Fixes an issue in commit 99dcb0e625 ("gitlab:build: Add option to export
staging rootfs for debugging") where the CI_BUILD_EXPORT_STAGING_ROOTFS
variable was not properly escaped in the export message.
Fixes: PCF-2201
Reported-by: Lu Dai <lu.dai@mind.be>
Fixes: 99dcb0e625 ("gitlab:build: Add option to export staging rootfs for debugging")
Signed-off-by: Petr Štetiar <petr.stetiar@prplfoundation.org>
(cherry picked from commit e5ae0a5103)
Currently it's not clear how long each phase of the build takes, so
let's break this down into collapsible sections which each can provide
precise duration measurement.
The new sections are collapsed by default (except make world) to reduce log
clutter, while still allowing quick access to detailed logs if needed.
References: PPW-1162
Signed-off-by: Petr Štetiar <petr.stetiar@prplfoundation.org>
(cherry picked from commit b69bdde013)
The source code is now avialable on GitHub, so we don't need to use the NDA
restricted MXL OSP runners.
While at it, switch from folded block scalars to literal block scalars,
as with the latter the newlines are preserved.
Signed-off-by: Petr Štetiar <petr.stetiar@prplfoundation.org>
(cherry picked from commit 196b51096b)
Currently we're seeing following build failure in target/linux build
step:
sysupgrade-prpl_freedom/kernel
sysupgrade-prpl_freedom/root
Usage: mkits.sh -A arch -C comp -a addr -e entry -v version -k kernel [-D name -n address -d dtb] -o its_file
-A ==> set architecture to 'arch'
-C ==> set compression type 'comp'
...snip...
make[5]: *** [Makefile:46: /builds/prpl-foundation/prplos/prplos/build_dir/target-aarch64_cortex-a73+neon-vfpv4_musl/linux-ipq95xx_generic/qcom_alxx-fit-uImage.itb] Error 1
make[4]: *** [Makefile:78: install] Error 2
make[3]: *** [Makefile:12: install] Error 2
time: target/linux/install#101.36#27.43#78.72
Without the complete command line of mkits.sh step it might be quite
tedious to find out the culprit, so lets try to provide more details by
running the target/install step again with verbose output.
Signed-off-by: Petr Štetiar <petr.stetiar@prplfoundation.org>
(cherry picked from commit a822e0a6c2)
It was decided, that prplOS releases should be actually prplWare
releases, so we've renamed prplos-vX.Y.Z Git tags to prplware-vX.Y.Z
since prplWare 4.0.1 release.
So lets adapt the CI bits accordingly.
Signed-off-by: Petr Štetiar <petr.stetiar@prplfoundation.org>
(cherry picked from commit 0a17811ca5)
Currently we're wasting roughly about 3 minutes of precious testbed time
when the firmware build CI job fails, every time. Due to increased
testing, this is no longer acceptable waste of testing resources.
During the investigation it was found out, that this is happening due to
changes introduced in commit febd8b0032 (".gitlab: Only run tests when
TFTP_IMAGE_DOWNLOAD_URL is set"), feature which was mainly introduced to
allow testing of externally build firmware images inside SoftAtHome for
previous, pre-2024 contribution delivery workflow. This is no longer
being used.
So lets fix it, but removing of TFTP_IMAGE_DOWNLOAD_URL feature. If we
need this feature again, it should be implemented in a different way,
avoiding wasting of the testbed resources after failed build.
Additionally, we need to change `rules: - when: always` in testbed.yml,
as it would still make run the CI job, despite of the failed dependency,
resorting back to the default `on_success` when rules, where the job is
run only when no jobs in earlier stages fail.
Signed-off-by: Petr Štetiar <petr.stetiar@prplfoundation.org>
Add support for exporting debug symbols from the staging directory
by creating a compressed archive (rootfs-debug.tar.xz) when the
CI_BUILD_EXPORT_STAGING_ROOTFS environment variable is set.
This helps with debugging build issues by preserving the staging
root directory contents for later analysis. The feature is:
- Disabled by default to avoid unnecessary overhead
- Activated only when explicitly requested via CI_BUILD_EXPORT_STAGING_ROOTFS
- Archives the staging_dir/root-* directories into rootfs-debug.tar.xz
To use this feature, simply set CI_BUILD_EXPORT_STAGING_ROOTFS when
running the CI build job.
References: PCF-1769
Signed-off-by: Mouna ALOUI <mouna.aloui@softathome.com>
When we want to test development branches of components, we need to point to the gitrepo and branch/hash/version we want to checkout of the component(s).
The CI has a check to see if the checksum of the corresponding package is correctly set in the package makefiles.
With this change, one can set the "skip_integrity_check" label on a MR.
In this case, the integrity check is not performed and we can simply download and use the development branch of the gitrepo.
This allows us to make MRs on the fly for testing purposes. Without needing to calculcate the checksum every time.
References: PPW-408
Signed-off-by: Matthias Franck <matthias.franck@softathome.com>
The default timeout of one hour is not sufficient anymore. We regularly
see timeouts because build times are exceeding this one hour time limit.
So lets workaround it by increasing the build timeout to 2 hours.
