From d3040bd8042bd03d17180329ec1ca28edb21788e Mon Sep 17 00:00:00 2001 From: xumia <59720581+xumia@users.noreply.github.com> Date: Thu, 25 Feb 2021 13:44:58 +0800 Subject: [PATCH] Add azure pipelines for reproducible build (#6870) * Add azure pipelines for reproducible build * Add always build flag for upgrade build * Fix the build version ubuntu-20.04 --- .azure-pipelines/azure-pipelines-Official.yml | 31 +++++ .../azure-pipelines-UpgrateVersion.yml | 109 ++++++++++++++++++ .azure-pipelines/azure-pipelines-build.yml | 72 ++++++++++++ .../azure-pipelines-job-groups.yml | 53 +++++++++ 4 files changed, 265 insertions(+) create mode 100644 .azure-pipelines/azure-pipelines-Official.yml create mode 100644 .azure-pipelines/azure-pipelines-UpgrateVersion.yml create mode 100644 .azure-pipelines/azure-pipelines-build.yml create mode 100644 .azure-pipelines/azure-pipelines-job-groups.yml diff --git a/.azure-pipelines/azure-pipelines-Official.yml b/.azure-pipelines/azure-pipelines-Official.yml new file mode 100644 index 0000000000..a5a08167ca --- /dev/null +++ b/.azure-pipelines/azure-pipelines-Official.yml @@ -0,0 +1,31 @@ +# Starter pipeline +# Start with a minimal pipeline that you can customize to build and deploy your code. +# Add steps that build, run tests, deploy, and more: +# https://aka.ms/yaml + +trigger: none +pr: none + +schedules: +- cron: "0 0 * * *" + displayName: Daily Build + branches: + include: + - 202012 + always: true + +pool: sonicbld + +stages: +- stage: Build + jobs: + - template: azure-pipelines-build.yml + parameters: + buildOptions: 'SONIC_CONFIG_BUILD_JOBS=1 SONIC_VERSION_CONTROL_COMPONENTS=deb,py2,py3,web' + postSteps: + - script: | + make freeze + git status files/build/versions + git add files/build/versions + git diff HEAD files/build/versions + displayName: "Show git diff" diff --git a/.azure-pipelines/azure-pipelines-UpgrateVersion.yml b/.azure-pipelines/azure-pipelines-UpgrateVersion.yml new file mode 100644 index 0000000000..172cccab07 --- /dev/null +++ b/.azure-pipelines/azure-pipelines-UpgrateVersion.yml @@ -0,0 +1,109 @@ +# Starter pipeline +# Start with a minimal pipeline that you can customize to build and deploy your code. +# Add steps that build, run tests, deploy, and more: +# https://aka.ms/yaml + +trigger: none +pr: none + +schedules: +- cron: "0 0 * * *" + displayName: Daily Build + branches: + include: + - 202012 + always: true + +pool: sonicbld + +stages: +- stage: Build + jobs: + - template: azure-pipelines-build.yml + parameters: + buildSlave: y +- stage: UpgradeVersions + jobs: + - job: UpgradeVersions + pool: + vmImage: 'ubuntu-20.04' + steps: + - script: | + if [ -z "$(which gh)" ]; then + sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-key C99B11DEB97541F0 + sudo apt-add-repository https://cli.github.com/packages + sudo apt update + sudo apt install gh + fi + displayName: 'Install gh' + - checkout: self + displayName: 'Checkout code' + - download: current + patterns: '**/versions-*' + - script: | + mkdir -p target + default_platform=broadcom + artifacts=$(find $(Pipeline.Workspace) -maxdepth 1 -type d -name 'sonic-buildimage.*' | grep -v "sonic-buildimage.