travis: get 3.x building

Travis stopped working on 3.X as the deb packages are no longer at the link specified. Rather then having to wget a ton of dependencies, that tend to cause intermittent build failures, use the docker container approach on the master branch. Signed-off-by: William Roberts <william.c.roberts@intel.com>
tpm2-software · Apr 4, 2018 · 988e1e9 · 988e1e9
1 parent 9c9501e
commit 988e1e9
Show file tree

Hide file tree

Showing 4 changed files with 252 additions and 68 deletions.
diff --git a/.ci/docker.env b/.ci/docker.env
@@ -0,0 +1,5 @@
+CC
+COVERITY_SCAN_TOKEN
+COVERALLS_REPO_TOKEN
+
+TRAVIS_BUILD_DIR=/workspace/tpm2-tools
diff --git a/.ci/docker.run b/.ci/docker.run
@@ -0,0 +1,158 @@
+#!/usr/bin/env bash
+#;**********************************************************************;
+#
+# Copyright (c) 2017, Intel Corporation
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are met:
+#
+# 1. Redistributions of source code must retain the above copyright notice,
+# this list of conditions and the following disclaimer.
+#
+# 2. Redistributions in binary form must reproduce the above copyright notice,
+# this list of conditions and the following disclaimer in the documentation
+# and/or other materials provided with the distribution.
+#
+# 3. Neither the name of Intel Corporation nor the names of its contributors
+# may be used to endorse or promote products derived from this software without
+# specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
+# LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
+# THE POSSIBILITY OF SUCH DAMAGE.
+#;**********************************************************************;
+
+# all command failures are fatal
+set -e
+
+WORKSPACE=`dirname $TRAVIS_BUILD_DIR`
+
+echo "Workspace: $WORKSPACE"
+
+source $TRAVIS_BUILD_DIR/.ci/download-deps.sh
+
+get_deps "$WORKSPACE"
+
+export LD_LIBRARY_PATH=/usr/local/lib/
+export PATH=$PATH:/root/.local/bin/
+
+echo "echo changing to $TRAVIS_BUILD_DIR"
+# Change to the the travis build dir
+cd $TRAVIS_BUILD_DIR
+
+echo "starting dbus"
+mkdir -p /var/run/dbus
+if [ -e /var/run/dbus/pid ]; then
+  rm /var/run/dbus/pid
+fi
+
+# start dbus
+dbus-daemon --fork --system
+echo "dbus started"
+
+# let dbus have time to start up
+sleep 5
+
+echo "starting tpm server"
+# start the tpm server
+/ibmtpm974/src/tpm_server &
+echo "tpm server started"
+
+# start tpm2-abrmd
+
+# let the tpm simulator have time to start up before abrmd
+# tries to connect.
+sleep 5
+
+echo "starting abrmd server"
+tpm2-abrmd --tcti=socket &
+echo "started abrmd server"
+
+if [ -d build ]; then
+  rm -rf build
+fi
+
+# Do not run tests when building on coverity_scan branch
+if [ "${COVERITY_SCAN_BRANCH}" == 1 ]; then
+  echo "Coverity scan branch detected, not running build nor tests...exiting!"
+  exit 0
+fi
+
+# If it's clang, enable asan
+if [[ "$CC" == clang* ]]; then
+  echo "Detecting clang, enable asan"
+  export CFLAGS="-O1 -g -fsanitize=address -fno-omit-frame-pointer"
+  echo "Exported CFLAGS=$CFLAGS"
+  config_flags="--disable-hardening"
+  echo "Disabled configure option hardening"
+  export ASAN_ENABLED=true
+  echo "Exported ASAN_ENABLED=$ASAN_ENABLED"
+  # To get line numbers set up the asan symbolizer
+  clang_version=`$CC --version | head -n 1 | cut -d\  -f 3-3 | cut -d\. -f 1-2`
+  # Sometimes the version string has an Ubuntu on the front of it and the field
+  # location changes
+  if [ $clang_version == "version" ]; then
+    clang_version=`$CC --version | head -n 1 | cut -d\  -f 4-4 | cut -d\. -f 1-2`
+  fi
+  echo "Detected clang version: $clang_version"
+  ASAN_SYMBOLIZER_PATH="/usr/lib/llvm-$clang_version/bin/llvm-symbolizer"
+  if [ -e "$ASAN_SYMBOLIZER_PATH" ]; then
+    export ASAN_SYMBOLIZER_PATH
+    echo "Exported ASAN_SYMBOLIZER_PATH=$ASAN_SYMBOLIZER_PATH"
+  else
+    echo "No llvm symbolizer found at: $ASAN_SYMBOLIZER_PATH"
+    unset ASAN_SYMBOLIZER_PATH
+  fi
+else #GCC
+  export ENABLE_COVERAGE=true
+  echo "Exported ENABLE_COVERAGE=true"
+  config_flags="--disable-hardening --enable-code-coverage"
+fi
+
+# Bootstrap in the tpm2.0-tss tools directory
+./bootstrap
+
+# clang has asan enabled with options exported that fail
+# make distcheck, so only do this with gcc.
+# Do a make distcheck in the root, clear it and than
+# cd to the variant directory.
+if [ "$CC" == "gcc" ]; then
+    ./configure
+    make distcheck
+    make distclean
+fi
+
+# Make a build variant directory and change to it
+mkdir ./build
+pushd ./build
+
+../configure --enable-unit $config_flags
+make -j$(nproc)
+make -j$(nproc) check
+
+popd
+
+# Switch over to the test directory
+pushd ./test/system
+
+# Run the tests on ALL device TCTIs configuration
+
+TOOLS="$(pwd)/../../build/tools"
+PATH=$TOOLS:$TOOLS/aux:$PATH ./test.sh -p
+
+# done go back to tpm2-tools directory
+popd
+
+# upload coveralls results
+./.ci/coveralls-upload.sh
+
+exit 0
diff --git a/.ci/download-deps.sh b/.ci/download-deps.sh
@@ -0,0 +1,61 @@
+#!/usr/bin/env bash
+#;**********************************************************************;
+#
+# Copyright (c) 2017, Intel Corporation
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are met:
+#
+# 1. Redistributions of source code must retain the above copyright notice,
+# this list of conditions and the following disclaimer.
+#
+# 2. Redistributions in binary form must reproduce the above copyright notice,
+# this list of conditions and the following disclaimer in the documentation
+# and/or other materials provided with the distribution.
+#
+# 3. Neither the name of Intel Corporation nor the names of its contributors
+# may be used to endorse or promote products derived from this software without
+# specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
+# LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
+# THE POSSIBILITY OF SUCH DAMAGE.
+#;**********************************************************************;
+
+function get_deps() {
+
+	echo "pwd starting: `pwd`"
+	pushd "$1"
+	echo "pwd clone tss: `pwd`"
+	git clone -b 1.x https://github.com/tpm2-software/tpm2-tss.git
+	pushd tpm2-tss
+	echo "pwd build tss: `pwd`"
+	./bootstrap
+	./configure
+	make -j4
+	make install
+	popd
+	echo "pwd done tss: `pwd`"
+
+	echo "pwd clone abrmd: `pwd`"
+	git clone -b 1.x https://github.com/tpm2-software/tpm2-abrmd.git
+	pushd tpm2-abrmd
+	echo "pwd build abrmd: `pwd`"
+	./bootstrap
+	./configure
+	make -j4
+	make install
+	popd
+	echo "pwd done abrmd: `pwd`"
+	popd
+	echo "pwd done: `pwd`"
+}
diff --git a/.travis.yml b/.travis.yml
@@ -1,32 +1,13 @@
-dist: trusty
-# This is a lie: we don't need sudo but this is required to get an
-# Ubuntu image with a libc that isn't ancient, and with cmocka libs.
 sudo: required
-dist: trusty
 
