1# In the interest of reliability and performance, please avoid installing 2# external dependencies here, e.g. via tools/*-setup.sh, apt, dnf, or yum. 3# Do so in the appropriate Dockerfile at 4# https://gitlab.com/wireshark/wireshark-containers/ instead. 5# The resulting images can be found at 6# https://gitlab.com/wireshark/wireshark-containers/container_registry 7 8stages: 9 - build 10 - analysis 11 - test 12 - fuzz-asan 13 - fuzz-randpkt 14 - fuzz-valgrind 15 16variables: 17 # Ensure that checkouts are a) fast and b) have a reachable tag. In a 18 # brighter, more glorious future we might be able to use --shallow-since: 19 # https://gitlab.com/gitlab-org/gitlab-runner/-/issues/3460 20 # In the mean time, fetching the last 5000 commits does the job. 21 GIT_DEPTH: "1" 22 GIT_FETCH_EXTRA_FLAGS: "--depth=5000" 23 CCACHE_DIR: "${CI_PROJECT_DIR}/ccache" 24 # Preferred version of clang available on wireshark-ubuntu-dev 25 CLANG_VERSION: 12 26 # Enable color output in CMake, Ninja, and other tools. https://bixense.com/clicolors/ 27 CLICOLOR_FORCE: 1 28 29# Common rule stanzas 30# These must currently be including using "!reference tags". "extends:" and 31# YAML anchors won't work: 32# https://gitlab.com/gitlab-org/gitlab/-/issues/322992 33 34# Commits that have been approved and merged. Run automatically in the main 35# repo and allow manual runs in the web UI and in forks. 36.if-merged: 37 - if: '$CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH == "release-3.6" && $CI_PROJECT_URL =~ /.*gitlab.com\/wireshark\/wireshark/' 38 when: always 39 - if: '$CI_PIPELINE_SOURCE == "web"' 40 when: always 41 - if: '$CI_PIPELINE_SOURCE == "push" && $CI_PROJECT_URL !~ /.*gitlab.com\/wireshark\/wireshark/' 42 when: manual 43# Merged commits for runners which are only available in 44# wireshark/wireshark, e.g. wireshark-windows-*. Run automatically in 45# the main repo and allow manual runs in the web UI. 46.if-w-w-only-merged: 47 - if: '$CI_PIPELINE_SOURCE == "push" && $CI_PROJECT_URL =~ /.*gitlab.com\/wireshark\/wireshark/' 48 when: always 49 - if: '$CI_PIPELINE_SOURCE == "web"' 50 when: always 51# Incoming merge requests. 52.if-merge-request: 53 - if: '$CI_PIPELINE_SOURCE == "merge_request_event"' 54 when: always 55# Incoming non-detached merge requests. Must be used for runners which are only 56# available in wireshark/wireshark, e.g. wireshark-windows-* 57.if-w-w-only-merge-request: 58 - if: '$CI_PIPELINE_SOURCE == "merge_request_event" && $CI_PROJECT_URL =~ /.*gitlab.com\/wireshark\/wireshark/' 59 when: always 60# Fuzz jobs. Care should be taken when changing this since the scheduler 61# often doesn't report errors. 62.if-fuzz-schedule: 63 - if: '$CI_PIPELINE_SOURCE == "schedule" && $SCHEDULE_TYPE == "fuzz"' 64 when: always 65 66.build-linux: 67 stage: build 68 tags: 69 - docker 70 after_script: 71 - for builddir in build/packaging/rpm/BUILD/wireshark-*/build build/packaging/rpm/BUILD/wireshark-* build obj-*; do [ ! -d "$builddir/run" ] || break; done 72 - if [[ "$CI_JOB_NAME" == "build:rpm-opensuse-"* ]]; then export LD_LIBRARY_PATH=$builddir/run; fi 73 - if [ -f $builddir/run/tshark ]; then $builddir/run/tshark --version; fi 74 needs: [] 75 76.test-linux: 77 stage: test 78 tags: 79 - docker 80 variables: 81 GIT_STRATEGY: none 82 83.build-ubuntu: 84 extends: .build-linux 85 image: registry.gitlab.com/wireshark/wireshark-containers/ubuntu-dev 86 retry: 1 87 # https://gould.cx/ted/blog/2017/06/10/ccache-for-Gitlab-CI/ 88 cache: 89 # XXX Use ${CI_JOB_NAME}-${CI_MERGE_REQUEST_TARGET_BRANCH_NAME} instead? 