mirror of
https://github.com/stefanberger/swtpm.git
synced 2025-08-22 19:04:35 +00:00
459f4e7dea
Since the tss2 package is commonly available in focal and jammy move it into to the general list of packages to installed. libtpm2-pkcs11-tools is available since jammy, so installed it there to enable the TPM 2 pkcs11 tests. Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
123 lines
5.1 KiB
YAML
123 lines
5.1 KiB
YAML
env:
|
|
global:
|
|
- secure: mcAXlw5k/1yOP2RMKWEtvU2SnsuHo5Idoi5zZ+hLj2CzdvT77Wh8HWQ7NRsiamL+3dMPxzzy60IYNZQ8F29y3rvN7gASVsYn31G5UkmfvpPLiucuPADM1rNm8FYNlia0GFW4keP+LwMrBo6KDK9k0T8w4lquXBwMmNzhvCYVwkBIM5YwhXW5nk1dOJtf6zAb6gDH/VNEYTXXRKjA5Jvln7+EVHY61pEx6rJGa2GU0A49ms5UMJVzv85FraiHwlCPnNhQWGJ6sStqxsd5i6VBTCrkwMqnnA+ZBosqIJkBXp4OkudfPWE9vsn7TtuYdbheOkUIv6GRPFJNG3Vm3Wh/IwvSOILS5xAmsB3MxyK3BlILOYcsywiSzV5J4+s5Vnih4FaRQ3xx46Fq2ldatuk7npIxfdd3Co5V1KZh1pq3ckAdKlY2PEsQc0Kh72Lxf2N0XVw4s0H7gzrFk4/ghIvoCmAWBRSrN+R7wleEcmxDRgUZHP6Qc2ZNP+kljhBLqzinW2jyxPAqQS17g5Tb01+WfqkG/T5jboyIIe/OEQ5XbQp3/d8rUA8STpJxD25lwKKqlIqU3ZFWYfRT+pA0x83AdiTm53CJSQqFyCLtZCqK0XSZbLfmFzjZJ7I8FQxZoF2o03DDkL1Xs0z0sj87i3UnsYzxGdSrcU2JDK7qRIn39sM=
|
|
sudo: required
|
|
language: c
|
|
dist: focal
|
|
addons:
|
|
apt:
|
|
packages:
|
|
- automake
|
|
- autoconf
|
|
- libtool
|
|
- libssl-dev
|
|
- sed
|
|
- make
|
|
- gawk
|
|
- sed
|
|
- bash
|
|
- dh-exec
|
|
- python3-pip
|
|
- libfuse-dev
|
|
- libglib2.0-dev
|
|
- libjson-glib-dev
|
|
- libgmp-dev
|
|
- expect
|
|
- libtasn1-dev
|
|
- socat
|
|
- findutils
|
|
- gnutls-dev
|
|
- gnutls-bin
|
|
- softhsm2
|
|
- libseccomp-dev
|
|
- tss2
|
|
coverity_scan:
|
|
project:
|
|
name: swtpm
|
|
description: Build submitted via Travis CI
|
|
notification_email: stefanb@linux.vnet.ibm.com
|
|
build_command_prepend: "git clone https://github.com/stefanberger/libtpms && cd libtpms && ./autogen.sh --with-openssl --prefix=/usr --with-tpm2 && make -j$(${NPROC:-nproc}) && sudo make install && cd .. && ./autogen.sh --with-openssl"
|
|
build_command: make -j$(${NPROC:-nproc})
|
|
branch_pattern: coverity_scan
|
|
before_install:
|
|
- test $TRAVIS_BRANCH != coverity_scan -o ${TRAVIS_JOB_NUMBER##*.} = 1 || exit 0
|
|
- | # We need trousers only for the tss user
|
|
if [ "$(uname -s)" = "Linux" ]; then
|
|
sudo rm -rf /dev/tpm* # This is a work-around for Bionic where trousers otherwise fails to install
|
|
sudo apt-get -y install trousers
|
|
fi
|
|
script:
|
|
- sudo pip3 install --upgrade pip==20.3.3
|
|
- if [ ! -d libtpms ]; then git clone https://github.com/stefanberger/libtpms; fi
|
|
- cd libtpms
|
|
- if [ -n "${LIBTPMS_GIT_CHECKOUT}" ]; then
|
|
git checkout "${LIBTPMS_GIT_CHECKOUT}" -b testing;
|
|
fi
|
|
- CFLAGS="${LIBTPMS_CFLAGS:--g -O2}" LDFLAGS="${LIBTPMS_LDFLAGS}"
|
|
./autogen.sh --with-openssl --prefix=${LIBTPMS_PREFIX:-/usr} --with-tpm2 ${LIBTPMS_CONFIG}
|
|
&& make -j$(${NPROC:-nproc})
|
|
&& sudo make install
|
|
- cd ..
