-
Notifications
You must be signed in to change notification settings - Fork 4
/
.gitlab-ci.yml
232 lines (223 loc) · 9.06 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
image: registry.gitlab.cc-asp.fraunhofer.de/iml/oe130/software/mars/docker/mars2-base-image:focal-latest
stages:
- "Build"
- "Test"
- "Code-Analysis"
- "Documentation"
before_script:
- echo "Writing .ssh/id_ed25519 private keyfile and setting up .ssh/known_hosts for FhG's GitLab server..."
- mkdir -p ~/.ssh
- echo "$SSH_KNOWN_HOSTS" > ~/.ssh/known_hosts
- "command -v ssh-agent >/dev/null || ( apt-get update -yq && apt-get install openssh-client -yq )" # ensure that ssh-agent is installed ...
- eval $(ssh-agent -s) # ... and running
- echo "$CI_CD_KEY" | base64 -d > ~/.ssh/id_ed25519 # construct private keyfile from masked key
# Note: The key/content of $CI_CD_KEY was extracted from a locally generated pair (of type ED25519) at ~/.ssh/id_ed25519
# by the following command: cat ~/.ssh/id_ed25519 | base64 -w0
# to get rid of newlines in order to be able to make it a MASKED variable in the GitLab web interface. "base64 -d"
# then performs the decoding. The corresponding public key has been added for the dependency (library) to
# https://gitlab.cc-asp.fraunhofer.de/silicon-economy/services/odyn/vda5050/simpleptn/-/settings/repository under "Deploy keys".
- chmod 600 ~/.ssh/id_ed25519
# cat ~/.ssh/id_ed25519 | ssh-add - # add the private ssh key
build_debug:
stage: "Build"
variables:
GIT_SUBMODULE_STRATEGY: recursive
GIT_DEPTH: 0
script:
- source /opt/ros/noetic/setup.bash >/dev/null
- /usr/bin/cmake --no-warn-unused-cli -DSimplePTN_URL:[email protected]:silicon-economy/services/odyn/vda5050/simpleptn.git -DCI_ENABLE_ALL:BOOL=TRUE -DLIBVDA5050PP_SPTN_DEP_LOCAL:BOOL=FALSE -DCMAKE_EXPORT_COMPILE_COMMANDS:BOOL=TRUE -DCMAKE_BUILD_TYPE:STRING=Release -DCMAKE_C_COMPILER:FILEPATH=/bin/clang-10 -DCMAKE_CXX_COMPILER:FILEPATH=/bin/clang++-10 -H/builds/silicon-economy/services/odyn/vda5050/libvda5050pp -B/builds/silicon-economy/services/odyn/vda5050/libvda5050pp/build -G "Unix Makefiles"
- /usr/bin/cmake --build /builds/silicon-economy/services/odyn/vda5050/libvda5050pp/build --config Debug --target all -- -j 14
artifacts:
when: always
paths:
- build/
- docs/
expire_in: 1 week
tags:
- intranet
rules:
- if: ($CI_COMMIT_BRANCH == "main") || ($CI_COMMIT_BRANCH == "dev")
allow_failure: false
# "Default clause" meaning: in all other cases
- when: on_success
allow_failure: true
build_release:
stage: "Build"
variables:
GIT_SUBMODULE_STRATEGY: recursive
GIT_DEPTH: 0
script:
- source /opt/ros/noetic/setup.bash >/dev/null
- /usr/bin/cmake --no-warn-unused-cli -DSimplePTN_URL:[email protected]:silicon-economy/services/odyn/vda5050/simpleptn.git -DCI_ENABLE_ALL:BOOL=TRUE -DLIBVDA5050PP_SPTN_DEP_LOCAL:BOOL=FALSE -DCMAKE_EXPORT_COMPILE_COMMANDS:BOOL=TRUE -DCMAKE_BUILD_TYPE:STRING=Release -DCMAKE_C_COMPILER:FILEPATH=/bin/clang-10 -DCMAKE_CXX_COMPILER:FILEPATH=/bin/clang++-10 -H/builds/silicon-economy/services/odyn/vda5050/libvda5050pp -B/builds/silicon-economy/services/odyn/vda5050/libvda5050pp/build -G "Unix Makefiles"
- /usr/bin/cmake --build /builds/silicon-economy/services/odyn/vda5050/libvda5050pp/build --config Release --target all -- -j 14
artifacts:
paths:
- build/
- docs/
expire_in: 1 week
tags:
- intranet
rules:
- if: ($CI_COMMIT_BRANCH == "main") || ($CI_COMMIT_BRANCH == "dev")
allow_failure: false
# "Default clause" meaning: in all other cases
- when: on_success
allow_failure: true
unittest:
stage: "Test"
dependencies:
- "build_debug"
variables:
GIT_SUBMODULE_STRATEGY: recursive
GIT_DEPTH: 0
script:
- cd ./build
- ctest --output-on-failure -O ctest.txt
artifacts:
when: always
reports:
junit:
- build/ctest.txt
expire_in: 1 week
tags:
- intranet
rules:
- if: ($CI_COMMIT_BRANCH == "main") || ($CI_COMMIT_BRANCH == "dev")
allow_failure: false
# "Default clause" meaning: in all other cases
- when: on_success
allow_failure: true
sonarqube:
stage: "Test"
# image: sonarsource/sonar-scanner-cli
dependencies:
- "build_debug"
variables:
GIT_SUBMODULE_STRATEGY: recursive
GIT_DEPTH: 0
before_script:
- echo "Writing .ssh/id_ed25519 private keyfile and setting up .ssh/known_hosts for FhG's GitLab server..."