90 key: ${CI_JOB_NAME}-release-3.6 91 paths: 92 - ccache/ 93 before_script: 94 - useradd user 95 - export LANG=en_US.UTF-8 96 - export PYTEST_ADDOPTS=--skip-missing-programs=dumpcap,rawshark 97 - mkdir -p ccache 98 - ccache --show-stats 99 - export DEB_BUILD_OPTIONS=nocheck,parallel=$(( $(getconf _NPROCESSORS_ONLN) + 2 )) 100 - export DH_QUIET=1 101 - export MAKEFLAGS=--silent 102 - mkdir build 103 - cd build 104 after_script: 105 # The cache should be large enough to be useful but it shouldn't take 106 # too long to restore+save each run. 107 - ccache --max-size $( du --summarize --block-size=1M "$CI_PROJECT_DIR/build" | awk '{printf ("%dM", $1 * 1.5)}' ) 108 script: 109 # setcap restricts our library paths 110 - printf "\e[0Ksection_start:%s:cmake_section[collapsed=true]\r\e[0KRunning CMake" "$( date +%s)" 111 - CFLAGS=-Wl,-rpath=$(pwd)/run CXXFLAGS=-Wl,-rpath=$(pwd)/run cmake -GNinja $CMAKE_ARGS .. 112 - printf "\e[0Ksection_end:%s:cmake_section\r\e[0K" "$( date +%s)" 113 - ninja 114 - ninja install 115 - ninja shellcheck 116 - ninja test-programs 117 - chown -R user . 118 - if [ -f run/dumpcap ]; then setcap cap_net_raw,cap_net_admin+eip run/dumpcap; fi 119 - if [ -f run/dumpcap ]; then su user -c "run/dumpcap -D" ; fi 120 - su user -c pytest-3 121 122.build-rpm: 123 extends: .build-linux 124 rules: !reference [.if-merged] 125 before_script: 126 # It might make sense to set "GIT_STRATEGY: none" and build from 127 # the tarball. 128 - git config --global user.email "you@example.com" 129 - git config --global user.name "Your Name" 130 - mkdir build 131 - cd build 132 - perl ../tools/make-version.pl --set-release 133 - mv -v ../wireshark-*.tar.* . 134 artifacts: 135 paths: 136 - build/packaging/rpm/RPMS 137 expire_in: 3 days 138 needs: 139 - 'Source Package' 140 141.test-rpm: 142 extends: .test-linux 143 rules: !reference [.if-merged] 144 145.build-windows: 146 stage: build 147 retry: 1 148 before_script: 149 - if (-Not (Test-Path C:\Development)) { New-Item -Path C:\Development -ItemType "directory" } 150 - $env:WIRESHARK_BASE_DIR = "C:\Development" 151 - $env:Configuration = "RelWithDebInfo" 152 - $env:Path += ";C:\Program Files\CMake\bin" 153 - $env:Path += ";C:\Strawberry\c\bin;C:\Strawberry\perl\site\bin;C:\Strawberry\perl\bin" 154 - $env:Path += ";C:\qt\5.15.2\msvc2019_64\bin" 155 # https://help.appveyor.com/discussions/questions/18777-how-to-use-vcvars64bat-from-powershell 156 - cmd.exe /c "call `"C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Auxiliary\Build\vcvars64.bat`" && set > %temp%\vcvars.txt" 157 - Get-Content "$env:temp\vcvars.txt" | Foreach-Object { if ($_ -match "^(.*?)=(.*)$") { Set-Content "env:\$($matches[1])" $matches[2] } } 158 # Testing / debugging only. 159 # - cmd.exe /c "set CI_PIPELINE_SOURCE" 160 # - cmd.exe /c "set CI_PROJECT_URL" 161 #- dir c:\ 162 #- dir c:\qt 163 #- $env:path.split(";") 164 #- cmd.exe /c "set" 165 #- Get-Location 166 - mkdir build 167 - cd build 168 needs: [] 169 170# Rely on fedora:latest and debian-stable jobs for testing a recent GCC version. 