Use ykneo/smartpgp builddeps images for virtual Java Card tests.

Remove unnecessary dockerfiles and run.sh. Make hardware-builddeps image to run hardware card tests on. Add license header and cleanup.
2021-12-17 16:21:21 +01:00 · 2021-12-17 16:21:21 +01:00 · a45586cf13
commit a45586cf13
parent 1722e1b328
5 changed files with 72 additions and 177 deletions
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@ -1,13 +1,14 @@
 # SPDX-FileCopyrightText: 2021 Heiko Schaefer <heiko@schaefer.name>
 # SPDX-FileCopyrightText: 2021 Nora Widdecke <mail@nora.pink>
 # SPDX-License-Identifier: CC0-1.0
 stages:
-  - lint
+  - hw-builddeps
  - test
  - virtual-build
  - virtual-test
  - hw-import
  - hw-keygen
  - lint
  - test
  - virtual-test
 reuse:
  stage: lint
@ -46,126 +47,78 @@ cargo-test-debian-stable:
  script:
    - cargo test
-build_cardtest_smartpgp:
+run_cardtest_smartpgp:
-  stage: virtual-build
+  stage: virtual-test
-  image: docker:stable
+  image: registry.gitlab.com/hkos/openpgp-card-images/smartpgp-builddeps
-
+  script:
    - /etc/init.d/pcscd start
    - su - -c "sh /home/jcardsim/run-card.sh" jcardsim
    - cd card-functionality
    - cargo run --bin import -- $CONFIG
    - cargo run --bin keygen -- $CONFIG
  variables:
-    IMAGE_LATEST: $CI_REGISTRY_IMAGE/cardtest-smartpgp:latest
+    CONFIG: "docker/test-smartpgp.toml"
-    IMAGE_SHA: $CI_REGISTRY_IMAGE/cardtest-smartpgp:$CI_COMMIT_SHA
+
 run_cardtest_ykneo:
  stage: virtual-test
  image: registry.gitlab.com/hkos/openpgp-card-images/ykneo-builddeps
  script:
    - /etc/init.d/pcscd start
    - su - -c "sh /home/jcardsim/run-card.sh" jcardsim
    - cd card-functionality
    - cargo run --bin import -- $CONFIG
    - cargo run --bin keygen -- $CONFIG
  variables:
    CONFIG: "docker/test-ykneo.toml"
 hardware-builddeps:
  stage: hw-builddeps
  needs: []
  image: docker:stable
  services:
-    - docker:stable-dind
+    - docker:dind
  before_script:
    - docker info
    - docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY
  script:
    - docker pull $IMAGE_LATEST || true
-    - docker build -f card-functionality/docker/Dockerfile.cardtest.smartpgp -t $IMAGE_SHA -t $IMAGE_LATEST .
+    - docker build --cache-from $IMAGE_LATEST --file=$DOCKERFILE -t $IMAGE_LATEST -t $IMAGE_SHA .
    - docker push $IMAGE_SHA
    - docker push $IMAGE_LATEST
-  needs: []
+  only:
-
+    changes:
-build_cardtest_ykneo:
+      - card-functionality/docker/Dockerfile.hardware-builddeps
-  stage: virtual-build
+      - .gitlab-ci.yml
  image: docker:stable
  variables:
-    IMAGE_LATEST: $CI_REGISTRY_IMAGE/cardtest-ykneo:latest
+    IMAGE_LATEST: $CI_REGISTRY_IMAGE/hardware-builddeps:latest
-    IMAGE_SHA: $CI_REGISTRY_IMAGE/cardtest-ykneo:$CI_COMMIT_SHA
+    IMAGE_SHA: $CI_REGISTRY_IMAGE/hardware-builddeps:$CI_COMMIT_SHA
-  services:
+    DOCKERFILE: card-functionality/docker/Dockerfile.hardware-builddeps
-    - docker:stable-dind
+
-  before_script:
+.hw-test-template:
-    - docker info
+  image: registry.gitlab.com/hkos/openpgp-card/hardware-builddeps
-    - docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY
+  tags:
    - card
  parallel:
    matrix:
      - CONFIG:
          - "ci/basic-2_1.toml"
          - "ci/nitro-pro1.toml"
          - "ci/nitro-pro2.toml"
          - "ci/nitro-start.toml"
  script:
-    - docker pull $IMAGE_LATEST || true
+    - /etc/init.d/pcscd start
-    - docker build -f card-functionality/docker/Dockerfile.cardtest.ykneo -t $IMAGE_SHA -t $IMAGE_LATEST .
