371 строка
13 KiB
YAML
371 строка
13 KiB
YAML
# Copyright (c) Microsoft Corporation
|
|
# SPDX-License-Identifier: MIT
|
|
|
|
trigger:
|
|
## disable batching of changes when a push happens.
|
|
batch: false
|
|
branches:
|
|
include:
|
|
- internal/main
|
|
- internal/release/*
|
|
- main
|
|
- release/*
|
|
|
|
pr:
|
|
- main
|
|
- release/*
|
|
|
|
schedules:
|
|
- cron: '00 8 * * *'
|
|
displayName: Schedule CI/CD
|
|
branches:
|
|
include:
|
|
- main
|
|
always: true
|
|
|
|
parameters: # parameters are shown up in ADO UI in a build queue time
|
|
- name: 'debug'
|
|
displayName: 'Enable debug output'
|
|
type: boolean
|
|
default: false
|
|
|
|
variables:
|
|
CDP_DEFINITION_BUILD_COUNT: $[counter('', 0)]
|
|
system.debug: ${{ parameters.debug }}
|
|
ENABLE_PRS_DELAYSIGN: 0
|
|
ROOT: $(Build.SourcesDirectory)
|
|
REPOROOT: $(Build.SourcesDirectory)
|
|
OUTPUTROOT: $(REPOROOT)\out
|
|
NUGET_XMLDOC_MODE: none
|
|
|
|
WindowsContainerImage: 'cdpxwin1809.azurecr.io/global/vse2022:latest' # Docker image which is used to build the project
|
|
|
|
resources:
|
|
repositories:
|
|
- repository: templates
|
|
type: git
|
|
name: OneBranch.Pipelines/GovernedTemplates
|
|
ref: refs/heads/main
|
|
|
|
|
|
jobs:
|
|
|
|
# regular
|
|
# Always run this job.
|
|
- ${{ if in(variables['Build.Reason'], 'PullRequest', 'BatchedCI', 'IndividualCI', 'Schedule', 'Manual') }}:
|
|
- template: ./reusable-build.yml
|
|
parameters:
|
|
name: regular
|
|
build_artifact: Build-x64
|
|
generate_release_package: true
|
|
build_msi: true
|
|
build_nuget: true
|
|
build_options: /p:ReleaseJIT=True
|
|
configurations: ["Debug", "FuzzerDebug", "Release"]
|
|
|
|
# regular_native_only
|
|
# Always run this job.
|
|
- ${{ if in(variables['Build.Reason'], 'PullRequest', 'BatchedCI', 'IndividualCI', 'Schedule', 'Manual') }}:
|
|
- template: ./reusable-build.yml
|
|
parameters:
|
|
name: regular_native_only
|
|
build_artifact: Build-x64-native-only
|
|
build_msi: true
|
|
build_nuget: true
|
|
configurations: ["NativeOnlyDebug", "NativeOnlyRelease"]
|
|
|
|
# unit_tests
|
|
# Always run this job.
|
|
- ${{ if in(variables['Build.Reason'], 'PullRequest', 'BatchedCI', 'IndividualCI', 'Schedule', 'Manual') }}:
|
|
- template: ./reusable-test.yml
|
|
parameters:
|
|
name: unit_tests
|
|
pre_test: appverif -enable Exceptions Handles Heaps Leak Locks Memory SRWLock Threadpool TLS DangerousAPIs DirtyStacks TimeRollOver -for unit_tests.exe
|
|
test_command: '.\unit_tests.exe -d yes ~[processes]'
|
|
dependency: regular
|
|
build_artifact: Build-x64
|
|
environment: windows-2022
|
|
code_coverage: true
|
|
gather_dumps: true
|
|
capture_etw: true
|
|
leak_detection: true
|
|
|
|
# netebpfext_unit_tests
|
|
# Always run this job.
|
|
- ${{ if in(variables['Build.Reason'], 'PullRequest', 'BatchedCI', 'IndividualCI', 'Schedule', 'Manual') }}:
|
|
- template: ./reusable-test.yml
|
|
parameters:
|
|
name: netebpfext_unit_tests
|
|
pre_test: appverif -enable Exceptions Handles Heaps Leak Locks Memory SRWLock Threadpool TLS DangerousAPIs DirtyStacks TimeRollOver -for netebpfext_unit.exe
|
|
test_command: '.\netebpfext_unit.exe -d yes'
