diff options
Diffstat (limited to '.gitlab-ci.yml')
-rw-r--r-- | .gitlab-ci.yml | 104 |
1 files changed, 59 insertions, 45 deletions
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 33835ba71..71bb70b82 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml | |||
@@ -1,10 +1,13 @@ | |||
1 | # Basic notes: builds firejail on 5 different systems for 2 package systems: | 1 | # Builds on multiple systems using different package managers: |
2 | # 1. Debian-based systems. Use debian:jessie to ensure reasonable backwards | 2 | # |
3 | # compat and ubuntu:rolling for new setups | 3 | # - Debian-based systems: Use oldest working/supported debian image for |
4 | # 2. Redhat-based systems. Use centos:latest for reasonable backwards compat | 4 | # reasonable backwards compatibility and ubuntu:rolling for new setups. |
5 | # and fedora:latest for new setups | 5 | # Additionally, ensure that the package works without apparmor. |
6 | # 3. Alpine for installing directly from source | 6 | # |
7 | # Also builds apparmor package for Ubuntu LTS | 7 | # - Redhat-based systems: Use a centos-like distribution for reasonable |
8 | # backwards compatibility and fedora:latest for new setups. | ||
9 | # | ||
10 | # - Alpine: Use it for installing directly from source. | ||
8 | 11 | ||
9 | build_ubuntu_package: | 12 | build_ubuntu_package: |
10 | image: ubuntu:rolling | 13 | image: ubuntu:rolling |
@@ -19,9 +22,10 @@ build_ubuntu_package: | |||
19 | | grep -Ev '^(Selecting|Preparing to unpack|Unpacking)' | 22 | | grep -Ev '^(Selecting|Preparing to unpack|Unpacking)' |
20 | - ./ci/printenv.sh | 23 | - ./ci/printenv.sh |
21 | - ./configure || (cat config.log; exit 1) | 24 | - ./configure || (cat config.log; exit 1) |
22 | - make deb | 25 | - make dist |
23 | - dpkg -i firejail*.deb | 26 | - ./mkdeb.sh --enable-fatal-warnings |
24 | - command -V firejail && firejail --version | 27 | - dpkg -i ./*.deb |
28 | - make print-version | ||
25 | 29 | ||
26 | build_debian_package: | 30 | build_debian_package: |
27 | image: debian:buster | 31 | image: debian:buster |
@@ -36,9 +40,31 @@ build_debian_package: | |||
36 | | grep -Ev '^(Selecting|Preparing to unpack|Unpacking)' | 40 | | grep -Ev '^(Selecting|Preparing to unpack|Unpacking)' |
37 | - ./ci/printenv.sh | 41 | - ./ci/printenv.sh |
38 | - ./configure || (cat config.log; exit 1) | 42 | - ./configure || (cat config.log; exit 1) |
39 | - make deb | 43 | - make dist |
40 | - dpkg -i firejail*.deb | 44 | - ./mkdeb.sh --enable-fatal-warnings |
41 | - command -V firejail && firejail --version | 45 | - dpkg -i ./*.deb |
46 | - make print-version | ||
47 | |||
48 | build_no_apparmor: | ||
49 | image: ubuntu:latest | ||
50 | timeout: 10 minutes | ||
51 | variables: | ||
52 | DEBIAN_FRONTEND: noninteractive | ||
53 | script: | ||
54 | - apt-get update -qy | ||
55 | - > | ||
56 | apt-get install --no-install-recommends -qy | ||
57 | build-essential fakeroot lintian pkg-config gawk | ||
58 | | grep -Ev '^(Selecting|Preparing to unpack|Unpacking)' | ||
59 | - ./ci/printenv.sh | ||
60 | - ./configure || (cat config.log; exit 1) | ||
61 | - make dist | ||
62 | - > | ||
63 | ./mkdeb.sh --enable-fatal-warnings | ||
64 | --disable-apparmor | ||
65 | - dpkg -i ./*.deb | ||
66 | - make print-version | ||
67 | - make print-version | grep -F 'AppArmor support is disabled' | ||
42 | 68 | ||
43 | build_redhat_package: | 69 | build_redhat_package: |
44 | image: almalinux:latest | 70 | image: almalinux:latest |
@@ -48,9 +74,10 @@ build_redhat_package: | |||
48 | - dnf install -y rpm-build gcc make | 74 | - dnf install -y rpm-build gcc make |
49 | - ./ci/printenv.sh | 75 | - ./ci/printenv.sh |
50 | - ./configure || (cat config.log; exit 1) | 76 | - ./configure || (cat config.log; exit 1) |
51 | - make rpms | 77 | - make dist |
52 | - rpm -i firejail*.rpm | 78 | - ./platform/rpm/mkrpm.sh --enable-fatal-warnings |
53 | - command -V firejail && firejail --version | 79 | - rpm -i ./*.rpm |
80 | - make print-version | ||
54 | 81 | ||
55 | build_fedora_package: | 82 | build_fedora_package: |
56 | image: fedora:latest | 83 | image: fedora:latest |
@@ -60,9 +87,10 @@ build_fedora_package: | |||
