git.samba.org / gd / gnutls / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
tests: check interoperability testing with gnutls 2.12.x and SHA256
[gd/gnutls] / .gitlab-ci.yml
1 stages:
2   - stage1-testing
3
4 # we utilize the images generated by the build-images project, to
5 # speed up CI runs. We also use ccache and store config.cache
6 # to speed up compilation. We include a version number in cache
7 # name to allow expiration of old caches.
8
9 cache:
10   key: "$CI_JOB_NAME-ver9"
11   paths:
12     - cache/
13
14 before_script:
15   # CCache Config
16   - mkdir -p cache
17   - export CCACHE_BASEDIR=${PWD}
18   - export CCACHE_DIR=${PWD}/cache
19   - export CC="ccache gcc"
20
21 after_script:
22   # somehow after_script looses environment
23   - export CCACHE_BASEDIR=${PWD}
24   - export CCACHE_DIR=${PWD}/cache
25   - ccache -s
26
27 variables:
28   BUILD_IMAGES_PROJECT: gnutls/build-images
29   DEBIAN_BUILD: buildenv-debian
30   DEBIAN_CROSS_BUILD: buildenv-debian-cross
31   DEBIAN_X86_CROSS_BUILD: buildenv-debian-x86-cross
32   FEDORA28_BUILD: buildenv-f28
33   FEDORA_BUILD: buildenv-f30
34   ALPINE_BASE_BUILD: buildenv-alpine-base
35   CPPCHECK_OPTIONS: "--enable=warning --enable=style --enable=performance --enable=portability --std=c99 --suppressions-list=devel/cppcheck.suppressions --template='{id}:{file}:{line},{severity},{message}'"
36   GET_SOURCES_ATTEMPTS: "3"
37
38 ##################################################
39 # Stage 1, documentation, and advanced checks
40 ##################################################
41
42 commit-check:
43   stage: stage1-testing
44   image: $CI_REGISTRY/$BUILD_IMAGES_PROJECT:$ALPINE_BASE_BUILD
45   before_script:
46     - /bin/true
47   after_script:
48     - /bin/true
49   except:
50   - master@gnutls/gnutls
51   cache:
52     # do not load cache files
53     key: none
54     policy: pull
55   script:
56     # we want $ALPINE_BASE_BUILD without git, so add it here
57     - apk add git bash
58     - devel/check_if_signed
59   retry: 0
60
61 doc-dist.Fedora:
62   stage: stage1-testing
63   image: $CI_REGISTRY/$BUILD_IMAGES_PROJECT:$FEDORA_BUILD
64   script:
65   - SUBMODULE_NOFETCH=1 ./bootstrap
66   - CFLAGS="-std=c99 -O2 -g" dash ./configure --disable-gcc-warnings --cache-file cache/config.cache --prefix=/usr --libdir=/usr/lib64 --disable-cxx --disable-non-suiteb-curves --enable-gtk-doc --disable-maintainer-mode
67   - make -C doc stamp-vti && make -C doc stamp-1 && make -C doc stamp_enums && make -j$(nproc)
68   - make -C doc gnutls.html
69   - PATH="$PATH:/usr/share/sgml/docbook/xsl-stylesheets-1.79.1/epub/bin/" make -C doc gnutls.epub &&
70     make -C doc/latex gnutls.pdf
71   - make distcheck
72   tags:
73   - shared
74   except:
75   - tags
76   retry: 1
77
78 abi/coverage:
79   stage: stage1-testing
80   image: $CI_REGISTRY/$BUILD_IMAGES_PROJECT:$FEDORA_BUILD
81   script:
82   - SUBMODULE_NOFETCH=1 ./bootstrap
83   - CFLAGS="-g -Og" dash ./configure --disable-gcc-warnings --cache-file cache/config.cache  --prefix=/usr --libdir=/usr/lib64 --enable-code-coverage --disable-maintainer-mode --disable-doc
84   - make -j$(nproc)
85   - make abi-check
86   - make pic-check
87   - make -j$(nproc) check
88   - make local-code-coverage-output || true
89   tags:
90   - shared
91   except:
92   - tags
