mirror of
https://gitlab.gnome.org/GNOME/libsecret.git
synced 2024-12-22 12:48:51 +00:00
Merge branch 'nielsdg/use-docker-images-for-ci' into 'master'
ci: Use prebuilt Docker images See merge request GNOME/libsecret!114
This commit is contained in:
commit
179dc316c1
@ -1,19 +1,15 @@
|
|||||||
|
image: registry.gitlab.gnome.org/gnome/libsecret/master:v1
|
||||||
|
|
||||||
stages:
|
stages:
|
||||||
- build
|
- build
|
||||||
- deploy
|
- deploy
|
||||||
|
|
||||||
variables:
|
variables:
|
||||||
DEPENDENCIES: dbus-x11 diffutils gcc gjs meson ninja-build python3-dbus python3-gobject redhat-rpm-config
|
|
||||||
CPPCHECK_OPTIONS: "--enable=warning --enable=style --enable=performance --enable=portability --std=c99 --template='{id}:{file}:{line},{severity},{message}'"
|
CPPCHECK_OPTIONS: "--enable=warning --enable=style --enable=performance --enable=portability --std=c99 --template='{id}:{file}:{line},{severity},{message}'"
|
||||||
|
|
||||||
fedora:Werror:
|
fedora:Werror:
|
||||||
image: fedora:34
|
|
||||||
stage: build
|
stage: build
|
||||||
before_script:
|
before_script:
|
||||||
- dnf upgrade -y
|
|
||||||
- dnf install -y 'dnf-command(builddep)'
|
|
||||||
- dnf builddep -y libsecret
|
|
||||||
- dnf install -y $DEPENDENCIES
|
|
||||||
- dbus-uuidgen --ensure
|
- dbus-uuidgen --ensure
|
||||||
script:
|
script:
|
||||||
- meson _build -Dwerror=true -Dc_args=-Wno-error=deprecated-declarations -Dgtk_doc=false
|
- meson _build -Dwerror=true -Dc_args=-Wno-error=deprecated-declarations -Dgtk_doc=false
|
||||||
@ -26,16 +22,11 @@ fedora:Werror:
|
|||||||
- _build/meson-logs/testlog.txt
|
- _build/meson-logs/testlog.txt
|
||||||
|
|
||||||
fedora:asan:
|
fedora:asan:
|
||||||
image: fedora:latest
|
|
||||||
stage: build
|
stage: build
|
||||||
before_script:
|
before_script:
|
||||||
- dnf upgrade -y
|
|
||||||
- dnf install -y 'dnf-command(builddep)'
|
|
||||||
- dnf builddep -y libsecret
|
|
||||||
- dnf install -y $DEPENDENCIES libasan
|
|
||||||
- dbus-uuidgen --ensure
|
- dbus-uuidgen --ensure
|
||||||
script:
|
script:
|
||||||
- meson _build -Db_sanitize=address -Dgtk_doc=false
|
- meson _build -Db_sanitize=address -Dgtk_doc=false -Dintrospection=false
|
||||||
- meson compile -C _build
|
- meson compile -C _build
|
||||||
- eval `dbus-launch --sh-syntax`
|
- eval `dbus-launch --sh-syntax`
|
||||||
- meson test -C _build
|
- meson test -C _build
|
||||||
@ -46,13 +37,8 @@ fedora:asan:
|
|||||||
- _build/meson-logs/testlog.txt
|
- _build/meson-logs/testlog.txt
|
||||||
|
|
||||||
fedora:ubsan:
|
fedora:ubsan:
|
||||||
image: fedora:34
|
|
||||||
stage: build
|
stage: build
|
||||||
before_script:
|
before_script:
|
||||||
- dnf upgrade -y
|
|
||||||
