1 # see https://docs.gitlab.com/ce/ci/yaml/README.html for all available options
5 # images: Build the images with the bootstrap script
6 # build_first: Build a few things first to find silly errors (fast job)
7 # (don't pay for 35 machines until something compiles)
8 # build: The main parallel job
9 # (keep these to 1hour as we are billed per hour)
10 # test_only: Tests using the build from prior stages, these typically
11 # have an explicit dependency defined to a specific build job,
12 # which means that start as soon as the build job finished.
13 # test_private: Like test_only, but running on private runners
14 # report: Code coverage reporting
25 # We want to be resilient to runner failures
26 ARTIFACT_DOWNLOAD_ATTEMPTS: "3"
27 EXECUTOR_JOB_SECTION_ATTEMPTS: "3"
28 GET_SOURCES_ATTEMPTS: "3"
29 RESTORE_CACHE_ATTEMPTS: "3"
33 # "--enable-coverage" or ""
34 SAMBA_CI_AUTOBUILD_ENABLE_COVERAGE: ""
36 # we run autobuild.py inside a samba CI docker image located on gitlab's registry
37 # overwrite this variable if you want use your own image registry.
39 # Or better ask for access to the shared development repository, see
40 # https://wiki.samba.org/index.php/Samba_CI_on_gitlab#Getting_Access
42 SAMBA_CI_CONTAINER_REGISTRY: registry.gitlab.com/samba-team/devel/samba
44 # Set this to the contents of bootstrap/sha1sum.txt
45 # which is generated by bootstrap/template.py --render
47 SAMBA_CI_CONTAINER_TAG: f25e1fa0a828f428ade0e4f37d8a646ff1e207d4
49 # We use the ubuntu1804 image as default as
50 # it matches what we have on sn-devel-184.
52 SAMBA_CI_CONTAINER_IMAGE: ubuntu1804
54 # The following images are available
55 # Please see the samba-o3 sections at the end of this file!
56 # We should run that for each available image
58 SAMBA_CI_CONTAINER_IMAGE_ubuntu1604: ubuntu1604
59 SAMBA_CI_CONTAINER_IMAGE_ubuntu1804: ubuntu1804
60 SAMBA_CI_CONTAINER_IMAGE_ubuntu2004: ubuntu2004
61 SAMBA_CI_CONTAINER_IMAGE_debian9: debian9
62 SAMBA_CI_CONTAINER_IMAGE_debian10: debian10
63 SAMBA_CI_CONTAINER_IMAGE_opensuse151: opensuse151
64 SAMBA_CI_CONTAINER_IMAGE_opensuse152: opensuse152
65 SAMBA_CI_CONTAINER_IMAGE_fedora32: fedora32
66 SAMBA_CI_CONTAINER_IMAGE_fedora33: fedora33
67 SAMBA_CI_CONTAINER_IMAGE_centos7: centos7
68 SAMBA_CI_CONTAINER_IMAGE_centos8: centos8
71 # The image creation details are specified in a separate file
72 # See bootstrap/README.md for details
73 - 'bootstrap/.gitlab-ci.yml'
75 .shared_runner_build_image:
76 extends: .shared_runner_build
78 SAMBA_CI_JOB_IMAGE: ${SAMBA_CI_CONTAINER_IMAGE}
79 image: ${SAMBA_CI_CONTAINER_REGISTRY}/samba-ci-${SAMBA_CI_JOB_IMAGE}:${SAMBA_CI_CONTAINER_TAG}
82 extends: .shared_runner_build_image
83 # All Samba jobs are interruptible, this avoids burning CPU when a
84 # newer branch is pushed.
