xref: /linux/drivers/gpu/drm/ci/gitlab-ci.yml (revision 8285af82219639e08c655a4c957c50605b8acf85) 
1variables:
2  DRM_CI_PROJECT_PATH: &drm-ci-project-path mesa/mesa
3  DRM_CI_COMMIT_SHA: &drm-ci-commit-sha f73132f1215a37ce8ffc711a0136c90649aaf128
4
5  UPSTREAM_REPO: https://gitlab.freedesktop.org/drm/kernel.git
6  TARGET_BRANCH: drm-next
7
8  IGT_VERSION: 04bedb9238586b81d4d4ca62b02e584f6cfc77af
9
10  DEQP_RUNNER_GIT_URL: https://gitlab.freedesktop.org/mesa/deqp-runner.git
11  DEQP_RUNNER_GIT_TAG: v0.20.0
12
13  FDO_UPSTREAM_REPO: helen.fornazier/linux   # The repo where the git-archive daily runs
14  MESA_TEMPLATES_COMMIT: &ci-templates-commit d5aa3941aa03c2f716595116354fb81eb8012acb
15  DRM_CI_PROJECT_URL: https://gitlab.freedesktop.org/${DRM_CI_PROJECT_PATH}
16  CI_PRE_CLONE_SCRIPT: |-
17          set -o xtrace
18          curl -L --retry 4 -f --retry-all-errors --retry-delay 60 -s ${DRM_CI_PROJECT_URL}/-/raw/${DRM_CI_COMMIT_SHA}/.gitlab-ci/download-git-cache.sh -o download-git-cache.sh
19          bash download-git-cache.sh
20          rm download-git-cache.sh
21          set +o xtrace
22  S3_JWT_FILE: /s3_jwt
23  S3_JWT_HEADER_FILE: /s3_jwt_header
24  S3_JWT_FILE_SCRIPT: |-
25      echo -n '${S3_JWT}' > '${S3_JWT_FILE}' &&
26      echo -n "Authorization: Bearer ${S3_JWT}" > '${S3_JWT_HEADER_FILE}' &&
27      unset CI_JOB_JWT S3_JWT  # Unsetting vulnerable env variables
28  S3_HOST: s3.freedesktop.org
29  # This bucket is used to fetch the kernel image
30  S3_KERNEL_BUCKET: mesa-rootfs
31  # Bucket for git cache
32  S3_GITCACHE_BUCKET: git-cache
33  # Bucket for the pipeline artifacts pushed to S3
34  S3_ARTIFACTS_BUCKET: artifacts
35  # per-pipeline artifact storage on MinIO
36  PIPELINE_ARTIFACTS_BASE: ${S3_HOST}/${S3_ARTIFACTS_BUCKET}/${CI_PROJECT_PATH}/${CI_PIPELINE_ID}
37  # per-job artifact storage on MinIO
38  JOB_ARTIFACTS_BASE: ${PIPELINE_ARTIFACTS_BASE}/${CI_JOB_ID}
39  KERNEL_IMAGE_BASE: https://${S3_HOST}/${S3_KERNEL_BUCKET}/${KERNEL_REPO}/${KERNEL_TAG}
40  LAVA_TAGS: subset-1-gfx
41  LAVA_JOB_PRIORITY: 30
42  ARTIFACTS_BASE_URL: https://${CI_PROJECT_ROOT_NAMESPACE}.${CI_PAGES_DOMAIN}/-/${CI_PROJECT_NAME}/-/jobs/${CI_JOB_ID}/artifacts
43  # Python scripts for structured logger
44  PYTHONPATH: "$PYTHONPATH:$CI_PROJECT_DIR/install"
45
46
47default:
48  id_tokens:
49    S3_JWT:
50      aud: https://s3.freedesktop.org
51  before_script:
52    - export SCRIPTS_DIR=$(mktemp -d)
53    - curl -L -s --retry 4 -f --retry-all-errors --retry-delay 60 -O --output-dir "${SCRIPTS_DIR}" "${DRM_CI_PROJECT_URL}/-/raw/${DRM_CI_COMMIT_SHA}/.gitlab-ci/setup-test-env.sh"
54    - source ${SCRIPTS_DIR}/setup-test-env.sh
55    - eval "$S3_JWT_FILE_SCRIPT"
56
57    - echo -e "\e[0Ksection_start:$(date +%s):drm_ci_download_section[collapsed=true]\r\e[0KDownloading mesa from $DRM_CI_PROJECT_URL/-/archive/$DRM_CI_COMMIT_SHA/mesa-$DRM_CI_COMMIT_SHA.tar.gz"
58    - cd $CI_PROJECT_DIR
59    - curl --output - $DRM_CI_PROJECT_URL/-/archive/$DRM_CI_COMMIT_SHA/mesa-$DRM_CI_COMMIT_SHA.tar.gz | tar -xz
60    - mv mesa-$DRM_CI_COMMIT_SHA/.gitlab-ci* .
61    - mv mesa-$DRM_CI_COMMIT_SHA/bin .
