File: .gitlab-ci.yml

package info (click to toggle)
golang-github-mendersoftware-openssl 1.1.0-4
  • links: PTS, VCS
  • area: main
  • in suites: bookworm, experimental, forky, sid, trixie
  • size: 512 kB
  • sloc: ansic: 987; makefile: 2
file content (99 lines) | stat: -rw-r--r-- 4,592 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
 
include:
  - project: 'Northern.tech/Mender/mendertesting'
    file: '.gitlab-ci-github-status-updates.yml'
  - project: 'Northern.tech/Mender/mendertesting'
    file: '.gitlab-ci-check-commits-signoffs.yml'

stages:
  - test
  - publish

test:unit:
  image: golang:1.14
  stage: test

  before_script:
    # Rename the branch we're on, so that it's not in the way for the
    # subsequent fetch. It's ok if this fails, it just means we're not on any
    # branch.
    - git branch -m temp-branch || true
    # Git trick: Fetch directly into our local branches instead of remote
    # branches.
    - git fetch origin 'refs/heads/*:refs/heads/*'
    # Get last remaining tags, if any.
    - git fetch --tags origin

    # Prepare GO path
    - mkdir -p /go/src/github.com/mendersoftware
    - cp -r $CI_PROJECT_DIR /go/src/github.com/mendersoftware/openssl
    - cd /go/src/github.com/mendersoftware/openssl

    # Install code coverage / coveralls tooling
    - go get -u github.com/axw/gocov/gocov
    - go get -u golang.org/x/tools/cmd/cover

    # Install OpenSSL
    - apt-get update && apt-get install -yyq liblzma-dev libssl-dev
    # Install SoftHSM, OpenSC, GnuTLS
    - apt-get install -yyq softhsm2 opensc opensc-pkcs11 libengine-pkcs11-openssl gnutls-bin
    - mkdir -p /softhsm/tokens
    - echo "directories.tokendir = /softhsm/tokens" > /softhsm/softhsm2.conf
    - export SOFTHSM2_CONF=/softhsm/softhsm2.conf
    - softhsm2-util --init-token --free --label unittoken1 --pin 0001 --so-pin 0002 --slot 0
    - pkcs11-tool --module /usr/lib/softhsm/libsofthsm2.so -l -k --key-type rsa:2048 --id 0003 --label unittestkey0 --pin 0001
    - pkcs11-tool --module /usr/lib/softhsm/libsofthsm2.so --show-info
    - pkcs11-tool --module /usr/lib/softhsm/libsofthsm2.so --list-slots
    - pkcs11-tool --module /usr/lib/softhsm/libsofthsm2.so --list-token-slots
    - pkcs11-tool --module /usr/lib/softhsm/libsofthsm2.so --list-mechanisms
    - pkcs11-tool --module /usr/lib/softhsm/libsofthsm2.so --list-objects
    - p11tool --login --provider=/usr/lib/softhsm/libsofthsm2.so --set-pin=0001 --list-all
    - export TEST_KEY_URI=`p11tool --login --provider=/usr/lib/softhsm/libsofthsm2.so --set-pin=0001 --list-all 2>/dev/null | grep type=private | awk '{print($NF";pin-value=0001");}'`
    - echo using $TEST_KEY_URI;
    - echo -ne "[openssl_init]\nengines=engine_section\n\n[engine_section]\npkcs11 = pkcs11_section\n\n[pkcs11_section]\nengine_id = pkcs11\nMODULE_PATH = /usr/lib/softhsm/libsofthsm2.so\ninit = 0\n" >> /etc/ssl/openssl.cnf
    - openssl req -new -x509 -subj "/CN=MenderUnits" -engine pkcs11 -keyform engine -key "${TEST_KEY_URI}" -out cert.pem

  script:
    # Test if code was formatted with 'go fmt'
    # Command will format code and return modified files
    # fail if any have been modified.
    - if [ -n "$(go fmt)" ]; then echo 'Code is not formatted with "go fmt"'; false; fi

    # Perform static code analysys
    - go vet `go list ./... | grep -v vendor`

    # go list supply import paths for all sub directories.
    # Exclude vendor directory, we don't want to run tests and coverage for all dependencies every time,
    # also including their coverage may introduce to much noice. Concentrate on the coverage of local packages.
    # Execute go test on every local subpackage (resolved as dependencies) and generate covreage report for each.
    # Test packages pararell (xargs -P)
    - export TEST_KEY_URI=`p11tool --login --provider=/usr/lib/softhsm/libsofthsm2.so --set-pin=0001 --list-all 2>/dev/null | grep type=private | awk '{print($NF";pin-value=0001");}'`
    - go test -parallel 1 -count 1 -v -covermode=atomic -coverprofile=coverage.txt -coverpkg ./... ./... || exit $?

    # Collect coverage reports
    - mkdir -p tests/unit-coverage && find . -name 'coverage.txt' -exec cp --parents {} ./tests/unit-coverage \;
    - tar -cvf $CI_PROJECT_DIR/unit-coverage.tar tests/unit-coverage

  artifacts:
    expire_in: 2w
    paths:
      - unit-coverage.tar

publish:tests:
  image: golang:1.14-alpine3.11
  stage: publish
  dependencies:
    - test:unit
  before_script:
    - apk add --no-cache git
    - cd / && go get github.com/mattn/goveralls && cd -
    - export CI_BRANCH=${CI_COMMIT_BRANCH}
    - export CI_PR_NUMBER=${CI_COMMIT_BRANCH#pr_}
  script:
    - tar -xvf unit-coverage.tar
    - goveralls
      -repotoken ${COVERALLS_TOKEN}
      -service gitlab-ci
      -jobid $CI_PIPELINE_ID
      -covermode set
      -flagname unittests
      -coverprofile $(find tests/unit-coverage -name 'coverage.txt' | tr '\n' ',' | sed 's/,$//')