 language: c
+
+services:
+  - docker
+
 compiler:
   - gcc
-  - clang-3.8
-
-addons:
-  coverity_scan:
-    project:
-      name: "01org/tpm2.0-tools"
-      description: "Build submitted via Travis CI"
-    notification_email: william.c.roberts@intel.com
-    build_command_prepend: "./bootstrap && ./configure && make clean"
-    build_command:   "make -j4"
-    branch_pattern: coverity_scan
-  apt:
-    packages:
-    - autoconf-archive
-    - libcurl4-openssl-dev
-    - libdbus-1-dev
-    - libglib2.0-dev
-    - clang-3.8
-    - pandoc
-    - lcov
+  - clang
 
 env:
   global:
@@ -35,50 +16,29 @@ env:
    - secure: "XrDhcREuntMn39qhSFBSSKZli9ZduGKCoq5rs/b+6e5zQIDwyDklwZIvgmrx2BJV5Sh7c5HB2Uvh9I7HdUOOOqDveZ9dcvjr2me7wfrhfMChB2miK318xVfyrK+6mkRnSMfuvG1CZiIcKYVStN1tX1uou9n3CnGz1ndmt5e4QwSQHR3K3g/HEXEgNjuei0OvtvE35/UaOpdxCoDlV3oExa3pU8mXLL77eskq35ebzwGsOu2zxD3wFhE1DF0O9yH4skH+fOH9ByxqK4n++uxbxXHW2oh4I/mEqr2wyyead/wuVa5UdxMDM7traUojlXy5O/Nn2Zfeky3ngSRQjzEYhKmiU2GiQ6ZBh78tmijPmKQpNOg2+0Uop7iT0SmefhappYOzc7KSTnYtWeEbZ4BXxeXzQZ98WsJj7Tmh258Y53KE2DDrmZYwk4EJuc6/4dv/HNMDdH8ZDzAdwMBi4lcsLnf8GQG/jfWYsrvCQQECkSfP2ICuRL9k/8pUUAnbp3X/WbCEMtaETy9STz7PNVqiWsSv/m9lBDVaHwZ7K87TdqhyDhYRDmPYP8qtu/M0tlNZ/M0VGo09xUgkb8Q2nNB7ahC7XYtBeHEIoIu6nf18gW8LgknpuhskF75ZHrKhh5VeN1zoPbG/oFYEk7ehNjGZC268d7jep5p5EaJzch5ai14="
 