62    - rm -rf mesa-$DRM_CI_COMMIT_SHA/
63    - echo -e "\e[0Ksection_end:$(date +%s):drm_ci_download_section\r\e[0K"
64
65  after_script:
66    - >
67      set +x
68
69      test -e "${S3_JWT_FILE}" &&
70      export S3_JWT="$(<${S3_JWT_FILE})" &&
71      rm "${S3_JWT_FILE}"
72
73
74include:
75  - project: 'freedesktop/ci-templates'
76    ref: 16bc29078de5e0a067ff84a1a199a3760d3b3811
77    file:
78      - '/templates/ci-fairy.yml'
79  - project: 'freedesktop/ci-templates'
80    ref: *ci-templates-commit
81    file:
82      - '/templates/alpine.yml'
83      - '/templates/debian.yml'
84      - '/templates/fedora.yml'
85  - project: *drm-ci-project-path
86    ref: *drm-ci-commit-sha
87    file:
88      - '/.gitlab-ci/build/gitlab-ci.yml'
89      - '/.gitlab-ci/container/gitlab-ci.yml'
90      - '/.gitlab-ci/farm-rules.yml'
91      - '/.gitlab-ci/lava/lava-gitlab-ci.yml'
92      - '/.gitlab-ci/test-source-dep.yml'
93      - '/.gitlab-ci/test/gitlab-ci.yml'
94      - '/src/amd/ci/gitlab-ci-inc.yml'
95      - '/src/freedreno/ci/gitlab-ci-inc.yml'
96      - '/src/gallium/drivers/crocus/ci/gitlab-ci-inc.yml'
97      - '/src/gallium/drivers/llvmpipe/ci/gitlab-ci-inc.yml'
98      - '/src/gallium/drivers/nouveau/ci/gitlab-ci-inc.yml'
99      - '/src/gallium/drivers/softpipe/ci/gitlab-ci-inc.yml'
100      - '/src/gallium/drivers/virgl/ci/gitlab-ci-inc.yml'
101      - '/src/gallium/drivers/zink/ci/gitlab-ci-inc.yml'
102      - '/src/gallium/frontends/lavapipe/ci/gitlab-ci-inc.yml'
103      - '/src/gallium/frontends/rusticl/ci/gitlab-ci.yml'
104      - '/src/intel/ci/gitlab-ci-inc.yml'
105      - '/src/microsoft/ci/gitlab-ci-inc.yml'
106      - '/src/nouveau/ci/gitlab-ci-inc.yml'
107      - '/src/virtio/ci/gitlab-ci-inc.yml'
108  - drivers/gpu/drm/ci/image-tags.yml
109  - drivers/gpu/drm/ci/container.yml
110  - drivers/gpu/drm/ci/static-checks.yml
111  - drivers/gpu/drm/ci/build.yml
112  - drivers/gpu/drm/ci/test.yml
113  - drivers/gpu/drm/ci/check-devicetrees.yml
114  - drivers/gpu/drm/ci/kunit.yml
115  - 'https://gitlab.freedesktop.org/gfx-ci/lab-status/-/raw/main/lab-status.yml'
116
117
118stages:
119  - sanity
120  - container
121  - git-archive
122  - build-for-tests
123  - build-only
124  - static-checks
125  - kunit
126  - code-validation
127  - amdgpu
128  - i915
129  - mediatek
130  - meson
131  - msm
132  - panfrost
133  - powervr
134  - rockchip
135  - software-driver
136
137
138# YAML anchors for rule conditions
139# --------------------------------
140.rules-anchors:
141  rules:
142    # do not duplicate pipelines on merge pipelines
143    - if: $CI_COMMIT_BRANCH && $CI_OPEN_MERGE_REQUESTS && $CI_PIPELINE_SOURCE == "push"
144      when: never
145    # merge pipeline
146    - if: &is-merge-attempt $GITLAB_USER_LOGIN == "marge-bot" && $CI_PIPELINE_SOURCE == "merge_request_event"
147    # post-merge pipeline
148    - if: &is-post-merge $GITLAB_USER_LOGIN == "marge-bot" && $CI_PIPELINE_SOURCE == "push"
149    # Pre-merge pipeline
150    - if: &is-pre-merge $CI_PIPELINE_SOURCE == "merge_request_event"
151    # Push to a branch on a fork
152    - if: &is-fork-push $CI_PIPELINE_SOURCE == "push"
153    # nightly pipeline
154    - if: &is-scheduled-pipeline $CI_PIPELINE_SOURCE == "schedule"
155    # pipeline for direct pushes that bypassed the CI
156    - if: &is-direct-push $CI_PIPELINE_SOURCE == "push" && $GITLAB_USER_LOGIN != "marge-bot"
157
158
159# Rules applied to every job in the pipeline
160.common-rules:
161  rules:
162    - if: *is-fork-push
163      when: manual
164
165
166.never-post-merge-rules:
167  rules:
168    - if: *is-post-merge
169      when: never
170
171
172.container+build-rules:
173  rules:
174    - !reference [.common-rules, rules]
175    # Run when re-enabling a disabled farm, but not when disabling it
176    - !reference [.disable-farm-mr-rules, rules]
177    # Never run immediately after merging, as we just ran everything
178    - !reference [.never-post-merge-rules, rules]
179    # Build everything in merge pipelines
180    - if: *is-merge-attempt
181      when: on_success
182    # Same as above, but for pre-merge pipelines
183    - if: *is-pre-merge
184      when: manual
185    # Build everything after someone bypassed the CI
186    - if: *is-direct-push
187      when: manual
188    # Build everything in scheduled pipelines
189    - if: *is-scheduled-pipeline
190      when: on_success
191    # Allow building everything in fork pipelines, but build nothing unless
192    # manually triggered
193    - when: manual
194
195
196# Repeat of the above but with `when: on_success` replaced with
197# `when: delayed` + `start_in:`, for build-only jobs.
