selinux/.travis.yml
Ondrej Mosnacek 0129422714 Travis-CI: test that DEBUG build works
Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com>
2020-02-07 16:29:04 -05:00

167 lines
6.3 KiB
YAML

# Define the building environment
language: c
matrix:
fast_finish: true
compiler:
- clang
- gcc
env:
matrix:
# Test the last version of Python and Ruby together, with some linkers
- PYVER=python3.7 RUBYLIBVER=2.6
- PYVER=python3.7 RUBYLIBVER=2.6 TEST_FLAGS_OVERRIDE=1
- PYVER=python3.7 RUBYLIBVER=2.6 TEST_DEBUG=1
- PYVER=python3.7 RUBYLIBVER=2.6 LINKER=gold
- PYVER=python3.7 RUBYLIBVER=2.6 LINKER=bfd
# Test several Python versions
- PYVER=python3.5 RUBYLIBVER=2.6
- PYVER=python3.6 RUBYLIBVER=2.6
- PYVER=pypy3.5-6.0 RUBYLIBVER=2.6
# Test several Ruby versions (http://rubies.travis-ci.org/)
- PYVER=python3.7 RUBYLIBVER=2.5.1
- PYVER=python3.7 RUBYLIBVER=2.4
- PYVER=python3.7 RUBYLIBVER=2.3
- PYVER=python3.7 RUBYLIBVER=2.2
matrix:
exclude:
- compiler: clang
env: PYVER=python3.7 RUBYLIBVER=2.6 LINKER=gold
- compiler: clang
env: PYVER=python3.7 RUBYLIBVER=2.6 LINKER=bfd
# Use Travis-CI Ubuntu 16.04 Xenial Xerus infrastructure, "full image" variant
sudo: required
dist: xenial
# Install SELinux userspace utilities dependencies
addons:
apt:
packages:
- bison
- flex
- gawk
- gettext
- libaudit-dev
- libbz2-dev
- libcap-dev
- libcap-ng-dev # This package is not whitelisted for the container infrastructure (https://github.com/travis-ci/apt-package-whitelist/issues/1096)
- libcunit1-dev
- libdbus-glib-1-dev
- libncurses5-dev
- libpcre3-dev
- patch
- python3-dev
- python-dev
- swig
- xmlto
install:
# Download and install refpolicy headers for sepolgen tests
- curl --location --retry 10 -o "$TRAVIS_BUILD_DIR/refpolicy.tar.bz2" https://github.com/SELinuxProject/refpolicy/releases/download/RELEASE_2_20180701/refpolicy-2.20180701.tar.bz2
- tar -C "$TRAVIS_BUILD_DIR" -xvjf "$TRAVIS_BUILD_DIR/refpolicy.tar.bz2"
# Make refpolicy Makefile use the new toolchain when building modules
- sed -e "s,^PREFIX :=.*,PREFIX := \$(DESTDIR)/usr," -i "$TRAVIS_BUILD_DIR/refpolicy/support/Makefile.devel"
- sudo make -C "$TRAVIS_BUILD_DIR/refpolicy" install-headers
- sudo rm -rf "$TRAVIS_BUILD_DIR/refpolicy.tar.bz2" "$TRAVIS_BUILD_DIR/refpolicy"
- sudo mkdir -p /etc/selinux
- echo 'SELINUXTYPE=refpolicy' | sudo tee /etc/selinux/config
- echo 'SELINUX_DEVEL_PATH = /usr/share/selinux/refpolicy' | sudo tee /etc/selinux/sepolgen.conf
# Make sepolgen tests work without really installing anything in the real root (doing this would conflict with Ubuntu packages)
- sed -e "s,\"\(/usr/bin/[cs]\),\"$TRAVIS_BUILD_DIR/installdir\1," -i python/sepolgen/src/sepolgen/module.py
# Download the required python version if it is not installed
- VIRTUAL_ENV="$HOME/virtualenv/$PYVER"
- if ! [ -d "$VIRTUAL_ENV" ] ; then
curl --retry 10 -o python.tar.bz2 "https://s3.amazonaws.com/travis-python-archives/binaries/ubuntu/16.04/x86_64/${PYVER/python/python-}.tar.bz2" &&
sudo tar xjf python.tar.bz2 --directory / &&
rm python.tar.bz2 ;
fi
# Install flake8 for the given python version
- $VIRTUAL_ENV/bin/pip install flake8
