forked from microsoft/SymCrypt
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathazure-build-template.yml
196 lines (191 loc) · 8.24 KB
/
azure-build-template.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
# azure-build-template.yml
# Template for the build jobs that we want to run in the pipeline in Azure Dev Ops. This template is
# instantiated in azure-pipelines.yml. For more information on templates, see
# https://docs.microsoft.com/en-us/azure/devops/pipelines/process/templates?view=azure-devops
parameters:
- name: hostos
type: string
values:
- Windows
- Linux
- name: env
type: string
values:
- WindowsUserMode
- LinuxUserMode
- Generic
- name: arch
type: string
values:
- AMD64
- X86
- ARM64
- ARM
- Unknown
- name: cc
type: string
values:
- cl
- gcc
- clang
- name: cxx
type: string
values:
- cl
- g++
- clang++
- name: buildType
type: string
values:
- Debug
- Release
- Sanitize
- name: additionalCMakeArgs
type: string
default: ''
- name: emulator
type: string
default: native
values:
- native
- qemu-aarch64
steps:
- checkout: self # self represents the repo where the initial Pipelines YAML file was found
submodules: recursive
# Initialize CMake
# cd bin; cmake .. -DCMAKE_TOOLCHAIN_FILE=../cmake-toolchain/{env}-{arch}.cmake -DCMAKE_C_COMPILER={CC} -DCMAKE_BUILD_TYPE={buildType} {additionalCMakeArgs}'
- task: ComponentGovernanceComponentDetection@0
- ${{ if eq(parameters.hostos, 'Linux') }}:
- script: |
python -m pip install --upgrade pip setuptools wheel
pip install -r $(Build.SourcesDirectory)/scripts/requirements.txt
displayName: 'Install Python requirements'
- ${{ if eq(parameters.emulator, 'qemu-aarch64') }}:
- script: |
sudo apt-get update
sudo apt-get install qemu-user binutils-aarch64-linux-gnu
sudo apt-get install gcc-aarch64-linux-gnu g++-aarch64-linux-gnu
displayName: 'Install arm64 cross-compilation and emulation tools'
# Specify no toolchain file for generic build
- ${{ if eq(parameters.env, 'Generic') }}:
- task: CMake@1
inputs:
workingDirectory: '$(Build.SourcesDirectory)/bin'
cmakeArgs: >-
..
-DCMAKE_C_COMPILER=${{parameters.cc}} -DCMAKE_CXX_COMPILER=${{parameters.cxx}}
-DCMAKE_BUILD_TYPE=${{parameters.buildType}}
${{parameters.additionalCMakeArgs}}
# Specify toolchain file based on env and arch for non-generic build
- ${{ if ne(parameters.env, 'Generic') }}:
- task: CMake@1
inputs:
workingDirectory: '$(Build.SourcesDirectory)/bin'
cmakeArgs: >-
..
-DCMAKE_TOOLCHAIN_FILE=../cmake-toolchain/${{parameters.env}}-${{parameters.arch}}.cmake
-DCMAKE_C_COMPILER=${{parameters.cc}} -DCMAKE_CXX_COMPILER=${{parameters.cxx}}
-DCMAKE_BUILD_TYPE=${{parameters.buildType}}
${{parameters.additionalCMakeArgs}}
# Build with CMake
# cmake --build . -j
- ${{ if eq(parameters.hostos, 'Windows') }}:
- task: CMake@1
inputs:
workingDirectory: '$(Build.SourcesDirectory)/bin'
cmakeArgs: '--build . -j --config ${{parameters.buildType}}'
# Execute unit tests using the inline script
- ${{ if ne(parameters.env, 'Generic') }}:
- script: |
cd bin\exe\${{parameters.arch}}\${{parameters.env}}\${{parameters.buildType}}
.\symcryptunittest.exe
displayName: 'Execute unit tests'
name: '${{parameters.env}}UnitTest_${{parameters.buildType}}'
# Execute Generic unit tests in CI and in PRs to publish
- ${{ if eq(parameters.env, 'Generic') }}:
- script: |
cd bin\exe\%PROCESSOR_ARCHITECTURE%\${{parameters.env}}\${{parameters.buildType}}
.\symcryptunittest.exe
displayName: 'Execute unit tests'
name: '${{parameters.env}}UnitTest_${{parameters.buildType}}'
condition: or(eq(variables['System.PullRequest.TargetBranch'], 'refs/heads/publish'), in(variables['Build.Reason'], 'IndividualCI', 'BatchedCI'))
- ${{ if eq(parameters.hostos, 'Linux') }}:
- task: CMake@1
inputs:
workingDirectory: '$(Build.SourcesDirectory)/bin'
cmakeArgs: '--build . -j'
