Skip to content

Commit

Permalink
Add ADO pipelines (#3741)
Browse files Browse the repository at this point in the history
Signed-off-by: Alan Jowett <[email protected]>
Co-authored-by: Alan Jowett <[email protected]>
  • Loading branch information
Alan-Jowett and Alan Jowett authored Aug 22, 2024
1 parent bde5a20 commit 59c5f5d
Show file tree
Hide file tree
Showing 5 changed files with 1,290 additions and 0 deletions.
370 changes: 370 additions & 0 deletions .azure/OneBranch.PullRequest.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,370 @@
# Copyright (c) Microsoft Corporation
# SPDX-License-Identifier: MIT

trigger:
## disable batching of changes when a push happens.
batch: false
branches:
include:
- internal/main
- internal/release/*
- main
- release/*

pr:
- main
- release/*

schedules:
- cron: '00 8 * * *'
displayName: Schedule CI/CD
branches:
include:
- main
always: true

parameters: # parameters are shown up in ADO UI in a build queue time
- name: 'debug'
displayName: 'Enable debug output'
type: boolean
default: false

variables:
CDP_DEFINITION_BUILD_COUNT: $[counter('', 0)]
system.debug: ${{ parameters.debug }}
ENABLE_PRS_DELAYSIGN: 0
ROOT: $(Build.SourcesDirectory)
REPOROOT: $(Build.SourcesDirectory)
OUTPUTROOT: $(REPOROOT)\out
NUGET_XMLDOC_MODE: none

WindowsContainerImage: 'cdpxwin1809.azurecr.io/global/vse2022:latest' # Docker image which is used to build the project

resources:
repositories:
- repository: templates
type: git
name: OneBranch.Pipelines/GovernedTemplates
ref: refs/heads/main


jobs:

# regular
# Always run this job.
- ${{ if in(variables['Build.Reason'], 'PullRequest', 'BatchedCI', 'IndividualCI', 'Schedule', 'Manual') }}:
- template: ./reusable-build.yml
parameters:
name: regular
build_artifact: Build-x64
generate_release_package: true
build_msi: true
build_nuget: true
build_options: /p:ReleaseJIT=True
configurations: ["Debug", "FuzzerDebug", "Release"]

# regular_native_only
# Always run this job.
- ${{ if in(variables['Build.Reason'], 'PullRequest', 'BatchedCI', 'IndividualCI', 'Schedule', 'Manual') }}:
- template: ./reusable-build.yml
parameters:
name: regular_native_only
build_artifact: Build-x64-native-only
build_msi: true
build_nuget: true
configurations: ["NativeOnlyDebug", "NativeOnlyRelease"]

# unit_tests
# Always run this job.
- ${{ if in(variables['Build.Reason'], 'PullRequest', 'BatchedCI', 'IndividualCI', 'Schedule', 'Manual') }}:
- template: ./reusable-test.yml
parameters:
name: unit_tests
pre_test: appverif -enable Exceptions Handles Heaps Leak Locks Memory SRWLock Threadpool TLS DangerousAPIs DirtyStacks TimeRollOver -for unit_tests.exe
test_command: '.\unit_tests.exe -d yes ~[processes]'
dependency: regular
build_artifact: Build-x64
environment: windows-2022
code_coverage: true
gather_dumps: true
capture_etw: true
leak_detection: true

# netebpfext_unit_tests
# Always run this job.
- ${{ if in(variables['Build.Reason'], 'PullRequest', 'BatchedCI', 'IndividualCI', 'Schedule', 'Manual') }}:
- template: ./reusable-test.yml
parameters:
name: netebpfext_unit_tests
pre_test: appverif -enable Exceptions Handles Heaps Leak Locks Memory SRWLock Threadpool TLS DangerousAPIs DirtyStacks TimeRollOver -for netebpfext_unit.exe
test_command: '.\netebpfext_unit.exe -d yes'
dependency: regular
build_artifact: Build-x64
environment: windows-2022
code_coverage: true
gather_dumps: true
capture_etw: true
leak_detection: true

# bpf2c
# Always run this job.
- ${{ if in(variables['Build.Reason'], 'PullRequest', 'BatchedCI', 'IndividualCI', 'Schedule', 'Manual') }}:
- template: ./reusable-test.yml
parameters:
name: bpf2c
test_command: '.\bpf2c_tests.exe -d yes'
dependency: regular
build_artifact: Build-x64
environment: windows-2022
vs_dev: true
code_coverage: true
gather_dumps: true
capture_etw: true