198# Note: make sure the branches in this list are the same as in
199# `.container+build-rules` above.
200.build-only-delayed-rules:
201  rules:
202    - !reference [.common-rules, rules]
203    # Run when re-enabling a disabled farm, but not when disabling it
204    - !reference [.disable-farm-mr-rules, rules]
205    # Never run immediately after merging, as we just ran everything
206    - !reference [.never-post-merge-rules, rules]
207    # Build everything in merge pipelines
208    - if: *is-merge-attempt
209      when: delayed
210      start_in: &build-delay 5 minutes
211    # Same as above, but for pre-merge pipelines
212    - if: *is-pre-merge
213      when: manual
214    # Build everything after someone bypassed the CI
215    - if: *is-direct-push
216      when: manual
217    # Build everything in scheduled pipelines
218    - if: *is-scheduled-pipeline
219      when: delayed
220      start_in: *build-delay
221    # Allow building everything in fork pipelines, but build nothing unless
222    # manually triggered
223    - when: manual
224
225
226.ci-deqp-artifacts:
227  artifacts:
228    name: "${CI_PROJECT_NAME}_${CI_JOB_NAME}"
229    when: always
230    untracked: false
231    paths:
232      # Watch out!  Artifacts are relative to the build dir.
233      # https://gitlab.com/gitlab-org/gitlab-ce/commit/8788fb925706cad594adf6917a6c5f6587dd1521
234      - artifacts
235      - _build/meson-logs/*.txt
236      - _build/meson-logs/strace
237
238
239# Git archive
240make git archive:
241  extends:
242    - .fdo.ci-fairy
243  stage: git-archive
244  rules:
245    - !reference [.scheduled_pipeline-rules, rules]
246  # ensure we are running on packet
247  tags:
248    - packet.net
249  script:
250    # Remove drm-ci files we just added
251    - rm -rf .gitlab-ci.*
252    - rm -rf ci
253
254    # Compactify the .git directory
255    - git gc --aggressive
256    # compress the current folder
257    - tar -cvzf ../$CI_PROJECT_NAME.tar.gz .
258
259    # Use id_tokens for JWT auth
260    - s3_upload ../$CI_PROJECT_NAME.tar.gz https://$S3_HOST/${S3_GITCACHE_BUCKET}/$CI_PROJECT_NAMESPACE/$CI_PROJECT_NAME/
261
262
263# Sanity checks of MR settings and commit logs
264sanity:
265  extends:
266    - .fdo.ci-fairy
267  stage: sanity
268  rules:
269    - if: *is-pre-merge
270      when: on_success
271    - when: never
272  variables:
273    GIT_STRATEGY: none
274  script:
275    # ci-fairy check-commits --junit-xml=check-commits.xml
276    - ci-fairy check-merge-request --require-allow-collaboration --junit-xml=check-merge-request.xml
277    - |
278      set -eu
279      image_tags=(
280        ALPINE_X86_64_LAVA_SSH_TAG
281        CONTAINER_TAG
282        DEBIAN_BASE_TAG
283        DEBIAN_BUILD_TAG
284        DEBIAN_PYUTILS_TAG
285        DEBIAN_TEST_GL_TAG
286        KERNEL_ROOTFS_TAG
287        KERNEL_TAG
288        PKG_REPO_REV
289      )
290      for var in "${image_tags[@]}"
291      do
292        if [ "$(echo -n "${!var}" | wc -c)" -gt 20 ]
293        then
294          echo "$var is too long; please make sure it is at most 20 chars."
295          exit 1
296        fi
297      done
298  artifacts:
299    when: on_failure
300    reports:
301      junit: check-*.xml
302  tags:
303    - placeholder-job
304
305
306mr-label-maker-test:
307  extends:
308    - .fdo.ci-fairy
309  stage: sanity
310  rules:
311    - !reference [.mr-label-maker-rules, rules]
312  variables:
313    GIT_STRATEGY: fetch
314  timeout: 10m
315  script:
316    - set -eu
317    - python3 -m venv .venv
318    - source .venv/bin/activate
319    - pip install git+https://gitlab.freedesktop.org/freedesktop/mr-label-maker
320    - mr-label-maker --dry-run --mr $CI_MERGE_REQUEST_IID
321
322
323# Jobs that need to pass before spending hardware resources on further testing
324.required-for-hardware-jobs:
325  needs:
326    - job: clang-format
327      optional: true
328    - job: rustfmt
329      optional: true
330    - job: toml-lint
331      optional: true
332