- dnf install -y 'dnf-command(builddep)'
|
|
||||||
- dnf builddep -y libsecret
|
|
||||||
- dnf install -y $DEPENDENCIES libubsan
|
|
||||||
- dbus-uuidgen --ensure
|
- dbus-uuidgen --ensure
|
||||||
script:
|
script:
|
||||||
- meson _build -Db_sanitize=undefined -Dgtk_doc=false
|
- meson _build -Db_sanitize=undefined -Dgtk_doc=false
|
||||||
@ -65,13 +51,8 @@ fedora:ubsan:
|
|||||||
- _build/meson-logs/testlog.txt
|
- _build/meson-logs/testlog.txt
|
||||||
|
|
||||||
fedora-static-analyzers/test:
|
fedora-static-analyzers/test:
|
||||||
image: fedora:34
|
|
||||||
stage: build
|
stage: build
|
||||||
before_script:
|
before_script:
|
||||||
- dnf upgrade -y
|
|
||||||
- dnf install -y 'dnf-command(builddep)'
|
|
||||||
- dnf builddep -y libsecret
|
|
||||||
- dnf install -y $DEPENDENCIES clang-analyzer cppcheck
|
|
||||||
- dbus-uuidgen --ensure
|
- dbus-uuidgen --ensure
|
||||||
script:
|
script:
|
||||||
- meson _build -Dgtk_doc=false
|
- meson _build -Dgtk_doc=false
|
||||||
@ -83,14 +64,8 @@ fedora-static-analyzers/test:
|
|||||||
- _build/meson-logs/testlog.txt
|
- _build/meson-logs/testlog.txt
|
||||||
|
|
||||||
fedora:coverage:
|
fedora:coverage:
|
||||||
image: fedora:34
|
|
||||||
stage: build
|
stage: build
|
||||||
before_script:
|
before_script:
|
||||||
- dnf upgrade -y
|
|
||||||
- dnf install -y 'dnf-command(builddep)'
|
|
||||||
- dnf builddep -y libsecret
|
|
||||||
- dnf install -y $DEPENDENCIES swtpm swtpm-tools tpm2-abrmd tpm2-tss-devel
|
|
||||||
- dnf install -y $DEPENDENCIES lcov
|
|
||||||
- dbus-uuidgen --ensure
|
- dbus-uuidgen --ensure
|
||||||
script:
|
script:
|
||||||
- meson _build -Db_coverage=true -Dtpm2=true -Dgtk_doc=false
|
- meson _build -Db_coverage=true -Dtpm2=true -Dgtk_doc=false
|
||||||
@ -116,9 +91,6 @@ fedora:coverage:
|
|||||||
|
|
||||||
reference:
|
reference:
|
||||||
stage: build
|
stage: build
|
||||||
image: fedora:35
|
|
||||||
before_script:
|
|
||||||
- dnf install -y $DEPENDENCIES gi-docgen gobject-introspection-devel libgcrypt-devel
|
|
||||||
variables:
|
variables:
|
||||||
MESON_ARGS: >-
|
MESON_ARGS: >-
|
||||||
-Dgtk_doc=true
|
-Dgtk_doc=true
|
||||||
|
25
.gitlab-ci/README.md
Normal file
25
.gitlab-ci/README.md
Normal file
@ -0,0 +1,25 @@
|
|||||||
|
# CI support stuff
|
||||||
|
|
||||||
|
## Docker image
|
||||||
|
|
||||||
|
GitLab CI jobs run in a Docker image, defined here. To update that image
|
||||||
|
(perhaps to install some more packages):
|
||||||
|
|
||||||
|
1. Edit `.gitlab-ci/$BRANCH.Dockerfile` with the changes you want
|
||||||
|
1. Run `.gitlab-ci/run-docker.sh build --branch=$BRANCH --version=1` to build
|
||||||
|
the new image (bump the version from the latest listed for the main branch)