 before_install:
-    - echo -n | openssl s_client -connect scan.coverity.com:443 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' | sudo tee -a /etc/ssl/certs/ca-
-    - pip install --user cpp-coveralls pyyaml
-
-install: 
-    - wget https://downloads.sourceforge.net/project/ibmswtpm2/ibmtpm974.tar.gz
-    - sha256sum ibmtpm974.tar.gz | grep -q 8e45d86129a0adb95fee4cee51f4b1e5b2d81ed3e55af875df53f98f39eb7ad7
-    - mkdir ibmtpm974 && pushd ibmtpm974 && tar axf ../ibmtpm974.tar.gz && pushd ./src && make
-    - ./tpm_server &
-    - popd && popd
-    - wget http://ftpmirror.gnu.org/autoconf-archive/autoconf-archive-2017.09.28.tar.xz
-    - sha256sum autoconf-archive-2017.09.28.tar.xz | grep -q 5c9fb5845b38b28982a3ef12836f76b35f46799ef4a2e46b48e2bd3c6182fa01
-    - tar xJf autoconf-archive-2017.09.28.tar.xz && pushd autoconf-archive-2017.09.28
-    - ./configure --prefix=/usr && make -j$(nproc) && sudo make install
-    - popd
-    - git clone -b 1.x https://github.com/intel/tpm2-tss.git
-    - pushd tpm2-tss
-    - ./bootstrap && ./configure && make -j$(nproc)
-    - sudo ../.ci/travis-tss-install.sh
-    - popd
-    - sudo ldconfig /usr/local/lib
-    - git clone -b 1.x https://github.com/intel/tpm2-abrmd.git
-    - pushd tpm2-abrmd
-    - git am ../.ci/patches/abrmd/* || true
-    - ./bootstrap && ./configure --with-dbuspolicydir=/etc/dbus-1/system.d && make -j$(nproc) && sudo make install && popd
-    - sudo mkdir -p /var/lib/tpm
-    - sudo groupadd tss && sudo useradd -M -d /var/lib/tpm -s /bin/false -g tss tss
-    - sudo pkill -HUP dbus-daemon
-    - sudo -u tss tpm2-abrmd --tcti=socket &
-    - wget http://mirrors.kernel.org/ubuntu/pool/universe/c/cmocka/libcmocka-dev_1.0.1-2_amd64.deb
-    - wget http://mirrors.kernel.org/ubuntu/pool/universe/c/cmocka/libcmocka0_1.0.1-2_amd64.deb
-    - sha256sum libcmocka-dev_1.0.1-2_amd64.deb | grep -q edb0dcfa14893b0a03375c4fe3b852043ce8fca8f2397cde340562554f6d50eb
-    - sha256sum libcmocka0_1.0.1-2_amd64.deb | grep -q 797155b45a8288a860c4ed9dd3f161420f09ebf362de30166d9f6b98bfc27dd0
-    - sudo dpkg -i libcmocka0_1.0.1-2_amd64.deb
-    - sudo dpkg -i libcmocka-dev_1.0.1-2_amd64.deb
-    # openssl 1.0.2g
-    - wget http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl1.0.0_1.0.2g-1ubuntu4.10_amd64.deb
-    - wget http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_1.0.2g-1ubuntu4.10_amd64.deb
-    - sha256sum libssl1.0.0_1.0.2g-1ubuntu4.10_amd64.deb | grep -q 99f550db61b0054715095fc77901280e81235900435f90b7db34af406f053832
-    - sha256sum libssl-dev_1.0.2g-1ubuntu4.10_amd64.deb | grep -q e44b09b81717a9ae86ff17adae1729682cb00b5285710e991f7b61c8a351c744
-    - sudo dpkg -i libssl1.0.0_1.0.2g-1ubuntu4.10_amd64.deb
-    - sudo dpkg -i libssl-dev_1.0.2g-1ubuntu4.10_amd64.deb
+- docker pull tpm2software/tpm2-tss
 
 script:
-    - ./.ci/travis-build-and-run-tests.sh
+#
+# Docker starts you in a cloned repo of your project with the PR checkout out.
+# We want those changes IN the docker image, so use the -v option to mount the
+# project repo in the docker image.
+#
+# Also, pass in any env variables required for the build via .ci/docker.env file
+#
+# Execute the build and test procedure by running .ci/docker.run
+#
+- >
+  docker run --env-file .ci/docker.env \
+    -v `pwd`:/workspace/tpm2-tools tpm2software/tpm2-tss \
+    /bin/bash -c '/workspace/tpm2-tools/.ci/docker.run'
 
-after_failure:
-   - cat build/test-suite.log
+addons:
+  coverity_scan:
+    project:
+      name: "tpm2-software/tpm2.0-tools"
+      description: "Build submitted via Travis CI"
+    notification_email: william.c.roberts@intel.com
+    build_command_prepend: "./bootstrap && ./configure && make clean"
+    build_command:   "make -j4"
+    branch_pattern: coverity_scan