93   artifacts:
94     expire_in: 1 week
95     when: on_failure
96     paths:
97       - ./*.xml
98       - ./gnutls-prev-abi.tmp/
99       - compat_reports/
100       - ./*.log
101       - tests/*.log
102       - tests/*/*.log
103       - tests/suite/*/*.log
104       - guile/tests/*.log
105   retry: 1
106
107 minimal.Fedora.x86_64:
108   stage: stage1-testing
109   image: $CI_REGISTRY/$BUILD_IMAGES_PROJECT:$FEDORA_BUILD
110   script:
111   - echo "No tools build"
112   - ./bootstrap
113   - dash ./configure --cache-file cache/config.cache --disable-gcc-warnings --disable-full-test-suite --disable-doc --disable-guile --disable-tools --enable-tests
114   - make -j$(nproc)
115   - make -j$(nproc) check
116   - echo "Minimal build"
117   - dnf remove -y libunistring-devel libtasn1-devel libidn-devel &&
118     dash ./configure --cache-file cache/config.cache --with-included-libtasn1 --enable-valgrind-tests
119     --disable-doc --disable-dtls-srtp-support --disable-alpn-support --disable-tests
120     --disable-heartbeat-support --disable-srp-authentication --disable-psk-authentication
121     --disable-anon-authentication --disable-dhe --disable-ecdhe
122     --disable-ocsp --disable-non-suiteb-curves --with-included-unistring
123     --disable-nls --disable-libdane --without-p11-kit --without-tpm
124     --disable-ssl3-support --disable-ssl2-support --disable-doc --enable-openssl-compatibility
125     --disable-gcc-warnings --with-system-priority-file=""
126     --disable-gost
127   - make clean
128   - make -j$(nproc)
129   tags:
130   - shared
131   except:
132   - tags
133   artifacts:
134     expire_in: 1 week
135     when: on_failure
136     paths:
137       - ./*.log
138       - fuzz/*.log
139       - tests/*.log
140       - tests/*/*.log
141       - tests/suite/*/*.log
142   retry: 1
143
144 # This enables SSL3.0 and SHA-1 support, and runs interop tests
145 # with openssl 1.1.0, which include legacy algorithms like DSA.
146 SSL-3.0.Fedora.x86_64:
147   stage: stage1-testing
148   image: $CI_REGISTRY/$BUILD_IMAGES_PROJECT:$FEDORA28_BUILD
149   script:
150   - ./bootstrap
151   - mkdir -p build && cd build &&
152     dash ../configure --disable-tls13-interop --disable-gcc-warnings --cache-file ../cache/config.cache --enable-sha1-support --enable-ssl3-support --enable-seccomp-tests --disable-doc --disable-guile &&
153     make -j$(nproc) && make check -j$(nproc)
154   - cd ..
155   tags:
156   - shared
157   except:
158   - tags
159   artifacts:
160     expire_in: 1 week
161     when: on_failure
162     paths:
163       - build/guile/tests/*.log
164       - build/tests/*.log
165       - build/*.log
166       - build/tests/*/*.log
167       - build/tests/suite/*/*.log
168   retry: 1
169
170 FIPS140-2.Fedora.x86_64:
171   stage: stage1-testing
172   image: $CI_REGISTRY/$BUILD_IMAGES_PROJECT:$FEDORA_BUILD
173   script:
174   - ./bootstrap
175   - mkdir -p build && cd build &&
176     dash ../configure --disable-gcc-warnings --cache-file ../cache/config.cache --disable-non-suiteb-curves --enable-fips140-mode --disable-doc --disable-full-test-suite --disable-guile
177   - make -j$(nproc)
178   - mkdir -p lib/.libs/fipscheck && fipshmac -d lib/.libs/fipscheck/ -s .hmac lib/.libs/libgnutls.so*
179   - GNUTLS_FORCE_FIPS_MODE=1 make check -j$(nproc)
180   - cd ..
