From a9e4b9b38451a35868597791f5c74044477e5bca Mon Sep 17 00:00:00 2001 From: Ali Can Ozaslan Date: Mon, 27 Nov 2023 13:24:23 +0000 Subject: [PATCH 1/4] ci: Initialize ci for meta-cassini-bsp, trigger meta-cassini Once meta-cassini-bsp resides in its own separate repository, it need it's own CI to validate changes to the BSP code. gitlab-ci.yml file is created. In order to verify meta-cassini-bsp, meta-cassini-bsp pipeline is used to trigger meta-cassini pipeline. The variables required to run jobs related to meta-cassini-bsp are passed to the meta-cassini pipeline. Static analysis is also disabled before passing the variables to the meta-cassini pipeline because, when triggering the meta-cassini pipeline from the meta-cassini-bsp pipeline, the meta-cassini code should not have changed. Signed-off-by: Ali Can Ozaslan --- .gitlab-ci.yml | 58 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 58 insertions(+) create mode 100644 .gitlab-ci.yml diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml new file mode 100644 index 0000000..17ab4e8 --- /dev/null +++ b/.gitlab-ci.yml @@ -0,0 +1,58 @@ +# SPDX-FileCopyrightText: Copyright 2023 Arm Limited and/or its +# affiliates +# +# SPDX-License-Identifier: MIT +--- +variables: + CI_DEBUG_TRACE: + value: 'false' + options: + - 'true' + - 'false' + description: Enable debug information output to the log + META_CASSINI_BUILD_IMAGE: + value: none + description: Comma separated list of images to build + (none, all-images, k3s) + META_CASSINI_BUILD_PLATFORM: + value: none + description: Comma separated list of platforms to build + (none, all-platforms, corstone1000-mps3, corstone1000-fvp, + n1sdp) + META_CASSINI_FORCE_TESTS: + value: none + description: Comma separated list of tests that must be run + (all, ptest, acs, sanity) + +# include jobs +include: + - project: $PIPELINE_TEMPLATE_PROJECT + ref: v1.6.3 + file: + - gitlab-ci/common_gitlab-ci.yml + - gitlab-ci/danger-review_gitlab-ci.yml + - gitlab-ci/static-analysis_gitlab-ci.yml + +trigger-meta-cassini: + inherit: + variables: false + stage: Build + trigger: + project: $META_CASSINI_PROJECT + branch: $META_CASSINI_TARGET_BRANCH + strategy: depend + variables: + CI_DEBUG_TRACE: + value: $CI_DEBUG_TRACE + BUILD_IMAGE: + value: $META_CASSINI_BUILD_IMAGE + BUILD_PLATFORM: + value: $META_CASSINI_BUILD_PLATFORM + FORCE_TESTS: + value: $META_CASSINI_FORCE_TESTS + PARENT_PIPELINE_ID: $CI_PIPELINE_ID + REPOS_BSP_URL: $CI_PROJECT_URL + REPOS_BSP_REFSPEC: $CI_COMMIT_SHA + CODE_QUALITY_DISABLED: "true" + SAST_DISABLED: "true" + SECRET_DETECTION_DISABLED: "true" -- GitLab From 708487cfb03757f6f1cab984039a4236c84c39e2 Mon Sep 17 00:00:00 2001 From: Ali Can Ozaslan Date: Mon, 27 Nov 2023 13:31:19 +0000 Subject: [PATCH 2/4] ci: Add rules for meta-cassini trigger Rules are related with meta-cassini-bsp, moved from meta-cassini CI to meta-cassini-bsp CI. The variables passed to control jobs in the meta-cassini pipeline were edited by these rules. Signed-off-by: Ali Can Ozaslan --- .gitlab-ci.yml | 19 ++++++++ .gitlab/ci/rules.yml | 101 +++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 120 insertions(+) create mode 100644 .gitlab/ci/rules.yml diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 17ab4e8..1c0cd0b 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -32,11 +32,30 @@ include: - gitlab-ci/common_gitlab-ci.yml - gitlab-ci/danger-review_gitlab-ci.yml - gitlab-ci/static-analysis_gitlab-ci.yml + - local: '.gitlab/ci/rules.yml' trigger-meta-cassini: inherit: variables: false stage: Build + rules: + - if: $META_CASSINI_PROJECT == "" + when: never + - if: '$CI_MERGE_REQUEST_IID == "push"' + variables: + META_CASSINI_TARGET_BRANCH: "${CI_MERGE_REQUEST_TARGET_BRANCH_NAME}-dev" + - if: '$PARENT_PIPELINE_SOURCE == "schedule"' + variables: + META_CASSINI_TARGET_BRANCH: "${CI_COMMIT_BRANCH}-dev" + - if: $META_CASSINI_TARGET_BRANCH == "" + when: never + - !reference [".build-image:rules:k3s", rules] + - !reference [".build-image:rules:k3s-dev", rules] + - !reference [".build-image:rules:k3s-sdk", rules] + - !reference [".build-image:rules:n1sdp-and-corstone1000", rules] + - !reference [".build-image:rules:n1sdp", rules] + - !reference [".build-image:rules:corstone1000", rules] + - !reference [".build-image:rules:scheduled-or-manual", rules] trigger: project: $META_CASSINI_PROJECT branch: $META_CASSINI_TARGET_BRANCH diff --git a/.gitlab/ci/rules.yml b/.gitlab/ci/rules.yml new file mode 100644 index 0000000..0d1babf --- /dev/null +++ b/.gitlab/ci/rules.yml @@ -0,0 +1,101 @@ +# SPDX-FileCopyrightText: Copyright 2023 Arm Limited and/or its +# affiliates +# +# SPDX-License-Identifier: MIT +--- +# Conditions +.if-merge-request: &if-merge-request + if: '$CI_MERGE_REQUEST_IID' + +.if-merge-request-or-push: &if-merge-request-or-push + if: '$CI_MERGE_REQUEST_IID || $CI_PIPELINE_SOURCE == "push"' + +.if-scheduled-or-manual: &if-scheduled-or-manual + if: '$CI_PIPELINE_SOURCE == "schedule" || $CI_PIPELINE_SOURCE == "web"' + +.if-parent-scheduled-or-manual: &if-parent-scheduled-or-manual + if: '$PARENT_PIPELINE_SOURCE == "schedule" || + $PARENT_PIPELINE_SOURCE == "web"' + +# Changes patterns +.build-common: &build-common + - "grub/**/*" + - "meta-security/**/*" + +.build-n1sdp: &build-n1sdp + - "conf/machine/include/n1sdp-cassini-extra-settings.inc" + - "meta-arm/meta-arm-bsp/recipes-security/**/*" + +.build-corstone1000: &build-corstone1000 + - "conf/machine/include/corstone1000-*-cassini-extra-settings.inc" + - "conf/multiconfig/firmware.conf" + - "meta-arm/meta-arm-bsp/recipes-bsp/u-boot/**/*" + - "meta-arm/meta-arm-bsp/recipes-core/**/*" + - "meta-arm/meta-arm-bsp/recipes-kernel/**/*" + - "meta-arm/meta-arm-bsp/wic/*" + +.build-n1sdp-and-corstone1000: &build-n1sdp-and-corstone1000 + - "conf/layer.conf" + +# Build rules +.build-image:rules:n1sdp: + rules: + - <<: *if-merge-request-or-push + changes: *build-n1sdp + variables: + META_CASSINI_BUILD_IMAGE: 'k3s' + META_CASSINI_BUILD_PLATFORM: 'n1sdp' + +.build-image:rules:corstone1000: + rules: + - <<: *if-merge-request-or-push + changes: *build-corstone1000 + variables: + META_CASSINI_BUILD_IMAGE: 'k3s' + META_CASSINI_BUILD_PLATFORM: 'corstone1000-fvp' + +.build-image:rules:n1sdp-and-corstone1000: + rules: + - <<: *if-merge-request-or-push + changes: *build-n1sdp-and-corstone1000 + variables: + META_CASSINI_BUILD_IMAGE: 'k3s' + META_CASSINI_BUILD_PLATFORM: 'n1sdp, corstone1000-fvp' + +.build-image:rules:k3s: + rules: + - <<: *if-merge-request-or-push + changes: *build-common + variables: + META_CASSINI_BUILD_IMAGE: 'k3s' + META_CASSINI_BUILD_PLATFORM: 'all-platforms' + +.build-image:rules:k3s-dev: + rules: + - <<: *if-merge-request-or-push + changes: *build-common + variables: + META_CASSINI_BUILD_IMAGE: 'k3s' + META_CASSINI_BUILD_PLATFORM: 'all-platforms' + +.build-image:rules:k3s-sdk: + rules: + - <<: *if-merge-request-or-push + changes: *build-common + variables: + META_CASSINI_BUILD_IMAGE: 