From fad9087f604b896c1da940ad85f1836fe0c4c1c6 Mon Sep 17 00:00:00 2001
From: Drew Reed <Drew.Reed@arm.com>
Date: Mon, 8 Aug 2022 11:28:39 +0000
Subject: [PATCH 1/3] ci: Move up to latest GitLab templates

Use the latest version of the GitLab templates to address the issue with
the nightly build failing as they try to re- release the project.
Also allows building where the dangerbot docker image is in a different
registry.

Signed-off-by: Drew Reed <Drew.Reed@arm.com>
---
 .gitlab-ci.yml                      |  4 +--
 .gitlab/ci/static-analysis.yml      | 56 -----------------------------
 .gitlab/ci/trigger-image-builds.yml |  2 +-
 3 files changed, 3 insertions(+), 59 deletions(-)
 delete mode 100644 .gitlab/ci/static-analysis.yml

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 1589bff..0c3faa9 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -36,18 +36,18 @@ variables:
 # include jobs
 include:
   - project: $PIPELINE_TEMPLATE_PROJECT
-    ref: v0.0.4
+    ref: v0.0.7
     file:
       - gitlab-ci/common_gitlab-ci.yml
       - gitlab-ci/docker-image-base_gitlab-ci.yml
       - gitlab-ci/danger-review_gitlab-ci.yml
       - gitlab-ci/changelog_gitlab-ci.yml
       - gitlab-ci/auto-release_gitlab-ci.yml
+      - gitlab-ci/static-analysis_gitlab-ci.yml
   - local: '.gitlab/ci/rules.yml'
   - local: '.gitlab/ci/docker-image-builds.yml'
   - local: '.gitlab/ci/trigger-image-builds.yml'
   - local: '.gitlab/ci/docs-build.yml'
-  - local: '.gitlab/ci/static-analysis.yml'
   - local: '.gitlab/ci/yocto-qa.yml'
   - local: '.gitlab/ci/qa-checks.yml'
 
diff --git a/.gitlab/ci/static-analysis.yml b/.gitlab/ci/static-analysis.yml
deleted file mode 100644
index e0975e3..0000000
--- a/.gitlab/ci/static-analysis.yml
+++ /dev/null
@@ -1,56 +0,0 @@
-# Copyright (c) 2022 Arm Limited or its affiliates. All rights reserved.
-#
-# SPDX-License-Identifier: MIT
----
-include:
-  - template: Security/SAST.gitlab-ci.yml
-  - template: Code-Quality.gitlab-ci.yml
-
-# Setup Security analyser
-sast:
-  stage: Build
-  tags:
-    - x86_64
-
-# Setup Code Quality Framework
-code_quality:
-  stage: Build
-  tags:
-    - cq-sans-dind     # Set this job to only run on our new specialized runner
-  services:            # Shut off Docker-in-Docker
-  variables:
-    CODECLIMATE_PREFIX: "${MIRROR_DOCKER}/"
-    CODECLIMATE_DEV: --dev
-    CODECLIMATE_DEBUG: 1
-  before_script:
-    - docker login
-        -u ${CI_REGISTRY_USER}
-        -p ${CI_REGISTRY_PASSWORD}
-        ${CI_REGISTRY}
-    - cc_plugins="${CI_REGISTRY}/${GITLAB_CODE_QUALITY_PLUGINS}/codeclimate"
-    - docker pull
-        --quiet
-        ${cc_plugins}/codeclimate-rustfmt:latest
-    - docker pull
-        --quiet
-        ${cc_plugins}/codeclimate-rust-clippy:latest
-  rules:
-    - if: '$CODE_QUALITY_DISABLED'
-      when: never
-    - if: '$CI_PIPELINE_SOURCE == "merge_request_event"'
-    - if: '$CI_COMMIT_BRANCH'
-    - if: '$CI_COMMIT_TAG'
-  artifacts:
-    paths: [gl-code-quality-report.json]
-
-# Extra job to generate a html version of the report for easy viewing outside
-# of merge requests
-code_quality_html:
-  extends: code_quality
-  variables:
-    REPORT_FORMAT: html
-  artifacts:
-    expose_as: 'Code Quality Report'
-    paths: [gl-code-quality-report.html]
-    reports:
-      codequality: null
diff --git a/.gitlab/ci/trigger-image-builds.yml b/.gitlab/ci/trigger-image-builds.yml
index 9e828f0..3e08200 100644
--- a/.gitlab/ci/trigger-image-builds.yml
+++ b/.gitlab/ci/trigger-image-builds.yml
@@ -33,7 +33,7 @@ merge_jobs:
       cat << EOF > ${CI_JOB_FILE}
       include:
         - project: $PIPELINE_TEMPLATE_PROJECT
-          ref: v0.0.4
+          ref: v0.0.7
           file:
             - gitlab-ci/common_gitlab-ci.yml
             - gitlab-ci/lava-test-base_gitlab-ci.yml
-- 
GitLab


From c2c978df667ebb11beca1da4a60589719394996f Mon Sep 17 00:00:00 2001
From: Drew Reed <Drew.Reed@arm.com>
Date: Tue, 9 Aug 2022 09:07:41 +0000
Subject: [PATCH 2/3] ci: Load ssh key selectively