181   tags:
182   - shared
183   except:
184   - tags
185   artifacts:
186     expire_in: 1 week
187     when: on_failure
188     paths:
189       - build/guile/tests/*.log
190       - build/tests/*.log
191       - build/tests/*/*.log
192   retry: 1
193
194 valgrind.Fedora.x86_64:
195   stage: stage1-testing
196   image: $CI_REGISTRY/$BUILD_IMAGES_PROJECT:$FEDORA_BUILD
197   script:
198   - ./bootstrap
199   - dash ./configure --disable-gcc-warnings --disable-doc --cache-file cache/config.cache --disable-guile --disable-full-test-suite --enable-valgrind-tests
200   - make -j$(nproc)
201   - make check -j$(nproc)
202   tags:
203   - shared
204   except:
205   - tags
206   artifacts:
207     expire_in: 1 week
208     when: on_failure
209     paths:
210       - ./*.log
211       - tests/*.log
212       - tests/*/*.log
213   retry: 1
214
215 # Two runs, one with normal backend and another with pkcs11 trust store
216 asan.Fedora.x86_64:
217   stage: stage1-testing
218   image: $CI_REGISTRY/$BUILD_IMAGES_PROJECT:$FEDORA_BUILD
219   script:
220   - SUBMODULE_NOFETCH=1  ./bootstrap
221   - CFLAGS="-fsanitize=address -g -O2" CXXFLAGS=$CFLAGS LDFLAGS="-static-libasan"
222     dash ./configure --disable-gcc-warnings --disable-doc --cache-file cache/config.cache --disable-non-suiteb-curves --disable-guile
223   - make -j$(nproc)
224   - LSAN_OPTIONS="suppressions=$(pwd)/devel/lsan.supp" make check -j$(nproc)
225   - LSAN_OPTIONS="suppressions=$(pwd)/devel/lsan.supp" make -C fuzz check -j$(nproc) GNUTLS_CPUID_OVERRIDE=0x1
226   - LSAN_OPTIONS="suppressions=$(pwd)/devel/lsan.supp" make -C fuzz check -j$(nproc) GNUTLS_CPUID_OVERRIDE=0x2
227   - LSAN_OPTIONS="suppressions=$(pwd)/devel/lsan.supp" make -C fuzz check -j$(nproc) GNUTLS_CPUID_OVERRIDE=0x4
228   - LSAN_OPTIONS="suppressions=$(pwd)/devel/lsan.supp" make -C fuzz check -j$(nproc) GNUTLS_CPUID_OVERRIDE=0x8
229   - CFLAGS="-fsanitize=address -g -O2" CXXFLAGS=$CFLAGS LDFLAGS="-static-libasan"
230     dash ./configure --cache-file cache/config.cache --disable-doc --with-system-priority-file=/etc/crypto-policies/back-ends/gnutls.config --with-default-priority-string=@SYSTEM --with-default-trust-store-pkcs11="pkcs11:" --disable-guile
231   - make -j$(nproc)
232   - make -C tests check -j$(nproc) TESTS="trust-store p11-kit-load.sh priority-init2 set-default-prio" SUBDIRS=.
233   tags:
234   - shared
235   except:
236   - tags
237   artifacts:
238     expire_in: 1 week
239     when: on_failure
240     paths:
241       - ./*.log
242       - fuzz/*.log
243       - tests/*.log
244       - tests/*/*.log
245       - tests/suite/*/*.log
246   retry: 1
247
248 threadsan.Fedora.x86_64:
249   stage: stage1-testing
250   image: $CI_REGISTRY/$BUILD_IMAGES_PROJECT:$FEDORA_BUILD
251   script:
252   - ./bootstrap
253   - CFLAGS="-fsanitize=thread -g -O2" CXXFLAGS=$CFLAGS
254     dash ./configure --disable-gcc-warnings --disable-doc --cache-file cache/config.cache --disable-non-suiteb-curves --disable-guile --enable-fips140-mode
255   - make -j$(nproc)
256   - make -C tests check -j$(nproc) SUBDIRS=. TESTS="tls-pthread dtls-pthread fips-mode-pthread rng-pthread" TSAN_OPTIONS="suppressions=$(pwd)/devel/tsan.supp" GNUTLS_SKIP_FIPS_INTEGRITY_CHECKS=1 GNUTLS_FORCE_FIPS_MODE=1
257   tags:
258   - shared
259   except:
260   - tags
261   artifacts:
262     expire_in: 1 week
263     when: on_failure
264     paths:
265       - ./*.log
266       - fuzz/*.log
267       - tests/*.log
268       - tests/*/*.log
269       - tests/suite/*/*.log
270   retry: 1
271
272 static-analyzers.Fedora.x86_64:
273   stage: stage1-testing
274   image: $CI_REGISTRY/$BUILD_IMAGES_PROJECT:$FEDORA_BUILD
275   before_script:
276   - /bin/true
277   script:
278   - ./bootstrap
279   - scan-build ./configure --cache-file cache/config.cache --disable-doc --disable-guile --enable-fips140-mode --enable-valgrind-tests
