Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / openbmc / 73bd93f1d0a338767f36fd1acb54c52ad057db39 / . / meta-arm / .gitlab-ci.yml
blob: e1b8dd2451719c4d77b0c7e7825f8c79edd5a48a [file] [log] [blame]
Andrew Geissler220dafd2023-10-04 10:18:08 -0500[diff] [blame]1image: ${MIRROR_GHCR}/siemens/kas/kas:4.0
Brad Bishopbec4ebc2022-08-03 09:55:16 -0400[diff] [blame]2
Andrew Geissler517393d2023-01-13 08:55:19 -0600[diff] [blame]3variables:
Patrick Williams73bd93f2024-02-20 08:07:48 -0600[diff] [blame^]4 # These are needed as the k8s executor doesn't respect the container
5 # entrypoint by default
Andrew Geissler517393d2023-01-13 08:55:19 -0600[diff] [blame]6 FF_KUBERNETES_HONOR_ENTRYPOINT: 1
7 FF_USE_LEGACY_KUBERNETES_EXECUTION_STRATEGY: 0
Patrick Williams73bd93f2024-02-20 08:07:48 -0600[diff] [blame^]8 # The default value for KUBERNETES_CPU_REQUEST
9 CPU_REQUEST: ""
10 # The default machine tag for the build jobs
11 DEFAULT_TAG: ""
12 # The machine tag for the ACS test jobs
Patrick Williams169d7bc2024-01-05 11:33:25 -0600[diff] [blame]13 ACS_TAG: ""
Patrick Williams73bd93f2024-02-20 08:07:48 -0600[diff] [blame^]14 # The directory to use as the persistent cache (the root for DL_DIR, SSTATE_DIR, etc)
15 CACHE_DIR: $CI_BUILDS_DIR/persist
16 # The container mirror to use
17 MIRROR_GHCR: ghcr.io
18 # Whether to run the SystemReady ACS tests
19 ACS_TEST: 0
20 # The list of extra Kas fragments to be used when building
21 EXTRA_KAS_FILES: ""
22 # The NVD API key to use when fetching CVEs
23 NVDCVE_API_KEY: ""
Andrew Geissler517393d2023-01-13 08:55:19 -0600[diff] [blame]24
Brad Bishopbec4ebc2022-08-03 09:55:16 -0400[diff] [blame]25stages:
26 - prep
27 - build
28
29# Common job fragment to get a worker ready
30.setup:
Andrew Geissler517393d2023-01-13 08:55:19 -0600[diff] [blame]31 tags:
32 - $DEFAULT_TAG
Brad Bishopbec4ebc2022-08-03 09:55:16 -0400[diff] [blame]33 stage: build
34 interruptible: true
35 variables:
36 KAS_WORK_DIR: $CI_PROJECT_DIR/work
Andrew Geissler9347dd42023-03-03 12:38:41 -0600[diff] [blame]37 KAS_REPO_REF_DIR: $CACHE_DIR/repos
38 SSTATE_DIR: $CACHE_DIR/sstate
39 DL_DIR: $CACHE_DIR/downloads
Brad Bishopbec4ebc2022-08-03 09:55:16 -0400[diff] [blame]40 BB_LOGCONFIG: $CI_PROJECT_DIR/ci/logging.yml
Andrew Geissler9347dd42023-03-03 12:38:41 -0600[diff] [blame]41 TOOLCHAIN_DIR: $CACHE_DIR/toolchains
Brad Bishopbec4ebc2022-08-03 09:55:16 -0400[diff] [blame]42 IMAGE_DIR: $CI_PROJECT_DIR/work/build/tmp/deploy/images
43 TOOLCHAIN_LINK_DIR: $CI_PROJECT_DIR/work/build/toolchains
44 before_script:
45 - echo KAS_WORK_DIR = $KAS_WORK_DIR
46 - echo SSTATE_DIR = $SSTATE_DIR
47 - echo DL_DIR = $DL_DIR
48 - rm -rf $KAS_WORK_DIR
