selinux/.travis.yml
Nicolas Iooss 1b7073c700 Travis-CI: try working around network issues by retrying downloads
Some Travis-CI builds failed because of issues when downloading
refpolicy files for sepolgen tests. Use curl's option --retry to make
the downloads work when the networking issues are only transient.

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2017-10-26 12:51:33 -07:00

161 lines
6.3 KiB
YAML

# Define the building environment
language: c
matrix:
fast_finish: true
compiler:
- clang
- gcc
env:
matrix:
# Test the last version of Python and Ruby together, with some linkers
- PYVER=python3.6 RUBYLIBVER=2.4
- PYVER=python3.6 RUBYLIBVER=2.4 TEST_FLAGS_OVERRIDE=1
- PYVER=python3.6 RUBYLIBVER=2.4 LINKER=gold
- PYVER=python3.6 RUBYLIBVER=2.4 LINKER=bfd
# Test several Python versions
- PYVER=python2.7 RUBYLIBVER=2.4
- PYVER=python3.3 RUBYLIBVER=2.4
- PYVER=python3.4 RUBYLIBVER=2.4
- PYVER=python3.5 RUBYLIBVER=2.4
- PYVER=pypy RUBYLIBVER=2.4
- PYVER=pypy3 RUBYLIBVER=2.4
# Test several Ruby versions
- PYVER=python3.6 RUBYLIBVER=2.2
- PYVER=python3.6 RUBYLIBVER=2.3
matrix:
exclude:
- compiler: clang
env: PYVER=python3.6 RUBYLIBVER=2.4 LINKER=gold
- compiler: clang
env: PYVER=python3.6 RUBYLIBVER=2.4 LINKER=bfd
# Use Travis-CI Ubuntu 14.04 Trusty infrastructure, "full image" variant
sudo: required
dist: trusty
# Install SELinux userspace utilities dependencies
addons:
apt:
packages:
- bison
- flex
- gawk
- gettext
- libaudit-dev
- libbz2-dev
- libcap-dev
- libcap-ng-dev # This package is not whitelisted for the container infrastructure (https://github.com/travis-ci/apt-package-whitelist/issues/1096)
- libcunit1-dev
- libdbus-glib-1-dev
- libncurses5-dev
- libpcre3-dev
- patch
- python3-dev
- python-dev
- swig
- xmlto
install:
# Download refpolicy Makefile for sepolgen tests
- sudo mkdir -p /usr/share/selinux/default
- sudo curl --retry 10 -o /usr/share/selinux/default/Makefile 'https://raw.githubusercontent.com/TresysTechnology/refpolicy/RELEASE_2_20170204/support/Makefile.devel'
- sudo sed "s,^PREFIX :=.*,PREFIX := $TRAVIS_BUILD_DIR/installdir/usr," -i /usr/share/selinux/default/Makefile
- sudo mkdir -p /usr/share/selinux/refpolicy/include
- sudo curl --retry 10 -o /usr/share/selinux/refpolicy/include/build.conf 'https://raw.githubusercontent.com/TresysTechnology/refpolicy/RELEASE_2_20170204/build.conf'
- sudo mkdir -p /etc/selinux
- echo 'SELINUXTYPE=refpolicy' | sudo tee /etc/selinux/config
# Make sepolgen tests work without really installing anything in the real root (doing this would conflict with Ubuntu packages)
- sed -e "s,\"\(/usr/bin/[cs]\),\"$TRAVIS_BUILD_DIR/installdir\1," -i python/sepolgen/src/sepolgen/module.py
# Download the required python version if it is not installed
- VIRTUAL_ENV="$HOME/virtualenv/$PYVER"
- if ! [ -d "$VIRTUAL_ENV" ] ; then
curl --retry 10 -o python.tar.bz2 "https://s3.amazonaws.com/travis-python-archives/binaries/ubuntu/14.04/x86_64/${PYVER/python/python-}.tar.bz2" &&
sudo tar xjf python.tar.bz2 --directory / &&
rm python.tar.bz2 ;
fi
before_script:
# clang on Travis-CI 14.04 environment is too old to support -Wdouble-promotion
- if "$CC" --version |grep -q clang; then sed 's/ -Wdouble-promotion / /' -i libselinux/src/Makefile libselinux/utils/Makefile ; fi