# bpf2c_conformance
# Always run this job.
- ${{ if in(variables['Build.Reason'], 'PullRequest', 'BatchedCI', 'IndividualCI', 'Schedule', 'Manual') }}:
- template: ./reusable-test.yml
parameters:
name: bpf2c_conformance
pre_test: 'powershell.exe Invoke-WebRequest https://github.com/Alan-Jowett/bpf_conformance/releases/download/v0.0.6/bpf_conformance_runner.exe -OutFile bpf_conformance_runner.exe'
test_command: '.\bpf_conformance_runner.exe --test_file_directory $(Build.SourcesDirectory)\$(PROJECT_NAME)\external\ebpf-verifier\external\bpf_conformance\tests --cpu_version v3 --exclude_regex lock* --plugin_path bpf2c_plugin.exe --debug true --plugin_options "--include $(Build.SourcesDirectory)\$(PROJECT_NAME)\include"'
dependency: regular
build_artifact: Build-x64
environment: windows-2022
vs_dev: true
code_coverage: true
gather_dumps: true
capture_etw: true

# Run the fault injection simulator.
# Always run this job.
- ${{ if in(variables['Build.Reason'], 'PullRequest', 'BatchedCI', 'IndividualCI', 'Schedule', 'Manual') }}:
- template: ./reusable-test.yml
parameters:
name: fault_injection
test_command: '.\unit_tests.exe'
dependency: regular
build_artifact: Build-x64
environment: windows-2022
code_coverage: true
gather_dumps: true
fault_injection: true
leak_detection: true

# Run the fault injection simulator for netebpfext_unit tests.
# Always run this job.
- ${{ if in(variables['Build.Reason'], 'PullRequest', 'BatchedCI', 'IndividualCI', 'Schedule', 'Manual') }}:
- template: ./reusable-test.yml
parameters:
name: fault_injection_netebpfext_unit
test_command: '.\netebpfext_unit.exe'
dependency: regular
build_artifact: Build-x64
environment: windows-2022
code_coverage: true
gather_dumps: true
fault_injection: true
leak_detection: true

# Additional jobs to run on pull and schedule only (skip push).
# ---------------------------------------------------------------------------
# Build with C++ static analyzer.
# Only run on schedule and pull request.
- ${{ if in(variables['Build.Reason'], 'PullRequest', 'Schedule', 'Manual') }}:
- template: ./reusable-build.yml
parameters:
name: analyze
build_artifact: Build-x64-Analyze
# Analysis on external projects is conditional, as on small CI/CD VMs the compiler can run OOM
build_options: /p:Analysis=True /p:AnalysisOnExternal=False

# Build with C++ address sanitizer.
# Only run on schedule and pull request.
- ${{ if in(variables['Build.Reason'], 'PullRequest', 'Schedule', 'Manual') }}:
- template: ./reusable-build.yml
parameters:
name: sanitize
build_artifact: Build-x64-Sanitize
build_options: /p:AddressSanitizer=True

# bpf2c_fuzzer
# Only run on pull request.
- ${{ if in(variables['Build.Reason'], 'PullRequest') }}:
- template: ./reusable-test.yml
parameters:
name: bpf2c_fuzzer
test_command: '.\bpf2c_fuzzer.exe bpf2c_fuzzer_corpus -use_value_profile=1 -max_total_time=300 -artifact_prefix=Artifacts\'
dependency: regular
build_artifact: Build-x64
environment: windows-2022
code_coverage: false
gather_dumps: true
configurations: ["FuzzerDebug"]

# bpf2c_fuzzer_scheduled
# Only run on schedule.
- ${{ if in(variables['Build.Reason'], 'Schedule', 'Manual') }}:
- template: ./reusable-test.yml
parameters:
name: bpf2c_fuzzer
test_command: '.\bpf2c_fuzzer.exe bpf2c_fuzzer_corpus -use_value_profile=1 -max_total_time=900 -artifact_prefix=Artifacts\'
dependency: regular
build_artifact: Build-x64
environment: windows-2022
code_coverage: false
gather_dumps: true
configurations: ["FuzzerDebug"]

# execution_context_fuzzer
# Only run on schedule and pull request.
- ${{ if in(variables['Build.Reason'], 'PullRequest', 'Schedule', 'Manual') }}:
- template: ./reusable-test.yml
parameters:
name: execution_context_fuzzer
test_command: '.\execution_context_fuzzer.exe execution_context_fuzzer_corpus -use_value_profile=1 -runs=3000 -artifact_prefix=Artifacts\'
dependency: regular
build_artifact: Build-x64
environment: windows-2022
code_coverage: false
gather_dumps: true
configurations: ["FuzzerDebug"]

# Run the verifier fuzzer.
# Only run on pull request.
- ${{ if in(variables['Build.Reason'], 'PullRequest') }}:
- template: ./reusable-test.yml
parameters:
name: verifier_fuzzer
test_command: '.\verifier_fuzzer.exe verifier_corpus -use_value_profile=1 -max_total_time=300 -artifact_prefix=Artifacts\'
dependency: regular
build_artifact: Build-x64
environment: windows-2022
code_coverage: false
gather_dumps: true
configurations: ["FuzzerDebug"]

