forked from google/trillian-examples
-
Notifications
You must be signed in to change notification settings - Fork 0
/
cloudbuild.yaml
152 lines (135 loc) · 5.44 KB
/
cloudbuild.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
timeout: 1200s
options:
machineType: E2_HIGHCPU_32
volumes:
- name: go-modules
path: /go
env:
- GOPROXY=https://proxy.golang.org
- PROJECT_ROOT=github.com/google/trillian-examples
- GOPATH=/go
- GOLANG_PROTOBUF_REGISTRATION_CONFLICT=ignore # Temporary work-around v1.proto already registered error.
# Cloud Build logs sent to GCS bucket
logsBucket: 'gs://trillian-cloudbuild-logs'
steps:
# First build a "testbase" docker image which contains most of the tools we need for the later steps:
- name: 'gcr.io/cloud-builders/docker'
entrypoint: 'bash'
args: ['-c', 'docker pull gcr.io/$PROJECT_ID/testbase:latest || exit 0']
- name: 'gcr.io/cloud-builders/docker'
args: [
'build',
'-t', 'gcr.io/$PROJECT_ID/testbase:latest',
'--cache-from', 'gcr.io/$PROJECT_ID/testbase:latest',
'-f', './integration/Dockerfile',
'.'
]
# prepare spins up an ephemeral trillian instance for testing use.
- name: gcr.io/$PROJECT_ID/testbase
entrypoint: 'bash'
id: 'prepare'
args:
- '-exc'
- |
# googleapis is not Go code, but it's required for .pb.go regeneration because of API dependencies.
git clone --depth=1 https://github.com/googleapis/googleapis.git "$$GOPATH/src/github.com/googleapis/googleapis"
# Use latest versions of Trillian docker images built by the Trillian CI cloudbuilders.
docker pull gcr.io/$PROJECT_ID/log_server:latest
docker tag gcr.io/$PROJECT_ID/log_server:latest deployment_trillian-log-server
docker pull gcr.io/$PROJECT_ID/log_signer:latest
docker tag gcr.io/$PROJECT_ID/log_signer:latest deployment_trillian-log-signer
# Bring up an ephemeral trillian instance using the docker-compose config in the Trillian repo:
export TRILLIAN_PATH="$(go list -f '{{.Dir}}' github.com/google/trillian)"
# We need to fix up Trillian's docker-compose to connect to the CloudBuild network to that tests can use it:
echo -e "networks:\n default:\n external:\n name: cloudbuild" >> $${TRILLIAN_PATH}/examples/deployment/docker-compose.yml
docker-compose -f $${TRILLIAN_PATH}/examples/deployment/docker-compose.yml pull mysql trillian-log-server trillian-log-signer
docker-compose -f $${TRILLIAN_PATH}/examples/deployment/docker-compose.yml up -d mysql trillian-log-server trillian-log-signer
# Install proto related bits
- name: gcr.io/$PROJECT_ID/testbase
id: 'go-get-proto'
args: ['go', 'get', 'github.com/golang/protobuf/proto']
waitFor: ['prepare']
- name: gcr.io/$PROJECT_ID/testbase
id: 'go-get-proto-gen'
args: ['go', 'get', 'github.com/golang/protobuf/protoc-gen-go']
waitFor: ['prepare']
# Run the presubmit build, generate, and test with coverage enabled.
- name: gcr.io/$PROJECT_ID/testbase
entrypoint: 'bash'
id: 'presubmit-build-and-test-with-coverage'
args:
- '-exc'
- |
./scripts/presubmit.sh --cloud-build --coverage --no-linters --no-actions --no-docker
# Check re-generation didn't change anything.
echo "Checking that generated files are the same as checked-in versions."
git diff -- --exit-code
waitFor: ['go-get-proto', 'go-get-proto-gen']
# Run the presubmit linters
- name: gcr.io/$PROJECT_ID/testbase
entrypoint: 'bash'
id: 'presubmit-lint'
args:
- '-exc'
- |
./scripts/presubmit.sh --cloud-build --no-build --no-generate --no-actions --no-docker
waitFor: ['go-get-proto', 'go-get-proto-gen']
# Build serverless actions
- name: gcr.io/$PROJECT_ID/testbase
entrypoint: 'bash'
id: 'presubmit-build-actions'
args:
- '-exc'
- |
./scripts/presubmit.sh --cloud-build --no-build --no-linters --no-generate --no-docker
waitFor: ['go-get-proto', 'go-get-proto-gen']
# Build docker images
- name: gcr.io/$PROJECT_ID/testbase
entrypoint: 'bash'
id: 'presubmit-build-docker'
args:
- '-exc'
- |
./scripts/presubmit.sh --cloud-build --no-build --no-linters --no-generate --no-actions
waitFor: ['go-get-proto', 'go-get-proto-gen']
# Test the USB Armory code as best we can
- name: gcr.io/$PROJECT_ID/testbase
id: 'usbarmory'
entrypoint: 'bash'
args: ['-exc', './binary_transparency/firmware/integration/ft_usbarmory_test.sh']
waitFor: ['go-get-proto', 'go-get-proto-gen']
# Run the FT integration test
- name: gcr.io/$PROJECT_ID/testbase
entrypoint: 'bash'
id: 'firmware-integration-test'
args:
- '-exc'
- |
export PATH=/bin:/usr/bin:/workspace/bin:/go/protoc/bin:/usr/local/go/bin
export TRILLIAN_LOG_RPC="deployment_trillian-log-server_1:8090"
./binary_transparency/firmware/integration/ft_test.sh --coverage
waitFor: ['go-get-proto', 'go-get-proto-gen']
# Run the helloworld integration test
- name: gcr.io/$PROJECT_ID/testbase
entrypoint: 'bash'
id: 'helloworld-integration-test'
args:
- '-exc'
- |
export PATH=/bin:/usr/bin:/workspace/bin:/go/protoc/bin:/usr/local/go/bin
export TRILLIAN_LOG_RPC="deployment_trillian-log-server_1:8090"
./helloworld/hw_integration.sh --coverage
waitFor: ['go-get-proto', 'go-get-proto-gen']
# Submit coverage results
- name: 'gcr.io/cloud-builders/curl'
entrypoint: bash
args: ['-c', 'bash <(curl -s https://codecov.io/bash)']
env:
- 'VCS_COMMIT_ID=$COMMIT_SHA'
- 'VCS_BRANCH_NAME=$BRANCH_NAME'
- 'VCS_PULL_REQUEST=$_PR_NUMBER'
- 'CI_BUILD_ID=$BUILD_ID'
- 'CODECOV_TOKEN=$_CODECOV_TOKEN' # _CODECOV_TOKEN is specified in the cloud build trigger
waitFor: ['presubmit-build-and-test-with-coverage', 'firmware-integration-test']
images:
- 'gcr.io/$PROJECT_ID/testbase:latest'