49 - mkdir --verbose --parents $KAS_WORK_DIR $KAS_REPO_REF_DIR $SSTATE_DIR $DL_DIR $TOOLCHAIN_DIR $TOOLCHAIN_LINK_DIR
50 # Must do this here, as it's the only way to make sure the toolchain is installed on the same builder
51 - ./ci/get-binary-toolchains $DL_DIR $TOOLCHAIN_DIR $TOOLCHAIN_LINK_DIR
Brad Bishopbec4ebc2022-08-03 09:55:16 -0400[diff] [blame]52
53# Generalised fragment to do a Kas build
54.build:
55 extends: .setup
Andrew Geissler517393d2023-01-13 08:55:19 -0600[diff] [blame]56 variables:
57 KUBERNETES_CPU_REQUEST: $CPU_REQUEST
Patrick Williams8e7b46e2023-05-01 14:19:06 -0500[diff] [blame]58 rules:
59 # Don't run MR pipelines
60 - if: $CI_PIPELINE_SOURCE == "merge_request_event"
61 when: never
62 # Don't run pipelines for tags
63 - if: $CI_COMMIT_TAG
64 when: never
65 # Don't run if BUILD_ENABLE_REGEX is set, but the job doesn't match the regex
66 - if: '$BUILD_ENABLE_REGEX != null && $CI_JOB_NAME !~ $BUILD_ENABLE_REGEX'
67 when: never
68 # Allow the dev kernels to fail and not fail the overall build
69 - if: '$KERNEL == "linux-yocto-dev"'
70 allow_failure: true
71 # Catch all for everything else
72 - if: '$KERNEL != "linux-yocto-dev"'
Brad Bishopbec4ebc2022-08-03 09:55:16 -0400[diff] [blame]73 script:
Patrick Williams73bd93f2024-02-20 08:07:48 -0600[diff] [blame^]74 - KASFILES=$(./ci/jobs-to-kas "$CI_JOB_NAME" $EXTRA_KAS_FILES):lockfile.yml
Andrew Geissler23e02792023-07-21 09:06:10 -0500[diff] [blame]75 - kas dump --update --force-checkout --resolve-refs --resolve-env $KASFILES
Brad Bishopbec4ebc2022-08-03 09:55:16 -0400[diff] [blame]76 - kas build $KASFILES
77 - ./ci/check-warnings $KAS_WORK_DIR/build/warnings.log
78 artifacts:
79 name: "logs"
Patrick Williams520786c2023-06-25 16:20:36 -0500[diff] [blame]80 when: always
Brad Bishopbec4ebc2022-08-03 09:55:16 -0400[diff] [blame]81 paths:
Patrick Williams169d7bc2024-01-05 11:33:25 -0600[diff] [blame]82 - $CI_PROJECT_DIR/work/build/tmp*/work*/**/temp/log.do_*.*
83 - $CI_PROJECT_DIR/work/build/tmp*/work*/**/testimage/*
Brad Bishopbec4ebc2022-08-03 09:55:16 -0400[diff] [blame]84
85#
Andrew Geissler2daf84b2023-03-31 09:57:23 -0500[diff] [blame]86# Prep stage, update repositories once.
87# Set the CI variable CI_CLEAN_REPOS=1 to refetch the respositories from scratch
Brad Bishopbec4ebc2022-08-03 09:55:16 -0400[diff] [blame]88#
89update-repos:
90 extends: .setup
91 stage: prep
Andrew Geissler220dafd2023-10-04 10:18:08 -0500[diff] [blame]92 allow_failure:
93 exit_codes: 128
Brad Bishopbec4ebc2022-08-03 09:55:16 -0400[diff] [blame]94 script:
Andrew Geissler23e02792023-07-21 09:06:10 -0500[diff] [blame]95 - |
96 flock --verbose --timeout 60 $KAS_REPO_REF_DIR ./ci/update-repos
97 # Only generate if doesn't already exist, to allow feature branches to drop one in.
