# Starter pipeline # Start with a minimal pipeline that you can customize to build and deploy your code. # Add steps that build, run tests, deploy, and more: # https://aka.ms/yaml trigger: none pr: none schedules: - cron: "0 0 * * *" displayName: Daily Build branches: include: - 20* exclude: - 200* - 201* - 202006 always: true resources: repositories: - repository: buildimage type: github name: sonic-net/sonic-buildimage ref: master endpoint: sonic-net pool: sonicbld parameters: - name: 'jobFilters' type: object default: - vs - barefoot - broadcom - centec - centec-arm64 - generic - marvell-armhf - mellanox stages: - stage: Prepare jobs: - job: Prepare steps: - script: | DEFAULT_MIRROR_URL_PREFIX=http://packages.trafficmanager.net DEBIAN_TIMESTAMP=$(curl $DEFAULT_MIRROR_URL_PREFIX/snapshot/debian/latest/timestamp) DEBIAN_SECURITY_TIMESTAMP=$(curl $DEFAULT_MIRROR_URL_PREFIX/snapshot/debian-security/latest/timestamp) echo "DEBIAN_TIMESTAMP=$DEBIAN_TIMESTAMP, DEBIAN_SECURITY_TIMESTAMP=$DEBIAN_SECURITY_TIMESTAMP" echo "##vso[task.setvariable variable=DEBIAN_TIMESTAMP;isOutput=true]$DEBIAN_TIMESTAMP" echo "##vso[task.setvariable variable=DEBIAN_SECURITY_TIMESTAMP;isOutput=true]$DEBIAN_SECURITY_TIMESTAMP" name: SetVersions displayName: 'Set snapshot versions' - stage: Build dependsOn: Prepare variables: - name: CACHE_MODE value: none - name: VERSION_CONTROL_OPTIONS value: 'SONIC_VERSION_CONTROL_COMPONENTS=' - name: SKIP_CHECKOUT value: true - name: DEBIAN_TIMESTAMP value: $[ stageDependencies.Prepare.Prepare.outputs['SetVersions.DEBIAN_TIMESTAMP'] ] - name: DEBIAN_SECURITY_TIMESTAMP value: $[ stageDependencies.Prepare.Prepare.outputs['SetVersions.DEBIAN_SECURITY_TIMESTAMP'] ] - template: .azure-pipelines/template-variables.yml@buildimage jobs: - template: azure-pipelines-build.yml parameters: jobFilters: ${{ parameters.jobFilters }} buildOptions: '${{ variables.VERSION_CONTROL_OPTIONS }} ENABLE_DOCKER_BASE_PULL=n SONIC_BUILD_JOBS=$(nproc) ENABLE_IMAGE_SIGNATURE=y' preSteps: - template: .azure-pipelines/template-clean-sonic-slave.yml@buildimage - checkout: self submodules: recursive fetchDepth: 0 path: s displayName: 'Checkout code' - script: | echo "DEBIAN_TIMESTAMP=$DEBIAN_TIMESTAMP, DEBIAN_SECURITY_TIMESTAMP=$DEBIAN_SECURITY_TIMESTAMP" if [ "$MIRROR_SNAPSHOT" == y ]; then mkdir -p target/versions/default/ echo "debian==$DEBIAN_TIMESTAMP" > target/versions/default/versions-mirror echo "debian-security==$DEBIAN_SECURITY_TIMESTAMP" >> target/versions/default/versions-mirror cat target/versions/default/versions-mirror fi displayName: 'Set snapshot versions' - stage: UpgradeVersions jobs: - job: UpgradeVersions pool: vmImage: 'ubuntu-20.04' steps: - script: | if [ -z "$(which gh)" ]; then sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-key C99B11DEB97541F0 sudo apt-add-repository https://cli.github.com/packages sudo apt update sudo apt install gh fi displayName: 'Install gh' - checkout: self displayName: 'Checkout code' - download: current patterns: '**/versions-*' - script: | mkdir -p target default_platform=broadcom artifacts=$(find $(Pipeline.Workspace) -maxdepth 1 -type d -name 'sonic-buildimage.*' | grep -v "sonic-buildimage.${default_platform}") echo "artifacts$artifacts" cp -r $(Pipeline.Workspace)/sonic-buildimage.${default_platform}/target/versions target/ make freeze FREEZE_VERSION_OPTIONS=-r find files/build/versions ordered_artifacts=$(echo "$artifacts" | grep -v -E "arm64|armhf" && echo "$artifacts" | grep -E "arm64|armhf") for artifact in $ordered_artifacts do rm -rf target/versions cp -r $artifact/target/versions target/ OPTIONS="-a -d" [[ "$artifact" == *arm64* || "$artifact" == *armhf* ]] && OPTIONS="-d" make freeze FREEZE_VERSION_OPTIONS="$OPTIONS" done git diff files/build/versions displayName: 'Freeze Versions' - script: | if [ -z "$GIT_USER" ]; then echo "Skipped to send the pull request, GIT_USER not set." exit 0 fi GIT_STATUS=$(git status --porcelain files/build/versions) if [ -z "$GIT_STATUS" ]; then echo "Skipped to send the pull request, no version change in files/build/versions" exit 0 fi if [ ! -d "$HOME" ]; then sudo mkdir -p $HOME sudo chown -R $(id -un):$(id -gn) $HOME fi SOURCE_BRANCH=$(Build.SourceBranch) REPO_NAME=$(Build.Repository.Name) [ -z "$GIT_REPO" ] && GIT_REPO=${REPO_NAME#*/} BRANCH_NAME=repd/versions/${SOURCE_BRANCH#refs/heads/} echo '#!/bin/bash' > git_env_password.sh echo 'echo $GIT_PASSWORD' >> git_env_password.sh chmod a+x git_env_password.sh export GIT_ASKPASS=./git_env_password.sh git config user.name $GIT_USER git config credential.https://github.com.username $GIT_USER git add files/build/versions git commit -m "[ci/build]: Upgrade SONiC package versions" git checkout -b $BRANCH_NAME git remote add remote https://github.com/$GIT_USER/$GIT_REPO git push remote HEAD:refs/heads/$BRANCH_NAME -f git branch -u remote/$BRANCH_NAME echo $GIT_PASSWORD | gh auth login --with-token TITLE="[${SOURCE_BRANCH#refs/heads/}] Upgrade SONiC package Versions" BODY=$TITLE RET=0 if ! gh pr create -t "$TITLE" -b "$BODY" -B $(Build.SourceBranch) -R $(Build.Repository.Name) > pr.log 2>&1; then if ! grep -q "already exists" pr.log; then RET=1 fi fi cat pr.log exit $RET env: GIT_USER: $(GIT_USER) GIT_PASSWORD: $(GIT_PASSWORD) displayName: 'Send Pull Request' - publish: $(System.DefaultWorkingDirectory)/files/build/versions artifact: 'sonic-buildimage.versions' displayName: 'Archive SONiC versions'