From 067f6e20df23315bccee5b02ecd860418d4922e3 Mon Sep 17 00:00:00 2001 From: Konstantin Zangerle Date: Wed, 24 Aug 2022 09:31:36 +0200 Subject: [PATCH] Build gitlab images in gitlab-ci --- .gitlab-ci.yml | 225 ++++++++++++++++++++++++++----------------------- 1 file changed, 118 insertions(+), 107 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index f0f9513..c758e3d 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -1,115 +1,126 @@ +--- +include: + - remote: 'https://git.scc.kit.edu/KIT-CERT/publish/-/raw/main/gitlab-ci/build_image.yml' + +variables: + BUILD_CONTEXT: ci_container + BUILD_FILE: Dockerfile + IMAGE_NAME: pkg_build-exim-encrypt-dlfunc/bullseye + + stages: - - build - - debian-package + - build_image + - build + - debian-package .image-buster: - image: '${CONTAINER_REGISTRY_NAME}/exim-encrypt-dlfunc-build-buster' + IMAGE_NAME: pkg_build-exim-encrypt-dlfunc/buster .image-bullseye: - image: '${CONTAINER_REGISTRY_NAME}/exim-encrypt-dlfunc-build-bullseye' + IMAGE_NAME: pkg_build-exim-encrypt-dlfunc/bullseye .image-focal: - image: '${CONTAINER_REGISTRY_NAME}/exim-encrypt-dlfunc-build-focal' + IMAGE_NAME: pkg_build-exim-encrypt-dlfunc/focal -.code-coverage: - stage: build - script: - - "export PATH=/usr/local/sbin:/usr/local/bin:${PATH}" - - meson build -Db_coverage=true - - cd build - - ninja - - ninja test - - ninja coverage-xml - - grep -Eo 'line-rate="[^"]+"' meson-logs/coverage.xml | head -n 1 | - grep -Eo '[0-9.]+' | awk '{ printf "coverage\x3a %.2f%% of statements\n", $1 * 100 }' - - ninja coverage-html - - mv meson-logs/coveragereport ../coverage - artifacts: - paths: - - coverage/ - reports: - cobertura: build/meson-logs/coverage.xml - -.build: - stage: build - script: - - which meson - - meson build - - cd build - - ninja - - ninja test - artifacts: - paths: - - build/src/libexim-encrypt-dlfunc.so - - build/src/libexim-encrypt-dlfunc-genkeys - - build/src/libexim-encrypt-dlfunc-decrypt-secretbox - - build/src/libexim-encrypt-dlfunc-decrypt-sealedbox - -.debian-package: - stage: debian-package - script: - - mkdir ~/.gnupg; chown root:root ~/.gnupg; chmod 700 ~/.gnupg - - eval $(gpg-agent --batch --sh --disable-scdaemon) - - echo "pinentry-mode loopback" > ~/.gnupg/gpg.conf - - echo "allow-loopback-pinentry" > ~/.gnupg/gpg-agent.conf - - gpg-connect-agent /bye - - echo $DEBIAN_SIGNING_KEY_ASC | base64 -d | gpg --batch --import --always-trust --yes - - echo "1DC7C2770DC111723D505DD61614D5CDEE1555A7:6:" | gpg --import-ownertrust - - dpkg-buildpackage --sign-key=1DC7C2770DC111723D505DD61614D5CDEE1555A7 - - mv -t . ../*.deb ../*.dsc ../*.tar.gz ../*.changes ../*.buildinfo - artifacts: - paths: - - ./*.deb - - ./*.dsc - - ./*.tar.gz - - ./*.changes - - ./*.buildinfo - -code-coverage: - extends: - - .image-bullseye - - .code-coverage - needs: [ ] - -build:bullseye: - extends: - - .image-bullseye - - .build - - .code-coverage - needs: [ ] - -build:focal: - extends: - - .image-focal - - .build - needs: [ ] - -build:buster: - extends: - - .build - - .image-buster - needs: [ ] - -debian-package:bullseye: - extends: - - .image-bullseye - - .debian-package - dependencies: - - build:bullseye - needs: [ "build:bullseye" ] - -debian-package:focal: - extends: - - .image-focal - - .debian-package - dependencies: - - build:focal - needs: [ "build:focal" ] - -debian-package:buster: - extends: - - .image-buster - - .debian-package - dependencies: - - build:buster - needs: [ "build:buster" ] +#.code-coverage: +# stage: build +# script: +# - "export PATH=/usr/local/sbin:/usr/local/bin:${PATH}" +# - meson build -Db_coverage=true +# - cd build +# - ninja +# - ninja test +# - ninja coverage-xml +# - grep -Eo 'line-rate="[^"]+"' meson-logs/coverage.xml | head -n 1 | +# grep -Eo '[0-9.]+' | awk '{ printf "coverage\x3a %.2f%% of statements\n", $1 * 100 }' +# - ninja coverage-html +# - mv meson-logs/coveragereport ../coverage +# artifacts: +# paths: +# - coverage/ +# reports: +# cobertura: build/meson-logs/coverage.xml +# +#.build: +# stage: build +# script: +# - which meson +# - meson build +# - cd build +# - ninja +# - ninja test +# artifacts: +# paths: +# - build/src/libexim-encrypt-dlfunc.so +# - build/src/libexim-encrypt-dlfunc-genkeys +# - build/src/libexim-encrypt-dlfunc-decrypt-secretbox +# - build/src/libexim-encrypt-dlfunc-decrypt-sealedbox +# +#.debian-package: +# stage: debian-package +# script: +# - mkdir ~/.gnupg; chown root:root ~/.gnupg; chmod 700 ~/.gnupg +# - eval $(gpg-agent --batch --sh --disable-scdaemon) +# - echo "pinentry-mode loopback" > ~/.gnupg/gpg.conf +# - echo "allow-loopback-pinentry" > ~/.gnupg/gpg-agent.conf +# - gpg-connect-agent /bye +# - echo $DEBIAN_SIGNING_KEY_ASC | base64 -d | gpg --batch --import --always-trust --yes +# - echo "1DC7C2770DC111723D505DD61614D5CDEE1555A7:6:" | gpg --import-ownertrust +# - dpkg-buildpackage --sign-key=1DC7C2770DC111723D505DD61614D5CDEE1555A7 +# - mv -t . ../*.deb ../*.dsc ../*.tar.gz ../*.changes ../*.buildinfo +# artifacts: +# paths: +# - ./*.deb +# - ./*.dsc +# - ./*.tar.gz +# - ./*.changes +# - ./*.buildinfo +# +#code-coverage: +# extends: +# - .image-bullseye +# - .code-coverage +# needs: [ ] +# +#build:bullseye: +# extends: +# - .image-bullseye +# - .build +# - .code-coverage +# needs: [ ] +# +#build:focal: +# extends: +# - .image-focal +# - .build +# needs: [ ] +# +#build:buster: +# extends: +# - .build +# - .image-buster +# needs: [ ] +# +#debian-package:bullseye: +# extends: +# - .image-bullseye +# - .debian-package +# dependencies: +# - build:bullseye +# needs: [ "build:bullseye" ] +# +#debian-package:focal: +# extends: +# - .image-focal +# - .debian-package +# dependencies: +# - build:focal +# needs: [ "build:focal" ] +# +#debian-package:buster: +# extends: +# - .image-buster +# - .debian-package +# dependencies: +# - build:buster +# needs: [ "build:buster" ]