89 AUTOBUILD_JOB_NAME: $CI_JOB_NAME
92 key: ccache.${CI_JOB_NAME}.${SAMBA_CI_JOB_IMAGE}
105 # ld will fail if coverage enabled, force link ld to ld.bfd
106 - if [ -n "$SAMBA_CI_AUTOBUILD_ENABLE_COVERAGE" ]; then sudo ln -sf $(which ld.bfd) $(which ld); fi
107 # See bootstrap/.gitlab-ci.yml how to generate a new image
108 - echo "SAMBA_CI_CONTAINER_REGISTRY[${SAMBA_CI_CONTAINER_REGISTRY}]"
109 - echo "SAMBA_CI_CONTAINER_TAG[${SAMBA_CI_CONTAINER_TAG}]"
110 - echo "SAMBA_CI_JOB_IMAGE[${SAMBA_CI_JOB_IMAGE}]"
111 - echo "CI_JOB_IMAGE[${CI_JOB_IMAGE}]"
112 - bootstrap/template.py --sha1sum > /tmp/sha1sum-template.txt
113 - diff -u bootstrap/sha1sum.txt /tmp/sha1sum-template.txt
114 - echo "${SAMBA_CI_CONTAINER_TAG}" > /tmp/sha1sum-tag.txt
115 - diff -u bootstrap/sha1sum.txt /tmp/sha1sum-tag.txt
116 - diff -u bootstrap/sha1sum.txt /sha1sum.txt
117 - echo "${CI_COMMIT_SHA} ${CI_COMMIT_TITLE}" > /tmp/commit.txt
118 - export CCACHE_BASEDIR="${PWD}"
119 - export CCACHE_DIR="${PWD}/ccache" && mkdir -pv "$CCACHE_DIR"
120 - export CC="ccache cc"
121 - export CXX="ccache c++"
129 - CCACHE_BASEDIR="${PWD}" CCACHE_DIR="${PWD}/ccache" ccache -s -c
140 - runner_system_failure
141 - stuck_or_timeout_failure
145 - job_execution_timeout
148 - data_integrity_failure
151 # gitlab predefines CI_JOB_NAME for each job. The gitlab job usually matches the
152 # autobuild name, which means we can define a default template that runs most autobuild jobs
153 - script/autobuild.py $AUTOBUILD_JOB_NAME $SAMBA_CI_AUTOBUILD_ENABLE_COVERAGE --verbose --nocleanup --keeplogs --tail --full-testbase /tmp/samba-testbase
155 # Ensure when adding a new job below that you also add it to
156 # the dependencies for 'pages' below for the code coverage page
160 extends: .shared_template
162 - script/autobuild.py ldb $SAMBA_CI_AUTOBUILD_ENABLE_COVERAGE --verbose --nocleanup --keeplogs --tail --full-testbase /tmp/samba-testbase/ldb
163 - script/autobuild.py pidl $SAMBA_CI_AUTOBUILD_ENABLE_COVERAGE --verbose --nocleanup --keeplogs --tail --full-testbase /tmp/samba-testbase/pidl
164 - script/autobuild.py replace $SAMBA_CI_AUTOBUILD_ENABLE_COVERAGE --verbose --nocleanup --keeplogs --tail --full-testbase /tmp/samba-testbase/replace
165 - script/autobuild.py talloc $SAMBA_CI_AUTOBUILD_ENABLE_COVERAGE --verbose --nocleanup --keeplogs --tail --full-testbase /tmp/samba-testbase/talloc
166 - script/autobuild.py tdb $SAMBA_CI_AUTOBUILD_ENABLE_COVERAGE --verbose --nocleanup --keeplogs --tail --full-testbase /tmp/samba-testbase/tdb
167 - script/autobuild.py tevent $SAMBA_CI_AUTOBUILD_ENABLE_COVERAGE --verbose --nocleanup --keeplogs --tail --full-testbase /tmp/samba-testbase/tevent
168 - script/autobuild.py samba-xc $SAMBA_CI_AUTOBUILD_ENABLE_COVERAGE --verbose --nocleanup --keeplogs --tail --full-testbase /tmp/samba-testbase/samba-xc
169 - script/autobuild.py docs-xml $SAMBA_CI_AUTOBUILD_ENABLE_COVERAGE --verbose --nocleanup --keeplogs --tail --full-testbase /tmp/samba-testbase/docs-xml
171 .shared_template_build_only:
172 extends: .shared_template
181 - samba-testbase.tar.gz
183 # gitlab predefines CI_JOB_NAME for each job. The gitlab job usually matches the
184 # autobuild name, which means we can define a default template that runs most autobuild jobs
185 - script/autobuild.py $AUTOBUILD_JOB_NAME $SAMBA_CI_AUTOBUILD_ENABLE_COVERAGE --verbose --nocleanup --keeplogs --tail --full-testbase /tmp/samba-testbase
186 # On success we need to pack everything into an artifacts file
187 # which needs to be in the git checkout.
