libsecret/.gitlab-ci.yml

168 lines
4.7 KiB
YAML

include:
- component: gitlab.gnome.org/GNOME/citemplates/release-service@master
inputs:
dist-job-name: "build-release-tarball"
tarball-artifact-path: "${TARBALL_ARTIFACT_PATH}"
image: registry.gitlab.gnome.org/gnome/libsecret/master:v6
stages:
- build
- deploy
variables:
TARBALL_ARTIFACT_PATH: "_build/meson-dist/${CI_PROJECT_NAME}-${CI_COMMIT_TAG}.tar.xz"
CPPCHECK_OPTIONS: "--enable=warning --enable=style --enable=performance --enable=portability --std=c99 --template='{id}:{file}:{line},{severity},{message}'"
.build:
parallel:
matrix:
- CRYPTO: libgcrypt
- CRYPTO: gnutls
GNUTLS_FORCE_FIPS_MODE: [0, 1]
- CRYPTO: disabled
fedora:Werror:
stage: build
extends:
- .build
script:
- meson _build -Dwerror=true -Dc_args=-Wno-error=deprecated-declarations -Dgtk_doc=false -Dcrypto=$CRYPTO
- meson compile -C _build
- meson test -C _build --print-errorlogs
artifacts:
reports:
junit: "_build/meson-logs/testlog.junit.xml"
name: "libsecret-werror-${CI_JOB_NAME}-${CI_COMMIT_REF_NAME}"
when: always
paths:
- "_build/config.h"
- "_build/meson-logs"
fedora:asan:
stage: build
extends:
- .build
script:
- export LSAN_OPTIONS=suppressions=$PWD/build/lsan.supp
- meson _build -Db_sanitize=address -Dgtk_doc=false -Dintrospection=false -Dcrypto=$CRYPTO
- meson compile -C _build
- meson test -C _build --print-errorlogs
artifacts:
reports:
junit: "_build/meson-logs/testlog.junit.xml"
name: "libsecret-asan-${CI_JOB_NAME}-${CI_COMMIT_REF_NAME}"
when: always
paths:
- "_build/config.h"
- "_build/meson-logs"
fedora:ubsan:
stage: build
extends:
- .build
script:
- meson _build -Db_sanitize=undefined -Dgtk_doc=false -Dcrypto=$CRYPTO
- meson compile -C _build
- meson test -C _build --print-errorlogs
artifacts:
reports:
junit: "_build/meson-logs/testlog.junit.xml"
name: "libsecret-ubsan-${CI_JOB_NAME}-${CI_COMMIT_REF_NAME}"
when: always
paths:
- "_build/config.h"
- "_build/meson-logs"
fedora-static-analyzers/test:
stage: build
extends:
- .build
script:
- meson _build -Dgtk_doc=false -Dcrypto=$CRYPTO
- meson compile -C _build --ninja-args scan-build
- cppcheck --force -q $CPPCHECK_OPTIONS libsecret/ egg/ tool/
artifacts:
when: on_failure
paths:
- _build/meson-logs/testlog.txt
fedora:PAM:
stage: build
extends:
- .build
script:
- meson _build -Dwerror=true -Dc_args=-Wno-error=deprecated-declarations -Dgtk_doc=false -Dpam=true
- meson compile -C _build
- meson test -C _build --print-errorlogs
artifacts:
reports:
junit: "_build/meson-logs/testlog.junit.xml"
name: "libsecret-pam-${CI_JOB_NAME}-${CI_COMMIT_REF_NAME}"
when: always
paths:
- "_build/config.h"
- "_build/meson-logs"
fedora:coverage:
stage: build
script:
- meson _build -Db_coverage=true -Dtpm2=true -Dgtk_doc=false
- meson compile -C _build
- export XDG_CONFIG_HOME=$HOME/.config
- /usr/share/swtpm/swtpm-create-user-config-files --root
- mkdir -p ${XDG_CONFIG_HOME}/mytpm1
- swtpm_setup --tpm2 --tpmstate $XDG_CONFIG_HOME/mytpm1 --createek --allow-signing --decryption --create-ek-cert --create-platform-cert --lock-nvram --overwrite --display
- swtpm socket --tpm2 --tpmstate dir=$XDG_CONFIG_HOME/mytpm1 --flags startup-clear --ctrl type=tcp,port=2322 --server type=tcp,port=2321 --daemon
- 'tpm2-abrmd --logger=stdout --tcti=swtpm: --session --allow-root --flush-all &'
- 'export TCTI=tabrmd:bus_type=session'
- meson test -C _build --print-errorlogs
- ninja coverage-html -C _build
coverage: '/^\s+lines.+:\s+([\d.]+\%)\s+/'
artifacts:
name: "libsecret-${CI_JOB_NAME}-${CI_COMMIT_REF_NAME}"
when: on_success
paths:
- _build/meson-logs/coveragereport/
# https://github.com/linux-test-project/lcov/issues/58
allow_failure: true
build-release-tarball:
stage: deploy
script:
- meson setup _build
- meson dist -C _build
artifacts:
paths:
- $TARBALL_ARTIFACT_PATH
rules:
- if: $CI_COMMIT_REF_PROTECTED
reference:
stage: build
variables:
MESON_ARGS: >-
-Dgtk_doc=true
-Dvapi=false
-Dmanpage=false
script:
- meson ${MESON_ARGS} _build
- ninja -C _build
- mv _build/docs/reference/libsecret/libsecret-1 _reference
artifacts:
paths:
- _reference
pages:
stage: deploy
script:
- mkdir public
- mv _build/meson-logs/coveragereport public/coverage
- mv _reference/* public/
artifacts:
when: on_success
paths:
- public
# https://github.com/linux-test-project/lcov/issues/58
allow_failure: true