References: PCF-1342
Signed-off-by: Matthias FRANCK <matthias.franck@softathome.com>
Having slash in new `prpl/nightly` branch name causes issues with the
container paths:
The push refers to repository [registry.gitlab.com/prpl-foundation/prplos/prplos/prpl/nightly/builder]
...
denied: requested access to the resource is denied
So lets fix it by introducing new `CI_DESIGNATED_BRANCH_SLUG` variable
and use it appropriately.
Signed-off-by: Petr Štetiar <petr.stetiar@prplfoundation.org>
For some unknown reason upstream Linux kernel in version 4.16 via commit
5ee39a71fd89 ("arm64: Disable unhandled signal log messages by default")
silenced the reporting of traces for user space exceptions and thus
making arm64 the only architecture having this disabled by default:
arch/arm64/kernel/traps.c:int show_unhandled_signals = 0;
arch/csky/kernel/traps.c:int show_unhandled_signals = 1;
arch/loongarch/mm/fault.c:int show_unhandled_signals = 1;
arch/mips/mm/fault.c:int show_unhandled_signals = 1;
arch/parisc/mm/fault.c:int show_unhandled_signals = 1;
arch/powerpc/kernel/signal.c:int show_unhandled_signals = 1;
arch/riscv/kernel/traps.c:int show_unhandled_signals = 1;
arch/s390/mm/fault.c:int show_unhandled_signals = 1;
arch/sparc/mm/fault_32.c:int show_unhandled_signals = 1;
arch/sparc/mm/fault_64.c:int show_unhandled_signals = 1;
arch/x86/mm/fault.c:int show_unhandled_signals = 1;
We would like to be aware about such exceptions at least during
development, so lets enable it in development builds in the same spirit
as we did for coredumps in commit 6cf5635bf50e ("ci: generate coredumps
during development").
References: PCF-1107, PCF-1108
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Currently we're trying to have coredumps disabled to avoid regressions
such as PCF-663, but sometimes it might be handy to be able to collect
coredumps from the CI jobs, so lets introduce CI_BUILD_ENABLE_COREDUMPS
variable and enable it during development only, that is not on tagged
builds and not on builds in designated branches.
References: PCF-992, PCF-967
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Once prplos-v* tag is created, gather build artifacts, upload them to
generic packages and create a release.
Closes: PCF-800
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Its quite common these days to use GitLab's web based file editor to
save some edit/save/push development cycles, but on the other hand it
might introduce hard to debug/random issues here and there, so lets make
it clear, that something went wrong and prevent those possibly faulty
builds.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Introduce the TFTP_IMAGE_DOWNLOAD_URL variable to be able to run tests feeding the CI with a remote image (not build in the CI itself).
Signed-off-by: Matthias FRANCK <matthias.franck_ext@softathome.com>
It seems, that `package/install` build step is not providing error
output in the `BUILD_LOG_DIR` log files, so lets run it again on build
failure and provide output in the CI job log output directly.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
On restricted OSP builders we don't have access to the artifacts so lets
display the issues directly in the CI job log.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
We're currently missing log output in cases where for example
`configure` fails which returns 77 as its error code:
make[3]: *** [Makefile:118: elfutils-0.188/.configured_889556d2f423f99e091beece9c8d870a] Error 77
or download fails, which has 128 as its error code:
make[3]: *** [Makefile:128: dl/iwlwav-hostap-uci-2.8.tar.bz2] Error 128
So lets adjust the regexps so they can handle other error codes as well
and while at it increase the context by 15 lines to provide more clue
about the build error directly in the CI log output.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
GitLab has imposed some new limits for the build outputs and if we want
to see errors in the after_script step then we need to save some room in
the build output, so lets disable verbose logging.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Add builds for URX851 targets using very restricted environment to suit
NDA restrictions:
* using dedicated restricted builders
* no internet access during builds
* no build artifacts after builds
* using known container image for builds, its forced and can't be changed
* approval is needed to allow build in the merge request
Signed-off-by: Petr Štetiar <ynezz@true.cz>
This reverts commit c47172004e0e9fac60b398002987e32fe543f8e3 as the
libraries were included in build container in commit 1f6e7acef139 ("ci:
docker: builder: install libelf-dev and libdw-dev"), so this manual
installation is not needed anymore.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
The libelf-dev is a previous requirement to support STACK_VALIDATION
during kernel builds (x86/64). Building kernels with BTF debug
information requires both this and libdw-dev be installed.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Currently the build fails due to the following error:
fatal: detected dubious ownership in repository at '/builds/prpl-foundation/prplos/prplos'
To add an exception for this directory, call:
git config --global --add safe.directory /builds/prpl-foundation/prplos/prplos
Package integrity issues, please check packages-hash-issues.patch from artifacts
Thats likely caused by new CVE security fixes introduced in DLA-3239-2:
Multiple issues were found in Git, a distributed revision control
system. An attacker may cause other local users into executing arbitrary
commands, leak information from the local filesystem, and bypass
restricted shell.
Note: Due to new security checks, access to repositories owned and
accessed by different local users may now be rejected by Git; in case
changing ownership is not practical, git displays a way to bypass these
checks using the new "safe.directory" configuration entry.
So lets opt-out of this new behavior by setting `safe.directory=*` and
thus force Git to consider all Git repositories as safe regardless of
their owner, since we need to trust those sources anyway and it should
be likely more robust solution, then fiddling with filesystem
permissions.
Fixes: PCF-805
References: https://www.debian.org/lts/security/2022/dla-3239-2
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 3f0fd9044399645904c0986628991b4c3105d688)