188 # As tar doesn't handle hardlink of read-only files,
189 # we remember the acls and add write permissions
190 # before creating the archive. The consumer will apply
192 - cp -a /sha1sum.txt /tmp/samba-testbase/image-sha1sum.txt
193 - cp -a /tmp/commit.txt /tmp/samba-testbase/commit.txt
194 - pushd /tmp && getfacl -R samba-testbase > samba-testbase.acl.dump && popd
195 - chmod -R +w /tmp/samba-testbase
196 - mv /tmp/samba-testbase.acl.dump /tmp/samba-testbase/
197 - tar cfz samba-testbase.tar.gz /tmp/samba-testbase
198 - ls -la samba-testbase.tar.gz
199 - sha1sum samba-testbase.tar.gz
201 .shared_template_test_only:
204 - .shared_runner_test
207 # We unpack the artifacts file created by the .shared_template_build_only
209 - ls -la samba-testbase.tar.gz
210 - sha1sum samba-testbase.tar.gz
211 - tar xfz samba-testbase.tar.gz -C /
212 - diff -u /tmp/samba-testbase/image-sha1sum.txt /sha1sum.txt
213 - diff -u /tmp/samba-testbase/commit.txt /tmp/commit.txt
214 - mv /tmp/samba-testbase/samba-testbase.acl.dump /tmp/samba-testbase.acl.dump
215 - pushd /tmp && setfacl --restore=/tmp/samba-testbase.acl.dump && popd
216 # gitlab predefines CI_JOB_NAME for each job. The gitlab job usually matches the
217 # autobuild name, which means we can define a default template that runs most autobuild jobs
218 - script/autobuild.py $AUTOBUILD_JOB_NAME $SAMBA_CI_AUTOBUILD_ENABLE_COVERAGE --skip-dependencies --verbose --nocleanup --keeplogs --tail --full-testbase /tmp/samba-testbase
221 extends: .shared_template_build_only
224 .needs_samba-def-build:
225 extends: .shared_template_test_only
227 - job: samba-def-build
231 extends: .shared_template_build_only
234 .needs_samba-mit-build:
235 extends: .shared_template_test_only
237 - job: samba-mit-build
241 extends: .shared_template_build_only
243 .needs_samba-h5l-build:
244 extends: .shared_template_test_only
246 - job: samba-h5l-build
250 extends: .shared_template_build_only
252 .needs_samba-nt4-build:
253 extends: .shared_template_test_only
255 - job: samba-nt4-build
258 samba-no-opath-build:
259 extends: .shared_template_build_only
261 .needs_samba-no-opath-build:
262 extends: .shared_template_test_only
264 - job: samba-no-opath-build
268 extends: .shared_template
271 extends: .shared_template
274 extends: .shared_template
277 extends: .needs_samba-def-build
280 extends: .needs_samba-def-build
283 extends: .needs_samba-def-build
286 extends: .needs_samba-def-build
289 extends: .needs_samba-def-build
292 extends: .needs_samba-def-build
295 extends: .needs_samba-def-build
298 extends: .needs_samba-def-build
301 extends: .needs_samba-def-build
304 extends: .shared_template
307 extends: .shared_template
309 SAMBA_CI_JOB_IMAGE: ${SAMBA_CI_CONTAINER_IMAGE_ubuntu1604}
312 extends: .shared_template
315 extends: .shared_template
318 extends: .needs_samba-def-build
321 extends: .needs_samba-mit-build
323 samba-ad-dc-4-mitkrb5:
324 extends: .needs_samba-mit-build
326 # This task is run first to ensure we compile before we start the
327 # main run as it is the fastest full compile of Samba.
329 extends: .shared_template
331 SAMBA_CI_JOB_IMAGE: ${SAMBA_CI_CONTAINER_IMAGE_fedora33}
334 extends: .private_runner_test
338 # These jobs are only run if the gitlab repo has private runners available.