171Latest Clang: 172 extends: .build-ubuntu 173 rules: !reference [.if-merged] 174 variables: 175 CC: "clang-$CLANG_VERSION" 176 CXX: "clang++-$CLANG_VERSION" 177 178Source Package: 179 extends: .build-ubuntu 180 stage: .pre 181 rules: !reference [.if-merged] 182 script: 183 - perl ../tools/make-version.pl --set-release || ../perl make-version.pl --set-release 184 - printf "\e[0Ksection_start:%s:cmake_section[collapsed=true]\r\e[0KRunning CMake" "$( date +%s)" 185 - cmake -G Ninja $CMAKE_ARGS -DENABLE_CCACHE=ON .. 186 - printf "\e[0Ksection_end:%s:cmake_section\r\e[0K" "$( date +%s)" 187 - cd $CI_PROJECT_DIR 188 - build/packaging/source/git-export-release.sh -d . 189 after_script: 190 # - ccache --max-size $( du --summarize --block-size=1M "$CI_PROJECT_DIR/build" | awk '{printf ("%dM", $1 * 1.5)}' ) 191 - stat --format="%n %s bytes" wireshark-*.tar.* 192 - for digest in sha256 rmd160 sha1 ; do openssl $digest wireshark-*.tar.* ; done 193 # This will break if we produce multiple tarballs, which is arguably a good thing. 194 - if [ -n "$S3_DESTINATION_DIST" ] ; then aws s3 cp wireshark-*.tar.* "$S3_DESTINATION_DIST/" ; fi 195 artifacts: 196 paths: 197 - wireshark-*.tar.* 198 199CentOS 7 RPM Package: 200 extends: .build-rpm 201 image: registry.gitlab.com/wireshark/wireshark-containers/centos-7-dev 202 script: 203 - printf "\e[0Ksection_start:%s:cmake_section[collapsed=true]\r\e[0KRunning CMake" "$( date +%s)" 204 - cmake3 -GNinja .. 205 - printf "\e[0Ksection_end:%s:cmake_section\r\e[0K" "$( date +%s)" 206 - ninja-build rpm-package 207CentOS 7 RPM Test: 208 extends: .test-rpm 209 image: registry.gitlab.com/wireshark/wireshark-containers/centos-7-dev 210 script: 211 - yum --nogpgcheck localinstall -y build/packaging/rpm/RPMS/x86_64/*.rpm 212 - tshark --version 213 needs: [ 'CentOS 7 RPM Package' ] 214 215CentOS 8 RPM Package: 216 extends: .build-rpm 217 image: registry.gitlab.com/wireshark/wireshark-containers/centos-8-dev 218 script: 219 - printf "\e[0Ksection_start:%s:cmake_section[collapsed=true]\r\e[0KRunning CMake" "$( date +%s)" 220 - cmake -GNinja .. 221 - printf "\e[0Ksection_end:%s:cmake_section\r\e[0K" "$( date +%s)" 222 - ninja-build rpm-package 223CentOS 8 RPM Test: 224 extends: .test-rpm 225 image: registry.gitlab.com/wireshark/wireshark-containers/centos-8-dev 226 script: 227 - dnf --nogpgcheck localinstall -y build/packaging/rpm/RPMS/x86_64/*.rpm 228 - tshark --version 229 needs: [ 'CentOS 8 RPM Package' ] 230 231openSUSE 15.2 RPM Package: 232 extends: .build-rpm 233 image: registry.gitlab.com/wireshark/wireshark-containers/opensuse-15.2-dev 234 script: 235 - printf "\e[0Ksection_start:%s:cmake_section[collapsed=true]\r\e[0KRunning CMake" "$( date +%s)" 236 - cmake -GNinja .. 237 - printf "\e[0Ksection_end:%s:cmake_section\r\e[0K" "$( date +%s)" 238 - ninja rpm-package 239openSUSE 15.2 RPM Test: 240 extends: .test-rpm 241 image: registry.gitlab.com/wireshark/wireshark-containers/opensuse-15.2-dev 242 script: 243 - zypper --no-gpg-checks --no-remote install -y build/packaging/rpm/RPMS/x86_64/*.rpm 244 - tshark --version 245 needs: [ 'openSUSE 15.2 RPM Package' ] 246 247Fedora RPM Package: 248 extends: .build-rpm 249 image: registry.gitlab.com/wireshark/wireshark-containers/fedora-dev 250 script: 251 # Shared GitLab runners limit the log size to 4M, so reduce verbosity. See 252 # https://gitlab.com/gitlab-com/support-forum/issues/2790 253 - export FORCE_CMAKE_NINJA_NON_VERBOSE=1 254 - printf "\e[0Ksection_start:%s:cmake_section[collapsed=true]\r\e[0KRunning CMake" "$( date +%s)" 255 - cmake3 -GNinja .. 