hreese/exim-encrypt-dlfunc
1
0
Fork 0
mirror of https://gitlab.kit.edu/kit/scc/sys/mail/exim-encrypt-dlfunc.git synced 2025-12-06 10:53:55 +01:00
Code Issues Releases Wiki Activity

Compare commits

base: hreese:623f684685c1877780c43e9893b383c4df304822
Branches Tags
hreese:main hreese:ci-releases
hreese:v0.2.3 hreese:v0.2.2 hreese:v0.2.1 hreese:0.2.0
..
compare: hreese:v0.2.2
Branches Tags
hreese:main hreese:ci-releases
hreese:v0.2.3 hreese:v0.2.2 hreese:v0.2.1 hreese:0.2.0

2 Commits
623f684685 ... v0.2.2

Author SHA1 Message Date
Heiko Reese
865a33dab1 2022-02-21 08:40:07 +01:00
Heiko Reese
c6c6ba23fd CI: Added release stage (mosty copied from https://docs.gitlab.com/ee/user/project/releases/#cicd-example-of-the-release-keyword) 2022-02-21 08:35:14 +01:00
2 changed files with 139 additions and 166 deletions
Expand all files Collapse all files

265
.gitlab-ci.yml
View File

@ -1,134 +1,147 @@
---
include:
- remote: 'https://git.scc.kit.edu/KIT-CERT/publish/-/raw/main/gitlab-ci/build_image.yml'
- remote: 'https://git.scc.kit.edu/KIT-CERT/publish/-/raw/main/gitlab-ci/python-pkg.yml'
variables:
BUILD_CONTEXT: ci_container
BUILD_FILE: Dockerfile
IMAGE_NAME: pkg_build-exim-encrypt-dlfunc/bullseye
stages: stages:
- build_image - build
- build_pkg - debian-package
- debian-package - prepare
- release
.image-buster: .image-buster:
IMAGE_NAME: pkg_build-exim-encrypt-dlfunc/buster image: '${CONTAINER_REGISTRY_NAME}/exim-encrypt-dlfunc-build-buster'
.image-bullseye: .image-bullseye:
IMAGE_NAME: pkg_build-exim-encrypt-dlfunc/bullseye image: '${CONTAINER_REGISTRY_NAME}/exim-encrypt-dlfunc-build-bullseye'
.image-jammy: .image-focal:
variables: image: '${CONTAINER_REGISTRY_NAME}/exim-encrypt-dlfunc-build-focal'
IMAGE_NAME: pkg_build-exim-encrypt-dlfunc/jammy
BUILD_FILE: Dockerfile.jammy
build_pkg_image_jammy: .code-coverage:
extends: stage: build
- .image-jammy script:
- build_pkg_image - "export PATH=/usr/local/sbin:/usr/local/bin:${PATH}"
- meson build -Db_coverage=true
- cd build
- ninja
- ninja test
- ninja coverage-xml
- grep -Eo 'line-rate="[^"]+"' meson-logs/coverage.xml | head -n 1 |
grep -Eo '[0-9.]+' | awk '{ printf "coverage\x3a %.2f%% of statements\n", $1 * 100 }'
- ninja coverage-html
- mv meson-logs/coveragereport ../coverage
artifacts:
paths:
- coverage/
reports:
cobertura: build/meson-logs/coverage.xml
#.code-coverage: .build:
# stage: build stage: build
# script: script:
# - "export PATH=/usr/local/sbin:/usr/local/bin:${PATH}" - which meson
# - meson build -Db_coverage=true - meson build
# - cd build - cd build
# - ninja - ninja
# - ninja test - ninja test
# - ninja coverage-xml artifacts:
# - grep -Eo 'line-rate="[^"]+"' meson-logs/coverage.xml | head -n 1 | paths:
# grep -Eo '[0-9.]+' | awk '{ printf "coverage\x3a %.2f%% of statements\n", $1 * 100 }' - build/src/libexim-encrypt-dlfunc.so
# - ninja coverage-html - build/src/libexim-encrypt-dlfunc-genkeys
# - mv meson-logs/coveragereport ../coverage - build/src/libexim-encrypt-dlfunc-decrypt-secretbox
# artifacts: - build/src/libexim-encrypt-dlfunc-decrypt-sealedbox
# paths:
# - coverage/ .debian-package:
# reports: stage: debian-package
# cobertura: build/meson-logs/coverage.xml script:
# - mkdir ~/.gnupg; chown root:root ~/.gnupg; chmod 700 ~/.gnupg
#.build: - eval $(gpg-agent --batch --sh --disable-scdaemon)
# stage: build - echo "pinentry-mode loopback" > ~/.gnupg/gpg.conf
# script: - echo "allow-loopback-pinentry" > ~/.gnupg/gpg-agent.conf
# - which meson - gpg-connect-agent /bye
# - meson build - echo $DEBIAN_SIGNING_KEY_ASC | base64 -d | gpg --batch --import --always-trust --yes
# - cd build - echo "1DC7C2770DC111723D505DD61614D5CDEE1555A7:6:" | gpg --import-ownertrust
# - ninja - dpkg-buildpackage --sign-key=1DC7C2770DC111723D505DD61614D5CDEE1555A7
# - ninja test - mv -t . ../*.deb ../*.dsc ../*.tar.gz ../*.changes ../*.buildinfo
# artifacts: artifacts:
# paths: paths:
# - build/src/libexim-encrypt-dlfunc.so - ./*.deb
# - build/src/libexim-encrypt-dlfunc-genkeys - ./*.dsc
# - build/src/libexim-encrypt-dlfunc-decrypt-secretbox - ./*.tar.gz
# - build/src/libexim-encrypt-dlfunc-decrypt-sealedbox - ./*.changes
# - ./*.buildinfo
#.debian-package:
# stage: debian-package code-coverage:
# script: extends:
# - mkdir ~/.gnupg; chown root:root ~/.gnupg; chmod 700 ~/.gnupg - .image-bullseye
# - eval $(gpg-agent --batch --sh --disable-scdaemon) - .code-coverage
# - echo "pinentry-mode loopback" > ~/.gnupg/gpg.conf needs: [ ]
# - echo "allow-loopback-pinentry" > ~/.gnupg/gpg-agent.conf
# - gpg-connect-agent /bye build:bullseye:
# - echo $DEBIAN_SIGNING_KEY_ASC | base64 -d | gpg --batch --import --always-trust --yes extends:
# - echo "1DC7C2770DC111723D505DD61614D5CDEE1555A7:6:" | gpg --import-ownertrust - .image-bullseye
# - dpkg-buildpackage --sign-key=1DC7C2770DC111723D505DD61614D5CDEE1555A7 - .build
# - mv -t . ../*.deb ../*.dsc ../*.tar.gz ../*.changes ../*.buildinfo - .code-coverage
# artifacts: needs: [ ]
# paths:
# - ./*.deb build:focal:
# - ./*.dsc extends:
# - ./*.tar.gz - .image-focal
# - ./*.changes - .build
# - ./*.buildinfo needs: [ ]
#
#code-coverage: build:buster:
# extends: extends:
# - .image-bullseye - .build
# - .code-coverage - .image-buster
# needs: [ ] needs: [ ]
#
#build:bullseye: debian-package:bullseye:
# extends: extends:
# - .image-bullseye - .image-bullseye
# - .build - .debian-package
# - .code-coverage dependencies:
# needs: [ ] - build:bullseye
# needs: [ "build:bullseye" ]
#build:focal:
# extends: debian-package:focal:
# - .image-focal extends:
# - .build - .image-focal
# needs: [ ] - .debian-package
# dependencies:
#build:buster: - build:focal
# extends: needs: [ "build:focal" ]
# - .build
# - .image-buster debian-package:buster:
# needs: [ ] extends:
# - .image-buster
#debian-package:bullseye: - .debian-package
# extends: dependencies:
# - .image-bullseye - build:buster
# - .debian-package needs: [ "build:buster" ]
# dependencies:
# - build:bullseye prepare_job:
# needs: [ "build:bullseye" ] stage: prepare # This stage must run before the release stage
# rules:
#debian-package:focal: - if: $CI_COMMIT_TAG
# extends: when: never # Do not run this job when a tag is created manually
# - .image-focal # - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH # Run this job when commits are pushed or merged to the default branch
# - .debian-package script:
# dependencies: - echo "TAG=v$(cat VERSION)" >> variables.env # and append to the variables.env file
# - build:focal artifacts:
# needs: [ "build:focal" ] reports:
# dotenv: variables.env # Use artifacts:reports:dotenv to expose the variables to other jobs
#debian-package:buster:
# extends: release_job:
# - .image-buster stage: release
# - .debian-package image: registry.gitlab.com/gitlab-org/release-cli:latest
# dependencies: needs:
# - build:buster - job: prepare_job
# needs: [ "build:buster" ] artifacts: true
rules:
- if: $CI_COMMIT_TAG
when: never
# - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
script:
- echo "running release_job for $TAG"
release:
name: 'Release $CI_COMMIT_TAG'
description: 'Created using the release-cli'
tag_name: '$CI_COMMIT_TAG'
ref: '$CI_COMMIT_TAG'

