xref: /linux/drivers/gpu/drm/ci/gitlab-ci.yml (revision 0bebb1773d616ab5b3eab741167ad8791fadfbfc) 
1variables:
2  DRM_CI_PROJECT_PATH: &drm-ci-project-path mesa/mesa
3  DRM_CI_COMMIT_SHA: &drm-ci-commit-sha 25881c701a56233dd8fc7f92db6884a73949d63d
4
5  UPSTREAM_REPO: https://gitlab.freedesktop.org/drm/kernel.git
6  TARGET_BRANCH: drm-next
7
8  IGT_VERSION: 129d5b10baaadea1d6cd6377341c4cb42e7ee6fd
9
10  DEQP_RUNNER_GIT_URL: https://gitlab.freedesktop.org/mesa/deqp-runner.git
11  DEQP_RUNNER_GIT_TAG: v0.20.0
12
13  FDO_UPSTREAM_REPO: helen.fornazier/linux   # The repo where the git-archive daily runs
14  MESA_TEMPLATES_COMMIT: &ci-templates-commit aec7a6ce7bb38902c70641526f6611e27141784a
15  DRM_CI_PROJECT_URL: https://gitlab.freedesktop.org/${DRM_CI_PROJECT_PATH}
16  CI_PRE_CLONE_SCRIPT: |-
17          set -o xtrace
18          curl -L --retry 4 -f --retry-all-errors --retry-delay 60 -s ${DRM_CI_PROJECT_URL}/-/raw/${DRM_CI_COMMIT_SHA}/.gitlab-ci/download-git-cache.sh -o download-git-cache.sh
19          bash download-git-cache.sh
20          rm download-git-cache.sh
21          set +o xtrace
22  S3_JWT_FILE: /s3_jwt
23  S3_JWT_FILE_SCRIPT: |-
24      echo -n '${S3_JWT}' > '${S3_JWT_FILE}' &&
25      unset CI_JOB_JWT S3_JWT  # Unsetting vulnerable env variables
26  S3_HOST: s3.freedesktop.org
27  # This bucket is used to fetch the kernel image
28  S3_KERNEL_BUCKET: mesa-rootfs
29  # Bucket for git cache
30  S3_GITCACHE_BUCKET: git-cache
31  # Bucket for the pipeline artifacts pushed to S3
32  S3_ARTIFACTS_BUCKET: artifacts
33  # Base path used for various artifacts
34  S3_BASE_PATH: "${S3_HOST}/${S3_KERNEL_BUCKET}"
35  # per-pipeline artifact storage on MinIO
36  PIPELINE_ARTIFACTS_BASE: ${S3_HOST}/${S3_ARTIFACTS_BUCKET}/${CI_PROJECT_PATH}/${CI_PIPELINE_ID}
37  # per-job artifact storage on MinIO
38  JOB_ARTIFACTS_BASE: ${PIPELINE_ARTIFACTS_BASE}/${CI_JOB_ID}
39  KERNEL_IMAGE_BASE: https://${S3_HOST}/${S3_KERNEL_BUCKET}/${KERNEL_REPO}/${KERNEL_TAG}
40  LAVA_TAGS: subset-1-gfx
41  # Default priority for non-merge pipelines
42  FDO_RUNNER_JOB_PRIORITY_TAG_X86_64: ""  # Empty tags are ignored by gitlab
43  FDO_RUNNER_JOB_PRIORITY_TAG_X86_64_KVM: kvm
44  FDO_RUNNER_JOB_PRIORITY_TAG_AARCH64: aarch64
45  JOB_PRIORITY: 30
46  ARTIFACTS_BASE_URL: https://${CI_PROJECT_ROOT_NAMESPACE}.${CI_PAGES_DOMAIN}/-/${CI_PROJECT_NAME}/-/jobs/${CI_JOB_ID}/artifacts
47  # Python scripts for structured logger
48  PYTHONPATH: "$PYTHONPATH:$CI_PROJECT_DIR/install"
49  # Mesa-specific variables that shouldn't be forwarded to DUTs and crosvm
50  CI_EXCLUDE_ENV_VAR_REGEX: 'SCRIPTS_DIR|RESULTS_DIR'
51
52
53default:
54  id_tokens:
55    S3_JWT:
56      aud: https://s3.freedesktop.org
57  before_script:
58    - export SCRIPTS_DIR=$(mktemp -d)
59    - curl -L -s --retry 4 -f --retry-all-errors --retry-delay 60 -O --output-dir "${SCRIPTS_DIR}" "${DRM_CI_PROJECT_URL}/-/raw/${DRM_CI_COMMIT_SHA}/.gitlab-ci/setup-test-env.sh"
60    - source ${SCRIPTS_DIR}/setup-test-env.sh
61    - eval "$S3_JWT_FILE_SCRIPT"
62
63    - echo -e "\e[0Ksection_start:$(date +%s):drm_ci_download_section[collapsed=true]\r\e[0KDownloading mesa from $DRM_CI_PROJECT_URL/-/archive/$DRM_CI_COMMIT_SHA/mesa-$DRM_CI_COMMIT_SHA.tar.gz"
64    - cd $CI_PROJECT_DIR
65    - curl --output - $DRM_CI_PROJECT_URL/-/archive/$DRM_CI_COMMIT_SHA/mesa-$DRM_CI_COMMIT_SHA.tar.gz | tar -xz
66    - mv mesa-$DRM_CI_COMMIT_SHA/.gitlab-ci* .