98 if test -f lockfile.yml; then
99 echo Using existing lockfile.yml
100 else
101 # Be sure that this is the complete list of layers being fetched
102 kas dump --lock --update ci/qemuarm64.yml:ci/meta-openembedded.yml:ci/clang.yml:ci/meta-virtualization.yml | tee lockfile.yml
103 fi
104 artifacts:
105 name: "lockfile"
106 paths:
107 - lockfile.yml
Brad Bishopbec4ebc2022-08-03 09:55:16 -0400[diff] [blame]108
109#
110# Build stage, the actual build jobs
111#
112# Available options for building are
Andrew Geissler2daf84b2023-03-31 09:57:23 -0500[diff] [blame]113# DISTRO: [poky, poky-tiny]
114# KERNEL: [linux-yocto, linux-yocto-dev, linux-yocto-rt]
Patrick Williams520786c2023-06-25 16:20:36 -0500[diff] [blame]115# TOOLCHAINS: [gcc, clang, external-gccarm]
Brad Bishopbec4ebc2022-08-03 09:55:16 -0400[diff] [blame]116# TCLIBC: [glibc, musl]
Andrew Geissler2daf84b2023-03-31 09:57:23 -0500[diff] [blame]117# FIRMWARE: [u-boot, edk2]
118# TS: [none, trusted-services]
Brad Bishopbec4ebc2022-08-03 09:55:16 -0400[diff] [blame]119# VIRT: [none, xen]
120# TESTING: testimage
121
Brad Bishopbec4ebc2022-08-03 09:55:16 -0400[diff] [blame]122corstone1000-fvp:
123 extends: .build
124 parallel:
125 matrix:
Andrew Geissler2daf84b2023-03-31 09:57:23 -0500[diff] [blame]126 - TESTING: [testimage, tftf]
Brad Bishopbec4ebc2022-08-03 09:55:16 -0400[diff] [blame]127
128corstone1000-mps3:
129 extends: .build
Patrick Williamsac13d5f2023-11-24 18:59:46 -0600[diff] [blame]130 parallel:
131 matrix:
132 - TESTING: [none, tftf]
133
Brad Bishopbec4ebc2022-08-03 09:55:16 -0400[diff] [blame]134
135fvp-base:
136 extends: .build
137 parallel:
138 matrix:
139 - TESTING: testimage
Andrew Geissler2daf84b2023-03-31 09:57:23 -0500[diff] [blame]140 - FIRMWARE: edk2
Patrick Williams169d7bc2024-01-05 11:33:25 -0600[diff] [blame]141 - SYSTEMREADY_FIRMWARE: arm-systemready-firmware
142
143arm-systemready-ir-acs:
144 extends: .build
145 timeout: 12h
146 parallel:
147 matrix:
148 # arm-systemready-ir-acs must be specified after fvp-base for ordering
149 # purposes for the jobs-to-kas output. It is not enough to just have it
150 # in the job name because fvp-base.yml overwrites the target.
151 - PLATFORM: fvp-base
152 ARM_SYSTEMREADY_IR_ACS: arm-systemready-ir-acs
153 tags:
154 - ${ACS_TAG}
Brad Bishopbec4ebc2022-08-03 09:55:16 -0400[diff] [blame]155
Brad Bishopbec4ebc2022-08-03 09:55:16 -0400[diff] [blame]156fvps:
157 extends: .build
158
Brad Bishopbec4ebc2022-08-03 09:55:16 -0400[diff] [blame]159generic-arm64:
160 extends: .build
161
162juno:
163 extends: .build
164 parallel:
165 matrix:
166 - TOOLCHAINS: [gcc, clang]
Andrew Geissler2daf84b2023-03-31 09:57:23 -0500[diff] [blame]167 FIRMWARE: [u-boot, edk2]
Brad Bishopbec4ebc2022-08-03 09:55:16 -0400[diff] [blame]168
Brad Bishopbec4ebc2022-08-03 09:55:16 -0400[diff] [blame]169musca-b1:
170 extends: .build
171
172musca-s1:
173 extends: .build
174
175n1sdp:
176 extends: .build
177 parallel:
178 matrix:
Patrick Williamsac13d5f2023-11-24 18:59:46 -0600[diff] [blame]179 - TESTING: [none, n1sdp-ts, n1sdp-optee, tftf]
Brad Bishopbec4ebc2022-08-03 09:55:16 -0400[diff] [blame]180