${default_platform}") + echo "artifacts$artifacts" + cp -r $(Pipeline.Workspace)/sonic-buildimage.${default_platform}/versions target/ + make freeze FREEZE_VERSION_OPTIONS=-r + find files/build/versions + for artifact in $artifacts + do + rm -rf target/versions + cp -r $artifact/versions target/ + make freeze FREEZE_VERSION_OPTIONS="-a -d" + done + git diff files/build/versions + displayName: 'Freeze Versions' + - script: | + if [ -z "$GIT_USER" ]; then + echo "Skipped to send the pull request, GIT_USER not set." + exit 0 + fi + GIT_STATUS=$(git status --porcelain files/build/versions) + if [ -z "$GIT_STATUS" ]; then + echo "Skipped to send the pull request, no version change in files/build/versions" + exit 0 + fi + if [ ! -d "$HOME" ]; then + sudo mkdir -p $HOME + sudo chown -R $(id -un):$(id -gn) $HOME + fi + SOURCE_BRANCH=$(Build.SourceBranch) + REPO_NAME=$(Build.Repository.Name) + [ -z "$GIT_REPO" ] && GIT_REPO=${REPO_NAME#*/} + BRANCH_NAME=repd/versions/${SOURCE_BRANCH#refs/heads/} + echo '#!/bin/bash' > git_env_password.sh + echo 'echo $GIT_PASSWORD' >> git_env_password.sh + chmod a+x git_env_password.sh + export GIT_ASKPASS=./git_env_password.sh + + git config user.name $GIT_USER + git config credential.https://github.com.username $GIT_USER + git add files/build/versions + git commit -m "Update SONiC version files" + git checkout -b $BRANCH_NAME + git remote add remote https://github.com/$GIT_USER/$GIT_REPO + git push remote HEAD:refs/heads/$BRANCH_NAME -f + git branch -u remote/$BRANCH_NAME + + echo $GIT_PASSWORD | gh auth login --with-token + TITLE="Upgrade SONiC Versions" + BODY="Upgrade SONiC Versions" + RET=0 + if ! gh pr create -t "$TITLE" -b "$BODY" -B $(Build.SourceBranch) -R $(Build.Repository.Name) > pr.log 2>&1; then + if ! grep -q "already exists" pr.log; then + RET=1 + fi + fi + cat pr.log + exit $RET + env: + GIT_USER: $(GIT_USER) + GIT_PASSWORD: $(GIT_PASSWORD) + displayName: 'Send Pull Request' + - publish: $(System.DefaultWorkingDirectory)/files/build/versions + artifact: 'sonic-buildimage.versions' + displayName: 'Archive SONiC versions' + diff --git a/.azure-pipelines/azure-pipelines-build.yml b/.azure-pipelines/azure-pipelines-build.yml new file mode 100644 index 0000000000..550e2ccd97 --- /dev/null +++ b/.azure-pipelines/azure-pipelines-build.yml @@ -0,0 +1,72 @@ +parameters: +- name: 'jobFilters' + type: object + default: '' +- name: 'buildOptions' + type: string + default: 'SONIC_CONFIG_BUILD_JOBS=1' +- name: 'buildSlave' + type: string + default: 'n' +- name: 'postSteps' + type: stepList + default: [] + +jobs: +- template: azure-pipelines-job-groups.yml + parameters: + jobFilters: ${{ parameters.jobFilters }} + preSteps: + - script: | + containers=$(docker container ls | grep "sonic-slave" | awk '{ print $1 }') + if [ ! -z "$containers" ]; then + docker container kill $containers || true + sleep 5 + fi + if [ "${{ parameters.buildSlave }}" == "y" ]; then + images=$(docker images 'sonic-slave-*' -a -q) + [ ! -z "$images" ] && docker rmi -f $images + fi + sudo rm -rf $(ls -A1) + displayName: 'Init' + - checkout: self + submodules: recursive + displayName: 'Checkout code' + - script: | + make ${{ parameters.buildOptions }} PLATFORM=$GROUP_NAME configure + displayName: 'Make configure' + postSteps: + - ${{ parameters.postSteps }} + - publish: $(System.DefaultWorkingDirectory)/target + artifact: 'sonic-buildimage.