67    - mv mesa-$DRM_CI_COMMIT_SHA/bin .
68    - rm -rf mesa-$DRM_CI_COMMIT_SHA/
69    - echo -e "\e[0Ksection_end:$(date +%s):drm_ci_download_section\r\e[0K"
70
71  after_script:
72    - >
73      set +x
74
75      test -e "${S3_JWT_FILE}" &&
76      export S3_JWT="$(<${S3_JWT_FILE})" &&
77      rm "${S3_JWT_FILE}"
78
79
80include:
81  - project: 'freedesktop/ci-templates'
82    ref: *ci-templates-commit
83    file:
84      - '/templates/alpine.yml'
85      - '/templates/debian.yml'
86      - '/templates/fedora.yml'
87      - '/templates/ci-fairy.yml'
88  - project: *drm-ci-project-path
89    ref: *drm-ci-commit-sha
90    file:
91      - '/.gitlab-ci/bare-metal/gitlab-ci.yml'
92      - '/.gitlab-ci/build/gitlab-ci.yml'
93      - '/.gitlab-ci/container/gitlab-ci.yml'
94      - '/.gitlab-ci/farm-rules.yml'
95      - '/.gitlab-ci/lava/gitlab-ci.yml'
96      - '/.gitlab-ci/test-source-dep.yml'
97      - '/.gitlab-ci/test/gitlab-ci.yml'
98      - '/src/amd/ci/gitlab-ci-inc.yml'
99      - '/src/freedreno/ci/gitlab-ci-inc.yml'
100      - '/src/gallium/drivers/crocus/ci/gitlab-ci-inc.yml'
101      - '/src/gallium/drivers/llvmpipe/ci/gitlab-ci-inc.yml'
102      - '/src/gallium/drivers/nouveau/ci/gitlab-ci-inc.yml'
103      - '/src/gallium/drivers/softpipe/ci/gitlab-ci-inc.yml'
104      - '/src/gallium/drivers/virgl/ci/gitlab-ci-inc.yml'
105      - '/src/gallium/drivers/zink/ci/gitlab-ci-inc.yml'
106      - '/src/gallium/frontends/lavapipe/ci/gitlab-ci-inc.yml'
107      - '/src/gallium/frontends/rusticl/ci/gitlab-ci.yml'
108      - '/src/intel/ci/gitlab-ci-inc.yml'
109      - '/src/microsoft/ci/gitlab-ci-inc.yml'
110      - '/src/nouveau/ci/gitlab-ci-inc.yml'
111      - '/src/virtio/ci/gitlab-ci-inc.yml'
112      - 'docs/gitlab-ci.yml'
113  - drivers/gpu/drm/ci/image-tags.yml
114  - drivers/gpu/drm/ci/container.yml
115  - drivers/gpu/drm/ci/static-checks.yml
116  - drivers/gpu/drm/ci/build.yml
117  - drivers/gpu/drm/ci/test.yml
118  - drivers/gpu/drm/ci/check-devicetrees.yml
119  - drivers/gpu/drm/ci/kunit.yml
120  - 'https://gitlab.freedesktop.org/gfx-ci/lab-status/-/raw/main/lab-status.yml'
121
122
123stages:
124  - sanity
125  - container
126  - deploy
127  - git-archive
128  - build-for-tests
129  - build-only
130  - static-checks
131  - kunit
132  - code-validation
133  - amdgpu
134  - i915
135  - mediatek
136  - meson
137  - msm
138  - panfrost
139  - powervr
140  - rockchip
141  - software-driver
142
143
144# YAML anchors for rule conditions
145# --------------------------------
146.rules-anchors:
147  rules:
148    # do not duplicate pipelines on merge pipelines
149    - if: $CI_COMMIT_BRANCH && $CI_OPEN_MERGE_REQUESTS && $CI_PIPELINE_SOURCE == "push"
150      when: never
151    # merge pipeline
152    - if: &is-merge-attempt $GITLAB_USER_LOGIN == "marge-bot" && $CI_PIPELINE_SOURCE == "merge_request_event"
153    # post-merge pipeline
154    - if: &is-post-merge $GITLAB_USER_LOGIN == "marge-bot" && $CI_PIPELINE_SOURCE == "push"
155    # Pre-merge pipeline (because merge pipelines are already caught above)
156    - if: &is-merge-request $CI_PIPELINE_SOURCE == "merge_request_event"
157    # Push to a branch on a fork
158    - if: &is-push-to-fork $CI_PIPELINE_SOURCE == "push"
159    # nightly pipeline
160    - if: &is-scheduled-pipeline $CI_PIPELINE_SOURCE == "schedule"
161    # pipeline for direct pushes that bypassed the CI