|
|
dependency: regular
|
|
build_artifact: Build-x64
|
|
environment: windows-2022
|
|
code_coverage: true
|
|
gather_dumps: true
|
|
capture_etw: true
|
|
leak_detection: true
|
|
|
|
# bpf2c
|
|
# Always run this job.
|
|
- ${{ if in(variables['Build.Reason'], 'PullRequest', 'BatchedCI', 'IndividualCI', 'Schedule', 'Manual') }}:
|
|
- template: ./reusable-test.yml
|
|
parameters:
|
|
name: bpf2c
|
|
test_command: '.\bpf2c_tests.exe -d yes'
|
|
dependency: regular
|
|
build_artifact: Build-x64
|
|
environment: windows-2022
|
|
vs_dev: true
|
|
code_coverage: true
|
|
gather_dumps: true
|
|
capture_etw: true
|
|
|
|
# bpf2c_conformance
|
|
# Always run this job.
|
|
- ${{ if in(variables['Build.Reason'], 'PullRequest', 'BatchedCI', 'IndividualCI', 'Schedule', 'Manual') }}:
|
|
- template: ./reusable-test.yml
|
|
parameters:
|
|
name: bpf2c_conformance
|
|
pre_test: 'powershell.exe Invoke-WebRequest https://github.com/Alan-Jowett/bpf_conformance/releases/download/v0.0.6/bpf_conformance_runner.exe -OutFile bpf_conformance_runner.exe'
|
|
test_command: '.\bpf_conformance_runner.exe --test_file_directory $(Build.SourcesDirectory)\$(PROJECT_NAME)\external\ebpf-verifier\external\bpf_conformance\tests --cpu_version v3 --exclude_regex lock* --plugin_path bpf2c_plugin.exe --debug true --plugin_options "--include $(Build.SourcesDirectory)\$(PROJECT_NAME)\include"'
|
|
dependency: regular
|
|
build_artifact: Build-x64
|
|
environment: windows-2022
|
|
vs_dev: true
|
|
code_coverage: true
|
|
gather_dumps: true
|
|
capture_etw: true
|
|
|
|
# Run the fault injection simulator.
|
|
# Always run this job.
|
|
- ${{ if in(variables['Build.Reason'], 'PullRequest', 'BatchedCI', 'IndividualCI', 'Schedule', 'Manual') }}:
|
|
- template: ./reusable-test.yml
|
|
parameters:
|
|
name: fault_injection
|
|
test_command: '.\unit_tests.exe'
|
|
dependency: regular
|
|
build_artifact: Build-x64
|
|
environment: windows-2022
|
|
code_coverage: true
|
|
gather_dumps: true
|
|
fault_injection: true
|
|
leak_detection: true
|
|
|
|
# Run the fault injection simulator for netebpfext_unit tests.
|
|
# Always run this job.
|
|
- ${{ if in(variables['Build.Reason'], 'PullRequest', 'BatchedCI', 'IndividualCI', 'Schedule', 'Manual') }}:
|
|
- template: ./reusable-test.yml
|
|
parameters:
|
|
name: fault_injection_netebpfext_unit
|
|
test_command: '.\netebpfext_unit.exe'
|
|
dependency: regular
|
|
build_artifact: Build-x64
|
|
environment: windows-2022
|
|
code_coverage: true
|
|
gather_dumps: true
|
|
fault_injection: true
|
|
leak_detection: true
|
|
|
|
# Additional jobs to run on pull and schedule only (skip push).
|
|
# ---------------------------------------------------------------------------
|
|
# Build with C++ static analyzer.
|
|
# Only run on schedule and pull request.
|
|
- ${{ if in(variables['Build.Reason'], 'PullRequest', 'Schedule', 'Manual') }}:
|
|
- template: ./reusable-build.yml
|
|
parameters:
|
|
name: analyze
|
|
build_artifact: Build-x64-Analyze
|
|
# Analysis on external projects is conditional, as on small CI/CD VMs the compiler can run OOM
|
|
build_options: /p:Analysis=True /p:AnalysisOnExternal=False
|
|
|
|
# Build with C++ address sanitizer.
|
|
# Only run on schedule and pull request.
|
|
- ${{ if in(variables['Build.Reason'], 'PullRequest', 'Schedule', 'Manual') }}:
|
|
- template: ./reusable-build.yml
|
|
parameters:
|
|
name: sanitize
|
|
build_artifact: Build-x64-Sanitize
|
|
build_options: /p:AddressSanitizer=True
|
|
|
|
# bpf2c_fuzzer
|
|
# Only run on pull request.
|
|
- ${{ if in(variables['Build.Reason'], 'PullRequest') }}:
|
|
- template: ./reusable-test.yml
|
|
parameters:
|
|
name: bpf2c_fuzzer
|
|
test_command: '.\bpf2c_fuzzer.exe bpf2c_fuzzer_corpus -use_value_profile=1 -max_total_time=300 -artifact_prefix=Artifacts\'
|
|
dependency: regular
|
|
build_artifact: Build-x64
|
|
environment: windows-2022
|
|
code_coverage: false
|
|
gather_dumps: true
|
|
configurations: ["FuzzerDebug"]
|
|
|
|
# bpf2c_fuzzer_scheduled
|
|
# Only run on schedule.
|
|
- ${{ if in(variables['Build.Reason'], 'Schedule', 'Manual') }}:
|
|
- template: ./reusable-test.yml
|
|
parameters:
|
|
name: bpf2c_fuzzer
|
|
test_command: '.\bpf2c_fuzzer.exe bpf2c_fuzzer_corpus -use_value_profile=1 -max_total_time=900 -artifact_prefix=Artifacts\'
|
|
dependency: regular
|
|
build_artifact: Build-x64
|
|
environment: windows-2022
|
|
code_coverage: false
|
|
gather_dumps: true
|
|
configurations: ["FuzzerDebug"]
|
|
|
|
# execution_context_fuzzer
|
|
# Only run on schedule and pull request.
|
|
- ${{ if in(variables['Build.Reason'], 'PullRequest', 'Schedule', 'Manual') }}:
|
|
- template: ./reusable-test.yml
|
|
parameters:
|
|
name: execution_context_fuzzer
|
|
test_command: '.\execution_context_fuzzer.exe execution_context_fuzzer_corpus -use_value_profile=1 -runs=3000 -artifact_prefix=Artifacts\'
|
|
dependency: regular
|
|
build_artifact: Build-x64
|
|
environment: windows-2022
|
|
code_coverage: false
|
|
gather_dumps: true
|
|
configurations: ["FuzzerDebug"]
|
|
|
|
# Run the verifier fuzzer.
|
|
# Only run on pull request.
|
|
- ${{ if in(variables['Build.Reason'], 'PullRequest') }}:
|
|
- template: ./reusable-test.yml
|
|
parameters:
|
|
name: verifier_fuzzer
|
|
test_command: '.\verifier_fuzzer.exe verifier_corpus -use_value_profile=1 -max_total_time=300 -artifact_prefix=Artifacts\'
|
|
dependency: regular
|
|
build_artifact: Build-x64
|
|
environment: windows-2022
|
|
code_coverage: false
|
|
gather_dumps: true
|
|
configurations: ["FuzzerDebug"]
|
|
|
|
# Run the verifier fuzzer.
|
|
# Only run on schedule.
|
|
- ${{ if in(variables['Build.Reason'], 'Schedule', 'Manual') }}:
|
|
- template: ./reusable-test.yml
|
|
parameters:
|
|
name: verifier_fuzzer
|
|
test_command: '.\verifier_fuzzer.exe verifier_corpus -use_value_profile=1 -max_total_time=900 -artifact_prefix=Artifacts\'
|
|
dependency: regular
|
|
build_artifact: Build-x64
|
|
environment: windows-2022
|
|
code_coverage: false
|
|
gather_dumps: true
|
|
configurations: ["FuzzerDebug"]
|
|
|
|
# core_helper_fuzzer
|
|
# Only run on schedule and pull request.
|
|
- ${{ if in(variables['Build.Reason'], 'PullRequest', 'Schedule', 'Manual') }}:
|
|
- template: ./reusable-test.yml
|
|
parameters:
|
|
name: core_helper_fuzzer
|
|
test_command: '.\core_helper_fuzzer core_helper_corpus -max_len=139 -runs=1000 -use_value_profile=1 -artifact_prefix=Artifacts\'
|
|
dependency: regular
|
|
build_artifact: Build-x64
|
|
environment: windows-2022
|
|
code_coverage: false
|
|
gather_dumps: true
|
|
configurations: ["FuzzerDebug"]