- mkdir -p ~/.ssh
- echo "$SSH_KNOWN_HOSTS" > ~/.ssh/known_hosts
- "command -v ssh-agent >/dev/null || ( apt-get update -yq && apt-get install openssh-client -yq )" # ensure that ssh-agent is installed ...
- eval $(ssh-agent -s) # ... and running
- echo "$CI_CD_KEY" | base64 -d > ~/.ssh/id_ed25519 # construct private keyfile from masked key
# Note: The key/content of $CI_CD_KEY was extracted from a locally generated pair (of type ED25519) at ~/.ssh/id_ed25519
# by the following command: cat ~/.ssh/id_ed25519 | base64 -w0
# to get rid of newlines in order to be able to make it a MASKED variable in the GitLab web interface. "base64 -d"
# then performs the decoding. The corresponding public key has been added for the dependency (library) to
# https://gitlab.cc-asp.fraunhofer.de/silicon-economy/services/odyn/vda5050/simpleptn/-/settings/repository under "Deploy keys".
- chmod 600 ~/.ssh/id_ed25519
# cat ~/.ssh/id_ed25519 | ssh-add - # add the private ssh key
# Sonar does not work properly if there is no blame information, this ensures a complete history
- source /opt/ros/noetic/setup.bash >/dev/null
- source /catkin_ws/devel/setup.bash >/dev/null
- git fetch --unshallow || true
- cd /builds/silicon-economy/services/odyn/vda5050/libvda5050pp
- wget $SONAR_HOST_URL/static/cpp/build-wrapper-linux-x86.zip
- unzip -j build-wrapper-linux-x86.zip
- mkdir build_wrapper_output_directory
- ./build-wrapper-linux-x86-64 --out-dir build_wrapper_output_directory /usr/bin/cmake --build /builds/silicon-economy/services/odyn/vda5050/libvda5050pp/build --config Debug --clean-first --target all -- -j 14
script:
- PATH=$PATH:/sonar-scanner-4.6.2.2472-linux/bin
- cd /builds/silicon-economy/services/odyn/vda5050/libvda5050pp/build/test
- ./vda5050++_test
- llvm-profdata merge -sparse default.profraw -o coverage.profdata
- llvm-cov show ./vda5050++_test -instr-profile=coverage.profdata > coverage.txt
- cd /builds/silicon-economy/services/odyn/vda5050/libvda5050pp
- sonar-scanner
-Dsonar.projectKey=odyn.navsim.libvda5050pp
-Dsonar.projectName=odyn.navsim.libvda5050pp
-Dsonar.cfamily.build-wrapper-output=build_wrapper_output_directory
-Dsonar.host.url=$SONAR_HOST_URL
-Dsonar.login=$SONAR_TOKEN
-Dsonar.sourceEncoding=UTF-8
-Dsonar.cfamily.threads=1
-Dsonar.cfamily.cache.enabled=false
-Dsonar.cfamily.llvm-cov.reportPath=/builds/silicon-economy/services/odyn/vda5050/libvda5050pp/build/test/coverage.txt
-Dsonar.qualitygate.wait=true
-Dsonar.sources=extra,include,src
-Dsonar.tests=test
rules:
# Sonar analysis must succeed (i.e. the quality gate must be passed) in main and MRs
- if: ($CI_COMMIT_BRANCH == "main") || $CI_MERGE_REQUEST_IID
allow_failure: false
# "Default clause" meaning: in all other cases
- when: on_success
allow_failure: true
cache:
key: "sonar-${CI_PROJECT_ID}"
paths:
- ".scannerwork"
- ".sonar"
cppcheck:
stage: "Code-Analysis"
dependencies:
- "build_debug"
variables:
GIT_SUBMODULE_STRATEGY: recursive
GIT_DEPTH: 0
script:
- cppcheck --xml --enable=all --project=./build/compile_commands.json 2> cppcheck.xml
after_script:
- cppcheck-codequality --input-file=cppcheck.xml --output-file=cppcheck.json
artifacts:
when: always
reports:
codequality:
- cppcheck.json
expire_in: 1 week
tags:
- intranet
# rules:
# - if: ($CI_COMMIT_BRANCH == "main")
# allow_failure: false
# # "Default clause" meaning: in all other cases
# - when: on_success
# allow_failure: true
# Allow until SELE compliant configuration is available
allow_failure: true
clang-tidy:
stage: "Code-Analysis"
dependencies:
- "build_debug"
variables:
GIT_SUBMODULE_STRATEGY: recursive
GIT_DEPTH: 0
script:
- cd ./build
- run-clang-tidy -export-fixes ../clang_tidy_results.yml
artifacts:
when: on_failure
paths:
- clang_tidy_results.yml
expire_in: 1 week
tags:
- intranet
# rules:
# - if: ($CI_COMMIT_BRANCH == "main")
# allow_failure: false
# # "Default clause" meaning: in all other cases
# - when: on_success
# allow_failure: true
# Allow until SELE compliant configuration is available
allow_failure: true
pages:
stage: "Documentation"
dependencies:
- "build_debug"
variables:
GIT_SUBMODULE_STRATEGY: recursive
GIT_DEPTH: 0
script:
- source /opt/ros/noetic/setup.bash >/dev/null
- source /catkin_ws/devel/setup.bash >/dev/null
- cd ./build
- make mkdocs
- mv site/ ../public/
artifacts:
paths:
- public
tags:
- intranet
allow_failure: false