162    - if: &is-direct-push $CI_PIPELINE_SOURCE == "push" && $GITLAB_USER_LOGIN != "marge-bot"
163
164
165# Rules applied to every job in the pipeline
166.common-rules:
167  rules:
168    - if: *is-push-to-fork
169      when: manual
170
171.never-post-merge-rules:
172  rules:
173    - if: *is-post-merge
174      when: never
175
176
177# Note: make sure the branches in this list are the same as in
178# `.build-only-delayed-rules` below.
179.container-rules:
180  rules:
181    - !reference [.common-rules, rules]
182    # Run when re-enabling a disabled farm, but not when disabling it
183    - !reference [.disable-farm-mr-rules, rules]
184    # Never run immediately after merging, as we just ran everything
185    - !reference [.never-post-merge-rules, rules]
186    # Only rebuild containers in merge pipelines if any tags have been
187    # changed, else we'll just use the already-built containers
188    - if: *is-merge-attempt
189      changes: &image_tags_path
190        - drivers/gpu/drm/ci/image-tags.yml
191      when: on_success
192    # Skip everything for pre-merge and merge pipelines which don't change
193    # anything in the build; we only do this for marge-bot and not user
194    # pipelines in a MR, because we might still need to run it to copy the
195    # container into the user's namespace.
196    - if: *is-merge-attempt
197      when: never
198    # Any MR pipeline which changes image-tags.yml needs to be able to
199    # rebuild the containers
200    - if: *is-merge-request
201      changes: *image_tags_path
202      when: manual
203    # ... however for MRs running inside the user namespace, we may need to
204    # run these jobs to copy the container images from upstream
205    - if: *is-merge-request
206      when: manual
207    # Build everything after someone bypassed the CI
208    - if: *is-direct-push
209      when: manual
210    # Scheduled pipelines reuse already-built containers
211    - if: *is-scheduled-pipeline
212      when: never
213    # Allow building everything in fork pipelines, but build nothing unless
214    # manually triggered
215    - when: manual
216
217
218# Note: make sure the branches in this list are the same as in
219# `.build-only-delayed-rules` below.
220.build-rules:
221  rules:
222    - !reference [.common-rules, rules]
223    # Run when re-enabling a disabled farm, but not when disabling it
224    - !reference [.disable-farm-mr-rules, rules]
225    # Never run immediately after merging, as we just ran everything
226    - !reference [.never-post-merge-rules, rules]
227    # Build everything in merge pipelines
228    - if: *is-merge-attempt
229      when: on_success
230    # Same as above, but for pre-merge pipelines
231    - if: *is-merge-request
232      when: manual
233    # Build everything after someone bypassed the CI
234    - if: *is-direct-push
235      when: manual
236    # Build everything in scheduled pipelines
237    - if: *is-scheduled-pipeline
238      when: on_success
239    # Allow building everything in fork pipelines, but build nothing unless
240    # manually triggered
241    - when: manual
242
243
244# Repeat of the above but with `when: on_success` replaced with
245# `when: delayed` + `start_in:`, for build-only jobs.
246# Note: make sure the branches in this list are the same as in
247# `.build-rules` above.