256 - printf "\e[0Ksection_end:%s:cmake_section\r\e[0K" "$( date +%s)" 257 - ninja rpm-package 258# Fedora RPM Test: 259# extends: .test-rpm 260# image: fedora 261# script: 262# - dnf install -y build/packaging/rpm/RPMS/x86_64/*.rpm 263# - tshark --version 264# needs: [ 'Fedora RPM Package' ] 265 266# Job to generate packages for Debian stable 267Debian Stable APT Package: 268 extends: .build-linux 269 rules: !reference [.if-merged] 270 image: registry.gitlab.com/wireshark/wireshark-containers/debian-stable-dev 271 script: 272 - perl tools/make-version.pl --set-release 273 # Shared GitLab runners limit the log size to 4M, so reduce verbosity. See 274 # https://gitlab.com/gitlab-com/support-forum/issues/2790 275 - export DH_QUIET=1 276 - export MAKEFLAGS=--silent 277 - dpkg-buildpackage -b --no-sign -jauto 278 - mkdir debian-packages 279 - mv ../*.deb debian-packages/ 280 artifacts: 281 paths: 282 - debian-packages/*.deb 283 expire_in: 3 days 284Debian Stable APT Test: 285 extends: .test-linux 286 rules: !reference [.if-merged] 287 image: registry.gitlab.com/wireshark/wireshark-containers/debian-stable-dev 288 stage: test 289 script: 290 - DEBIAN_FRONTEND=noninteractive apt-get install ./debian-packages/*.deb -y 291 - tshark --version 292 after_script: 293 # Used for https://www.wireshark.org/docs/dfref/ 294 - TSHARK_VERSION=$( tshark --version | head -n 1 | sed -e 's/.*(v//' -e 's/)$//' -e 's/-0-g.*//' ) 295 - tshark -G fields > dfilter-list-${TSHARK_VERSION}.txt 296 artifacts: 297 paths: 298 - dfilter-list-*.txt 299 variables: 300 GIT_STRATEGY: none 301 needs: [ 'Debian Stable APT Package' ] 302 303Win64 Package: 304 extends: .build-windows 305 rules: !reference [.if-w-w-only-merged] 306 tags: 307 - wireshark-win64-package 308 before_script: 309 - $env:WIRESHARK_BASE_DIR = "C:\Development" 310 - $env:Configuration = "RelWithDebInfo" 311 - $env:Path += ";C:\Program Files\CMake\bin" 312 - $env:Path += ";C:\Strawberry\c\bin;C:\Strawberry\perl\site\bin;C:\Strawberry\perl\bin" 313 - $env:Path += ";C:\qt\5.15.2\msvc2019_64\bin" 314 - $env:Path += ";C:\Program Files (x86)\NSIS" 315 - $env:Path += ";C:\Program Files (x86)\WiX Toolset v3.11\bin" 316 - $env:Path += ";C:\Program Files\Amazon\AWSCLIV2" 317 # https://help.appveyor.com/discussions/questions/18777-how-to-use-vcvars64bat-from-powershell 318 - cmd.exe /c "call `"C:\Program Files (x86)\Microsoft Visual Studio\2019\Professional\VC\Auxiliary\Build\vcvars64.bat`" && set > %temp%\vcvars.txt" 319 - Get-Content "$env:temp\vcvars.txt" | Foreach-Object { if ($_ -match "^(.*?)=(.*)$") { Set-Content "env:\$($matches[1])" $matches[2] } } 320 - mkdir build 321 - cd build 322 script: 323 - perl ../tools/make-version.pl --set-release 324 - cmake -G "Visual Studio 16 2019" -A x64 -DDISABLE_WERROR=OFF -DTEST_EXTRA_ARGS=--enable-release -DENABLE_LTO=off .. 