|
||||||
|
https://gitlab.gnome.org/GNOME/libsecret/container_registry). If `--branch`
|
||||||
|
is not specified, it will use the default branch
|
||||||
|
1. Run `.gitlab-ci/run-docker.sh push --branch=$BRANCH --version=1` to upload
|
||||||
|
the new image to the GNOME GitLab Docker registry
|
||||||
|
* If this is the first time you're doing this, you'll need to log into the
|
||||||
|
registry
|
||||||
|
* If you use 2-factor authentication on your GNOME GitLab account, you'll
|
||||||
|
need to [create a personal access token][pat] and use that rather than
|
||||||
|
your normal password — the token should have `read_registry` and
|
||||||
|
`write_registry` permissions
|
||||||
|
1. Edit `.gitlab-ci.yml` (in the root of this repository) to use your new
|
||||||
|
image
|
||||||
|
|
||||||
|
[pat]: https://gitlab.gnome.org/-/profile/personal_access_tokens
|
||||||
|
[cs]: https://scan.coverity.com/
|
38
.gitlab-ci/master.Dockerfile
Normal file
38
.gitlab-ci/master.Dockerfile
Normal file
@ -0,0 +1,38 @@
|
|||||||
|
FROM fedora:34
|
||||||
|
|
||||||
|
RUN dnf update -y \
|
||||||
|
&& dnf install -y \
|
||||||
|
clang-analyzer \
|
||||||
|
cppcheck \
|
||||||
|
dbus-x11 \
|
||||||
|
docbook-style-xsl \
|
||||||
|
gettext \
|
||||||
|
gi-docgen \
|
||||||
|
git \
|
||||||
|
glib2-devel \
|
||||||
|
gobject-introspection-devel \
|
||||||
|
lcov \
|
||||||
|
libasan \
|
||||||
|
libubsan \
|
||||||
|
libgcrypt-devel \
|
||||||
|
libxslt \
|
||||||
|
meson \
|
||||||
|
python3-dbus \
|
||||||
|
python3-gobject \
|
||||||
|
redhat-rpm-config \
|
||||||
|
swtpm \
|
||||||
|
swtpm-tools \
|
||||||
|
tpm2-abrmd \
|
||||||
|
tpm2-tss-devel \
|
||||||
|
vala \
|
||||||
|
valgrind-devel \
|
||||||
|
&& dnf clean all
|
||||||
|
|
||||||
|
ARG HOST_USER_ID=5555
|
||||||
|
ENV HOST_USER_ID ${HOST_USER_ID}
|
||||||
|
RUN useradd -u $HOST_USER_ID -ms /bin/bash user
|
||||||
|
|
||||||
|
USER user
|
||||||
|
WORKDIR /home/user
|
||||||
|
|
||||||
|
ENV LANG C.UTF-8
|
135
.gitlab-ci/run-docker.sh
Executable file
135
.gitlab-ci/run-docker.sh
Executable file
@ -0,0 +1,135 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
read_arg() {
|
||||||
|
# $1 = arg name
|
||||||
|
# $2 = arg value
|
||||||
|
# $3 = arg parameter
|
||||||
|
local rematch='^[^=]*=(.*)$'
|
||||||
|
if [[ $2 =~ $rematch ]]; then
|
||||||
|
read -r "$1" <<< "${BASH_REMATCH[1]}"
|
||||||
|
else
|
||||||
|
read -r "$1" <<< "$3"
|
||||||
|
# There is no way to shift our callers args, so
|
||||||
|
# return 1 to indicate they should do it instead.
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
if type -p podman &>/dev/null; then
|
||||||
|
# Using podman
|
||||||
|
DOCKER_CMD="podman"