248.build-only-delayed-rules:
249  rules:
250    - !reference [.common-rules, rules]
251    # Run when re-enabling a disabled farm, but not when disabling it
252    - !reference [.disable-farm-mr-rules, rules]
253    # Never run immediately after merging, as we just ran everything
254    - !reference [.never-post-merge-rules, rules]
255    # Build everything in merge pipelines
256    - if: *is-merge-attempt
257      when: delayed
258      start_in: &build-delay 5 minutes
259    # Same as above, but for pre-merge pipelines
260    - if: *is-merge-request
261      when: manual
262    # Build everything after someone bypassed the CI
263    - if: *is-direct-push
264      when: manual
265    # Build everything in scheduled pipelines
266    - if: *is-scheduled-pipeline
267      when: delayed
268      start_in: *build-delay
269    # Allow building everything in fork pipelines, but build nothing unless
270    # manually triggered
271    - when: manual
272
273
274.ci-deqp-artifacts:
275  artifacts:
276    name: "${CI_PROJECT_NAME}_${CI_JOB_NAME}"
277    when: always
278    untracked: false
279    paths:
280      # Watch out!  Artifacts are relative to the build dir.
281      # https://gitlab.com/gitlab-org/gitlab-ce/commit/8788fb925706cad594adf6917a6c5f6587dd1521
282      - artifacts
283      - _build/meson-logs/*.txt
284      - _build/meson-logs/strace
285
286
287# Git archive
288make-git-archive:
289  extends:
290    - .fdo.ci-fairy
291  stage: git-archive
292  rules:
293    - !reference [.scheduled_pipeline-rules, rules]
294  tags:
295    - $FDO_RUNNER_JOB_PRIORITY_TAG_X86_64
296  script:
297    # Remove drm-ci files we just added
298    - rm -rf .gitlab-ci.*
299    - rm -rf ci
300
301    # Compactify the .git directory
302    - git gc --aggressive
303    # compress the current folder
304    - tar -cvzf ../$CI_PROJECT_NAME.tar.gz .
305
306    # Use id_tokens for JWT auth
307    - ci-fairy s3cp --token-file "${S3_JWT_FILE}" ../$CI_PROJECT_NAME.tar.gz https://$S3_HOST/${S3_GITCACHE_BUCKET}/$CI_PROJECT_NAMESPACE/$CI_PROJECT_NAME/$CI_PROJECT_NAME.tar.gz
308
309
310# Sanity checks of MR settings and commit logs
311sanity:
312  extends:
313    - .fdo.ci-fairy
314  stage: sanity
315  tags:
316    - $FDO_RUNNER_JOB_PRIORITY_TAG_X86_64
317  rules:
318    - if: *is-merge-request
319      when: on_success
320    - when: never
321  variables:
322    GIT_STRATEGY: none
323  script:
324    # ci-fairy check-commits --junit-xml=check-commits.xml
325    # - ci-fairy check-merge-request --require-allow-collaboration --junit-xml=check-merge-request.xml
326    - |
327      set -eu
328      image_tags=(
329        CONTAINER_TAG
330        DEBIAN_BASE_TAG
331        DEBIAN_BUILD_TAG
332        DEBIAN_PYUTILS_TAG
333        DEBIAN_TEST_GL_TAG
334        KERNEL_TAG
335        PKG_REPO_REV
336      )
337      for var in "${image_tags[@]}"
338      do
339        if [ "$(echo -n "${!var}" | wc -c)" -gt 20 ]
340        then
341          echo "$var is too long; please make sure it is at most 20 chars."
342          exit 1
343        fi
344      done
345  artifacts:
346    when: on_failure
347    reports:
348      junit: check-*.xml
349
350
351mr-label-maker-test:
352  extends:
353    - .fdo.ci-fairy
354  stage: sanity
355  tags:
356    - $FDO_RUNNER_JOB_PRIORITY_TAG_X86_64
357  rules:
358    - !reference [.mr-label-maker-rules, rules]
359  variables:
360    GIT_STRATEGY: fetch
361  timeout: 10m
362  script:
363    - set -eu
364    - python3 -m venv .venv
365    - source .venv/bin/activate
366    - pip install git+https://gitlab.freedesktop.org/freedesktop/mr-label-maker
367    - mr-label-maker --dry-run --mr $CI_MERGE_REQUEST_IID
368
369
370# Jobs that need to pass before spending hardware resources on further testing
371.required-for-hardware-jobs:
372  needs:
373    - job: clang-format
374      optional: true
375    - job: rustfmt
376      optional: true
377    - job: toml-lint
378      optional: true
379
380deploy-docs:
381   rules:
382    - when: never
383
384linkcheck-docs:
385   rules:
386    - when: never
387
388test-docs:
389   rules:
390    - when: never
391
392.ci-tron-x86_64-test-vk:
393   rules:
394    - when: never
395
396.ci-tron-x86_64-test-gl-manual:
397   rules:
398    - when: never
399
400.ci-tron-arm64-test-gl:
401   rules:
402    - when: never
403
404.ci-tron-x86_64-test-gl:
405   rules:
406    - when: never
407