DCMAKE_BUILD_TYPE=Release -DAPS_CHRONY_DBUS_SERVICE_BUILD_TESTS=ON
    - cmake --build $BUILD_WORKSPACE --parallel $PARALLEL
    - cd $BUILD_WORKSPACE
    - . ../tests/setupenv.sh
    - $BUILD_WORKSPACE/src/chrony-dbus-service &
    - ctest $CTEST
  artifacts:
    name: "${CI_JOB_STAGE}_${CI_COMMIT_SHORT_SHA}"
    paths:
      - $BUILD_WORKSPACE

######################################
# 🚧 Build Stage 2
######################################

# Build (S)RPM
build (s)rpm:
  extends:
    - .container_image_template
    - .skip_manual_for_pr_template
  stage: "🚧 Build Stage 2"
  script:
    - sudo dnf install -y rpmdevtools systemd-rpm-macros selinux-policy-devel
    - sed -i "s/set(CPACK_RPM_PACKAGE_RELEASE \"[0-9]\+\")/set(CPACK_RPM_PACKAGE_RELEASE \"${CI_PIPELINE_IID}\")/" packaging/rpm/cpack_config.cmake
    - cmake . -B $BUILD_WORKSPACE -DAPS_CHRONY_DBUS_SERVICE_FETCH_CONTENT_USE_GITLAB_CI_TOKEN=ON -DCMAKE_BUILD_TYPE=Release -DAPS_CHRONY_DBUS_SERVICE_BUILD_TESTS=OFF -DAPS_CHRONY_DBUS_SERVICE_CPACK_RPM_TYPE=RPM
    - cmake --build $BUILD_WORKSPACE --parallel $PARALLEL
    - pushd $BUILD_WORKSPACE
    - ../scripts/build_rpm.sh
    - popd
    - cmake . -B $BUILD_WORKSPACE -DAPS_CHRONY_DBUS_SERVICE_FETCH_CONTENT_USE_GITLAB_CI_TOKEN=ON -DCMAKE_BUILD_TYPE=Release -DAPS_CHRONY_DBUS_SERVICE_BUILD_TESTS=OFF -DAPS_CHRONY_DBUS_SERVICE_CPACK_RPM_TYPE=SRPM
    - cmake --build $BUILD_WORKSPACE --parallel $PARALLEL
    - pushd $BUILD_WORKSPACE
    - ../scripts/build_rpm.sh
    - popd
    - cp -r ./packaging/selinux/ $BUILD_WORKSPACE/
    - pushd $BUILD_WORKSPACE/selinux/
    - ../../scripts/build_selinux_policy.sh
    - mv *.rpm $BUILD_WORKSPACE
    - mv noarch/*.rpm $BUILD_WORKSPACE
    - popd
    - mkdir -p $BUILD_WORKSPACE/RPM
    - rm -rf $BUILD_WORKSPACE/RPM/*
    - mv $BUILD_WORKSPACE/*.rpm $BUILD_WORKSPACE/RPM
  needs:
    - "build release gcc"
  artifacts:
    name: "${CI_JOB_STAGE}_${CI_COMMIT_SHORT_SHA}"
    expose_as: "Release Build S_RPM"
    paths:
      - $BUILD_WORKSPACE/RPM/

# Build Doxygen Docs
build doxygen:
  extends:
    - .container_image_no_nightly_run_template
  stage: "🚧 Build Stage 2"
  script:
    - sudo dnf install -y doxygen plantuml
    - chmod 777 scripts/*.sh
    - scripts/doxygen.sh
    - cd $BUILD_WORKSPACE/doxygen/
    - tar -zcf doxygen.tar.gz html/
  artifacts:
    name: "${CI_JOB_STAGE}_${CI_COMMIT_SHORT_SHA}"
    expose_as: "Doxygen"
    paths:
      - $BUILD_WORKSPACE/doxygen/doxygen.tar.gz
  needs: []

# Debug Build All Sanitizers Tests=ON
build debug all sanitizers test:
  extends:
    - .container_image_no_nightly_run_template
  stage: "🚧 Build Stage 2"
  script:
    - dnf install -y chrony dbus-daemon systemd
    - rm -rf $BUILD_WORKSPACE # Ensure we start clean
    - cmake . -B $BUILD_WORKSPACE -DAPS_CHRONY_DBUS_SERVICE_FETCH_CONTENT_USE_GITLAB_CI_TOKEN=ON -DCMAKE_BUILD_TYPE=Debug -DAPS_CHRONY_DBUS_SERVICE_BUILD_TESTS=ON -DAPS_CHRONY_DBUS_SERVICE_DEBUG_SANITIZER_FLAG_ALL=ON
    - cmake --build $BUILD_WORKSPACE --parallel $PARALLEL
    - cd $BUILD_WORKSPACE
    - . ../tests/setupenv.sh
    - $BUILD_WORKSPACE/src/chrony-dbus-service &
    - ctest $CTEST
  needs: # Depend only on gcc since we are using just gcc sanitizers right now
    - "build release gcc"
    - "build debug gcc"
    - "build release test gcc"

