From 7c58d7d24ed70b5839da27bf875763d2099d78db Mon Sep 17 00:00:00 2001 From: Tomas Susanka Date: Sat, 27 Apr 2019 19:16:50 +0200 Subject: [PATCH] ci: split gitlab configuration files and store them in a 'ci' folder The core/build-docker.sh si broken, but so it was already in master and is tracked to be fixed in #108. --- .gitlab-ci.yml | 176 ++---------------------------------- Dockerfile => ci/Dockerfile | 0 ci/core.yml | 52 +++++++++++ ci/crypto.yml | 23 +++++ ci/environment.yml | 15 +++ ci/legacy.yml | 54 +++++++++++ ci/prebuild.yml | 18 ++++ ci/storage.yml | 9 ++ core/build-docker.sh | 2 +- legacy/build.sh | 2 +- 10 files changed, 181 insertions(+), 170 deletions(-) rename Dockerfile => ci/Dockerfile (100%) create mode 100644 ci/core.yml create mode 100644 ci/crypto.yml create mode 100644 ci/environment.yml create mode 100644 ci/legacy.yml create mode 100644 ci/prebuild.yml create mode 100644 ci/storage.yml diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 793a997aa..96441b85e 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -17,174 +17,14 @@ stages: - build - test -environment: - stage: environment - image: docker:latest - variables: - CONTAINER_NAME: "$CI_REGISTRY/trezor/trezor-firmware/environment" - services: - - docker:dind - before_script: - - docker login $CI_REGISTRY -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD - when: manual - script: - - docker pull $CONTAINER_NAME:latest || true - - docker build --cache-from $CONTAINER_NAME:latest --tag $CONTAINER_NAME:$CI_COMMIT_SHA --tag $CONTAINER_NAME:latest . - - docker push $CONTAINER_NAME:$CI_COMMIT_SHA - - docker push $CONTAINER_NAME:latest - -image: registry.corp.sldev.cz/trezor/trezor-firmware/environment - before_script: - pipenv install -prebuild style: - stage: prebuild - script: - - pipenv run make style_check - - cd core && pipenv run make templates_check # TODO - -prebuild common: - stage: prebuild - script: - - cd common - - pipenv run jsonlint defs/*.json - - pipenv run jsonlint defs/*/*.json - - pipenv run python tools/cointool.py check - - pipenv run python tools/support.py check --ignore-missing - - pipenv run python protob/check.py - - pipenv run python protob/graph.py protob/*.proto # TODO: artifacts? - -build core firmware: - stage: build - script: - - cd core - - pipenv run make build_cross - - pipenv run make build_boardloader - - pipenv run make build_bootloader - - pipenv run make build_prodtest - - pipenv run make build_firmware - # - test "$TREZOR_MODEL" = "1" || pipenv run make sizecheck - artifacts: - name: "$CI_JOB_NAME-$CI_COMMIT_SHORT_SHA" - paths: - - core/build/firmware/firmware.bin - - core/build/bootloader/bootloader.bin - expire_in: 1 week - -build core unix: - stage: build - script: - - cd core - - pipenv run make build_unix_noui - artifacts: - name: "$CI_JOB_NAME-$CI_COMMIT_SHORT_SHA" - untracked: true - expire_in: 1 day - -build legacy firmware: - stage: build - script: - - cd legacy - - pipenv run script/cibuild - - pipenv run make -C bootloader - - pipenv run make -C demo - -build legacy firmware debug: - stage: build - variables: - DEBUG_LINK: "1" - script: - - cd legacy - - pipenv run script/cibuild - - pipenv run make -C bootloader - - pipenv run make -C demo - -build legacy firmware bitcoinonly: - stage: build - variables: - BITCOIN_ONLY: "1" - script: - - cd legacy - - pipenv run script/cibuild - - pipenv run make -C bootloader - - pipenv run make -C demo - -build legacy emu: - stage: build - variables: - HEADLESS: "1" - EMULATOR: "1" - DEBUG_LINK: "1" - script: - - cd legacy - - pipenv run script/cibuild - artifacts: - name: "$CI_JOB_NAME-$CI_COMMIT_SHORT_SHA" - untracked: true - expire_in: 1 day - -build crypto: - stage: build - script: - - cd crypto - - pipenv run make - artifacts: - name: "$CI_JOB_NAME-$CI_COMMIT_SHORT_SHA" - untracked: true - expire_in: 1 day - -test core unix unit: - stage: test - dependencies: - - build core unix - script: - - cd core - - pipenv run make test - -test core unix device: - stage: test - dependencies: - - build core unix - script: - - cd core - - pipenv run make test_emu - -test core unix monero: - stage: test - dependencies: - - build core unix - script: - - cd core - - pipenv run make test_emu_monero - -# TODO: aren't some tests from .travis.yml missing? -test legacy emu: - stage: test - dependencies: - - build legacy emu - variables: - EMULATOR: "1" - script: - - cd legacy - - pipenv run script/test - -test crypto: - stage: test - dependencies: - - build crypto - script: - - cd crypto - - ./tests/aestst - - ./tests/test_check - - CK_TIMEOUT_MULTIPLIER=20 valgrind -q --error-exitcode=1 ./tests/test_check - - ./tests/test_openssl 1000 - - ITERS=10 pipenv run pytest tests/ # TODO are ITERS=10 propagated? - -test storage: - stage: test - dependencies: [] - script: - - cd storage/tests - - pipenv run make build - - pipenv run make tests_all +include: + - ci/environment.yml + - ci/prebuild.yml # common, style + - ci/core.yml + - ci/legacy.yml + # - ci/python.yml TODO + - ci/crypto.yml + - ci/storage.yml diff --git a/Dockerfile b/ci/Dockerfile similarity index 100% rename from Dockerfile rename to ci/Dockerfile diff --git a/ci/core.yml b/ci/core.yml new file mode 100644 index 000000000..d62cb029e --- /dev/null +++ b/ci/core.yml @@ -0,0 +1,52 @@ +image: registry.corp.sldev.cz/trezor/trezor-firmware/environment + +build core firmware: + stage: build + script: + - cd core + - pipenv run make build_cross + - pipenv run make build_boardloader + - pipenv run make build_bootloader + - pipenv run make build_prodtest + - pipenv run make build_firmware + # - test "$TREZOR_MODEL" = "1" || pipenv run make sizecheck + artifacts: + name: "$CI_JOB_NAME-$CI_COMMIT_SHORT_SHA" + paths: + - core/build/firmware/firmware.bin + - core/build/bootloader/bootloader.bin + expire_in: 1 week + +build core unix: + stage: build + script: + - cd core + - pipenv run make build_unix_noui + artifacts: + name: "$CI_JOB_NAME-$CI_COMMIT_SHORT_SHA" + untracked: true + expire_in: 1 day + +test core unix unit: + stage: test + dependencies: + - build core unix + script: + - cd core + - pipenv run make test + +test core unix device: + stage: test + dependencies: + - build core unix + script: + - cd core + - pipenv run make test_emu + +test core unix monero: + stage: test + dependencies: + - build core unix + script: + - cd core + - pipenv run make test_emu_monero diff --git a/ci/crypto.yml b/ci/crypto.yml new file mode 100644 index 000000000..5a95b2a5f --- /dev/null +++ b/ci/crypto.yml @@ -0,0 +1,23 @@ +image: registry.corp.sldev.cz/trezor/trezor-firmware/environment + +build crypto: + stage: build + script: + - cd crypto + - pipenv run make + artifacts: + name: "$CI_JOB_NAME-$CI_COMMIT_SHORT_SHA" + untracked: true + expire_in: 1 day + +test crypto: + stage: test + dependencies: + - build crypto + script: + - cd crypto + - ./tests/aestst + - ./tests/test_check + - CK_TIMEOUT_MULTIPLIER=20 valgrind -q --error-exitcode=1 ./tests/test_check + - ./tests/test_openssl 1000 + - ITERS=10 pipenv run pytest tests/ # TODO are ITERS=10 propagated? diff --git a/ci/environment.yml b/ci/environment.yml new file mode 100644 index 000000000..a3f3f4520 --- /dev/null +++ b/ci/environment.yml @@ -0,0 +1,15 @@ +environment: + stage: environment + image: docker:latest + variables: + CONTAINER_NAME: "$CI_REGISTRY/trezor/trezor-firmware/environment" + services: + - docker:dind + before_script: + - docker login $CI_REGISTRY -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD + when: manual + script: + - docker pull $CONTAINER_NAME:latest || true + - docker build --cache-from $CONTAINER_NAME:latest --tag $CONTAINER_NAME:$CI_COMMIT_SHA --tag $CONTAINER_NAME:latest ci/ + - docker push $CONTAINER_NAME:$CI_COMMIT_SHA + - docker push $CONTAINER_NAME:latest diff --git a/ci/legacy.yml b/ci/legacy.yml new file mode 100644 index 000000000..048020883 --- /dev/null +++ b/ci/legacy.yml @@ -0,0 +1,54 @@ +image: registry.corp.sldev.cz/trezor/trezor-firmware/environment + +build legacy firmware: + stage: build + script: + - cd legacy + - pipenv run script/cibuild + - pipenv run make -C bootloader + - pipenv run make -C demo + +build legacy firmware debug: + stage: build + variables: + DEBUG_LINK: "1" + script: + - cd legacy + - pipenv run script/cibuild + - pipenv run make -C bootloader + - pipenv run make -C demo + +build legacy firmware bitcoinonly: + stage: build + variables: + BITCOIN_ONLY: "1" + script: + - cd legacy + - pipenv run script/cibuild + - pipenv run make -C bootloader + - pipenv run make -C demo + +build legacy emu: + stage: build + variables: + HEADLESS: "1" + EMULATOR: "1" + DEBUG_LINK: "1" + script: + - cd legacy + - pipenv run script/cibuild + artifacts: + name: "$CI_JOB_NAME-$CI_COMMIT_SHORT_SHA" + untracked: true + expire_in: 1 day + +# TODO: aren't some tests from .travis.yml missing? +test legacy emu: + stage: test + dependencies: + - build legacy emu + variables: + EMULATOR: "1" + script: + - cd legacy + - pipenv run script/test \ No newline at end of file diff --git a/ci/prebuild.yml b/ci/prebuild.yml new file mode 100644 index 000000000..ac83fb64c --- /dev/null +++ b/ci/prebuild.yml @@ -0,0 +1,18 @@ +image: registry.corp.sldev.cz/trezor/trezor-firmware/environment + +prebuild style: + stage: prebuild + script: + - pipenv run make style_check + - cd core && pipenv run make templates_check # TODO + +prebuild common: + stage: prebuild + script: + - cd common + - pipenv run jsonlint defs/*.json + - pipenv run jsonlint defs/*/*.json + - pipenv run python tools/cointool.py check + - pipenv run python tools/support.py check --ignore-missing + - pipenv run python protob/check.py + - pipenv run python protob/graph.py protob/*.proto # TODO: artifacts? diff --git a/ci/storage.yml b/ci/storage.yml new file mode 100644 index 000000000..57b046c5b --- /dev/null +++ b/ci/storage.yml @@ -0,0 +1,9 @@ +image: registry.corp.sldev.cz/trezor/trezor-firmware/environment + +test storage: + stage: test + dependencies: [] + script: + - cd storage/tests + - pipenv run make build + - pipenv run make tests_all diff --git a/core/build-docker.sh b/core/build-docker.sh index 18fb852d5..52843e93e 100755 --- a/core/build-docker.sh +++ b/core/build-docker.sh @@ -21,7 +21,7 @@ else REPOSITORY=https://github.com/$REPOSITORY/trezor-firmware.git fi -docker build -t $IMAGE --build-arg TOOLCHAIN_FLAVOR=$TOOLCHAIN_FLAVOR core +docker build -t $IMAGE --build-arg TOOLCHAIN_FLAVOR=$TOOLCHAIN_FLAVOR ci/ USER=$(ls -lnd . | awk '{ print $3 }') GROUP=$(ls -lnd . | awk '{ print $4 }') diff --git a/legacy/build.sh b/legacy/build.sh index 67013873f..63f3fe241 100755 --- a/legacy/build.sh +++ b/legacy/build.sh @@ -10,6 +10,6 @@ IMAGE=trezor-mcu-build USER=$(ls -lnd . | awk '{ print $3 }') GROUP=$(ls -lnd . | awk '{ print $4 }') -docker build -t "$IMAGE" . +docker build -t "$IMAGE" ci/ docker run -it -v $(pwd):/src:z --user="$USER:$GROUP" "$IMAGE" \ /src/legacy/script/fullbuild "$BOOTLOADER_COMMIT" "$FIRMWARE_COMMIT"