|
|
|
|
# netebpfext_fuzzer
|
|
# Only run on schedule and pull request.
|
|
- ${{ if in(variables['Build.Reason'], 'PullRequest', 'Schedule', 'Manual') }}:
|
|
- template: ./reusable-test.yml
|
|
parameters:
|
|
name: netebpfext_fuzzer
|
|
test_command: '.\netebpfext_fuzzer netebpfext_corpus -max_len=12 -runs=1000 -use_value_profile=1 -artifact_prefix=Artifacts\'
|
|
dependency: regular
|
|
build_artifact: Build-x64
|
|
environment: windows-2022
|
|
code_coverage: false
|
|
gather_dumps: true
|
|
configurations: ["FuzzerDebug"]
|
|
|
|
# cilium_tests
|
|
# Run Cilium regression tests.
|
|
# Only run on schedule and pull request.
|
|
- ${{ if in(variables['Build.Reason'], 'PullRequest', 'Schedule', 'Manual') }}:
|
|
- template: ./reusable-test.yml
|
|
parameters:
|
|
name: cilium_tests
|
|
test_command: '.\cilium_tests.exe -d yes'
|
|
dependency: regular
|
|
build_artifact: Build-x64
|
|
environment: windows-2022
|
|
code_coverage: false
|
|
gather_dumps: true
|
|
|
|
# Run the quick stress tests
|
|
# Only run on schedule and pull request.
|
|
- ${{ if in(variables['Build.Reason'], 'PullRequest', 'Schedule', 'Manual') }}:
|
|
- template: ./reusable-test.yml
|
|
parameters:
|
|
name: stress
|
|
test_command: '.\ebpf_performance.exe'
|
|
dependency: regular
|
|
build_artifact: Build-x64
|
|
environment: windows-2022
|
|
code_coverage: false
|
|
gather_dumps: true
|
|
|
|
# Run the unit tests with address sanitizer.
|
|
# Only run on schedule and pull request.
|
|
- ${{ if in(variables['Build.Reason'], 'PullRequest', 'Schedule', 'Manual') }}:
|
|
- template: ./reusable-test.yml
|
|
parameters:
|
|
name: sanitize_unit_tests
|
|
# Exclude [processes] test that ASAN can't work with.
|
|
test_command: '.\unit_tests.exe -d yes ~[processes]'
|
|
dependency: sanitize
|
|
build_artifact: Build-x64-Sanitize
|
|
environment: windows-2022
|
|
gather_dumps: true
|
|
capture_etw: true
|
|
|
|
# Run the complete fault injection simulator.
|
|
# Runs on a schedule as this takes a long time to run.
|
|
- ${{ if in(variables['Build.Reason'], 'Schedule', 'Manual') }}:
|
|
- template: ./reusable-test.yml
|
|
parameters:
|
|
name: fault_injection_full
|
|
test_command: '.\unit_tests.exe -d yes'
|
|
dependency: regular
|
|
build_artifact: Build-x64
|
|
environment: windows-2022
|
|
gather_dumps: true
|
|
fault_injection: true
|
|
leak_detection: true
|
|
|
|
# Run the complete fault injection simulator for netebpfext.
|
|
# Runs on a schedule as this takes a long time to run.
|
|
- ${{ if in(variables['Build.Reason'], 'Schedule', 'Manual') }}:
|
|
- template: ./reusable-test.yml
|
|
parameters:
|
|
name: netebpfext_fault_injection_full
|
|
test_command: '.\netebpfext_unit.exe -d yes'
|
|
dependency: regular
|
|
build_artifact: Build-x64
|
|
environment: windows-2022
|
|
gather_dumps: true
|
|
fault_injection: true
|
|
leak_detection: true
|
|
|
|
# Run multi-threaded stress tests against the user mode 'mock' framework.
|
|
# Runs on a schedule as this takes a long time to run.
|
|
- ${{ if in(variables['Build.Reason'], 'Schedule', 'Manual') }}:
|
|
- template: ./reusable-test.yml
|
|
parameters:
|
|
name: user_mode_multi_threaded_stress_test
|
|
test_command: '.\ebpf_stress_tests_um -tt=32 -td=10'
|
|
dependency: regular
|
|
build_artifact: Build-x64
|
|
environment: windows-2022
|
|
gather_dumps: true
|
|
leak_detection: false
|
|
capture_etw: true
|