325 - msbuild /verbosity:minimal "/consoleloggerparameters:PerformanceSummary;NoSummary" /maxcpucount Wireshark.sln 326 - msbuild /verbosity:minimal /maxcpucount test-programs.vcxproj 327 - msbuild /verbosity:minimal /maxcpucount nsis_package_prep.vcxproj 328 - msbuild /verbosity:minimal /maxcpucount wix_package_prep.vcxproj 329 - C:\gitlab-builds\bin\sign-files.ps1 -Recurse -Path run\RelWithDebInfo 330 - msbuild /verbosity:minimal nsis_package.vcxproj 331 - C:\gitlab-builds\bin\sign-files.ps1 -Path packaging\nsis 332 - msbuild /verbosity:minimal wix_package.vcxproj 333 - C:\gitlab-builds\bin\sign-files.ps1 -Path packaging\wix 334 - msbuild /verbosity:minimal portableapps_package.vcxproj 335 - C:\gitlab-builds\bin\sign-files.ps1 -Path packaging\portableapps 336 - $plugins = Get-ChildItem run\RelWithDebInfo\plugins\*\*.dll ; signtool verify /v /pa /all run\RelWithDebInfo\*.exe run\RelWithDebInfo\extcap\*.exe $plugins run\RelWithDebInfo\libwireshark.dll run\RelWithDebInfo\libwiretap.dll run\RelWithDebInfo\libwsutil.dll packaging\nsis\Wireshark-win??-*.exe packaging\wix\Wireshark-win??-*.msi packaging\portableapps\WiresharkPortable??_*.paf.exe 337 - msbuild /verbosity:minimal pdb_zip_package.vcxproj 338 - C:\gitlab-builds\bin\mse-scan.ps1 339 - $packages = Get-ChildItem "packaging\nsis\Wireshark-win??-*.exe", "packaging\wix\Wireshark-win??-*.msi", "packaging\portableapps\WiresharkPortable??_*.paf.exe", "Wireshark-pdb-win??-*.zip" 340 - foreach ($package in $packages) { Write-Host $package.name $package.length "bytes" } 341 - foreach ($package in $packages) { certutil -hashfile $package SHA256 } 342 - | 343 if (Test-Path env:S3_DESTINATION_WIN64) { 344 foreach ($package in $packages) { 345 aws s3 cp "$package" "$env:S3_DESTINATION_WIN64/" 346 } 347 } 348 - ctest -C RelWithDebInfo --parallel 3 --force-new-ctest-process --output-on-failure 349 350Win32 Package: 351 extends: .build-windows 352 rules: !reference [.if-w-w-only-merged] 353 tags: 354 - wireshark-win32-package 355 before_script: 356 - $env:WIRESHARK_BASE_DIR = "C:\Development" 357 - $env:Configuration = "RelWithDebInfo" 358 - $env:Path += ";C:\Program Files\CMake\bin" 359 - $env:Path += ";C:\Strawberry\c\bin;C:\Strawberry\perl\site\bin;C:\Strawberry\perl\bin" 360 - $env:Path += ";C:\qt\5.15.2\msvc2019\bin" 361 - $env:Path += ";C:\Program Files (x86)\NSIS" 362 - $env:Path += ";C:\Program Files (x86)\WiX Toolset v3.11\bin" 363 - $env:Path += ";C:\Program Files\Amazon\AWSCLIV2" 364 # https://help.appveyor.com/discussions/questions/18777-how-to-use-vcvars64bat-from-powershell 365 - cmd.exe /c "call `"C:\Program Files (x86)\Microsoft Visual Studio\2019\Professional\VC\Auxiliary\Build\vcvarsamd64_x86.bat`" && set > %temp%\vcvars.txt" 366 - Get-Content "$env:temp\vcvars.txt" | Foreach-Object { if ($_ -match "^(.*?)=(.*)$") { Set-Content "env:\$($matches[1])" $matches[2] } } 367 - $env:Platform = "Win32" 368 - mkdir build 369 - cd build 370 script: 371 - perl ../tools/make-version.pl --set-release 372 - cmake -G "Visual Studio 16 2019" -A Win32 -DDISABLE_WERROR=OFF -DTEST_EXTRA_ARGS=--enable-release -DENABLE_LTO=off .. 