# Increase ulimit to enable core dump in case of a test crash
# Place .artifactignore file so it is used in the publish $(Agent.WorkFolder) task on failure
# This prevents failure to upload due to apparent infinite recursion in jitterentropy-library submodule
- script: |
ulimit -c unlimited
cp $(Build.SourcesDirectory)/.artifactignore $(Agent.WorkFolder)
displayName: 'Enable core dumps & Place .artifactignore file'
- ${{ if ne(parameters.env, 'Generic') }}:
# Execute module and unit test using the inline script
- ${{ if eq(parameters.emulator, 'native') }}:
- script: |
cd bin/exe/${{parameters.arch}}/${{parameters.env}}
./symcryptunittest
displayName: 'Execute unit tests'
name: '${{parameters.env}}UnitTest_${{parameters.buildType}}'
- ${{ if ne(parameters.buildType, 'Sanitize') }}:
# Only run oe module test if rdseed is present on the CPU
- script: |
cd bin/exe/${{parameters.arch}}/${{parameters.env}}
./symcryptmoduletest_linux
displayName: 'Execute generic module tests'
- script: |
cd bin/exe/${{parameters.arch}}/${{parameters.env}}
if lshw -c cpu | grep -q rdseed
then ./symcryptmoduletest_oe
fi
displayName: 'Execute OpenEnclave module tests'
# Execute module and unit test using the inline script
# Currently skip slower algorithms (DH/RSA), as otherwise we time out the pipeline
- ${{ if eq(parameters.emulator, 'qemu-aarch64') }}:
- script: |
cd bin/exe/${{parameters.arch}}/${{parameters.env}}
qemu-aarch64 -L /usr/aarch64-linux-gnu/ ./symcryptunittest noperftests +symcrypt -dh -dsa -rsa
displayName: 'Execute unit tests'
name: '${{parameters.env}}UnitTest_${{parameters.buildType}}_QEMU_AARCH64'
- script: |
cd bin/exe/${{parameters.arch}}/${{parameters.env}}
qemu-aarch64 -L /usr/aarch64-linux-gnu/ ./symcryptmoduletest_linux
displayName: 'Execute generic module tests'
- script: |
cd bin/exe/${{parameters.arch}}/${{parameters.env}}
qemu-aarch64 -L /usr/aarch64-linux-gnu/ ./symcryptmoduletest_embedded
displayName: 'Execute embedded module tests'
# Execute Generic unit tests in CI and in PRs to publish
- ${{ if eq(parameters.env, 'Generic') }}:
- script: |
archName=`uname -m`
cd bin/exe/${archName}/${{parameters.env}}
./symcryptunittest
displayName: 'Execute unit tests'
name: '${{parameters.env}}UnitTest_${{parameters.buildType}}'
condition: or(eq(variables['System.PullRequest.TargetBranch'], 'refs/heads/publish'), in(variables['Build.Reason'], 'IndividualCI', 'BatchedCI'))
- script: |
archName=`uname -m`
cd bin/exe/${archName}/${{parameters.env}}
./symcryptmoduletest_linux
displayName: 'Execute generic linux module tests'
# Publish artifacts so they're available in the pipeline results
- publish: $(System.DefaultWorkingDirectory)/bin
artifact: 'drop-${{parameters.hostos}}-${{parameters.env}}-${{parameters.arch}}-${{parameters.cc}}-${{parameters.buildType}}-${{parameters.additionalCMakeArgs}}'
displayName: 'Publish binaries on successful build'
# Publish artifacts, core dumps and temporary files on failure
- publish: $(System.DefaultWorkingDirectory)/bin
artifact: 'failed-${{parameters.hostos}}-${{parameters.env}}-${{parameters.arch}}-${{parameters.cc}}-${{parameters.buildType}}-${{parameters.additionalCMakeArgs}}'
condition: failed()
displayName: 'Publish binaries on failed build'
- publish: $(Agent.WorkFolder)
artifact: 'work-${{parameters.hostos}}-${{parameters.env}}-${{parameters.arch}}-${{parameters.cc}}-${{parameters.buildType}}-${{parameters.additionalCMakeArgs}}'
condition: failed()
displayName: 'Publish work folder on failed build'
- ${{ if eq(parameters.hostos, 'Linux') }}:
- publish: /usr/share/apport
artifact: 'crash-${{parameters.hostos}}-${{parameters.env}}-${{parameters.arch}}-${{parameters.cc}}-${{parameters.buildType}}-${{parameters.additionalCMakeArgs}}'
condition: failed()
displayName: 'Publish crash dumps on failed build'