Brad Bishopbec4ebc2022-08-03 09:55:16 -0400[diff] [blame]181qemu-generic-arm64:
182 extends: .build
183 parallel:
184 matrix:
Andrew Geissler2daf84b2023-03-31 09:57:23 -0500[diff] [blame]185 - KERNEL: [linux-yocto, linux-yocto-dev, linux-yocto-rt]
186 TOOLCHAINS: [gcc, clang]
Brad Bishopbec4ebc2022-08-03 09:55:16 -0400[diff] [blame]187 TESTING: testimage
188
189qemuarm64-secureboot:
190 extends: .build
191 parallel:
192 matrix:
Andrew Geissler2daf84b2023-03-31 09:57:23 -0500[diff] [blame]193 - KERNEL: [linux-yocto, linux-yocto-dev, linux-yocto-rt]
194 TOOLCHAINS: [gcc, clang]
Brad Bishopbec4ebc2022-08-03 09:55:16 -0400[diff] [blame]195 TCLIBC: [glibc, musl]
Patrick Williamsb542dec2023-06-09 01:26:37 -0500[diff] [blame]196 TS: [none, qemuarm64-secureboot-ts]
Patrick Williams92b42cb2022-09-03 06:53:57 -0500[diff] [blame]197 TESTING: testimage
198
Brad Bishopbec4ebc2022-08-03 09:55:16 -0400[diff] [blame]199qemuarm64:
200 extends: .build
201 parallel:
202 matrix:
Andrew Geissler2daf84b2023-03-31 09:57:23 -0500[diff] [blame]203 - DISTRO: poky
204 KERNEL: [linux-yocto, linux-yocto-dev, linux-yocto-rt]
205 TOOLCHAINS: [gcc, clang]
206 FIRMWARE: [u-boot, edk2]
207 TESTING: testimage
208 - DISTRO: poky-tiny
Brad Bishopbec4ebc2022-08-03 09:55:16 -0400[diff] [blame]209 TESTING: testimage
210 - VIRT: xen
211
212qemuarm-secureboot:
213 extends: .build
214 parallel:
215 matrix:
Andrew Geissler2daf84b2023-03-31 09:57:23 -0500[diff] [blame]216 - KERNEL: [linux-yocto, linux-yocto-dev, linux-yocto-rt]
Patrick Williamsb542dec2023-06-09 01:26:37 -0500[diff] [blame]217 TOOLCHAINS: [gcc, clang]
218 TCLIBC: [glibc, musl]
219 TESTING: testimage
220 - TOOLCHAINS: external-gccarm
Brad Bishopbec4ebc2022-08-03 09:55:16 -0400[diff] [blame]221 TESTING: testimage
222
223qemuarm:
224 extends: .build
225 parallel:
226 matrix:
Andrew Geissler2daf84b2023-03-31 09:57:23 -0500[diff] [blame]227 - DISTRO: poky
228 KERNEL: [linux-yocto, linux-yocto-dev, linux-yocto-rt]
229 TOOLCHAINS: [gcc, clang]
230 FIRMWARE: [u-boot, edk2]
231 TESTING: testimage
232 - DISTRO: poky-tiny
Brad Bishopbec4ebc2022-08-03 09:55:16 -0400[diff] [blame]233 TESTING: testimage
234 - VIRT: xen
235
236qemuarmv5:
237 extends: .build
238 parallel:
239 matrix:
Andrew Geissler2daf84b2023-03-31 09:57:23 -0500[diff] [blame]240 - DISTRO: poky
241 KERNEL: [linux-yocto, linux-yocto-dev, linux-yocto-rt]
242 TESTING: testimage
243 - DISTRO: poky-tiny
244 TESTING: testimage
Brad Bishopbec4ebc2022-08-03 09:55:16 -0400[diff] [blame]245
246sgi575:
247 extends: .build
248
Brad Bishopbec4ebc2022-08-03 09:55:16 -0400[diff] [blame]249tc1:
250 extends: .build
Patrick Williams8e7b46e2023-05-01 14:19:06 -0500[diff] [blame]251 parallel:
252 matrix:
253 - TESTING: testimage
Brad Bishopbec4ebc2022-08-03 09:55:16 -0400[diff] [blame]254 tags:
255 - x86_64
256
257toolchains:
258 extends: .build
259
260selftest:
261 extends: .setup
262 script:
Andrew Geissler23e02792023-07-21 09:06:10 -0500[diff] [blame]263 - KASFILES=./ci/qemuarm64.yml:./ci/selftest.yml:lockfile.yml