|
|
- ./autogen.sh ${CONFIG}
|
|
&& ${SUDO} make clean
|
|
&& export SWTPM_TEST_EXPENSIVE=${SWTPM_TEST_EXPENSIVE:-1}
|
|
&& export SWTPM_TEST_IBMTSS2=${SWTPM_TEST_IBMTSS2:-0}
|
|
&& export SWTPM_TEST_STORE_VOLATILE=${SWTPM_TEST_STORE_VOLATILE:-0}
|
|
&& ${SUDO} make -j$(${NPROC:-nproc}) ${CHECK} VERBOSE=1
|
|
- if [ -n "${RUN_TEST}" ]; then
|
|
sudo make install
|
|
&& sudo ${PREFIX}/bin/swtpm_setup
|
|
--tpmstate /tmp --create-ek-cert --create-platform-cert --tpm2
|
|
|| { exit 1; };
|
|
fi
|
|
after_failure:
|
|
- for f in tests/*.log; do echo ">>>>>>> $f <<<<<<<"; cat $f; done
|
|
matrix:
|
|
include:
|
|
- env: PREFIX="/usr"
|
|
CONFIG="--with-openssl --prefix=${PREFIX}"
|
|
CHECK="distcheck"
|
|
RUN_TEST="1"
|
|
- dist: jammy
|
|
env: PREFIX="/usr"
|
|
CONFIG="--with-openssl --prefix=/usr --enable-test-coverage"
|
|
SUDO="sudo"
|
|
CHECK="check"
|
|
SWTPM_TEST_IBMTSS2="1"
|
|
SWTPM_TEST_STORE_VOLATILE="1"
|
|
before_script:
|
|
- sudo apt-get -y install libtpm2-pkcs11-tools
|
|
- sudo pip install cpp-coveralls
|
|
- p=$PWD; while [ "$PWD" != "/" ]; do chmod o+x . &>/dev/null ; cd .. ; done; cd $p
|
|
&& sudo mkdir src/swtpm/.libs
|
|
&& sudo chown nobody src/swtpm src/swtpm/.libs
|
|
after_success:
|
|
- uidgid="$(id -nu):$(id -ng)" &&
|
|
sudo chown -R ${uidgid} ./ &&
|
|
cpp-coveralls --gcov-options '\-lp' -e libtpms
|
|
- env: CFLAGS="-fsanitize=address -g -fno-omit-frame-pointer -fno-sanitize-recover"
|
|
LIBTPMS_CFLAGS="-fsanitize=address -g -fno-omit-frame-pointer -fno-sanitize-recover"
|
|
LIBS="-lasan"
|
|
ASAN_OPTIONS="halt_on_error=1"
|
|
PREFIX="/usr"
|
|
CONFIG="--with-openssl --prefix=${PREFIX} --without-seccomp"
|
|
SUDO="sudo"
|
|
CHECK="check"
|
|
- env: CFLAGS="-fsanitize=address -g -fno-omit-frame-pointer -fno-sanitize-recover"
|
|
LIBTPMS_CFLAGS="-fsanitize=address -g -fno-omit-frame-pointer -fno-sanitize-recover"
|
|
LIBTPMS_CONFIG="--disable-use-openssl-functions"
|
|
LIBS="-lasan"
|
|
ASAN_OPTIONS="halt_on_error=1"
|
|
PREFIX="/usr"
|
|
CONFIG="--with-openssl --prefix=${PREFIX} --without-seccomp"
|
|
SUDO="sudo"
|
|
CHECK="check"
|
|
- env: CFLAGS="-fsanitize=undefined -g -fno-omit-frame-pointer -fno-sanitize-recover"
|
|
LIBTPMS_CFLAGS="-fsanitize=undefined -g -fno-omit-frame-pointer -fno-sanitize-recover"
|
|
LIBS="-lubsan"
|
|
UBSAN_OPTIONS="halt_on_error=1"
|
|
PREFIX="/usr"
|
|
CONFIG="--with-openssl --prefix=${PREFIX}"
|
|
SUDO="sudo"
|
|
CHECK="check"
|