'k3s' + META_CASSINI_BUILD_PLATFORM: 'all-platforms' + +.build-image:rules:scheduled-or-manual: + rules: + - <<: *if-scheduled-or-manual + variables: + META_CASSINI_BUILD_IMAGE: 'k3s' + META_CASSINI_BUILD_PLATFORM: 'all-platforms' + +.build-image:rules:merge-request-or-push: + rules: + - <<: *if-merge-request-or-push + variables: + META_CASSINI_BUILD_IMAGE: 'k3s' + META_CASSINI_BUILD_PLATFORM: 'all-platforms' -- GitLab From 19c666b3068d5e15162d173f289a625cb6a33c0c Mon Sep 17 00:00:00 2001 From: Ali Can Ozaslan Date: Mon, 27 Nov 2023 13:34:49 +0000 Subject: [PATCH 3/4] ci: Add static analysis Static analysis is added. Signed-off-by: Ali Can Ozaslan --- .codeclimate.yml | 66 +++++++++++++++++++++++++++++++ Dangerfile | 25 ++++++++++++ qa-checks/cassini-bsp-dictionary | 68 ++++++++++++++++++++++++++++++++ 3 files changed, 159 insertions(+) create mode 100644 .codeclimate.yml create mode 100644 Dangerfile create mode 100644 qa-checks/cassini-bsp-dictionary diff --git a/.codeclimate.yml b/.codeclimate.yml new file mode 100644 index 0000000..8261238 --- /dev/null +++ b/.codeclimate.yml @@ -0,0 +1,66 @@ +# SPDX-FileCopyrightText: Copyright 2023 Arm Limited and/or its +# affiliates +# +# SPDX-License-Identifier: MIT +--- +version: "2" +plugins: + structure: + pep8: + enabled: true + sonar-python: + enabled: true + shellcheck: + enabled: true + file_types: + - "shell script" + - "bats script" + - "bash script" + fixme: + enabled: true + exclude_patterns: + - "/Dangerfile" + cspell: + enabled: true + exclude_patterns: + - "CHANGELOG.md" + - ".gitignore" + - "**.cfg" + - "documentation/Makefile" + - "**.patch" + dict_path: "qa-checks/cassini-bsp-dictionary" + yamllint: + enabled: true + oelint-adv: + enabled: true + suppressions: + # Not all suggested variables are applicable to all files. + - 'oelint.var.suggestedvar' + # 'BBCLASSEXTEND' variable will only be set when required. + # Hence, we don't need to set it for all recipes. + - 'oelint.var.bbclassextend' + # Some filenames have - in the version number. + - 'oelint.file.underscores' + # Codeclimate disables network access which prevents + # oelint-adv from pinging the URLs. + - 'oelint.vars.homepageping' + # In some cases, we want to use the include directive. + # But for some reason, the in-line suppression for this + # check doesn't work. + - 'oelint.file.requireinclude' + # The oelint-adv is not able to find .inc files from other layers + # and the in-line suppression for this check doesn't work. + - 'oelint.file.requirenotfound' + # This check is done for all variables, + # and suppressing it for each case is not feasible. + - 'oelint.vars.multilineident' + +exclude_patterns: + - ".csslintrc" + - ".eslintrc.yml" + - ".eslintignore" + - ".rubocop.yml" + - "coffeelint.json" + - "*.png" + - "*.pyc" + - ".config.yaml*" diff --git a/Dangerfile b/Dangerfile new file mode 100644 index 0000000..bd2dd49 --- /dev/null +++ b/Dangerfile @@ -0,0 +1,25 @@ +# SPDX-FileCopyrightText: Copyright 2023 Arm Limited and/or its +# affiliates +# +# SPDX-License-Identifier: MIT + +require 'embed-a-dangerfiles' + +# @verbose = true + +Embed_A::Dangerfiles.for_project(self) do |dangerfiles| + # Import all plugins from the gem + dangerfiles.import_plugins + helper.config.dict_path = "qa-checks/cassini-bsp-dictionary" + # Import all rules from the gem + dangerfiles.import_dangerfiles +end + +# Warn if the MR changes the Dangerfile +if git.modified_files.include? "Dangerfile" + warn "This MR modifies Dangerfile! Watch