60 | - dnf install -y rpm-build gcc make | 87 | - dnf install -y rpm-build gcc make |
61 | - ./ci/printenv.sh | 88 | - ./ci/printenv.sh |
62 | - ./configure || (cat config.log; exit 1) | 89 | - ./configure || (cat config.log; exit 1) |
63 | - make rpms | 90 | - make dist |
64 | - rpm -i firejail*.rpm | 91 | - ./platform/rpm/mkrpm.sh --enable-fatal-warnings |
65 | - command -V firejail && firejail --version | 92 | - rpm -i ./*.rpm |
93 | - make print-version | ||
66 | 94 | ||
67 | build_src_package: | 95 | build_src_package: |
68 | image: alpine:latest | 96 | image: alpine:latest |
@@ -72,29 +100,14 @@ build_src_package: | |||
72 | - apk upgrade | 100 | - apk upgrade |
73 | - apk add build-base linux-headers gawk | 101 | - apk add build-base linux-headers gawk |
74 | - ./ci/printenv.sh | 102 | - ./ci/printenv.sh |
75 | - ./configure --prefix=/usr || (cat config.log; exit 1) | 103 | # Note: Do not use ` --enable-fatal-warnings` because the build |
104 | # currently produces warnings on Alpine (see #6224). | ||
105 | - > | ||
106 | ./configure --prefix=/usr | ||
107 | || (cat config.log; exit 1) | ||
76 | - make | 108 | - make |
77 | - make install-strip | 109 | - make install-strip |
78 | - command -V firejail && firejail --version | 110 | - make print-version |
79 | |||
80 | build_no_apparmor: | ||
81 | image: ubuntu:latest | ||
82 | timeout: 10 minutes | ||
83 | variables: | ||
84 | DEBIAN_FRONTEND: noninteractive | ||
85 | script: | ||
86 | - apt-get update -qy | ||
87 | - > | ||
88 | apt-get install --no-install-recommends -qy | ||
89 | build-essential fakeroot lintian pkg-config gawk | ||
90 | | grep -Ev '^(Selecting|Preparing to unpack|Unpacking)' | ||
91 | - ./ci/printenv.sh | ||
92 | - ./configure || (cat config.log; exit 1) | ||
93 | - make dist | ||
94 | - ./mkdeb.sh --disable-apparmor | ||
95 | - dpkg -i firejail*.deb | ||
96 | - command -V firejail && firejail --version | ||
97 | - firejail --version | grep -F 'AppArmor support is disabled' | ||
98 | 111 | ||
99 | debian_ci: | 112 | debian_ci: |
100 | image: registry.salsa.debian.org/salsa-ci-team/ci-image-git-buildpackage:latest | 113 | image: registry.salsa.debian.org/salsa-ci-team/ci-image-git-buildpackage:latest |
@@ -103,6 +116,7 @@ debian_ci: | |||
103 | DEBFULLNAME: "$GITLAB_USER_NAME" | 116 | DEBFULLNAME: "$GITLAB_USER_NAME" |
104 | DEBEMAIL: "$GITLAB_USER_EMAIL" | 117 | DEBEMAIL: "$GITLAB_USER_EMAIL" |
105 | DEBIAN_FRONTEND: noninteractive | 118 | DEBIAN_FRONTEND: noninteractive |
119 | PKGNAME: firejail | ||
106 | before_script: | 120 | before_script: |
107 | - git checkout -B ci_build "$CI_COMMIT_SHA" | 121 | - git checkout -B ci_build "$CI_COMMIT_SHA" |
108 | - gitlab-ci-enable-sid | 122 | - gitlab-ci-enable-sid |
@@ -117,17 +131,17 @@ debian_ci: | |||
117 | - git config user.email "$DEBEMAIL" | 131 | - git config user.email "$DEBEMAIL" |
118 | - | | 132 | - | |
119 | cd "$CI_PROJECT_DIR/.." | 133 | cd "$CI_PROJECT_DIR/.." |
120 | apt-get source --download-only -t experimental firejail || | 134 | apt-get source --download-only -t experimental "$PKGNAME" || |
121 | apt-get source --download-only firejail | 135 | apt-get source --download-only "$PKGNAME" |
122 | - | | 136 | - | |
123 | cd "$CI_PROJECT_DIR" | 137 | cd "$CI_PROJECT_DIR" |
124 | tar xf ../firejail_*.debian.tar.* | 138 | tar xf "../${PKGNAME}"_*.debian.tar.* |
125 | - rm -rf debian/patches/ | 139 | - rm -rf debian/patches/ |
126 | - | | 140 | - | |
127 | VERSION="$(grep ^PACKAGE_VERSION= configure | cut -d "'" -f 2)" | 141 | VERSION="$(grep ^PACKAGE_VERSION= configure | cut -d "'" -f 2)" |
128 | dch -v "${VERSION}-0.1~ci" 'Non-maintainer upload.' | 142 | dch -v "${VERSION}-0.1~ci" 'Non-maintainer upload.' |
129 | git archive -o "../firejail_${VERSION}.orig.tar.gz" HEAD | 143 | git archive -o "../${PKGNAME}_${VERSION}.orig.tar.gz" HEAD |
130 | pristine-tar commit "../firejail_${VERSION}.orig.tar.gz" ci_build | 144 | pristine-tar commit "../${PKGNAME}_${VERSION}.orig.tar.gz" ci_build |
131 | git branch -m pristine-tar origin/pristine-tar | 145 | git branch -m pristine-tar origin/pristine-tar |
132 | - git add debian | 146 | - git add debian |
133 | - git commit -m 'add debian/' | 147 | - git commit -m 'add debian/' |