# Run the verifier fuzzer.
# Only run on schedule.
- ${{ if in(variables['Build.Reason'], 'Schedule', 'Manual') }}:
- template: ./reusable-test.yml
parameters:
name: verifier_fuzzer
test_command: '.\verifier_fuzzer.exe verifier_corpus -use_value_profile=1 -max_total_time=900 -artifact_prefix=Artifacts\'
dependency: regular
build_artifact: Build-x64
environment: windows-2022
code_coverage: false
gather_dumps: true
configurations: ["FuzzerDebug"]

# core_helper_fuzzer
# Only run on schedule and pull request.
- ${{ if in(variables['Build.Reason'], 'PullRequest', 'Schedule', 'Manual') }}:
- template: ./reusable-test.yml
parameters:
name: core_helper_fuzzer
test_command: '.\core_helper_fuzzer core_helper_corpus -max_len=139 -runs=1000 -use_value_profile=1 -artifact_prefix=Artifacts\'
dependency: regular
build_artifact: Build-x64
environment: windows-2022
code_coverage: false
gather_dumps: true
configurations: ["FuzzerDebug"]

# netebpfext_fuzzer
# Only run on schedule and pull request.
- ${{ if in(variables['Build.Reason'], 'PullRequest', 'Schedule', 'Manual') }}:
- template: ./reusable-test.yml
parameters:
name: netebpfext_fuzzer
test_command: '.\netebpfext_fuzzer netebpfext_corpus -max_len=12 -runs=1000 -use_value_profile=1 -artifact_prefix=Artifacts\'
dependency: regular
build_artifact: Build-x64
environment: windows-2022
code_coverage: false
gather_dumps: true
configurations: ["FuzzerDebug"]

# cilium_tests
# Run Cilium regression tests.
# Only run on schedule and pull request.
- ${{ if in(variables['Build.Reason'], 'PullRequest', 'Schedule', 'Manual') }}:
- template: ./reusable-test.yml
parameters:
name: cilium_tests
test_command: '.\cilium_tests.exe -d yes'
dependency: regular
build_artifact: Build-x64
environment: windows-2022
code_coverage: false
gather_dumps: true

# Run the quick stress tests
# Only run on schedule and pull request.
- ${{ if in(variables['Build.Reason'], 'PullRequest', 'Schedule', 'Manual') }}:
- template: ./reusable-test.yml
parameters:
name: stress
test_command: '.\ebpf_performance.exe'
dependency: regular
build_artifact: Build-x64
environment: windows-2022
code_coverage: false
gather_dumps: true

# Run the unit tests with address sanitizer.
# Only run on schedule and pull request.
- ${{ if in(variables['Build.Reason'], 'PullRequest', 'Schedule', 'Manual') }}:
- template: ./reusable-test.yml
parameters:
name: sanitize_unit_tests
# Exclude [processes] test that ASAN can't work with.
test_command: '.\unit_tests.exe -d yes ~[processes]'
dependency: sanitize
build_artifact: Build-x64-Sanitize
environment: windows-2022
gather_dumps: true
capture_etw: true

# Run the complete fault injection simulator.
# Runs on a schedule as this takes a long time to run.
- ${{ if in(variables['Build.Reason'], 'Schedule', 'Manual') }}:
- template: ./reusable-test.yml
parameters:
name: fault_injection_full
test_command: '.\unit_tests.exe -d yes'
dependency: regular
build_artifact: Build-x64
environment: windows-2022
gather_dumps: true
fault_injection: true
leak_detection: true

# Run the complete fault injection simulator for netebpfext.
# Runs on a schedule as this takes a long time to run.
- ${{ if in(variables['Build.Reason'], 'Schedule', 'Manual') }}:
- template: ./reusable-test.yml
parameters:
name: netebpfext_fault_injection_full
test_command: '.\netebpfext_unit.exe -d yes'
dependency: regular
build_artifact: Build-x64
environment: windows-2022
gather_dumps: true
fault_injection: true
leak_detection: true

# Run multi-threaded stress tests against the user mode 'mock' framework.
# Runs on a schedule as this takes a long time to run.
- ${{ if in(variables['Build.Reason'], 'Schedule', 'Manual') }}:
- template: ./reusable-test.yml
parameters:
name: user_mode_multi_threaded_stress_test
test_command: '.\ebpf_stress_tests_um -tt=32 -td=10'
dependency: regular
build_artifact: Build-x64
environment: windows-2022
gather_dumps: true
leak_detection: false
capture_etw: true
Loading

0 comments on commit 59c5f5d

Please sign in to comment.