280   - make -j$(nproc) syntax-check gnulib_dir=$GNULIB_SRCDIR
281   - make -j$(nproc) -C gl
282   - scan-build --status-bugs -o scan-build-lib make -j$(nproc) -C lib
283   - scan-build --status-bugs -o scan-build-lib make -j$(nproc) -C libdane
284   - make -j$(nproc) -C src/gl && scan-build --status-bugs -o scan-build-lib make -j$(nproc) -C src
285   - cppcheck --force -q -Ilib/include -Igl/ -Ilib/ -I. --error-exitcode=1 lib/ -i lib/unistring -i lib/minitasn1 -i lib/nettle/backport -j$(nproc) $CPPCHECK_OPTIONS
286   - cppcheck --force -q -Ilib/include -Igl/ -Ilibdane/ -I. --error-exitcode=1 libdane/ -j$(nproc) $CPPCHECK_OPTIONS
287   after_script:
288   - /bin/true
289   tags:
290   - shared
291   except:
292   - tags
293   artifacts:
294     expire_in: 1 week
295     when: on_failure
296     paths:
297       - ./*.log
298       - scan-build-lib/*
299       - scan-build-libdane/*
300   retry: 1
301
302 MinGW32.DLLs:
303   stage: stage1-testing
304   image: $CI_REGISTRY/$BUILD_IMAGES_PROJECT:$FEDORA_BUILD
305   script:
306   - mount -t binfmt_misc binfmt_misc /proc/sys/fs/binfmt_misc &&
307     echo ':DOSWin:M::MZ::/usr/bin/wine:' > /proc/sys/fs/binfmt_misc/register
308   - ./bootstrap
309   - export CC="ccache i686-w64-mingw32-gcc"
310   - dash ./configure --disable-gcc-warnings --host=i686-w64-mingw32 --target=i686-w64-mingw32 --cache-file cache/config.cache --with-included-libtasn1 --disable-nls --disable-guile --with-included-unistring --enable-local-libopts --disable-non-suiteb-curves --disable-full-test-suite --disable-doc
311   - mingw32-make -j$(nproc)
312   - mingw32-make -C tests check -j$(nproc)
313 # Combine generated apps and DLLs.
314 #libwinpthread is required by libgcc
315 #libffi is required by libp11-kit
316   - mkdir -p win32-build/bin && mkdir -p win32-build/lib/includes &&
317     cp lib/.libs/*.dll src/.libs/*.exe win32-build/bin &&
318     i686-w64-mingw32-strip --strip-unneeded win32-build/bin/*.dll &&
319     i686-w64-mingw32-strip win32-build/bin/*.exe &&
320     cp /usr/i686-w64-mingw32/sys-root/mingw/bin/libp11-*.dll win32-build/bin &&
321     cp /usr/i686-w64-mingw32/sys-root/mingw/bin/libnettle-*.dll win32-build/bin &&
322     cp /usr/i686-w64-mingw32/sys-root/mingw/bin/libhogweed-*.dll win32-build/bin &&
323     cp /usr/i686-w64-mingw32/sys-root/mingw/bin/libgmp-*.dll win32-build/bin &&
324     cp /usr/i686-w64-mingw32/sys-root/mingw/bin/libgcc*.dll win32-build/bin &&
325     cp /usr/i686-w64-mingw32/sys-root/mingw/bin/libwinpthread*.dll win32-build/bin &&
326     cp /usr/i686-w64-mingw32/sys-root/mingw/bin/libidn2-*.dll win32-build/bin &&
327     cp /usr/i686-w64-mingw32/sys-root/mingw/bin/libffi-*.dll win32-build/bin &&
328     cp lib/.libs/*.a lib/*.def lib/gnutls.pc win32-build/lib &&
329     cp lib/includes/gnutls/*.h win32-build/lib/includes
330   tags:
331   - shared
332   - docker
333   only:
334   - tags
335   artifacts:
336     name: "${CI_PROJECT_NAME}-${CI_JOB_NAME}-${CI_COMMIT_REF_NAME}"
337     paths:
338       - win32-build/
339   retry: 1
340
341 MinGW64.DLLs:
342   stage: stage1-testing
343   image: $CI_REGISTRY/$BUILD_IMAGES_PROJECT:$FEDORA_BUILD
344   script:
345   - mount -t binfmt_misc binfmt_misc /proc/sys/fs/binfmt_misc &&
346     echo ':DOSWin:M::MZ::/usr/bin/wine:' > /proc/sys/fs/binfmt_misc/register
347   - ./bootstrap
348   - export CC="ccache x86_64-w64-mingw32-gcc"
349   - dash ./configure --disable-gcc-warnings --host=x86_64-w64-mingw32 --target=x86_64-w64-mingw32 --cache-file cache/config.cache --with-included-libtasn1 --disable-guile --disable-nls --with-included-unistring --enable-local-libopts --disable-non-suiteb-curves --disable-full-test-suite --disable-doc
350   - mingw64-make -j$(nproc)
351   - mingw64-make -C tests check -j$(nproc)
352 # Combine generated apps and DLLs.
