77822e716d
The virtual card images used to do this kind of redirect. Now the consumer of the images needs to decide if they want to see virtual card debug output. We don't want to see it, by default.
244 lines
7 KiB
YAML
244 lines
7 KiB
YAML
# SPDX-FileCopyrightText: 2021-2022 Heiko Schaefer <heiko@schaefer.name>
|
|
# SPDX-FileCopyrightText: 2021-2022 Nora Widdecke <mail@nora.pink>
|
|
# SPDX-License-Identifier: CC0-1.0
|
|
|
|
stages:
|
|
- pages
|
|
- lint
|
|
- test
|
|
- virtual-test
|
|
- hw-builddeps
|
|
- hw-import
|
|
- hw-keygen
|
|
|
|
variables:
|
|
CARGO_HOME: cargo/
|
|
CARGO_TERM_VERBOSE: 'true'
|
|
|
|
cache: &general_cache_config
|
|
# default key is default
|
|
# default policy is pull-push
|
|
paths:
|
|
- target/
|
|
- $CARGO_HOME
|
|
|
|
pages:
|
|
stage: pages
|
|
image: debian:stable-slim
|
|
before_script:
|
|
- apt update -y -qq
|
|
- apt install -y -qq --no-install-recommends wget ca-certificates
|
|
- wget https://github.com/rust-lang/mdBook/releases/download/v0.4.15/mdbook-v0.4.15-x86_64-unknown-linux-gnu.tar.gz
|
|
- tar xvzf mdbook-v0.4.15-x86_64-unknown-linux-gnu.tar.gz
|
|
script:
|
|
- ./mdbook build guide/
|
|
artifacts:
|
|
paths:
|
|
- public
|
|
cache: [ ]
|
|
|
|
reuse:
|
|
stage: lint
|
|
image:
|
|
name: fsfe/reuse:latest
|
|
entrypoint: [ "" ]
|
|
script:
|
|
- reuse lint
|
|
dependencies: [ ]
|
|
cache: [ ]
|
|
|
|
cargo-fmt:
|
|
stage: lint
|
|
image: rust:latest
|
|
script:
|
|
- rustup component add rustfmt
|
|
- cargo fmt -- --check
|
|
cache: [ ]
|
|
|
|
cargo-deny:
|
|
stage: lint
|
|
image: rust:latest
|
|
before_script:
|
|
- cargo install --locked cargo-deny
|
|
script:
|
|
- cargo deny check
|
|
cache: [ ]
|
|
|
|
cargo-clippy:
|
|
stage: lint
|
|
image: rust:latest
|
|
before_script:
|
|
- mkdir -p /run/user/$UID
|
|
- apt update -y -qq
|
|
- apt install -y -qq --no-install-recommends git clang make pkg-config nettle-dev libssl-dev capnproto ca-certificates libpcsclite-dev
|
|
- apt clean
|
|
script:
|
|
- rustup component add clippy
|
|
- cargo clippy --verbose --tests -- -D warnings
|
|
cache:
|
|
# inherit all general cache settings
|
|
<<: *general_cache_config
|
|
# override the key
|
|
key: "rust-latest"
|
|
|
|
udeps:
|
|
stage: lint
|
|
image: rustlang/rust:nightly-slim
|
|
before_script:
|
|
- mkdir -p /run/user/$UID
|
|
- apt update -y -qq
|
|
- apt install -y -qq --no-install-recommends curl git clang make pkg-config nettle-dev libssl-dev capnproto ca-certificates libpcsclite-dev
|
|
- apt clean
|
|
- curl --location --output /tmp/cargo-udeps.tar.gz https://github.com/est31/cargo-udeps/releases/download/v0.1.26/cargo-udeps-v0.1.26-x86_64-unknown-linux-gnu.tar.gz
|
|
- tar --extract --verbose --gzip --file /tmp/cargo-udeps.tar.gz --directory /usr/local/bin/ --strip-components=2 ./cargo-udeps-v0.1.26-x86_64-unknown-linux-gnu/cargo-udeps
|
|
script:
|
|
- cargo udeps --workspace --all-features --all-targets
|
|
cache: [ ]
|
|
|
|
cargo-test:
|
|
stage: test
|
|
image: rust:latest
|
|
before_script:
|
|
- mkdir -p /run/user/$UID
|
|
- apt update -y -qq
|
|
- apt install -y -qq --no-install-recommends git clang make pkg-config nettle-dev libssl-dev capnproto ca-certificates libpcsclite-dev
|
|
- apt clean
|
|
script:
|
|
- cargo test
|
|
cache:
|
|
# inherit all general cache settings
|
|
<<: *general_cache_config
|
|
# override the key
|
|
key: "rust-latest"
|
|
|
|
cargo-test-debian-bookworm:
|
|
stage: test
|
|
image: debian:bookworm-slim
|
|
before_script:
|
|
- mkdir -p /run/user/$UID
|
|
- apt update -y -qq
|
|
- apt install -y -qq --no-install-recommends git rustc cargo clang make pkg-config nettle-dev libssl-dev capnproto ca-certificates libpcsclite-dev
|
|
- apt clean
|
|
script:
|
|
- cargo test
|
|
cache:
|
|
# inherit all general cache settings
|
|
<<: *general_cache_config
|
|
# override the key
|
|
key: "bookworm"
|
|
|