$(GROUP_NAME)$(GROUP_EXTNAME)' + displayName: "Archive sonic image" + jobGroups: + - name: vs + script: | + sudo bash -c "echo 1 > /proc/sys/vm/compact_memory" + make ${{ parameters.buildOptions }} target/sonic-vs.img.gz + - name: broadcom + script: | + make ${{ parameters.buildOptions }} target/sonic-broadcom.bin target/sonic-aboot-broadcom.swi + - name: barefoot + script: | + make ${{ parameters.buildOptions }} target/sonic-barefoot.bin target/sonic-aboot-barefoot.swi + - name: centec + script: | + make ${{ parameters.buildOptions }} INSTALL_DEBUG_TOOLS=y target/sonic-centec.bin + mv target/sonic-centec.bin target/sonic-centec-dbg.bin + make ${{ parameters.buildOptions }} target/sonic-centec.bin + make ${{ parameters.buildOptions }} ENABLE_SYNCD_RPC=y target/docker-syncd-centec-rpc.gz + - name: innovium + script: | + make ${{ parameters.buildOptions }} SONIC_CONFIG_BUILD_JOBS=1 target/sonic-innovium.bin + - name: mellanox + script: | + make ${{ parameters.buildOptions }} target/sonic-mellanox.bin + - name: mellanox + extName: _rpc + script: | + make ${{ parameters.buildOptions }} ENABLE_SYNCD_RPC=y all + - name: nephos + script: | + make ${{ parameters.buildOptions }} target/sonic-nephos.bin diff --git a/.azure-pipelines/azure-pipelines-job-groups.yml b/.azure-pipelines/azure-pipelines-job-groups.yml new file mode 100644 index 0000000000..1ca5c932b0 --- /dev/null +++ b/.azure-pipelines/azure-pipelines-job-groups.yml @@ -0,0 +1,53 @@ +parameters: +- name: 'preSteps' + type: stepList + default: [] +- name: "postSteps" + type: stepList + default: [] +- name: 'jobGroups' + type: object + default: [] +- name: 'jobVariables' + type: object + default: {} +- name: 'scriptEnv' + type: object + default: '' +- name: 'timeoutInMinutes' + type: 'number' + default: 1440 +- name: 'jobFilters' + type: object + default: '' + +jobs: +- ${{ each jobGroup in parameters.jobGroups }}: + - ${{ if or(eq(parameters.jobFilters, ''), containsValue(parameters.jobFilters, jobGroup.name)) }}: + - job: ${{ replace(format('{0}{1}', jobGroup.name, jobGroup.extName), '-', '_') }} + ${{ each pair in jobGroup }}: + ${{ if not(in(pair.key, 'job', 'name', 'extName', 'variables', 'steps', 'script', 'scriptEnv')) }}: + ${{ pair.key }}: ${{ pair.value }} + ${{ if eq(jobGroup.timeoutInMinutes, '') }}: + timeoutInMinutes: ${{ parameters.timeoutInMinutes }} + variables: + GROUP_NAME: ${{ jobGroup.name }} + GROUP_EXTNAME: '${{ jobGroup.extName }}' + GROUP_NAMES: ${{ join(',', parameters.jobGroups.*.name ) }} + ${{ if ne(jobGroup.variables, '') }}: + ${{ jobGroup.variables }} + ${{ each para in parameters.jobvariables }}: + ${{ if eq(jobGroup.variables[para.key], '') }}: + ${{ para.key }}: ${{ para.value }} + steps: + - ${{ parameters.preSteps }} + - ${{ if ne(jobGroup.script, '') }}: + - script: | + ${{ jobGroup.script }} + env: + ${{ if ne(parameters.scriptEnv, '') }}: + ${{ parameters.scriptEnv }} + displayName: 'JobScript' + - ${{ if ne(jobGroup.steps, '') }}: + - ${{ jobGroup.steps }} + - ${{ parameters.postSteps }}