diff options
| -rw-r--r-- | .gitlab-ci.yml | 56 | ||||
| -rw-r--r-- | kas/kas-security-base.yml | 52 | ||||
| -rw-r--r-- | kas/qemuarm.yml | 6 | ||||
| -rw-r--r-- | kas/qemuarm64.yml | 6 | ||||
| -rw-r--r-- | kas/qemuppc.yml | 6 | ||||
| -rw-r--r-- | kas/qemuriscv64.yml | 6 | ||||
| -rw-r--r-- | kas/qemux86-64.yml | 6 | ||||
| -rw-r--r-- | kas/qemux86.yml | 6 | ||||
| -rwxr-xr-x | scripts/ci-build.sh | 10 | ||||
| -rwxr-xr-x | scripts/ci-cleanup.sh | 7 |
10 files changed, 161 insertions, 0 deletions
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml new file mode 100644 index 0000000..f7517a5 --- /dev/null +++ b/.gitlab-ci.yml @@ -0,0 +1,56 @@ +stages: + - build + +.build: + stage: build + image: crops/poky + before_script: + - export PATH=~/.local/bin:$PATH + - wget https://bootstrap.pypa.io/get-pip.py + - python3 get-pip.py + - python3 -m pip install kas + - wget -q 'https://downloads.rclone.org/rclone-current-linux-amd64.zip' + - unzip -q rclone-current-linux-amd64.zip + - mv rclone-*-linux-amd64/rclone ~/.local/bin/ + - rm -rf rclone-*-linux-amd64* + after_script: + - rm -rf build + - ./scripts/ci-cleanup.sh + cache: + paths: + - layers + +qemux86: + extends: .build + script: + - ./scripts/ci-build.sh $CI_JOB_NAME security-build-image + +qemux86-64: + extends: .build + script: + - ./scripts/ci-build.sh $CI_JOB_NAME security-build-image + +qemuarm: + extends: .build + script: + - ./scripts/ci-build.sh $CI_JOB_NAME security-build-image + +qemuarm64: + extends: .build + script: + - ./scripts/ci-build.sh $CI_JOB_NAME security-build-image + +qemumppc: + extends: .build + script: + - ./scripts/ci-build.sh $CI_JOB_NAME security-build-image + +qemumips64: + extends: .build + script: + - ./scripts/ci-build.sh $CI_JOB_NAME security-build-image + +qemuriscv64: + extends: .build + script: + - ./scripts/ci-build.sh $CI_JOB_NAME security-build-image diff --git a/kas/kas-security-base.yml b/kas/kas-security-base.yml new file mode 100644 index 0000000..7f807d1 --- /dev/null +++ b/kas/kas-security-base.yml @@ -0,0 +1,52 @@ +header: + version: 8 + +distro: poky + +repos: + meta-security: + + poky: + url: https://git.yoctoproject.org/git/poky + refspec: master + layers: + meta: + meta-poky: + meta-yocto-bsp: + + meta-openembedded: + url: http://git.openembedded.org/meta-openembedded + refspec: master + layers: + meta-oe: + meta-perl: + meta-python: + meta-networking: + +local_conf_header: + meta-security: | + CONF_VERSION = "1" + SOURCE_MIRROR_URL = "http://downloads.yoctoproject.org/mirror/sources/" + SSTATE_MIRRORS = "file://.* http://sstate.yoctoproject.org/dev/PATH;downloadfilename=PATH \n" + SSTATE_DIR = "/home/srv/sstate/master" + DL_DIR = "/home/srv/downloads/master" + BB_HASHSERVE = "auto" + BB_SIGNATURE_HANDLER = "OEEquivHash" + + diskmon: | + BB_DISKMON_DIRS = "\ + STOPTASKS,${TMPDIR},1G,100K \ + STOPTASKS,${DL_DIR},1G,100K \ + STOPTASKS,${SSTATE_DIR},1G,100K \ + STOPTASKS,/tmp,100M,100K \ + ABORT,${TMPDIR},100M,1K \ + ABORT,${DL_DIR},100M,1K \ + ABORT,${SSTATE_DIR},100M,1K \ + ABORT,/tmp,10M,1K" + +bblayers_conf_header: + meta-security: | + POKY_BBLAYERS_CONF_VERSION = "2" + BBPATH = "${TOPDIR}" + BBFILES ?= "" + diff --git a/kas/qemuarm.yml b/kas/qemuarm.yml new file mode 100644 index 0000000..f51abac --- /dev/null +++ b/kas/qemuarm.yml @@ -0,0 +1,6 @@ +header: + version: 8 + includes: + - kas-security-base.yml + +machine: qemuarm diff --git a/kas/qemuarm64.yml b/kas/qemuarm64.yml new file mode 100644 index 0000000..d55adff --- /dev/null +++ b/kas/qemuarm64.yml @@ -0,0 +1,6 @@ +header: + version: 8 + includes: + - kas-security-base.yml + +machine: qemuarmu64 diff --git a/kas/qemuppc.yml b/kas/qemuppc.yml new file mode 100644 index 0000000..3dad81c --- /dev/null +++ b/kas/qemuppc.yml @@ -0,0 +1,6 @@ +header: + version: 8 + includes: + - kas-security-base.yml + +machine: qemuppc diff --git a/kas/qemuriscv64.yml b/kas/qemuriscv64.yml new file mode 100644 index 0000000..e1b1e49 --- /dev/null +++ b/kas/qemuriscv64.yml @@ -0,0 +1,6 @@ +header: + version: 8 + includes: + - kas-security-base.yml + +machine: qemuriscv64 diff --git a/kas/qemux86-64.yml b/kas/qemux86-64.yml new file mode 100644 index 0000000..4ba2b66 --- /dev/null +++ b/kas/qemux86-64.yml @@ -0,0 +1,6 @@ +header: + version: 8 + includes: + - kas-security-base.yml + +machine: qemux86-64 diff --git a/kas/qemux86.yml b/kas/qemux86.yml new file mode 100644 index 0000000..83a5353 --- /dev/null +++ b/kas/qemux86.yml @@ -0,0 +1,6 @@ +header: + version: 8 + includes: + - kas-security-base.yml + +machine: qemux86 diff --git a/scripts/ci-build.sh b/scripts/ci-build.sh new file mode 100755 index 0000000..b6f1dda --- /dev/null +++ b/scripts/ci-build.sh @@ -0,0 +1,10 @@ +#! /bin/bash + +set -e + +CONF=$1 +shift 1 +IMAGES=$@ + +( kas shell kas/${CONF}.yml -c "bitbake --setscene-only ${IMAGES}" || true ) | sed -e '/^NOTE: .*Started$/d' -e '/^NOTE: Running /d' +kas shell kas/${CONF}.yml -c "bitbake --skip-setscene ${IMAGES}" | sed -e '/^NOTE: .*Started$/d' -e '/^NOTE: Running /d' diff --git a/scripts/ci-cleanup.sh b/scripts/ci-cleanup.sh new file mode 100755 index 0000000..df3b68f --- /dev/null +++ b/scripts/ci-cleanup.sh @@ -0,0 +1,7 @@ +#! /bin/bash + +set -e + +export SSTATE_CACHE_DIR=/home/srv/sstate/master + +./poky/scripts/sstate-cache-management.sh -d -y |