addons:
apt:
packages:
- - pep8
- automake
- autoconf
- libtool
- sed
- bash
- dh-exec
- - python-twisted
+ - python3-pip
- libfuse-dev
- libglib2.0-dev
+ - libjson-glib-dev
- libgmp-dev
- expect
- libtasn1-dev
- socat
- findutils
- - tpm-tools
- gnutls-dev
- gnutls-bin
- libasan2
- softhsm2
+ - libseccomp-dev
coverity_scan:
project:
name: swtpm
description: Build submitted via Travis CI
notification_email: stefanb@linux.vnet.ibm.com
- build_command_prepend: "./autogen.sh --with-openssl; make clean"
- build_command: make -j4
+ build_command_prepend: "git clone https://github.com/stefanberger/libtpms && cd libtpms && ./autogen.sh --with-openssl --prefix=/usr --with-tpm2 && make -j$(${NPROC:-nproc}) && sudo make install && cd .. && ./autogen.sh --with-openssl"
+ build_command: make -j$(${NPROC:-nproc})
branch_pattern: coverity_scan
+before_install:
+ - test $TRAVIS_BRANCH != coverity_scan -o ${TRAVIS_JOB_NUMBER##*.} = 1 || exit 0
+ - | # We need trousers only for the tss user
+ if [ "$(uname -s)" = "Linux" ]; then
+ sudo rm -rf /dev/tpm* # This is a work-around for Bionic where trousers otherwise fails to install
+ sudo apt-get -y install trousers
+ fi
script:
- - git clone https://github.com/stefanberger/libtpms
+ - sudo pip3 install --upgrade pip==20.3.3
+ - if [ ! -d libtpms ]; then git clone https://github.com/stefanberger/libtpms; fi
- cd libtpms
+ - if [ -n "${LIBTPMS_GIT_CHECKOUT}" ]; then
+ git checkout "${LIBTPMS_GIT_CHECKOUT}" -b testing;
+ fi
- CFLAGS="${LIBTPMS_CFLAGS:--g -O2}" LDFLAGS="${LIBTPMS_LDFLAGS}"
- ./autogen.sh --with-openssl --prefix=${LIBTPMS_PREFIX:-/usr} --with-tpm2
+ ./autogen.sh --with-openssl --prefix=${LIBTPMS_PREFIX:-/usr} --with-tpm2 ${LIBTPMS_CONFIG}
&& make -j$(${NPROC:-nproc})
&& sudo make install
- cd ..
- ./autogen.sh ${CONFIG}
&& ${SUDO} make clean
&& export SWTPM_TEST_EXPENSIVE=${SWTPM_TEST_EXPENSIVE:-1}
- && ${SUDO} make -j$(${NPROC:-nproc}) ${CHECK}
+ && export SWTPM_TEST_IBMTSS2=${SWTPM_TEST_IBMTSS2:-0}
+ && export SWTPM_TEST_STORE_VOLATILE=${SWTPM_TEST_STORE_VOLATILE:-0}
+ && ${SUDO} make -j$(${NPROC:-nproc}) ${CHECK} VERBOSE=1
- if [ -n "${RUN_TEST}" ]; then
sudo make install
&& sudo ${PREFIX}/bin/swtpm_setup
- --tpmstate /tmp --create-ek-cert --create-platform-cert
- --runas ${TSS_USER:-tss} --tpm2
+ --tpmstate /tmp --create-ek-cert --create-platform-cert --tpm2
|| { exit 1; };
fi
after_failure:
CONFIG="--with-openssl --prefix=${PREFIX}"
CHECK="distcheck"
RUN_TEST="1"
- before_script:
- - pep8 $(find . -type f | grep -E "\.py$")
- - env: PREFIX="/usr"
+ - dist: bionic
+ env: PREFIX="/usr"
CONFIG="--with-openssl --prefix=/usr --enable-test-coverage"
SUDO="sudo"
CHECK="check"
+ SWTPM_TEST_IBMTSS2="1"