+    #- sleep 5
-    - docker push $IMAGE_SHA
+    - cd card-functionality
-    - docker push $IMAGE_LATEST
+    - cargo run --bin $ARG -- $CONFIG
  needs: []
 run_cardtest_smartpgp_import:
  stage: virtual-test
  image: registry.gitlab.com/hkos/openpgp-card/cardtest-smartpgp
  script:
    - cd /
    - sh run.sh import
  needs: ["build_cardtest_smartpgp"]
 run_cardtest_smartpgp_keygen:
  stage: virtual-test
  image: registry.gitlab.com/hkos/openpgp-card/cardtest-smartpgp
  script:
    - cd /
    - sh run.sh keygen
  # run after import test - running tests in parallel on the same card fails
  needs: ["run_cardtest_smartpgp_import"]
 run_cardtest_ykneo_import:
  stage: virtual-test
  image: registry.gitlab.com/hkos/openpgp-card/cardtest-ykneo
  script:
    - cd /
    - sh run.sh import
  needs: ["build_cardtest_ykneo"]
 run_cardtest_ykneo_keygen:
  stage: virtual-test
  image: registry.gitlab.com/hkos/openpgp-card/cardtest-ykneo
  script:
    - cd /
    - sh run.sh keygen
  # run after import test - running tests in parallel on the same card fails
  needs: ["run_cardtest_ykneo_import"]
 import:
  extends: .hw-test-template
  stage: hw-import
-  image: rust:1-slim-bullseye
+  variables:
-  tags:
+    ARG: import
    - card
  parallel:
    matrix:
      - ARG: [ import ]
        CONFIG:
          - "ci/basic-2_1.toml"
          - "ci/nitro-pro1.toml"
          - "ci/nitro-pro2.toml"
          - "ci/nitro-start.toml"
  before_script:
    # install dependencies
    - apt-get update
    - apt-get -y install --no-install-recommends libpcsclite-dev pkg-config nettle-dev clang libclang-dev pcscd pcsc-tools usbutils strace
  script:
    - /etc/init.d/pcscd start
    #- sleep 5
    - cd card-functionality
    - cargo run --bin $ARG -- $CONFIG
 keygen:
  extends: .hw-test-template
  stage: hw-keygen
-  image: rust:1-slim-bullseye
+  variables:
-  tags:
+    ARG: keygen
    - card
  parallel:
    matrix:
      - ARG: [ keygen ]
        CONFIG:
          - "ci/basic-2_1.toml"
          - "ci/nitro-pro1.toml"
          - "ci/nitro-pro2.toml"
          - "ci/nitro-start.toml"
  before_script:
    # install dependencies
    - apt-get update
    - apt-get -y install --no-install-recommends libpcsclite-dev pkg-config nettle-dev clang libclang-dev pcscd pcsc-tools usbutils strace
  script:
    - /etc/init.d/pcscd start
    #- sleep 5
    - cd card-functionality
    - cargo run --bin $ARG -- $CONFIG
--- a/card-functionality/docker/Dockerfile.cardtest.smartpgp
+++ b/card-functionality/docker/Dockerfile.cardtest.smartpgp
@ -1,27 +0,0 @@
 # SPDX-FileCopyrightText: 2021 Heiko Schaefer <heiko@schaefer.name>
 # SPDX-License-Identifier: CC0-1.0
 FROM registry.gitlab.com/hkos/openpgp-card-images/smartpgp
 USER root
 RUN useradd -ms /bin/bash ocard \
 && apt update -y -qq \
 && apt install -y -qq cargo rustc nettle-dev libclang-dev
 USER ocard
 WORKDIR /home/ocard
 RUN git clone https://gitlab.com/hkos/openpgp-card \
 && cd openpgp-card/card-functionality \
 && cargo build \
 && true
 COPY card-functionality/docker/test-smartpgp.toml openpgp-card/card-functionality/config/test-cards.toml
 USER root
 WORKDIR /
 COPY card-functionality/docker/run.sh .
 ENV bin import
 CMD /bin/sh /run.sh ${bin}
--- a/card-functionality/docker/Dockerfile.cardtest.ykneo
+++ b/card-functionality/docker/Dockerfile.cardtest.ykneo
@ -1,27 +0,0 @@
 # SPDX-FileCopyrightText: 2021 Heiko Schaefer <heiko@schaefer.name>
 # SPDX-License-Identifier: CC0-1.0
 FROM registry.gitlab.com/hkos/openpgp-card-images/ykneo
 USER root
 RUN useradd -ms /bin/bash ocard \
 && apt update -y -qq \
 && apt install -y -qq cargo rustc nettle-dev libclang-dev
 USER ocard
 WORKDIR /home/ocard
 RUN git clone https://gitlab.com/hkos/openpgp-card \
 && cd openpgp-card/card-functionality \
 && cargo build \
 && true
 COPY card-functionality/docker/test-ykneo.toml openpgp-card/card-functionality/config/test-cards.toml
 USER root
 WORKDIR /
 COPY card-functionality/docker/run.sh .
 ENV bin import
 CMD /bin/sh /run.sh ${bin}
--- a/card-functionality/docker/Dockerfile.hardware-builddeps
+++ b/card-functionality/docker/Dockerfile.hardware-builddeps
@ -0,0 +1,9 @@
 # SPDX-FileCopyrightText: 2021 Heiko Schaefer <heiko@schaefer.name>
 # SPDX-FileCopyrightText: 2021 Nora Widdecke <mail@nora.pink>
 # SPDX-License-Identifier: CC0-1.0
 FROM rust:1-slim-bullseye
 RUN apt update -y -qq \
 && apt install -y -qq --no-install-recommends libpcsclite-dev pkg-config nettle-dev clang libclang-dev pcscd \
 && apt clean
--- a/card-functionality/docker/run.sh
+++ b/card-functionality/docker/run.sh
@ -1,13 +0,0 @@
 # SPDX-FileCopyrightText: 2021 Heiko Schaefer <heiko@schaefer.name>
 # SPDX-License-Identifier: CC0-1.0
 # Run pcscd (as root)
 /etc/init.d/pcscd start
 # Run the javacard applet (as jcardsim)
 su - -c "sh /home/jcardsim/run-card.sh" jcardsim
 # Run the openpgp-card test code (as ocard).
 # This uses $1 as the name of the binary to run.
 su - -c "cd openpgp-card/card-functionality/ && cargo run --bin $1" ocard