339 # To enable private jobs, you must add the following var and value to
340 # your gitlab repo by navigating to:
341 # settings -> CI/CD -> Environment variables
342 - $SUPPORT_PRIVATE_TEST == "yes"
344 .needs_samba-def-build-private:
346 - .needs_samba-def-build
349 .needs_samba-mit-build-private:
351 - .needs_samba-mit-build
354 .needs_samba-h5l-build-private:
356 - .needs_samba-h5l-build
359 .needs_samba-nt4-build-private:
361 - .needs_samba-nt4-build
364 .needs_samba-no-opath-build-private:
366 - .needs_samba-no-opath-build
370 extends: .needs_samba-h5l-build-private
373 extends: .needs_samba-def-build-private
376 extends: .needs_samba-nt4-build-private
378 samba-ad-dc-1-mitkrb5:
379 extends: .needs_samba-mit-build-private
382 extends: .needs_samba-no-opath-build-private
384 # 'pages' is a special job which can publish artifacts in `public` dir to gitlab pages
386 extends: .shared_runner_build_image
388 dependencies: # tell gitlab to download artifacts for these jobs
405 - samba-ad-dc-4-mitkrb5
411 - samba-schemaupgrade
412 - samba-ad-dc-1-mitkrb5
415 - ./configure.developer
417 - lcov $(ls *.info | xargs -I{} echo -n "-a {} ") -o all.info
418 - genhtml all.info --output-directory public --prefix=$(pwd) --title "coverage report for $CI_COMMIT_REF_NAME $CI_COMMIT_SHORT_SHA"
425 - $SAMBA_CI_AUTOBUILD_ENABLE_COVERAGE == "--enable-coverage"
429 extends: .shared_runner_build_image
431 SAMBA_CI_JOB_IMAGE: ${SAMBA_CI_CONTAINER_IMAGE_fedora33}
434 - wget https://scan.coverity.com/download/linux64 --post-data "token=$COVERITY_SCAN_TOKEN&project=$COVERITY_SCAN_PROJECT_NAME" -O /tmp/coverity_tool.tgz
435 - tar xf /tmp/coverity_tool.tgz
436 - ./configure.developer --with-cluster-support --with-system-mitkrb5 --with-experimental-mit-ad-dc
437 - cov-analysis-linux64-*/bin/cov-build --dir cov-int make -j$(nproc)
438 - tar czf cov-int.tar.gz cov-int
440 --form token=$COVERITY_SCAN_TOKEN
441 --form email=$COVERITY_SCAN_EMAIL
442 --form file=@cov-int.tar.gz
443 --form version="`git describe --tags`"
444 --form description="CI build"
445 https://scan.coverity.com/builds?project=$COVERITY_SCAN_PROJECT_NAME
451 - $COVERITY_SCAN_TOKEN != null
452 - $COVERITY_SCAN_PROJECT_NAME != null
453 - $COVERITY_SCAN_EMAIL != null
461 # We build samba-o3 on all supported distributions
465 extends: .shared_template
467 AUTOBUILD_JOB_NAME: samba-o3
470 # do not run o3 for coverage since they are using different images
471 - $SAMBA_CI_AUTOBUILD_ENABLE_COVERAGE == ""
474 extends: .samba-o3-template
476 SAMBA_CI_JOB_IMAGE: ${SAMBA_CI_CONTAINER_IMAGE_ubuntu1804}
479 extends: .samba-o3-template
481 SAMBA_CI_JOB_IMAGE: ${SAMBA_CI_CONTAINER_IMAGE_ubuntu2004}
484 extends: .samba-o3-template
486 SAMBA_CI_JOB_IMAGE: ${SAMBA_CI_CONTAINER_IMAGE_debian10}
488 opensuse151-samba-o3:
489 extends: .samba-o3-template
491 SAMBA_CI_JOB_IMAGE: ${SAMBA_CI_CONTAINER_IMAGE_opensuse151}
493 opensuse152-samba-o3:
494 extends: .samba-o3-template
496 SAMBA_CI_JOB_IMAGE: ${SAMBA_CI_CONTAINER_IMAGE_opensuse152}
499 extends: .samba-o3-template
501 SAMBA_CI_JOB_IMAGE: ${SAMBA_CI_CONTAINER_IMAGE_centos7}
502 # Git on CentOS doesn't support shallow git cloning
504 # We need a newer GnuTLS version on CentOS7
505 PKG_CONFIG_PATH: "/usr/lib64/compat-gnutls34/pkgconfig:/usr/lib64/compat-nettle32/pkgconfig"
508 extends: .samba-o3-template
510 SAMBA_CI_JOB_IMAGE: ${SAMBA_CI_CONTAINER_IMAGE_centos8}
513 extends: .samba-o3-template
515 SAMBA_CI_JOB_IMAGE: ${SAMBA_CI_CONTAINER_IMAGE_fedora32}
518 extends: .samba-o3-template
520 SAMBA_CI_JOB_IMAGE: ${SAMBA_CI_CONTAINER_IMAGE_fedora33}
523 # Keep the samba-o3 sections at the end ...