blob: 21565989eaeee44506c0c7fab558dd1572a6e43b (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
|
.before-my-script: &before-my-script
- echo "$ERR_REPORT_USERNAME" > ~/.oe-send-error
- echo "$ERR_REPORT_EMAIL" >> ~/.oe-send-error
- echo "$CI_PROJECT_DIR" >> ~/.ci_project_dir
- export PATH=~/.local/bin:$PATH
- python3 -m venv ~/kas_env/
- source ~/kas_env/bin/activate
- python3 -m pip install kas
- mkdir -p $CI_PROJECT_DIR/build/tmp/log/error-report/
- mkdir -p $CI_PROJECT_DIR/log/
.after-my-script: &after-my-script
- cd $CI_PROJECT_DIR/openembedded-core
- . ./oe-init-build-env $CI_PROJECT_DIR/build
- for x in `ls $CI_PROJECT_DIR/build/tmp/log/error-report/ | grep error_report_`; do
- send-error-report -y tmp/log/error-report/$x
- done
- rm -fr $CI_PROJECT_DIR/build
stages:
- base
- parsec
- musl
- test
.base:
before_script:
- *before-my-script
stage: base
after_script:
- *after-my-script
artifacts:
paths:
- $CI_PROJECT_DIR/log/*
when: always
.parsec:
before_script:
- *before-my-script
stage: parsec
after_script:
- *after-my-script
.musl:
before_script:
- *before-my-script
stage: musl
after_script:
- *after-my-script
.test:
before_script:
- *before-my-script
stage: test
after_script:
- *after-my-script
qemux86:
extends: .base
script:
- kas shell kas/$CI_JOB_NAME.yml -c "bitbake -k security-build-image integrity-image-minimal" 2>&1 | tee $CI_PROJECT_DIR/log/qemux86_security_image.txt
- kas build --target harden-image-minimal kas/$CI_JOB_NAME-harden.yml 2>&1 | tee $CI_PROJECT_DIR/log/qemux86_harden_image.txt
qemux86-musl:
extends: .musl
needs: ['qemux86']
script:
- kas build --target security-build-image kas/$CI_JOB_NAME.yml 2>&1 | tee $CI_PROJECT_DIR/log/qemux86_musl_security_image.txt
qemux86-test:
extends: .test
needs: ['qemux86']
allow_failure: true
script:
- kas build --target security-test-image kas/$CI_JOB_NAME.yml 2>&1 | tee $CI_PROJECT_DIR/log/qemux86_test_security_image.txt
- kas build -c testimage --target security-test-image kas/$CI_JOB_NAME.yml 2>&1 | tee $CI_PROJECT_DIR/log/qemux86_testimage_security_image.txt
qemux86-64:
extends: .base
script:
- kas shell kas/$CI_JOB_NAME.yml -c "bitbake -k core-image-minimal security-build-image security-tpm-image security-tpm2-image integrity-image-minimal" 2>&1 | tee $CI_PROJECT_DIR/log/qemux86_64_security_image.txt
- kas build --target dm-verity-image-initramfs kas/$CI_JOB_NAME-dm-verify.yml 2>&1 | tee $CI_PROJECT_DIR/log/qemux86_64_dm_verify.txt
- kas build --target security-build-image kas/$CI_JOB_NAME-alt.yml 2>&1 | tee $CI_PROJECT_DIR/log/qemux86_64_security_build_image.txt
qemux86-64-parsec:
extends: .parsec
needs: ['qemux86-64']
script:
- kas build --target security-parsec-image kas/$CI_JOB_NAME.yml 2>&1 | tee $CI_PROJECT_DIR/log/qemux86_64_parsec_security_image.txt
qemuarm:
extends: .base
script:
- kas build --target security-build-image kas/$CI_JOB_NAME.yml 2>&1 | tee $CI_PROJECT_DIR/log/qemuarm_security_image.txt
qemuarm64:
extends: .base
script:
- kas shell kas/$CI_JOB_NAME.yml -c "bitbake -k security-build-image security-tpm2-image integrity-image-minimal" 2>&1 | tee $CI_PROJECT_DIR/log/qemuarm64_parsec_security_image.txt
- kas build --target security-build-image kas/$CI_JOB_NAME-alt.yml 2>&1 | tee $CI_PROJECT_DIR/log/qemuarm64_build_security_image.txt
qemuarm64-musl:
extends: .musl
needs: ['qemuarm64']
script:
- kas build --target security-build-image kas/$CI_JOB_NAME.yml 2>&1 | tee $CI_PROJECT_DIR/log/qemuarm64_musl_security_image.txt
qemuarm64-parsec:
extends: .parsec
needs: ['qemuarm64']
script:
- kas build --target security-parsec-image kas/$CI_JOB_NAME.yml 2>&1 | tee $CI_PROJECT_DIR/log/qemuarm64_parsec_security_image.txt
qemuriscv64:
extends: .base
script:
- kas build --target security-build-image kas/$CI_JOB_NAME.yml 2>&1 | tee $CI_PROJECT_DIR/log/qemuriscv64_security_image.txt
|
