sudo: required
language: c
dist: xenial
-before_install:
-- sudo apt-get -y install pep8
-- pep8 $(find . -type f | grep -E "\.py$")
-- sudo apt-get -y install automake autoconf libtool libssl-dev sed make gawk sed bash
- dh-exec python-twisted
-- git clone https://github.com/stefanberger/libtpms
-- cd libtpms
-- git checkout origin/tpm2-preview.rev146.v2 -b tpm2-preview.rev146.v2
-- "./bootstrap.sh && ./configure --with-openssl --prefix=/usr --with-tpm2 && make -j4 &&
- sudo make install"
-- cd ..
-- sudo apt-get -y install libfuse-dev libglib2.0-dev libgmp-dev expect libtasn1-dev
- socat findutils tpm-tools gnutls-dev gnutls-bin
-- sudo pip install cpp-coveralls
addons:
+ apt:
+ packages:
+ - automake
+ - autoconf
+ - libtool
+ - libssl-dev
+ - sed
+ - make
+ - gawk
+ - sed
+ - bash
+ - dh-exec
+ - python3-pip
+ - libfuse-dev
+ - libglib2.0-dev
+ - libjson-glib-dev
+ - libgmp-dev
+ - expect
+ - libtasn1-dev
+ - socat
+ - findutils
+ - gnutls-dev
+ - gnutls-bin
+ - libasan2
+ - softhsm2
+ - libseccomp-dev
coverity_scan:
project:
name: swtpm
description: Build submitted via Travis CI
notification_email: stefanb@linux.vnet.ibm.com
- build_command_prepend: "./autogen.sh --with-openssl; make clean"
- build_command: make -j4
+ build_command_prepend: "git clone https://github.com/stefanberger/libtpms && cd libtpms && ./autogen.sh --with-openssl --prefix=/usr --with-tpm2 && make -j$(${NPROC:-nproc}) && sudo make install && cd .. && ./autogen.sh --with-openssl"
+ build_command: make -j$(${NPROC:-nproc})
branch_pattern: coverity_scan
-script: "./autogen.sh --with-openssl --prefix=/usr
- && SWTPM_TEST_EXPENSIVE=1 make -j4 distcheck
- && ./configure --with-openssl --prefix=/usr --enable-test-coverage
- && sudo make clean
- && sudo make -j4 check"
-after_success:
-- sudo coveralls --gcov-options '\-lp'
+before_install:
+ - test $TRAVIS_BRANCH != coverity_scan -o ${TRAVIS_JOB_NUMBER##*.} = 1 || exit 0
+ - | # We need trousers only for the tss user
+ if [ "$(uname -s)" = "Linux" ]; then
+ sudo rm -rf /dev/tpm* # This is a work-around for Bionic where trousers otherwise fails to install
+ sudo apt-get -y install trousers
+ fi
+script:
+ - sudo pip3 install --upgrade pip==20.3.3
+ - if [ ! -d libtpms ]; then git clone https://github.com/stefanberger/libtpms; fi
+ - cd libtpms
+ - if [ -n "${LIBTPMS_GIT_CHECKOUT}" ]; then
+ git checkout "${LIBTPMS_GIT_CHECKOUT}" -b testing;
+ fi
+ - CFLAGS="${LIBTPMS_CFLAGS:--g -O2}" LDFLAGS="${LIBTPMS_LDFLAGS}"
+ ./autogen.sh --with-openssl --prefix=${LIBTPMS_PREFIX:-/usr} --with-tpm2 ${LIBTPMS_CONFIG}
+ && make -j$(${NPROC:-nproc})
+ && sudo make install
+ - cd ..
+ - ./autogen.sh ${CONFIG}
+ && ${SUDO} make clean
+ && export SWTPM_TEST_EXPENSIVE=${SWTPM_TEST_EXPENSIVE:-1}
+ && export SWTPM_TEST_IBMTSS2=${SWTPM_TEST_IBMTSS2:-0}
+ && export SWTPM_TEST_STORE_VOLATILE=${SWTPM_TEST_STORE_VOLATILE:-0}
+ && ${SUDO} make -j$(${NPROC:-nproc}) ${CHECK} VERBOSE=1
+ - if [ -n "${RUN_TEST}" ]; then
+ sudo make install
+ && sudo ${PREFIX}/bin/swtpm_setup
+ --tpmstate /tmp --create-ek-cert --create-platform-cert --tpm2
+ || { exit 1; };
+ fi
+after_failure:
+ - for f in tests/*.log; do echo ">>>>>>> $f <<<<<<<"; cat $f; done
+matrix:
+ include:
+ - env: PREFIX="/usr"
+ CONFIG="--with-openssl --prefix=${PREFIX}"
+ CHECK="distcheck"
+ RUN_TEST="1"
+ - dist: bionic
+ env: PREFIX="/usr"
+ CONFIG="--with-openssl --prefix=/usr --enable-test-coverage"
+ SUDO="sudo"
+ CHECK="check"
+ SWTPM_TEST_IBMTSS2="1"
+ SWTPM_TEST_STORE_VOLATILE="1"
+ before_script:
+ - sudo apt-get -y install tss2
+ - sudo pip install cpp-coveralls
+ - p=$PWD; while [ "$PWD" != "/" ]; do chmod o+x . &>/dev/null ; cd .. ; done; cd $p
+ && sudo mkdir src/swtpm/.libs
+ && sudo chown nobody src/swtpm src/swtpm/.libs
+ after_success:
+ - uidgid="$(id -nu):$(id -ng)" &&
+ sudo chown -R ${uidgid} ./ &&
+ cpp-coveralls --gcov-options '\-lp' -e libtpms
+ - env: CFLAGS="-fsanitize=address -g -fno-omit-frame-pointer -fno-sanitize-recover"
+ LIBTPMS_CFLAGS="-fsanitize=address -g -fno-omit-frame-pointer -fno-sanitize-recover"
+ LIBS="-lasan"
+ ASAN_OPTIONS="halt_on_error=1"
+ PREFIX="/usr"
+ CONFIG="--with-openssl --prefix=${PREFIX} --without-seccomp"
+ SUDO="sudo"
+ CHECK="check"
+ - env: CFLAGS="-fsanitize=address -g -fno-omit-frame-pointer -fno-sanitize-recover"
+ LIBTPMS_CFLAGS="-fsanitize=address -g -fno-omit-frame-pointer -fno-sanitize-recover"
+ LIBTPMS_CONFIG="--disable-use-openssl-functions"
+ LIBS="-lasan"
+ ASAN_OPTIONS="halt_on_error=1"
+ PREFIX="/usr"
+ CONFIG="--with-openssl --prefix=${PREFIX} --without-seccomp"
+ SUDO="sudo"
+ CHECK="check"
+ - env: CFLAGS="-fsanitize=undefined -g -fno-omit-frame-pointer -fno-sanitize-recover"
+ LIBTPMS_CFLAGS="-fsanitize=undefined -g -fno-omit-frame-pointer -fno-sanitize-recover"
+ LIBS="-lubsan"
+ UBSAN_OPTIONS="halt_on_error=1"
+ PREFIX="/usr"
+ CONFIG="--with-openssl --prefix=${PREFIX}"
+ SUDO="sudo"
+ CHECK="check"