diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 8477d1c..a3a1e6e 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -1,20 +1,90 @@ include: + - remote: 'https://gitlab.gnome.org/Infrastructure/freedesktop-ci-templates/-/raw/145b1bc7ef1702d2bd71584010d7113c6786a506/templates/fedora.yml' - component: gitlab.gnome.org/GNOME/citemplates/release-service@master inputs: dist-job-name: "build-release-tarball" tarball-artifact-path: "${TARBALL_ARTIFACT_PATH}" -image: registry.gitlab.gnome.org/gnome/libsecret/master:v6 - stages: + - prepare - build - deploy variables: + FDO_UPSTREAM_REPO: gnome/libsecret TARBALL_ARTIFACT_PATH: "_build/meson-dist/${CI_PROJECT_NAME}-${CI_COMMIT_TAG}.tar.xz" CPPCHECK_OPTIONS: "--enable=warning --enable=style --enable=performance --enable=portability --std=c99 --template='{id}:{file}:{line},{severity},{message}'" +.fedora.container.common: + variables: + # When branching a stable release, change 'main' to the + # release branch name to ensure that a new image will + # be created, tailored for the stable branch. + BRANCH_NAME: 'main' + CONTAINER_TAG: '2025-01-15.0' + FEDORA_VERSION: latest + # Derive FDO variables from this automatically. + # DO NOT edit, instead change the variables above + FDO_REPO_SUFFIX: '${BRANCH_NAME}' + FDO_DISTRIBUTION_TAG: '${CONTAINER_TAG}-fedora-${FEDORA_VERSION}' + FDO_DISTRIBUTION_VERSION: '${FEDORA_VERSION}' + +############################################# +# Create CI Docker Images # +############################################# + +# See also https://gitlab.gnome.org/Infrastructure/freedesktop-ci-templates +build.container.fedora@x86_64: + extends: + - '.fdo.container-build@fedora' + - '.fedora.container.common' + stage: prepare + variables: + # no need to pull the whole tree for rebuilding the image + GIT_STRATEGY: none + # Expiry sets fdo.expires on the image + FDO_EXPIRES_AFTER: 8w + FDO_DISTRIBUTION_PACKAGES: >- + clang-analyzer + cppcheck + dbus-x11 + diffutils + docbook-style-xsl + gettext + gi-docgen + git + gjs + glib2-devel + gnutls-devel + gobject-introspection-devel + lcov + libasan + libgcrypt-devel + libpamtest-devel + libubsan + libxslt + meson + pam-devel + pam_wrapper + python3-dbus + python3-gobject + redhat-rpm-config + swtpm + swtpm-tools + tpm2-abrmd + tpm2-tss-devel + vala + valgrind-devel + + +############################################# +# STAGE: BUILD # +############################################# + .build: + extends: + - '.fdo.suffixed-image@fedora' + - '.fedora.container.common' parallel: matrix: - CRYPTO: libgcrypt @@ -127,18 +197,10 @@ fedora:coverage: # https://github.com/linux-test-project/lcov/issues/58 allow_failure: true -build-release-tarball: - stage: deploy - script: - - meson setup _build - - meson dist -C _build - artifacts: - paths: - - $TARBALL_ARTIFACT_PATH - rules: - - if: $CI_COMMIT_REF_PROTECTED - reference: + extends: + - '.fdo.suffixed-image@fedora' + - '.fedora.container.common' stage: build variables: MESON_ARGS: >- @@ -153,6 +215,23 @@ reference: paths: - _reference + +############################################# +# STAGE: DEPLOY # +############################################# + +build-release-tarball: + extends: + - '.fdo.suffixed-image@fedora' + - '.fedora.container.common' + stage: deploy + script: + - meson setup _build + - meson dist -C _build + artifacts: + paths: + - $TARBALL_ARTIFACT_PATH + pages: stage: deploy script: diff --git a/.gitlab-ci/README.md b/.gitlab-ci/README.md deleted file mode 100644 index c5ca98c..0000000 --- a/.gitlab-ci/README.md +++ /dev/null @@ -1,25 +0,0 @@ -# CI support stuff - -## Docker image - -GitLab CI jobs run in a Docker image, defined here. To update that image -(perhaps to install some more packages): - -1. Edit `.gitlab-ci/$BRANCH.Dockerfile` with the changes you want -1. Run `.gitlab-ci/run-docker.sh build --branch=$BRANCH --version=1` to build - the new image (bump the version from the latest listed for the main branch) - https://gitlab.gnome.org/GNOME/libsecret/container_registry). If `--branch` - is not specified, it will use the default branch -1. Run `.gitlab-ci/run-docker.sh push --branch=$BRANCH --version=1` to upload - the new image to the GNOME GitLab Docker registry - * If this is the first time you're doing this, you'll need to log into the - registry - * If you use 2-factor authentication on your GNOME GitLab account, you'll - need to [create a personal access token][pat] and use that rather than - your normal password — the token should have `read_registry` and - `write_registry` permissions -1. Edit `.gitlab-ci.yml` (in the root of this repository) to use your new - image - -[pat]: https://gitlab.gnome.org/-/profile/personal_access_tokens -[cs]: https://scan.coverity.com/ diff --git a/.gitlab-ci/master.Dockerfile b/.gitlab-ci/master.Dockerfile deleted file mode 100644 index fb52563..0000000 --- a/.gitlab-ci/master.Dockerfile +++ /dev/null @@ -1,42 +0,0 @@ -FROM fedora:39 - -RUN dnf update -y \ - && dnf install -y \ - clang-analyzer \ - cppcheck \ - dbus-x11 \ - docbook-style-xsl \ - gettext \ - gi-docgen \ - git \ - glib2-devel \ - gnutls-devel \ - gobject-introspection-devel \ - lcov \ - libasan \ - libubsan \ - libgcrypt-devel \ - libxslt \ - meson \ - python3-dbus \ - python3-gobject \ - redhat-rpm-config \ - swtpm \ - swtpm-tools \ - tpm2-abrmd \ - tpm2-tss-devel \ - vala \ - valgrind-devel \ - pam-devel \ - libpamtest-devel \ - pam_wrapper \ - && dnf clean all - -ARG HOST_USER_ID=5555 -ENV HOST_USER_ID ${HOST_USER_ID} -RUN useradd -u $HOST_USER_ID -ms /bin/bash -p password user - -USER user -WORKDIR /home/user - -ENV LANG C.UTF-8 diff --git a/.gitlab-ci/run-docker.sh b/.gitlab-ci/run-docker.sh deleted file mode 100755 index 63cbacf..0000000 --- a/.gitlab-ci/run-docker.sh +++ /dev/null @@ -1,135 +0,0 @@ -#!/bin/bash - -read_arg() { - # $1 = arg name - # $2 = arg value - # $3 = arg parameter - local rematch='^[^=]*=(.*)$' - if [[ $2 =~ $rematch ]]; then - read -r "$1" <<< "${BASH_REMATCH[1]}" - else - read -r "$1" <<< "$3" - # There is no way to shift our callers args, so - # return 1 to indicate they should do it instead. - return 1 - fi -} - -if type -p podman &>/dev/null; then - # Using podman - DOCKER_CMD="podman" - # Docker is actually implemented by podman, and its OCI output - # is incompatible with some of the dockerd instances on GitLab - # CI runners. - export BUILDAH_FORMAT=docker -elif getent group docker | grep -q "\b${USER}\b"; then - DOCKER_CMD="docker" -else - DOCKER_CMD="sudo docker" -fi - -set -e - -branch="" -version="" -build=0 -run=0 -push=0 -list=0 -print_help=0 -no_login=0 - -while (($# > 0)); do - case "${1%%=*}" in - build) build=1;; - run) run=1;; - push) push=1;; - list) list=1;; - help) print_help=1;; - --branch|-b) read_arg branch "$@" || shift;; - --version|-v) read_arg version "$@" || shift;; - --no-login) no_login=1;; - *) echo -e "\\e[1;31mERROR\\e[0m: Unknown option '$1'"; exit 1;; - esac - shift -done - -if [ $print_help == 1 ]; then - echo "$0 - Build and run Docker images" - echo "" - echo "Usage: $0 [options] [basename]" - echo "" - echo "Available commands" - echo "" - echo " build - Build Docker image" - echo " run - Run Docker image" - echo " push - Push Docker image to the registry" - echo " list - List available images" - echo " help - This help message" - echo "" - exit 0 -fi - -cd "$(dirname "$0")" - -if [ $list == 1 ]; then - echo "Available Docker images:" - for f in *.Dockerfile; do - filename=$( basename -- "$f" ) - basename="${filename%.*}" - - echo -e " \\e[1;39m$basename\\e[0m" - done - exit 0 -fi - -# We really need to know the branch name after this point -if [[ -z "${branch}" ]]; then - branch=master -fi - -DOCKERFILE="${branch}.Dockerfile" -if [ ! -f "$DOCKERFILE" ]; then - echo -e "\\e[1;31mERROR\\e[0m: '$DOCKERFILE' not found" - exit 1 -fi - -if [ -z "${version}" ]; then - version="latest" -else - version="v$version" -fi - -TAG="registry.gitlab.gnome.org/gnome/libsecret/${branch}:${version}" - -if [ $build == 1 ]; then - echo -e "\\e[1;32mBUILDING\\e[0m: ${TAG} for branch '${branch}'" - $DOCKER_CMD build \ - --build-arg HOST_USER_ID="$UID" \ - --tag "${TAG}" \ - --file "$DOCKERFILE" . - exit $? -fi - -if [ $push == 1 ]; then - echo -e "\\e[1;32mPUSHING\\e[0m: ${TAG} for branch '${branch}'" - - if [ $no_login == 0 ]; then - $DOCKER_CMD login registry.gitlab.gnome.org - fi - - $DOCKER_CMD push "${TAG}" - exit $? -fi - -if [ $run == 1 ]; then - echo -e "\\e[1;32mRUNNING\\e[0m: ${TAG} for branch '${branch}'" - $DOCKER_CMD run \ - --rm \ - --volume "$(pwd)/..:/home/user/app" \ - --workdir "/home/user/app" \ - --tty \ - --interactive "${TAG}" \ - bash - exit $? -fi diff --git a/libsecret/meson.build b/libsecret/meson.build index ea417ba..3c534d0 100644 --- a/libsecret/meson.build +++ b/libsecret/meson.build @@ -314,11 +314,11 @@ if get_option('introspection') valatests = [ { 'name': 'test-vala-lang', - 'cflags': [], + 'cflags': [ '-Wno-unused-but-set-variable' ], }, { 'name': 'test-vala-unstable', - 'cflags': [ '-DSECRET_WITH_UNSTABLE' ], + 'cflags': [ '-DSECRET_WITH_UNSTABLE', '-DSECRET_API_SUBJECT_TO_CHANGE' ], }, ]