|
run_cardtest_smartpgp:
|
|
stage: virtual-test
|
|
image: registry.gitlab.com/hkos/openpgp-card-images/smartpgp-builddeps
|
|
script:
|
|
- /etc/init.d/pcscd start
|
|
- su - -c "sh /home/jcardsim/run-card.sh > /dev/null" jcardsim
|
|
- cargo run -p openpgp-card-tools --bin opgpcard -- status
|
|
- cargo run -p openpgp-card-tools --bin opgpcard -- info
|
|
- cargo run -p openpgp-card-tests --bin import -- $CONFIG
|
|
- cargo run -p openpgp-card-tests --bin keygen -- $CONFIG
|
|
variables:
|
|
CONFIG: "card-functionality/docker/test-smartpgp.toml"
|
|
cache:
|
|
# inherit all general cache settings
|
|
<<: *general_cache_config
|
|
# override the key
|
|
# (the base image of run_cardtest uses bookworm)
|
|
key: "bookworm"
|
|
|
|
run_cardtest_ykneo:
|
|
stage: virtual-test
|
|
image: registry.gitlab.com/hkos/openpgp-card-images/ykneo-builddeps
|
|
script:
|
|
- /etc/init.d/pcscd start
|
|
- su - -c "sh /home/jcardsim/run-card.sh > /dev/null" jcardsim
|
|
- cargo run -p openpgp-card-tools --bin opgpcard -- status
|
|
- cargo run -p openpgp-card-tools --bin opgpcard -- info
|
|
- cargo run -p openpgp-card-tests --bin import -- $CONFIG
|
|
- cargo run -p openpgp-card-tests --bin keygen -- $CONFIG
|
|
variables:
|
|
CONFIG: "card-functionality/docker/test-ykneo.toml"
|
|
cache:
|
|
# inherit all general cache settings
|
|
<<: *general_cache_config
|
|
# override the key
|
|
# (the base image of run_cardtest uses bookworm)
|
|
key: "bookworm"
|
|
|
|
run_cardtest_fluffypgp:
|
|
stage: virtual-test
|
|
image: registry.gitlab.com/hkos/openpgp-card-images/fluffypgp-builddeps
|
|
script:
|
|
- /etc/init.d/pcscd start
|
|
- su - -c "sh /home/jcardsim/run-card.sh > /dev/null" jcardsim
|
|
- cargo run -p openpgp-card-tools --bin opgpcard -- status
|
|
- cargo run -p openpgp-card-tools --bin opgpcard -- info
|
|
- cargo run -p openpgp-card-tests --bin import -- $CONFIG
|
|
- cargo run -p openpgp-card-tests --bin keygen -- $CONFIG
|
|
variables:
|
|
CONFIG: "card-functionality/docker/test-fluffypgp.toml"
|
|
cache:
|
|
# inherit all general cache settings
|
|
<<: *general_cache_config
|
|
# override the key
|
|
# (the base image of run_cardtest uses bookworm)
|
|
key: "bookworm"
|
|
|
|
hardware-builddeps:
|
|
stage: hw-builddeps
|
|
needs: [ ]
|
|
image: docker:stable
|
|
services:
|
|
- docker:dind
|
|
before_script:
|
|
- docker info
|
|
- docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY
|
|
script:
|
|
- docker pull $IMAGE_LATEST || true
|
|
- docker build --cache-from $IMAGE_LATEST --file=$DOCKERFILE -t $IMAGE_LATEST -t $IMAGE_SHA .
|
|
- docker push $IMAGE_SHA
|
|
- docker push $IMAGE_LATEST
|
|
only:
|
|
changes:
|
|
- card-functionality/docker/Dockerfile.hardware-builddeps
|
|
- .gitlab-ci.yml
|
|
variables:
|
|
IMAGE_LATEST: $CI_REGISTRY_IMAGE/hardware-builddeps:latest
|
|
IMAGE_SHA: $CI_REGISTRY_IMAGE/hardware-builddeps:$CI_COMMIT_SHA
|
|
DOCKERFILE: card-functionality/docker/Dockerfile.hardware-builddeps
|
|
cache: [ ]
|
|
|
|
.hw-test-template:
|
|
image: registry.gitlab.com/hkos/openpgp-card/hardware-builddeps
|
|
tags:
|
|
- card
|
|
parallel:
|
|
matrix:
|
|
- CONFIG:
|
|
- "card-functionality/ci/basic-2_1.toml"
|
|
- "card-functionality/ci/nitro-pro1.toml"
|
|
- "card-functionality/ci/nitro-pro2.toml"
|
|
- "card-functionality/ci/nitro-start.toml"
|
|
script:
|
|
#- /etc/init.d/pcscd start
|
|
#- sleep 5
|
|
- RUST_LOG=debug cargo run --bin $ARG -- $CONFIG
|
|
cache:
|
|
# inherit all general cache settings
|
|
<<: *general_cache_config
|
|
# cookiejar does not access the cache of the shared gitlab runners,
|
|
# so use a different key for clarity
|
|
key: "cookiejar"
|
|
|
|
import:
|
|
extends: .hw-test-template
|
|
stage: hw-import
|
|
variables:
|
|
ARG: import
|
|
|
|
keygen:
|
|
extends: .hw-test-template
|
|
stage: hw-keygen
|
|
timeout: 2h
|
|
variables:
|
|
ARG: keygen
|