// Copyright (C) 2019-2020 VyOS maintainers and contributors // // This program is free software; you can redistribute it and/or modify // in order to easy exprort images built to "external" world // it under the terms of the GNU General Public License version 2 or later as // published by the Free Software Foundation. // // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // // You should have received a copy of the GNU General Public License // along with this program. If not, see . @NonCPS // Using a version specifier library, use 'equuleus' branch. The underscore (_) // is not a typo! You need this underscore if the line immediately after the // @Library annotation is not an import statement! @Library('vyos-build@equuleus')_ /* Only keep the most recent builds. */ def projectProperties = [ [$class: 'BuildDiscarderProperty',strategy: [$class: 'LogRotator', numToKeepStr: '1']], ] properties(projectProperties) setDescription() node('Docker') { stage('Define Agent') { script { // create container name on demand def branchName = getGitBranchName() // Adjust PR target branch name so we can re-map it to the proper // Docker image. CHANGE_ID is set only for pull requests, so it is // safe to access the pullRequest global variable if (env.CHANGE_ID) { branchName = "${env.CHANGE_TARGET}".toLowerCase() } if (branchName.equals("master")) { branchName = "current" } env.DOCKER_IMAGE = "vyos/vyos-build:" + branchName } } } pipeline { agent { docker { reuseNode true args "--sysctl net.ipv6.conf.lo.disable_ipv6=0 -e GOSU_UID=1006 -e GOSU_GID=1006" image "${env.DOCKER_IMAGE}" alwaysPull true } } options { disableConcurrentBuilds() timeout(time: 120, unit: 'MINUTES') timestamps() } environment { DEBIAN_ARCH = sh(returnStdout: true, script: 'dpkg --print-architecture').trim() BASE_DIR = getJenkinsfilePath() } stages { stage('Fetch') { steps { script { checkout scm } } } stage('Git Clone - Components') { parallel { stage('Kernel') { when { beforeOptions true beforeAgent true anyOf { changeset pattern: "**/packages/linux-kernel/*" changeset pattern: "**/data/defaults.json" triggeredBy cause: "UserIdCause" } } steps { script { dir(env.BASE_DIR) { sh ''' KERNEL_VER=\$(cat ../../data/defaults.json | jq -r .kernel_version) gpg2 --locate-keys torvalds@kernel.org gregkh@kernel.org curl -OL https://www.kernel.org/pub/linux/kernel/v5.x/linux-${KERNEL_VER}.tar.xz curl -OL https://www.kernel.org/pub/linux/kernel/v5.x/linux-${KERNEL_VER}.tar.sign xz -cd linux-${KERNEL_VER}.tar.xz | gpg2 --verify linux-${KERNEL_VER}.tar.sign - if [ $? -ne 0 ]; then exit 1 fi tar xf linux-${KERNEL_VER}.tar.xz ln -s linux-${KERNEL_VER} linux ''' } } } } stage('Kernel Firmware') { when { beforeOptions true beforeAgent true anyOf { changeset pattern: "**/packages/linux-kernel/*" changeset pattern: "**/data/defaults.json" triggeredBy cause: "UserIdCause" } } steps { dir(env.BASE_DIR + '/linux-firmware') { checkout([$class: 'GitSCM', doGenerateSubmoduleConfigurations: false, extensions: [[$class: 'CleanCheckout'], [$class: 'CloneOption', depth: 1, noTags: false, reference: '', shallow: true]], branches: [[name: '20201218' ]], userRemoteConfigs: [[credentialsId: 'GitHub-vyosbot', url: 'https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git']]]) } } } stage('WireGuard') { when { beforeOptions true beforeAgent true anyOf { changeset pattern: "**/packages/linux-kernel/*" changeset pattern: "**/data/defaults.json" triggeredBy cause: "UserIdCause" } } steps { dir(env.BASE_DIR + '/wireguard-linux-compat') { checkout([$class: 'GitSCM', doGenerateSubmoduleConfigurations: false, extensions: [[$class: 'CleanCheckout']], branches: [[name: 'debian/1.0.20201112-1_bpo10+1' ]], userRemoteConfigs: [[credentialsId: 'GitHub-vyosbot', url: 'https://salsa.debian.org/debian/wireguard-linux-compat.git']]]) } } } stage('Accel-PPP') { when { beforeOptions true beforeAgent true anyOf { changeset pattern: "**/packages/linux-kernel/*" changeset pattern: "**/data/defaults.json" triggeredBy cause: "UserIdCause" } } steps { dir(env.BASE_DIR + '/accel-ppp') { checkout([$class: 'GitSCM', doGenerateSubmoduleConfigurations: false, extensions: [[$class: 'CleanCheckout']], branches: [[name: '0b4ef9862c65bf' ]], userRemoteConfigs: [[credentialsId: 