before_script:
# Build and install in a temporary directory to run tests
- export DESTDIR="$TRAVIS_BUILD_DIR/installdir"
# Configure the variables for Python parts
- export VIRTUAL_ENV="$HOME/virtualenv/$PYVER"
- export PYTHON="$VIRTUAL_ENV/bin/python"
# Use the header files in /opt/python/... for Python because the virtualenvs do not provide Python.h
- export PKG_CONFIG_PATH="/opt/python/$($PYTHON -c 'import sys;print("%d.%d.%d" % sys.version_info[:3])')/lib/pkgconfig"
# PyPy does not provide a config file for pkg-config
# libpypy-c.so is provided in bin/libpypy-c.so for PyPy and bin/libpypy3-c.so for PyPy3
- if echo "$PYVER" | grep -q pypy ; then
export PYINC=-I$($PYTHON -c 'import sys;print(sys.prefix)')/include ;
export PYLIBS="$($PYTHON -c 'import sys;print("-L%s/bin -l%s" % (sys.prefix, "pypy-c" if sys.version_info < (3,) else "pypy3-c"))')" ;
fi
# Find the Ruby executable with version $RUBYLIBVER
- rvm reinstall ruby-$RUBYLIBVER --binary
- export RUBY="$(ls -d -1 "$HOME/.rvm/rubies/ruby-$RUBYLIBVER"*/bin/ruby | head -n 1)"
# Set the linker in $CC so that it gets used everywhere
- if [ -n "$LINKER" ]; then CC="$CC -fuse-ld=$LINKER" ; fi
# Show variables and versions (to help debugging)
- echo "$CC" ; $CC --version
- echo "$PYTHON" ; $PYTHON --version
- echo "$RUBY" ; $RUBY --version
# If TEST_FLAGS_OVERRIDE is defined, test that overriding CFLAGS, LDFLAGS and other variables works fine
- if [ -n "$TEST_FLAGS_OVERRIDE" ]; then EXPLICIT_MAKE_VARS="CFLAGS=-I$DESTDIR/usr/include LDFLAGS=-L$DESTDIR/usr/lib LDLIBS= CPPFLAGS=" ; fi
# If TEST_DEBUG is defined, test that debug build works fine
- if [ -n "$TEST_DEBUG" ]; then EXPLICIT_MAKE_VARS="$EXPLICIT_MAKE_VARS DEBUG=1" ; fi
script:
# Start by installing everything into $DESTDIR
- make install $EXPLICIT_MAKE_VARS -k
- make install-pywrap $EXPLICIT_MAKE_VARS -k
- make install-rubywrap $EXPLICIT_MAKE_VARS -k
# Now that everything is installed, run "make all" to build everything which may have not been built
- make all $EXPLICIT_MAKE_VARS -k
# Set up environment variables for the tests
- . ./scripts/env_use_destdir
# Show variables (to help debugging issues)
- echo "$LD_LIBRARY_PATH"
- echo "$PATH"
- echo "$PYTHONPATH"
- echo "$RUBYLIB"
# Run tests
- make test $EXPLICIT_MAKE_VARS
# Test Python and Ruby wrappers
- $PYTHON -c 'import selinux;import selinux.audit2why;import semanage;print(selinux.is_selinux_enabled())'
- $RUBY -e 'require "selinux";require "semanage";puts Selinux::is_selinux_enabled()'
# Run Python linter
- PATH="$VIRTUAL_ENV/bin:$PATH" ./scripts/run-flake8
# Remove every installed files
- rm -rf "$DESTDIR"
# Test that "git status" looks clean, or print a clear error message
- |-
git status --short | sed -n 's/^??/error: missing .gitignore entry for/p' | (! grep '^')
# Clean up everything and show which file would be added to "make clean"
- make clean distclean $EXPLICIT_MAKE_VARS
- |-
git ls-files --ignored --others --exclude-standard | sed 's/^/error: "make clean distclean" did not remove /' | (! grep '^')
# Do not spam by email so long as the build succeeds
notifications:
email:
on_success: never