for the rules!" +end + +# Warn about remaining TODO's +todoist.warn_for_todos +todoist.print_todos_table diff --git a/qa-checks/cassini-bsp-dictionary b/qa-checks/cassini-bsp-dictionary new file mode 100644 index 0000000..2cbea59 --- /dev/null +++ b/qa-checks/cassini-bsp-dictionary @@ -0,0 +1,68 @@ +# SPDX-FileCopyrightText: Copyright 2023 Arm Limited and/or its +# affiliates +# +# SPDX-License-Identifier: MIT +alsa +bmap +bmaptool +bootimg +bootloader +buildable +BUILDIN +cassini +cgroups +configfile +corstone +cpio +DISTROOVERRIDES +efidisk +eglibc +envparse +extfs +flashfw +fstype +gcsections +gettext +gitlab +gitlab-ciyml +gzio +homepageping +initscripts +kernelcfg +LIBC +mandatoryvar +mdev +meta-cassini-bsp +modutils +msdos +mtrace +multiconfig +multiinclude +multilineident +nanbield +nativesdk +netbase +networkd +nooelint +opkg +optee +packagegroup +posix +ptable +readlink +requireinclude +requirenotfound +SAST +SDHC +sourceparams +srcurifile +suggestedvar +udev +unitdir +usbgadget +usbhost +VIRT +wchar +WIDEC +xtests +zeroconf -- GitLab From cf8cd086bf43dcc531ea75abb9a0cc666a67374a Mon Sep 17 00:00:00 2001 From: Ali Can Ozaslan Date: Mon, 18 Dec 2023 20:56:53 +0000 Subject: [PATCH 4/4] ci: Download test results from meta-cassini The ID of the project triggered by BSP, is found. BSP pipeline downloads the artifacts from the collate-result job in the triggered project. Signed-off-by: Ali Can Ozaslan --- .gitlab-ci.yml | 31 +++++++++++++++++++++++++++++++ qa-checks/cassini-bsp-dictionary | 7 ++++++- 2 files changed, 37 insertions(+), 1 deletion(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 1c0cd0b..9dca7f4 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -75,3 +75,34 @@ trigger-meta-cassini: CODE_QUALITY_DISABLED: "true" SAST_DISABLED: "true" SECRET_DETECTION_DISABLED: "true" + +Download-Results: + stage: Test + rules: + - if: '$META_CASSINI_PROJECT == "" || $META_CASSINI_TARGET_BRANCH == ""' + when: never + extends: .resource-request + image: "${MIRROR_DOCKER}/python:slim" + dependencies: + - trigger-meta-cassini + before_script: + - apt-get update + - apt-get install --no-install-recommends -y curl jq unzip + script: + - | + proj_api="${CI_API_V4_URL}/projects" + downstream_project_id="$(curl -sS \ + --header "PRIVATE-TOKEN: ${PRIVATE_CI_TOKEN}" \ + "${proj_api}/${CI_PROJECT_ID}/pipelines/${CI_PIPELINE_ID}/bridges" \ + | jq ".[].downstream_pipeline | (.project_id)")" + curl --output artifacts.zip --location \ + --header "PRIVATE-TOKEN: ${PRIVATE_CI_TOKEN}" \ + "${proj_api}/${downstream_project_id}/jobs/artifacts/${META_CASSINI_TARGET_BRANCH}/download?job=Collate-Results" + - unzip -o \*.zip + artifacts: + paths: + - TEST-ChildPipeline-*.xml + reports: + junit: + - TEST-ChildPipeline-*.xml + expire_in: 1 month diff --git a/qa-checks/cassini-bsp-dictionary b/qa-checks/cassini-bsp-dictionary index 2cbea59..6504924 100644 --- a/qa-checks/cassini-bsp-dictionary +++ b/qa-checks/cassini-bsp-dictionary @@ -3,6 +3,7 @@ # # SPDX-License-Identifier: MIT alsa +backend bmap bmaptool bootimg @@ -11,9 +12,11 @@ buildable BUILDIN cassini cgroups +config configfile corstone cpio +distro DISTROOVERRIDES efidisk eglibc @@ -30,6 +33,7 @@ homepageping initscripts kernelcfg LIBC +Linaro mandatoryvar mdev meta-cassini-bsp @@ -39,6 +43,7 @@ mtrace multiconfig multiinclude multilineident +N1SDP nanbield nativesdk netbase @@ -65,4 +70,4 @@ VIRT wchar WIDEC xtests -zeroconf +zeroconf \ No newline at end of file -- GitLab