# Release Build Thread Sanitizers Tests=ON
build debug thread sanitizers test:
  extends:
    - .container_image_no_nightly_run_template
  stage: "🚧 Build Stage 2"
  script:
    - dnf install -y chrony dbus-daemon systemd
    - rm -rf $BUILD_WORKSPACE # Ensure we start clean
    - cmake . -B $BUILD_WORKSPACE -DAPS_CHRONY_DBUS_SERVICE_FETCH_CONTENT_USE_GITLAB_CI_TOKEN=ON -DCMAKE_BUILD_TYPE=Debug -DAPS_CHRONY_DBUS_SERVICE_BUILD_TESTS=ON -DAPS_CHRONY_DBUS_SERVICE_DEBUG_SANITIZER_FLAG_THREAD=ON
    - cmake --build $BUILD_WORKSPACE --parallel $PARALLEL
    - cd $BUILD_WORKSPACE
    - . ../tests/setupenv.sh
    - $BUILD_WORKSPACE/src/chrony-dbus-service &
    - ctest $CTEST
  needs: # Depend only on gcc since we are using just gcc sanitizers right now
    - "build release gcc"
    - "build debug gcc"
    - "build release test gcc"

######################################
# 🧪 Test
######################################

# Test Doxygen Docs Build
build doxygen test:
  extends:
    - .container_image_no_nightly_run_template
  stage: "🧪 Test"
  script:
    - sudo dnf install -y doxygen pipx plantuml
    - export PATH=$PATH:/root/.local/bin
    - pipx install doxygen-junit
    - chmod 777 scripts/*.sh
    - scripts/doxygen.sh || true
    # Fix the file path references so they are relative to the blob and not the buildspace. We use ; as the substitute so don't have to escape every forwardslash
    - sed -i "s;$CI_PROJECT_DIR/src;src;g" $BUILD_WORKSPACE/doxygen/doxygen_warnings.log || exit 1
    - sed -i "s;$CI_PROJECT_DIR/test;test;g" $BUILD_WORKSPACE/doxygen/doxygen_warnings.log || exit 1
    - doxygen_junit --input $BUILD_WORKSPACE/doxygen/doxygen_warnings.log --output $BUILD_WORKSPACE/doxygen/doxygen_junit.xml || exit 1
    - cat $BUILD_WORKSPACE/doxygen/doxygen_junit.xml
    - grep -iq "<error " "$BUILD_WORKSPACE/doxygen/doxygen_junit.xml" && exit 1 || exit 0
  needs:
    - "build doxygen"
  artifacts:
    reports:
      junit: $BUILD_WORKSPACE/doxygen/doxygen_junit.xml
    when: always

# cppcheck
cppcheck:
  extends:
    - .container_image_no_nightly_run_template
  stage: "🧪 Test"
  timeout: 60 minutes
  script:
    - sudo dnf install -y pipx
    - export PATH=$PATH:/root/.local/bin
    - pipx install cppcheck-codequality
    - rm -rf $BUILD_WORKSPACE # Ensure we start clean
    - cmake . -B $BUILD_WORKSPACE -DAPS_CHRONY_DBUS_SERVICE_FETCH_CONTENT_USE_GITLAB_CI_TOKEN=ON -DCMAKE_BUILD_TYPE=Debug -DAPS_CHRONY_DBUS_SERVICE_ENABLE_CPPCHECK=ON -DAPS_CHRONY_DBUS_SERVICE_ENABLE_CPPCHECK_EXHAUSTIVE=ON
    - cmake --build $BUILD_WORKSPACE --parallel $PARALLEL
    # Convert to a Code Climate quality JSON report
    - cppcheck-codequality --input-file $BUILD_WORKSPACE/cppcheck.xml --output-file $BUILD_WORKSPACE/cppcheck_report.json
    # Fix the file path references so they are relative to the blob and not the buildspace. We use ; as the substitute so don't have to escape every forwardslash
    - sed -i "s;$CI_PROJECT_DIR/src;src;g" $BUILD_WORKSPACE/cppcheck_report.json
    - sed -i "s;$CI_PROJECT_DIR/test;test;g" $BUILD_WORKSPACE/cppcheck_report.json
    - cat $BUILD_WORKSPACE/cppcheck.xml
    - if [ $(grep -ic "<error " $BUILD_WORKSPACE/cppcheck.xml) -gt 0 ]; then exit 1; fi
  artifacts:
    reports:
      codequality: $BUILD_WORKSPACE/cppcheck_report.json
    when: always
  needs: []

# clang-tidy
clang-tidy:
  extends:
    - .container_image_no_nightly_run_template
  stage: "🧪 Test"
  timeout: 60 minutes
  script:
    - rm -rf $BUILD_WORKSPACE # Ensure we start clean
    - cmake . -B $BUILD_WORKSPACE -DAPS_CHRONY_DBUS_SERVICE_FETCH_CONTENT_USE_GITLAB_CI_TOKEN=ON -DCMAKE_BUILD_TYPE=Debug -DAPS_CHRONY_DBUS_SERVICE_BUILD_TESTS=ON -DAPS_CHRONY_DBUS_SERVICE_ENABLE_CLANG_TIDY=ON
    - cmake --build $BUILD_WORKSPACE --parallel $PARALLEL
  needs: []

# clang-format
clang-format:
  extends:
    - .container_image_no_nightly_run_template
  stage: "🧪 Test"
  script:
    - clang-format --version
    - ./scripts/check_clang_format.sh tests src
  needs: []

lint-rpm:
  stage: "🧪 Test"
  extends:
    - .container_image_no_nightly_run_template
  tags:
    - docker
  script:
    - sudo dnf install -y rpmlint
    - rpmlint -c rpmlint_fedora.toml -s SPECS/chrony-dbus-service.spec
######################################
# 📦 Release
######################################

######################################
# 🌃 Nightly
######################################