'GitHub-vyosbot', url: 'https://github.com/accel-ppp/accel-ppp.git']]]) } } } } } stage('Compile Kernel') { when { beforeOptions true beforeAgent true anyOf { changeset pattern: "**/packages/linux-kernel/*" changeset pattern: "**/data/defaults.json" triggeredBy cause: "UserIdCause" } } steps { dir(env.BASE_DIR) { sh "./build-kernel.sh" } } } stage('Kernel Module(s)') { parallel { stage('WireGuard') { when { beforeOptions true beforeAgent true anyOf { changeset pattern: "**/packages/linux-kernel/*" changeset pattern: "**/data/defaults.json" triggeredBy cause: "UserIdCause" } } steps { dir(env.BASE_DIR) { // In Debian wireguard repo commit edb7124c866ea0e506278c311fc82dfde1f957be // they decided to split source code of the kernel part and tools sh "./build-wireguard-modules.sh" } } } stage('Accel-PPP') { when { beforeOptions true beforeAgent true anyOf { changeset pattern: "**/packages/linux-kernel/*" changeset pattern: "**/data/defaults.json" triggeredBy cause: "UserIdCause" } } steps { dir(env.BASE_DIR) { sh "./build-accel-ppp.sh" } } } stage('Intel QuickAssist Technology') { when { beforeOptions true beforeAgent true anyOf { changeset pattern: "**/packages/linux-kernel/*" changeset pattern: "**/data/defaults.json" triggeredBy cause: "UserIdCause" } } steps { dir(env.BASE_DIR) { sh "./build-intel-qat.sh" } } } stage('Intel ICE driver') { when { beforeOptions true beforeAgent true anyOf { changeset pattern: "**/packages/linux-kernel/*" changeset pattern: "**/data/defaults.json" triggeredBy cause: "UserIdCause" } } steps { dir(env.BASE_DIR) { sh "./build-intel-ice.py" } } } stage('Realtek r8152 driver') { when { beforeOptions true beforeAgent true anyOf { changeset pattern: "**/packages/linux-kernel/*" changeset pattern: "**/data/defaults.json" triggeredBy cause: "UserIdCause" } } steps { dir(env.BASE_DIR) { sh "./build-driver-realtek-r8152.py" } } } } } // This stage should not be run in the parallel section as it will call "make" // again on the kernel source and this could confuse other build systems // like Accel-PPP. Better safe then sorry! stage('Linux Firmware') { when { beforeOptions true beforeAgent true anyOf { changeset pattern: "**/packages/linux-kernel/*" changeset pattern: "**/data/defaults.json" triggeredBy cause: "UserIdCause" } } steps { dir(env.BASE_DIR) { sh "./build-linux-firmware.sh" } } } } post { cleanup { deleteDir() } success { script { dir(env.BASE_DIR) { // archive *.deb artifact on custom builds, deploy to repo otherwise if ( isCustomBuild()) { archiveArtifacts artifacts: '*.deb', fingerprint: true } else { // publish build result, using SSH-dev.packages.vyos.net Jenkins Credentials sshagent(['SSH-dev.packages.vyos.net']) { // build up some fancy groovy variables so we do not need to write/copy // every option over and over again! def RELEASE = getGitBranchName() if (getGitBranchName() == "master") { RELEASE = 'current' } def VYOS_REPO_PATH = '/home/sentrium/web/dev.packages.vyos.net/public_html/repositories/' + RELEASE + '/' if (getGitBranchName() == "crux") VYOS_REPO_PATH += 'vyos/' def SSH_OPTS = '-o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o LogLevel=ERROR' def SSH_REMOTE = env.DEV_PACKAGES_VYOS_NET_HOST // defined as global variable echo "Uploading package(s) and updating package(s) in the repository ..." files = findFiles(glob: '*.deb') files.each { PACKAGE -> def ARCH = sh(returnStdout: true, script: "dpkg-deb -f ${PACKAGE} Architecture").trim() def SUBSTRING = sh(returnStdout: true, script: "dpkg-deb -f ${PACKAGE} Package").trim() def SSH_DIR = '~/VyOS/' + RELEASE + '/' + ARCH def ARCH_OPT = '' if (ARCH != 'all') ARCH_OPT = '-A ' + ARCH // No need to explicitly check the return code. The pipeline // will fail if sh returns a non 0 exit code sh """ ssh ${SSH_OPTS} ${SSH_REMOTE} -t "bash --login -c 'mkdir -p ${SSH_DIR}'" scp ${SSH_OPTS} ${PACKAGE} ${SSH_REMOTE}:${SSH_DIR}/ ssh ${SSH_OPTS} ${SSH_REMOTE} -t "uncron-add 'reprepro -v -b ${VYOS_REPO_PATH} ${ARCH_OPT} remove ${RELEASE} ${SUBSTRING}'" ssh ${SSH_OPTS} ${SSH_REMOTE} -t "uncron-add 'reprepro -v -b ${VYOS_REPO_PATH} deleteunreferenced'" ssh ${SSH_OPTS} ${SSH_REMOTE} -t "uncron-add 'reprepro -v -b ${VYOS_REPO_PATH} ${ARCH_OPT} includedeb ${RELEASE} ${SSH_DIR}/${PACKAGE}'" """ } } } } } } } }