# Build and install in a temporary directory to run tests
- export DESTDIR="$TRAVIS_BUILD_DIR/installdir"
# Configure the variables for Python parts
- export VIRTUAL_ENV="$HOME/virtualenv/$PYVER"
- export PYTHON="$VIRTUAL_ENV/bin/python"
# Use the header files in /opt/python/... for Python because the virtualenvs do not provide Python.h
- export PKG_CONFIG_PATH="/opt/python/$($PYTHON -c 'import sys;print("%d.%d.%d" % sys.version_info[:3])')/lib/pkgconfig"
# PyPy does not provide a config file for pkg-config nor a pypy-c.so
- if echo "$PYVER" | grep -q pypy ; then export PYINC=-I$($PYTHON -c 'import sys;print(sys.prefix)')/include PYLIBS= ; fi
# Python virtualenvs do not support "import site; print(site.getsitepackages()[0]"
# cf. https://github.com/pypa/virtualenv/issues/355#issuecomment-10250452
- export PYSITEDIR="$DESTDIR/usr/lib/$($PYTHON -c 'import sys;print("python%d.%d" % sys.version_info[:2])')/site-packages"
# Find the Ruby executable with version $RUBYLIBVER
- export RUBY="$(ls -d -1 "$HOME/.rvm/rubies/ruby-$RUBYLIBVER"*/bin/ruby | head -n 1)"
# Set the linker in $CC so that it gets used everywhere
- if [ -n "$LINKER" ]; then CC="$CC -fuse-ld=$LINKER" ; fi
# Show variables and versions (to help debugging)
- echo "$CC" ; $CC --version
- echo "$PYTHON" ; $PYTHON --version
- echo "$RUBY" ; $RUBY --version
# If TEST_FLAGS_OVERRIDE is defined, test that overriding CFLAGS, LDFLAGS and other variables works fine
- if [ -n "$TEST_FLAGS_OVERRIDE" ]; then EXPLICIT_MAKE_VARS="CFLAGS=-I$DESTDIR/usr/include LDFLAGS=-L$DESTDIR/usr/lib LDLIBS= CPPFLAGS=" ; fi
script:
# Start by installing everything into $DESTDIR
- make install $EXPLICIT_MAKE_VARS -k
- make install-pywrap $EXPLICIT_MAKE_VARS -k
- make install-rubywrap $EXPLICIT_MAKE_VARS -k
# Now that everything is installed, run "make all" to build everything which may have not been built
- make all $EXPLICIT_MAKE_VARS -k
# Set up environment variables for the tests
- export LD_LIBRARY_PATH="$DESTDIR/usr/lib:$DESTDIR/lib"
- export PATH="$DESTDIR/usr/sbin:$DESTDIR/usr/bin:$DESTDIR/sbin:$DESTDIR/bin:$PATH"
- export PYTHONPATH="$PYSITEDIR"
- export RUBYLIB="$DESTDIR/$($RUBY -e 'puts RbConfig::CONFIG["vendorlibdir"]'):$DESTDIR/$($RUBY -e 'puts RbConfig::CONFIG["vendorarchdir"]')"
# Show variables (to help debugging issues)
- echo "$LD_LIBRARY_PATH"
- echo "$PATH"
- echo "$PYTHONPATH"
- echo "$RUBYLIB"
# Run tests
- make test $EXPLICIT_MAKE_VARS
# Test Python and Ruby wrappers
- $PYTHON -c 'import selinux;import selinux.audit2why;import semanage;print(selinux.is_selinux_enabled())'
- $RUBY -e 'require "selinux";require "semanage";puts Selinux::is_selinux_enabled()'
# Remove every installed files
- rm -rf "$DESTDIR"
# Test that "git status" looks clean, or print a clear error message
- |-
git status --short | sed -n 's/^??/error: missing .gitignore entry for/p' | (! grep '^')
# Clean up everything and show which file would be added to "make clean"
- make clean distclean $EXPLICIT_MAKE_VARS
- |-
git ls-files --ignored --others --exclude-standard | sed 's/^/error: "make clean distclean" did not remove /' | (! grep '^')
# Do not spam by email so long as the build succeeds
notifications:
email:
on_success: never