353 #libwinpthread is required by libgcc
354 #libffi is required by libp11-kit
355   - mkdir -p win64-build/bin && mkdir -p win64-build/lib/includes &&
356     cp lib/.libs/*.dll src/.libs/*.exe win64-build/bin &&
357     x86_64-w64-mingw32-strip --strip-unneeded win64-build/bin/*.dll &&
358     x86_64-w64-mingw32-strip win64-build/bin/*.exe &&
359     cp /usr/x86_64-w64-mingw32/sys-root/mingw/bin/libp11-*.dll win64-build/bin &&
360     cp /usr/x86_64-w64-mingw32/sys-root/mingw/bin/libnettle-*.dll win64-build/bin &&
361     cp /usr/x86_64-w64-mingw32/sys-root/mingw/bin/libhogweed-*.dll win64-build/bin &&
362     cp /usr/x86_64-w64-mingw32/sys-root/mingw/bin/libgmp-*.dll win64-build/bin &&
363     cp /usr/x86_64-w64-mingw32/sys-root/mingw/bin/libgcc*.dll win64-build/bin &&
364     cp /usr/x86_64-w64-mingw32/sys-root/mingw/bin/libwinpthread*.dll win64-build/bin &&
365     cp /usr/x86_64-w64-mingw32/sys-root/mingw/bin/libidn2-*.dll win64-build/bin &&
366     cp /usr/x86_64-w64-mingw32/sys-root/mingw/bin/libffi-*.dll win64-build/bin &&
367     cp lib/.libs/*.a lib/*.def lib/gnutls.pc win64-build/lib &&
368     cp lib/includes/gnutls/*.h win64-build/lib/includes
369   tags:
370   - shared
371   - docker
372   only:
373   - tags
374   artifacts:
375     name: "${CI_PROJECT_NAME}-${CI_JOB_NAME}-${CI_COMMIT_REF_NAME}"
376     paths:
377       - win64-build/
378   retry: 1
379
380 MinGW64:
381   stage: stage1-testing
382   image: $CI_REGISTRY/$BUILD_IMAGES_PROJECT:$FEDORA_BUILD
383   script:
384   - ./bootstrap
385   - export CC="ccache x86_64-w64-mingw32-gcc"
386   - mount -t binfmt_misc binfmt_misc /proc/sys/fs/binfmt_misc &&
387     echo ':DOSWin:M::MZ::/usr/bin/wine64:' > /proc/sys/fs/binfmt_misc/register &&
388     mkdir -p build && cd build
389   - dash ../configure --disable-gcc-warnings --host=x86_64-w64-mingw32 --target=x86_64-w64-mingw32 --cache-file ../cache/config.cache --with-included-libtasn1 --disable-guile --disable-nls --with-included-unistring --enable-local-libopts --disable-full-test-suite --disable-non-suiteb-curves --disable-doc
390   # generate the certtool autogen file to check whether later compilation will modify it
391   - mingw64-make -C src certtool-args.c.bak
392   - mingw64-make -j$(nproc)
393   - mingw64-make -C tests check -j$(nproc)
394   - cd ..
395   # since we use --enable-local-libopts the generated files must equal the .bak
396   - cmp build/src/certtool-args.c build/src/certtool-args.c.bak || false
397   tags:
398   - shared
399   - docker
400   except:
401   - tags
402   artifacts:
403     expire_in: 1 week
404     when: on_failure
405     paths:
406       - build/*.log
407       - build/tests/*.log
408       - build/tests/*/*.log
409   retry: 1
410
411 MinGW32:
412   stage: stage1-testing
413   image: $CI_REGISTRY/$BUILD_IMAGES_PROJECT:$FEDORA_BUILD
414   script:
415   - ./bootstrap
416   - export CC="ccache i686-w64-mingw32-gcc"
417   - mount -t binfmt_misc binfmt_misc /proc/sys/fs/binfmt_misc &&
418     echo ':DOSWin:M::MZ::/usr/bin/wine:' > /proc/sys/fs/binfmt_misc/register &&
419     mkdir -p build && cd build
420   - dash ../configure --disable-gcc-warnings --host=i686-w64-mingw32 --target=i686-w64-mingw32 --cache-file ../cache/config.cache --with-included-libtasn1 --disable-guile --disable-nls --with-included-unistring --enable-local-libopts --disable-full-test-suite --disable-non-suiteb-curves --disable-doc
421   - mingw32-make -j$(nproc)
422   - mingw32-make -C tests check -j$(nproc)
423   - cd ..