|
||||||
|
# Docker is actually implemented by podman, and its OCI output
|
||||||
|
# is incompatible with some of the dockerd instances on GitLab
|
||||||
|
# CI runners.
|
||||||
|
export BUILDAH_FORMAT=docker
|
||||||
|
elif getent group docker | grep -q "\b${USER}\b"; then
|
||||||
|
DOCKER_CMD="docker"
|
||||||
|
else
|
||||||
|
DOCKER_CMD="sudo docker"
|
||||||
|
fi
|
||||||
|
|
||||||
|
set -e
|
||||||
|
|
||||||
|
branch=""
|
||||||
|
version=""
|
||||||
|
build=0
|
||||||
|
run=0
|
||||||
|
push=0
|
||||||
|
list=0
|
||||||
|
print_help=0
|
||||||
|
no_login=0
|
||||||
|
|
||||||
|
while (($# > 0)); do
|
||||||
|
case "${1%%=*}" in
|
||||||
|
build) build=1;;
|
||||||
|
run) run=1;;
|
||||||
|
push) push=1;;
|
||||||
|
list) list=1;;
|
||||||
|
help) print_help=1;;
|
||||||
|
--branch|-b) read_arg branch "$@" || shift;;
|
||||||
|
--version|-v) read_arg version "$@" || shift;;
|
||||||
|
--no-login) no_login=1;;
|
||||||
|
*) echo -e "\\e[1;31mERROR\\e[0m: Unknown option '$1'"; exit 1;;
|
||||||
|
esac
|
||||||
|
shift
|
||||||
|
done
|
||||||
|
|
||||||
|
if [ $print_help == 1 ]; then
|
||||||
|
echo "$0 - Build and run Docker images"
|
||||||
|
echo ""
|
||||||
|
echo "Usage: $0 <command> [options] [basename]"
|
||||||
|
echo ""
|
||||||
|
echo "Available commands"
|
||||||
|
echo ""
|
||||||
|
echo " build - Build Docker image"
|
||||||
|
echo " run - Run Docker image"
|
||||||
|
echo " push - Push Docker image to the registry"
|
||||||
|
echo " list - List available images"
|
||||||
|
echo " help - This help message"
|
||||||
|
echo ""
|
||||||
|
exit 0
|
||||||
|
fi
|
||||||
|
|
||||||
|
cd "$(dirname "$0")"
|
||||||
|
|
||||||
|
if [ $list == 1 ]; then
|
||||||
|
echo "Available Docker images:"
|
||||||
|
for f in *.Dockerfile; do
|
||||||
|
filename=$( basename -- "$f" )
|
||||||
|
basename="${filename%.*}"
|
||||||
|
|
||||||
|
echo -e " \\e[1;39m$basename\\e[0m"
|
||||||
|
done
|
||||||
|
exit 0
|
||||||
|
fi
|
||||||
|
|
||||||
|
# We really need to know the branch name after this point
|
||||||
|
if [[ -z "${branch}" ]]; then
|
||||||
|
branch=master
|
||||||
|
fi
|
||||||
|
|
||||||
|
DOCKERFILE="${branch}.Dockerfile"
|
||||||
|
if [ ! -f "$DOCKERFILE" ]; then
|
||||||
|
echo -e "\\e[1;31mERROR\\e[0m: '$DOCKERFILE' not found"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ -z "${version}" ]; then
|
||||||
|
version="latest"
|
||||||
|
else
|
||||||
|
version="v$version"
|
||||||
|
fi
|
||||||
|
|
||||||
|
TAG="registry.gitlab.gnome.org/gnome/libsecret/${branch}:${version}"
|
||||||
|
|
||||||
|
if [ $build == 1 ]; then
|
||||||
|
echo -e "\\e[1;32mBUILDING\\e[0m: ${TAG} for branch '${branch}'"
|
||||||
|
$DOCKER_CMD build \
|
||||||
|
--build-arg HOST_USER_ID="$UID" \
|
||||||
|
--tag "${TAG}" \
|
||||||
|
--file "$DOCKERFILE" .
|
||||||
|
exit $?
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ $push == 1 ]; then
|
||||||
|
echo -e "\\e[1;32mPUSHING\\e[0m: ${TAG} for branch '${branch}'"
|
||||||
|
|
||||||
|
if [ $no_login == 0 ]; then
|
||||||
|
$DOCKER_CMD login registry.gitlab.gnome.org
|
||||||
|
fi
|
||||||
|
|
||||||
|
$DOCKER_CMD push "${TAG}"
|
||||||
|
exit $?
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ $run == 1 ]; then
|
||||||
|
echo -e "\\e[1;32mRUNNING\\e[0m: ${TAG} for branch '${branch}'"
|
||||||
|
$DOCKER_CMD run \
|
||||||
|
--rm \
|
||||||
|
--volume "$(pwd)/..:/home/user/app" \
|
||||||
|
--workdir "/home/user/app" \
|
||||||
|
--tty \
|
||||||
|
--interactive "${TAG}" \
|
||||||
|
bash
|
||||||
|
exit $?
|
||||||
|
fi
|
Loading…
Reference in New Issue
Block a user