meta-security: subtree update:547f552c85..066a04425c
Armin Kuster (9):
python3-oauth2client: add recipe
python3-privacyidea: adding initial support for mfa
strongswan: add bbappends for tpm changes
layer.conf: add dynamic-layer for strongswan
strongswan: Add bbappends for ima changes
meta-integrity: add dynamic-layer for strongswan
add gitlab framework and qemu machine
kas: add ima, tpm and tpm2 build configs
drop ci-build: it is hiding errors
Jeremy Puhlman (2):
cryptsetup-tpm-incubator: RPROVIDES cryptsetup and cryptsetup-dev
packagegroup-security-tpm2: Depend on preferred provider for cryptsetup
Zheng Ruoqin (2):
ccs-tools:Fix build error when enable multilib.
bastille: Deleted redundant inherit to fix error when enable multilib.
Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
Change-Id: I023e45c8080c3d423cd25cc656da5c1f527295e5
diff --git a/meta-security/.gitlab-ci.yml b/meta-security/.gitlab-ci.yml
new file mode 100644
index 0000000..132eb78
--- /dev/null
+++ b/meta-security/.gitlab-ci.yml
@@ -0,0 +1,86 @@
+stages:
+ - build
+
+.build:
+ stage: build
+ image: crops/poky
+ before_script:
+ - export PATH=~/.local/bin:$PATH
+ - wget https://bootstrap.pypa.io/get-pip.py
+ - python3 get-pip.py
+ - python3 -m pip install kas
+ - wget -q 'https://downloads.rclone.org/rclone-current-linux-amd64.zip'
+ - unzip -q rclone-current-linux-amd64.zip
+ - mv rclone-*-linux-amd64/rclone ~/.local/bin/
+ - rm -rf rclone-*-linux-amd64*
+ after_script:
+ - rm -rf build
+ - ./scripts/ci-cleanup.sh
+ cache:
+ paths:
+ - layers
+
+qemux86:
+ extends: .build
+ script:
+ - kas build --target security-build-image kas/$CI_JOB_NAME.yml
+
+qemux86-64:
+ extends: .build
+ script:
+ - kas build --target security-build-image kas/$CI_JOB_NAME.yml
+
+qemuarm:
+ extends: .build
+ script:
+ - kas build --target security-build-image kas/$CI_JOB_NAME.yml
+
+qemuarm64:
+ extends: .build
+ script:
+ - kas build --target security-build-image kas/$CI_JOB_NAME.yml
+
+qemuppc:
+ extends: .build
+ script:
+ - kas build --target security-build-image kas/$CI_JOB_NAME.yml
+
+qemumips64:
+ extends: .build
+ script:
+ - kas build --target security-build-image kas/$CI_JOB_NAME.yml
+
+qemuriscv64:
+ extends: .build
+ script:
+ - kas build --target security-build-image kas/$CI_JOB_NAME.yml
+
+qemux86-64-tpm:
+ extends: .build
+ script:
+ - kas build --target security-tpm-image kas/$CI_JOB_NAME.yml
+
+qemux86-64-tpm2:
+ extends: .build
+ script:
+ - kas build --target security-tpm2-image kas/$CI_JOB_NAME.yml
+
+qemuarm64-tpm2:
+ extends: .build
+ script:
+ - kas build --target security-tpm2-image kas/$CI_JOB_NAME.yml
+
+qemux86-ima:
+ extends: .build
+ script:
+ - kas build --target integrity-image-minimal kas/$CI_JOB_NAME.yml
+
+qemux86-64-ima:
+ extends: .build
+ script:
+ - kas build --target integrity-image-minimal kas/$CI_JOB_NAME.yml
+
+qemuarm64-ima:
+ extends: .build
+ script:
+ - kas build --target integrity-image-minimal kas/$CI_JOB_NAME.yml