424   tags:
425   - shared
426   - docker
427   except:
428   - tags
429   artifacts:
430     expire_in: 1 week
431     when: on_failure
432     paths:
433       - build/*.log
434       - build/tests/*.log
435       - build/tests/*/*.log
436   retry: 1
437
438 # That is a specific runner that we cannot enable universally.
439 # We restrict it to builds under the $BUILD_IMAGES_PROJECT project.
440 FreeBSD.x86_64:
441   stage: stage1-testing
442   image:
443   script:
444   - export CC="ccache clang"
445   - ./bootstrap
446   - LIBS="-L/usr/local/lib" ./configure --disable-full-test-suite
447     --cache-file cache/config.cache --disable-gcc-warnings --disable-guile --disable-doc && gmake -j$(sysctl hw.ncpu | awk '{print $2}') && gmake check -j$(sysctl hw.ncpu | awk '{print $2}')
448   tags:
449   - freebsd
450   only:
451   - branches@gnutls/gnutls
452   except:
453   - tags
454   artifacts:
455     expire_in: 1 week
456     when: on_failure
457     paths:
458       - ./*.log
459       - tests/*.log
460       - tests/*/*.log
461   retry: 1
462
463 # Two runs, one with normal backend and another with pkcs11 trust store
464 ubsan-Werror.Fedora.x86_64:
465   stage: stage1-testing
466   image: $CI_REGISTRY/$BUILD_IMAGES_PROJECT:$FEDORA_BUILD
467   script:
468   - ./bootstrap
469   - CFLAGS="-std=c99 -fsanitize=undefined -fsanitize=bool -fsanitize=alignment -fsanitize=null -fsanitize=bounds-strict -fsanitize=enum -fno-sanitize-recover -g -O2" CXXFLAGS=$CFLAGS LDFLAGS="-static-libubsan" dash ./configure
470      --cache-file cache/config.cache --disable-non-suiteb-curves --disable-guile --disable-full-test-suite --disable-doc
471   - grep "^LIBS=''" config.log || false
472   - make -j$(nproc) -C gl
473   - make -j$(nproc) -C lib CFLAGS="-Werror -O2 -g -Wimplicit-fallthrough=2"
474   - make -j$(nproc) -C libdane CFLAGS="-Werror -O2 -g -Wimplicit-fallthrough=2"
475   - make -j$(nproc) -C src/gl
476   - make -j$(nproc) -C src CFLAGS="-Werror -O2 -g -fsanitize=undefined -Wno-error=parentheses -Wno-error=unused-macros -Wimplicit-fallthrough=2 -Wno-duplicated-branches"
477   - make -j$(nproc)
478   - make check -j$(nproc)
479   - CFLAGS="-std=c99 -fsanitize=undefined -fsanitize=bool -fsanitize=alignment -fsanitize=null -fsanitize=bounds-strict -fsanitize=enum -fno-sanitize-recover -g -O2" CXXFLAGS=$CFLAGS LDFLAGS="-static-libubsan" dash ./configure
480    --cache-file cache/config.cache --disable-non-suiteb-curves --disable-guile --disable-doc --disable-full-test-suite --with-default-trust-store-pkcs11="pkcs11:"
481   - make clean
482   - make -j$(nproc)
483   - make -C tests check -j$(nproc) TESTS="trust-store p11-kit-load.sh" SUBDIRS=.