Only load the GitLab private key if it is set in the environment

Signed-off-by: Drew Reed <Drew.Reed@arm.com>
---
 .gitlab/ci/qa-checks.yml   | 4 +++-
 .gitlab/ci/yocto-build.yml | 4 +++-
 .gitlab/ci/yocto-qa.yml    | 4 +++-
 3 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/.gitlab/ci/qa-checks.yml b/.gitlab/ci/qa-checks.yml
index dfd4b81..3ee4c8a 100644
--- a/.gitlab/ci/qa-checks.yml
+++ b/.gitlab/ci/qa-checks.yml
@@ -12,7 +12,9 @@
   before_script:
     - mkdir -p ~/.ssh
     - eval "$(ssh-agent -s)"
-    - echo "${SSH_PRIVATE_GITLAB}" | tr -d '\r' | ssh-add - > /dev/null
+    - if [ -z "${SSH_PRIVATE_GITLAB}+x" ]; then
+        echo "${SSH_PRIVATE_GITLAB}" | tr -d '\r' | ssh-add - > /dev/null;
+      fi
     - ssh-keyscan -t rsa ${CI_SERVER_HOST}  >> ~/.ssh/known_hosts
     # Ensure git is usable without prompts
     - git config --global url.ssh://git@${CI_SERVER_HOST}.insteadOf
diff --git a/.gitlab/ci/yocto-build.yml b/.gitlab/ci/yocto-build.yml
index c07077b..a3459a5 100644
--- a/.gitlab/ci/yocto-build.yml
+++ b/.gitlab/ci/yocto-build.yml
@@ -17,7 +17,9 @@
   before_script:
     - mkdir -p ~/.ssh
     - eval "$(ssh-agent -s)"
-    - echo "${SSH_PRIVATE_GITLAB}" | tr -d '\r' | ssh-add - > /dev/null
+    - if [ -z "${SSH_PRIVATE_GITLAB}+x" ]; then
+        echo "${SSH_PRIVATE_GITLAB}" | tr -d '\r' | ssh-add - > /dev/null;
+      fi
     - ssh-keyscan -t rsa ${CI_SERVER_HOST}  >> ~/.ssh/known_hosts
     # Ensure git is usable without prompts
     - git config --global url.ssh://git@${CI_SERVER_HOST}.insteadOf
diff --git a/.gitlab/ci/yocto-qa.yml b/.gitlab/ci/yocto-qa.yml
index 2c6b1b8..ce8857e 100644
--- a/.gitlab/ci/yocto-qa.yml
+++ b/.gitlab/ci/yocto-qa.yml
@@ -24,7 +24,9 @@ check-layers:
       fi
     - mkdir -p ~/.ssh
     - eval "$(ssh-agent -s)"
-    - echo "${SSH_PRIVATE_GITLAB}" | tr -d '\r' | ssh-add - > /dev/null
+    - if [ -z "${SSH_PRIVATE_GITLAB}+x" ]; then
+        echo "${SSH_PRIVATE_GITLAB}" | tr -d '\r' | ssh-add - > /dev/null;
+      fi
     - ssh-keyscan -t rsa ${CI_SERVER_HOST}  >> ~/.ssh/known_hosts
     # Ensure git is usable without prompts
     - git config --global url.ssh://git@${CI_SERVER_HOST}.insteadOf
-- 
GitLab


From 67d4e95b2e3a612ad68e068e7741f6bd8cf53896 Mon Sep 17 00:00:00 2001
From: Drew Reed <Drew.Reed@arm.com>
Date: Wed, 10 Aug 2022 13:52:39 +0000
Subject: [PATCH 3/3] ci: Only add test preparation steps when a lava server
 URL exists

Signed-off-by: Drew Reed <Drew.Reed@arm.com>
---
 .gitlab/ci/lava-test.yml | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/.gitlab/ci/lava-test.yml b/.gitlab/ci/lava-test.yml
index ca6903d..cd574be 100644
--- a/.gitlab/ci/lava-test.yml
+++ b/.gitlab/ci/lava-test.yml
@@ -9,6 +9,8 @@
   variables:
     DOCKER_IMAGE_NAME: lava-test-image
     KUBERNETES_EPHEMERAL_STORAGE_REQUEST: 5Gi
+  rules:
+    - if: $LAVA_URL
   script:
     - mkdir cassini-firmware
     - pushd cassini-firmware
@@ -47,7 +49,6 @@
       dotenv: build_data.env
     expire_in: '1 days'
 
-
 .submit-cassini-lava-job:
   extends: .submit-lava-job
   variables:
@@ -63,8 +64,6 @@
       private_token=${CASSINI_CI_LAYERS_TOKEN}
     FLASH_ARTIFACT: ${FW_IMAGE_ARTIFACT_URL}?
     LAVA_JOB_TEMPLATE: .gitlab/lava/$MACHINE/$LAVA_JOB.j2
-  rules:
-    - if: '$LAVA_URL != ""'
 
 .ptest-tests:
   extends: .submit-cassini-lava-job
-- 
GitLab