TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / ci / tf-m-job-configs.git / 3ec4b36f1896cfe1ea7f2f927379906025d13b1b / . / tf-m-eclair-delta.yaml
blob: a21b09d433a7e89ee6de2d954adc9f4ae8d101e7 [file] [log] [blame]
- job:
name: tf-m-eclair-delta
node: docker-tf-m-eclair
project-type: freestyle
concurrent: true
disabled: false
defaults: global
Description: |
ECLAIR (MISRA) analysis for Trusted Firmware M patches
properties:
- build-discarder:
days-to-keep: 90
artifact-num-to-keep: 40
parameters:
- string:
name: 'FILTER_GROUP'
default: "misra"
description: |
Filter to a group of configurations as recognised by configs.py
- string:
name: 'CODE_REPO'
default: 'https://git.trustedfirmware.org/TF-M/trusted-firmware-m'
- string:
name: 'CI_SCRIPTS_REPO'
default: 'https://git.trustedfirmware.org/ci/tf-m-ci-scripts'
- string:
name: 'CI_SCRIPTS_BRANCH'
default: 'master'
- string:
name: 'GERRIT_REFSPEC'
default: 'refs/heads/master'
description: |
For use when triggering with specified tag or master 'refs/heads/master' or 'refs/tags/TF-Mv1.0'.
- string:
name: 'GERRIT_BRANCH'
default: 'master'
description: |
TF-M branch.
- string:
name: GERRIT_PROJECT
default: 'TF-M/trusted-firmware-m'
description: |
Git project to build (also set by Gerrit trigger)
- string:
name: 'GERRIT_HOST'
default: 'review.trustedfirmware.org'
- string:
name: 'GERRIT_CHANGE_NUMBER'
description: |
No need to change.
- string:
name: 'GERRIT_PATCHSET_REVISION'
description: |
No need to change.
- string:
name: 'MBEDTLS_VERSION'
default: 'mbedtls-3.4.0'
description: |
Specify which MBEDTLS version to use
refs/heads/<branch_name> : Pick up latest HEAD on branch
TAG_NAME : Pick up a tagged version
full commit hash : Pick up a specific commit
- string:
name: 'MBEDTLS_URL'
default: 'https://git.trustedfirmware.org/mirror/mbed-tls.git'
- string:
name: 'QCBOR_URL'
default: 'https://github.com/laurencelundblade/QCBOR.git'
- string:
name: 'QCBOR_VERSION'
default: '92d3f89030baff4af7be8396c563e6c8ef263622'
description: |
Specify which QCBOR version to use
refs/heads/<branch_name> : Pick up latest HEAD on branch
TAG_NAME : Pick up a tagged version
full commit hash : Pick up a specific commit
- string:
name: 'MCUBOOT_REFSPEC'
default: 'v1.10.0'
description: |
Specify which MCUboot version to use
refs/heads/<branch_name> : Pick up latest HEAD on branch
TAG_NAME : Pick up a tagged version
full commit hash : Pick up a specific commit
- string:
name: 'MCUBOOT_URL'
default: 'https://git.trustedfirmware.org/mirror/mcuboot.git'
- string:
name: 'TFM_TESTS_URL'
default: 'https://git.trustedfirmware.org/TF-M/tf-m-tests.git'
- string:
name: 'TFM_TESTS_REFSPEC'
default: 'refs/heads/master'
- string:
name: 'PSA_ARCH_TESTS_URL'
default: 'https://git.trustedfirmware.org/mirror/psa-arch-tests.git'
- string:
name: 'PSA_ARCH_TESTS_VERSION'
default: '5c5792080f0975775bbdddcd9722da446dce550b'
- string:
name: SHARE_FOLDER
default: '/tmp'
description: 'Folder for initial cloning of repositories'
- string:
name: 'BUILD_TARGET'
default: ''
description: |
Override build target (for debugging)
- string:
name: 'BUILD_JOBS'
default: '16'
description: |
--jobs to pass to make, etc.