+ SWTPM_TEST_STORE_VOLATILE="1"
before_script:
+ - sudo apt-get -y install tss2
- sudo pip install cpp-coveralls
+ - p=$PWD; while [ "$PWD" != "/" ]; do chmod o+x . &>/dev/null ; cd .. ; done; cd $p
+ && sudo mkdir src/swtpm/.libs
+ && sudo chown nobody src/swtpm src/swtpm/.libs
after_success:
- - sudo coveralls --gcov-options '\-lp'
- - env: CFLAGS="-fsanitize=address -g -fno-omit-frame-pointer"
+ - uidgid="$(id -nu):$(id -ng)" &&
+ sudo chown -R ${uidgid} ./ &&
+ cpp-coveralls --gcov-options '\-lp' -e libtpms
+ - env: CFLAGS="-fsanitize=address -g -fno-omit-frame-pointer -fno-sanitize-recover"
+ LIBTPMS_CFLAGS="-fsanitize=address -g -fno-omit-frame-pointer -fno-sanitize-recover"
LIBS="-lasan"
+ ASAN_OPTIONS="halt_on_error=1"
PREFIX="/usr"
- CONFIG="--with-openssl --prefix=${PREFIX}"
+ CONFIG="--with-openssl --prefix=${PREFIX} --without-seccomp"
+ SUDO="sudo"
+ CHECK="check"
+ - env: CFLAGS="-fsanitize=address -g -fno-omit-frame-pointer -fno-sanitize-recover"
+ LIBTPMS_CFLAGS="-fsanitize=address -g -fno-omit-frame-pointer -fno-sanitize-recover"
+ LIBTPMS_CONFIG="--disable-use-openssl-functions"
+ LIBS="-lasan"
+ ASAN_OPTIONS="halt_on_error=1"
+ PREFIX="/usr"
+ CONFIG="--with-openssl --prefix=${PREFIX} --without-seccomp"
SUDO="sudo"
CHECK="check"
- before_script:
- # Tspi_NV_WriteValue has an I/O error when using asan
- - echo -e '#!/usr/bin/env bash\nexit 0' > tests/test_parameters
- env: CFLAGS="-fsanitize=undefined -g -fno-omit-frame-pointer -fno-sanitize-recover"
+ LIBTPMS_CFLAGS="-fsanitize=undefined -g -fno-omit-frame-pointer -fno-sanitize-recover"
LIBS="-lubsan"
+ UBSAN_OPTIONS="halt_on_error=1"
PREFIX="/usr"
CONFIG="--with-openssl --prefix=${PREFIX}"
SUDO="sudo"
CHECK="check"
- - env: NPROC="sysctl -n hw.ncpu"
- LIBTPMS_CFLAGS="-I/usr/local/opt/openssl/include"
- LIBTPMS_LDFLAGS="-L/usr/local/opt/openssl/lib"
- LIBTPMS_PREFIX="${HOME}"
- CFLAGS="-I/usr/local/opt/openssl/include -I${HOME}/include"
- LDFLAGS="-L/usr/local/opt/openssl/lib -L${HOME}/lib"
- PKG_CONFIG_PATH="${HOME}/lib/pkgconfig"
- PREFIX="${HOME}"
- TSS_USER=$(id -u -n)
- CONFIG="--with-openssl --prefix=${PREFIX} --with-tss-user=${TSS_USER} --with-tss-group=$(id -g -n)"
- SWTPM_TEST_EXPENSIVE=0
- CHECK="check"
- LD_LIBRARY_PATH=${PREFIX}/lib:${PREFIX}/lib/swtpm
- RUN_TEST="1"
- SUDO="sudo"
- os: osx
- compiler: clang
- before_script:
- - brew upgrade gnutls
- - brew install expect
- - brew install libtasn
- - brew install glib
- - brew install gawk
- - brew install gmp
- - brew tap discoteq/discoteq
- - brew install flock
- - brew install socat
- # To run the pkcs11 test with softhsm we need SUDO (above)
- - brew install softhsm
projects / swtpm.git / blobdiff