40
ci_container/Dockerfile.jammy
View File

@ -1,40 +0,0 @@
FROM docker.io/library/ubuntu:jammy
LABEL org.opencontainers.image.created=${BUILDTIMESTAMP} \
org.opencontainers.image.authors="Heiko Reese <reese@kit.edu>" \
org.opencontainers.image.title="exim build container" \
org.opencontainers.image.description="A buld environment for exim-encrypt-dlfunc" \
org.opencontainers.image.source="https://git.scc.kit.edu/mail/exim-encrypt-dlfunc/" \
org.opencontainers.image.licenses="Apache-2.0"
RUN apt-get update; \
DEBIAN_FRONTEND=noninteractive DEBIAN_PRIORITY=critical apt-get install --no-install-recommends -y \
build-essential \
exim4-daemon-heavy \
exim4-dev \
gcovr \
git \
libsodium-dev \
openssl \
pkg-config \
python3-pip \
libxml2-utils \
debhelper \
debsigs \
devscripts \
dh-make \
git-buildpackage \
gpgv1 \
meson \
less \
mc \
openssh-client \
vim; \
DEBIAN_FRONTEND=noninteractive DEBIAN_PRIORITY=critical apt-get clean; \
rm -rf /var/lib/apt/lists/*;
RUN pip3 install --upgrade meson ninja; \
rm -rf ~/.cache/pip/*;
WORKDIR /mnt/