Patrick Williamsac13d5f2023-11-24 18:59:46 -0600[diff] [blame]264 - kas shell --update --force-checkout $KASFILES -c 'oe-selftest --num-processes 2 --select-tag meta-arm --run-all-tests'
Brad Bishopbec4ebc2022-08-03 09:55:16 -0400[diff] [blame]265
266# Validate layers are Yocto Project Compatible
267check-layers:
268 extends: .setup
269 script:
Andrew Geissler23e02792023-07-21 09:06:10 -0500[diff] [blame]270 - kas shell --update --force-checkout ci/base.yml:ci/meta-openembedded.yml:lockfile.yml --command \
Brad Bishopbec4ebc2022-08-03 09:55:16 -0400[diff] [blame]271 "yocto-check-layer-wrapper $CI_PROJECT_DIR/$LAYER --dependency $CI_PROJECT_DIR/meta-* $KAS_WORK_DIR/meta-openembedded/meta-oe --no-auto-dependency"
272 parallel:
273 matrix:
Andrew Geissler517393d2023-01-13 08:55:19 -0600[diff] [blame]274 - LAYER: [meta-arm, meta-arm-bsp, meta-arm-toolchain]
Brad Bishopbec4ebc2022-08-03 09:55:16 -0400[diff] [blame]275
276pending-updates:
277 extends: .setup
278 artifacts:
279 paths:
280 - update-report
281 script:
282 - rm -fr update-report
283 # This configuration has all of the layers we need enabled
Patrick Williamsac13d5f2023-11-24 18:59:46 -0600[diff] [blame]284 - kas shell --update --force-checkout ci/qemuarm64.yml:ci/meta-openembedded.yml:ci/meta-secure-core.yml:lockfile.yml --command \
Andrew Geissler517393d2023-01-13 08:55:19 -0600[diff] [blame]285 "$CI_PROJECT_DIR/scripts/machine-summary.py -t report -o $CI_PROJECT_DIR/update-report $($CI_PROJECT_DIR/ci/listmachines.py meta-arm meta-arm-bsp)"
Brad Bishopbec4ebc2022-08-03 09:55:16 -0400[diff] [blame]286 # Do this on x86 whilst the compilers are x86-only
287 tags:
288 - x86_64
289
290# What percentage of machines in the layer do we build
291machine-coverage:
Andrew Geissler517393d2023-01-13 08:55:19 -0600[diff] [blame]292 extends: .setup
Brad Bishopbec4ebc2022-08-03 09:55:16 -0400[diff] [blame]293 script:
294 - ./ci/check-machine-coverage
295 coverage: '/Coverage: \d+/'
296
297metrics:
298 extends: .setup
299 artifacts:
300 reports:
301 metrics: metrics.txt
302 script:
303 - kas shell --update --force-checkout ci/base.yml --command \
304 "$CI_PROJECT_DIR/ci/patchreview $CI_PROJECT_DIR/meta-* --verbose --metrics $CI_PROJECT_DIR/metrics.txt"
Patrick Williams2390b1b2022-11-03 13:47:49 -0500[diff] [blame]305
306documentation:
307 extends: .setup
308 script:
309 - |
Andrew Geissler220dafd2023-10-04 10:18:08 -0500[diff] [blame]310 # This can be removed when the kas container has python3-venv installed
311 sudo apt-get update && sudo apt-get install --yes python3-venv
312
313 python3 -m venv venv
314 . ./venv/bin/activate
315
316 pip3 install -r meta-arm-bsp/documentation/requirements.txt
317
Patrick Williams2390b1b2022-11-03 13:47:49 -0500[diff] [blame]318 for CONF in meta-*/documentation/*/conf.py ; do
Patrick Williams520786c2023-06-25 16:20:36 -0500[diff] [blame]319 echo Building $CONF...
Patrick Williams2390b1b2022-11-03 13:47:49 -0500[diff] [blame]320 SOURCE_DIR=$(dirname $CONF)
321 MACHINE=$(basename $SOURCE_DIR)
322 sphinx-build -vW $SOURCE_DIR build-docs/$MACHINE
323 done
324 test -d build-docs/
325 artifacts:
326 paths:
327 - build-docs/