triggers:
- gerrit:
silent: true
server-name: 'review.trustedfirmware.org'
projects:
- branches:
- branch-compare-type: PLAIN
branch-pattern: master
project-compare-type: PLAIN
project-pattern: 'TF-M/trusted-firmware-m'
- branches:
- branch-compare-type: PLAIN
branch-pattern: master
project-compare-type: PLAIN
project-pattern: 'sandbox/pfalcon/trusted-firmware-m'
trigger-on:
- comment-added-event:
approval-category: "Allow-CI"
approval-value: 1
- comment-added-event:
approval-category: "Allow-CI"
approval-value: 2
wrappers:
- timestamps
- timeout:
timeout: 2400
fail: true
- credentials-binding:
- ssh-user-private-key:
credential-id: TFA_CI_BOT_USER_SSH_KEY
key-file-variable: CI_BOT_KEY
username-variable: CI_BOT_USERNAME
passphrase-variable: ''
builders:
- shell: |
#!/bin/bash -ex
git clone -b $CI_SCRIPTS_BRANCH $CI_SCRIPTS_REPO tf-m-ci-scripts
git clone -b master https://git.trustedfirmware.org/ci/tf-ci-scripts.git tf-ci-scripts
bash -x tf-m-ci-scripts/clone.sh
ls -l
if [ -n "${GERRIT_REFSPEC}" ]; then
(
cd $(basename ${GERRIT_PROJECT})
git fetch https://${GERRIT_HOST}/${GERRIT_PROJECT} ${GERRIT_REFSPEC} && git checkout FETCH_HEAD
)
fi
(cd trusted-firmware-m; git log --oneline -n5)
export ECLAIR_CONFIG_DIR=$PWD/tf-m-ci-scripts/eclair
. tf-ci-scripts/eclair/utils.sh
. tf-m-ci-scripts/eclair/utils_tfm.sh
export CROSS_COMPILE="arm-none-eabi-"
export CC_ALIASES="${CROSS_COMPILE}gcc"
export CXX_ALIASES="${CROSS_COMPILE}g++"
export LD_ALIASES="${CROSS_COMPILE}ld"
export AR_ALIASES="${CROSS_COMPILE}ar"
export AS_ALIASES="${CROSS_COMPILE}as"
export FILEMANIP_ALIASES="cp mv ${CROSS_COMPILE}objcopy"
# Detach license for initial eclair_env invocation. We then extend it on
# each config build iteration.
detachLicense 600
trap "returnLicense || true" EXIT
# Toolchain path must be already set before calling eclair_env, can't set it inside it.
# And to set toolchain path, we need a CONFIG_NAME
CONFIG_NAME=$(python3 tf-m-ci-scripts/configs.py -g $FILTER_GROUP | head -1)
eclair_tfm_set_toolchain_path
export ECLAIR_ANALYSIS=ECLAIR
eclair_prepare
eclair_analyze tf-m-ci-scripts/run-eclair-builds.sh
eclair_make_ecd
eclair_make_reports
echo "========= Building base revision ========="
(
cd $(basename ${GERRIT_PROJECT})
git checkout HEAD^
git log --oneline -n5
)
export ECLAIR_ANALYSIS=ECLAIR_BASE
eclair_prepare
eclair_analyze tf-m-ci-scripts/run-eclair-builds.sh
eclair_make_ecd
eclair_make_reports
eclair_make_delta_report ECLAIR_BASE ECLAIR
tf-ci-scripts/eclair/eclair_diff_report.py diff_output > misra_delta.txt
returnLicense
tf-ci-scripts/eclair/analyze_delta_index_html.sh
tf-ci-scripts/eclair/post_gerrit_comment.sh
publishers:
- archive:
artifacts: ECLAIR*/**, diff_output/**, misra_delta.txt, *issues_html/**, index.html
excludes: 'ECLAIR*/out/.data/**'
latest-only: false
allow-empty: true