484   tags:
485   - shared
486   except:
487   - tags
488   artifacts:
489     expire_in: 1 week
490     when: on_failure
491     paths:
492       - guile/tests/*.log
493       - ./*.log
494       - tests/*.log
495       - tests/*/*.log
496       - tests/suite/*/*.log
497   retry: 1
498
499 # This includes interoperability testing with gnutls 2.12.x
500 Debian.x86_64:
501   stage: stage1-testing
502   image: $CI_REGISTRY/$BUILD_IMAGES_PROJECT:$DEBIAN_BUILD
503   script:
504   - ./bootstrap
505   - mkdir -p build && cd build
506   - dash ../configure --enable-oldgnutls-interop --disable-gcc-warnings --cache-file ../cache/config.cache --disable-doc --disable-guile LDFLAGS='-Wl,-Bsymbolic-functions -Wl,-z,relro -Wl,-z,now'
507   - make -j$(nproc)
508   - make check -j$(nproc)
509   - cd ..
510   tags:
511   - shared
512   except:
513   - tags
514   artifacts:
515     expire_in: 1 week
516     when: on_failure
517     paths:
518       - build/guile/tests/*.log
519       - build/*.log
520       - build/tests/*.log
521       - build/tests/*/*.log
522       - build/tests/suite/*/*.log
523   retry: 1
524
525 Debian.cross.i686-linux-gnu:
526   stage: stage1-testing
527   image: $CI_REGISTRY/$BUILD_IMAGES_PROJECT:$DEBIAN_X86_CROSS_BUILD
528   script:
529   - build=$(dpkg-architecture -qDEB_HOST_GNU_TYPE)
530   - host=i686-linux-gnu
531   # not setting CC_FOR_BUILD paired with qemu-user/binfmt somehow causes
532   # config.guess to detect the target as the build platform and not activate
533   # cross-compile mode even though --build is given
534   - export CC_FOR_BUILD="ccache gcc"
535   - export CC="ccache $host-gcc"
536   - ./bootstrap
537   - mkdir -p build
538   - cd build
539   # Debian's softhsm package is not multiarch yet. Missing softhsm libraries
540   # for the target will cause the test suite to fail when p11-kit is enabled.
541   - dash ../configure --build=$build --host=$host --disable-gcc-warnings
542       --cache-file ../cache/config.cache --disable-doc --disable-guile
543       --without-p11-kit --disable-full-test-suite
544   - make -j$(nproc)
545   - make check -j$(nproc)
546   - cd ..
547   tags:
548   - shared
549   - docker
550   except:
551   - tags
552   artifacts:
553     expire_in: 1 week
554     when: on_failure
555     paths:
556       - build/guile/tests/*.log
557       - build/*.log
558       - build/tests/*.log
559       - build/tests/*/*.log
560       - build/tests/suite/*/*.log
561   retry: 1
562
563 .Debian.cross.template: &Debian_cross_template
564   stage: stage1-testing
565   image: $CI_REGISTRY/$BUILD_IMAGES_PROJECT:$DEBIAN_CROSS_BUILD
566   script:
567   - build=$(dpkg-architecture -qDEB_HOST_GNU_TYPE)
568   - host="${CI_JOB_NAME#*.cross.}"
569   # not setting CC_FOR_BUILD paired with qemu-user/binfmt somehow causes
570   # config.guess to detect the target as the build platform and not activate
571   # cross-compile mode even though --build is given
572   - export CC_FOR_BUILD="ccache gcc"
573   - export CC="ccache $host-gcc"
574   - ./bootstrap
575   - sed -i '/errno.==.EINVAL/d' gl/tests/test-strerror.c
576   - mkdir -p build
577   - cd build
578   # Debian's softhsm package is not multiarch yet. Missing softhsm libraries
579   # for the target will cause the test suite to fail when p11-kit is enabled.
580   - dash ../configure --build=$build --host=$host --disable-gcc-warnings
581       --cache-file ../cache/config.cache --disable-doc --disable-guile
582       --without-p11-kit --disable-full-test-suite
583   - make -j$(nproc)
584   - make check -j$(nproc)
585   - cd ..
586   tags:
587   - shared
588   - docker
589   except:
590   - tags
591   artifacts:
592     expire_in: 1 week
593     when: on_failure
594     paths:
595       - build/guile/tests/*.log
596       - build/*.log
597       - build/tests/*.log
598       - build/tests/*/*.log
599       - build/tests/suite/*/*.log
600   retry: 1
601
602 Debian.cross.arm-linux-gnueabihf:
603   <<: *Debian_cross_template
604
605 Debian.cross.mips-linux-gnu:
606   <<: *Debian_cross_template
607
608 Debian.cross.aarch64-linux-gnu:
609   <<: *Debian_cross_template
Unnamed repository; edit this file 'description' to name the repository.