373 - msbuild /verbosity:minimal "/consoleloggerparameters:PerformanceSummary;NoSummary" /maxcpucount Wireshark.sln 374 - msbuild /verbosity:minimal /maxcpucount test-programs.vcxproj 375 - msbuild /verbosity:minimal /maxcpucount nsis_package_prep.vcxproj 376 - msbuild /verbosity:minimal /maxcpucount wix_package_prep.vcxproj 377 - C:\gitlab-builds\bin\sign-files.ps1 -Recurse -Path run\RelWithDebInfo 378 - msbuild /verbosity:minimal nsis_package.vcxproj 379 - C:\gitlab-builds\bin\sign-files.ps1 -Path packaging\nsis 380 - msbuild /verbosity:minimal wix_package.vcxproj 381 - C:\gitlab-builds\bin\sign-files.ps1 -Path packaging\wix 382 - msbuild /verbosity:minimal portableapps_package.vcxproj 383 - C:\gitlab-builds\bin\sign-files.ps1 -Path packaging\portableapps 384 - $plugins = Get-ChildItem run\RelWithDebInfo\plugins\*\*.dll ; signtool verify /v /pa /all run\RelWithDebInfo\*.exe run\RelWithDebInfo\extcap\*.exe $plugins run\RelWithDebInfo\libwireshark.dll run\RelWithDebInfo\libwiretap.dll run\RelWithDebInfo\libwsutil.dll packaging\nsis\Wireshark-win??-*.exe packaging\wix\Wireshark-win??-*.msi packaging\portableapps\WiresharkPortable??_*.paf.exe 385 - msbuild /verbosity:minimal pdb_zip_package.vcxproj 386 - C:\gitlab-builds\bin\mse-scan.ps1 387 - $packages = Get-ChildItem "packaging\nsis\Wireshark-win??-*.exe", "packaging\wix\Wireshark-win??-*.msi", "packaging\portableapps\WiresharkPortable??_*.paf.exe", "Wireshark-pdb-win??-*.zip" 388 - foreach ($package in $packages) { Write-Host $package.name $package.length "bytes" } 389 - foreach ($package in $packages) { certutil -hashfile $package SHA256 } 390 - | 391 if (Test-Path env:S3_DESTINATION_WIN32) { 392 foreach ($package in $packages) { 393 aws s3 cp "$package" "$env:S3_DESTINATION_WIN32/" 394 } 395 } 396 - ctest -C RelWithDebInfo --parallel 3 --force-new-ctest-process --output-on-failure 397 398macOS Arm Package: 399 stage: build 400 rules: !reference [.if-w-w-only-merged] 401 variables: 402 CODE_SIGN_IDENTITY: "Wireshark Foundation, Inc." 403 tags: 404 - wireshark-macos-arm-package 405 retry: 1 406 before_script: 407 - mkdir build 408 - cd build 409 script: 410 - printf "\e[0Ksection_start:%s:cmake_section[collapsed=true]\r\e[0KRunning CMake" "$( date +%s)" 411 # XXX - Move this to a separate DENABLE_PCAP=OFF job? 412 - arch -arch arm64 cmake -DENABLE_CCACHE=ON -DENABLE_PCAP=OFF -DCMAKE_APPLE_SILICON_PROCESSOR=arm64 -DCMAKE_OSX_ARCHITECTURES=arm64 -G Ninja .. 413 - printf "\e[0Ksection_end:%s:cmake_section\r\e[0K" "$( date +%s)" 414 - arch -arch arm64 ninja 415 - cd .. 416 - git clean -d --force --force -x 417 - perl tools/make-version.pl --set-release 418 - mkdir build 419 - cd build 420 - printf "\e[0Ksection_start:%s:cmake_section[collapsed=true]\r\e[0KRunning CMake" "$( date +%s)" 421 - arch -arch arm64 cmake -DENABLE_CCACHE=ON -DCMAKE_APPLE_SILICON_PROCESSOR=arm64 -DCMAKE_OSX_DEPLOYMENT_TARGET=11.0 -DCMAKE_OSX_SYSROOT=macosx11.3 -DCMAKE_OSX_ARCHITECTURES=arm64 -DTEST_EXTRA_ARGS=--enable-release -G Ninja .. 422 - printf "\e[0Ksection_end:%s:cmake_section\r\e[0K" "$( date +%s)" 423 - arch -arch arm64 ninja 424 - package-prep 425 - arch -arch arm64 ninja dmg_package 426 - cd run 427 - notarize-build 428 - stat -f "%N %z bytes" Wireshark*Arm*.dmg 429 - for digest in sha256 rmd160 sha1 ; do openssl $digest Wireshark*Arm*.dmg ; done 430 - | 431 if [ -n "$S3_DESTINATION_MACOS_ARM64" ] ; then 432 aws s3 cp Wireshark*Arm*.dmg "$S3_DESTINATION_MACOS_ARM64/" 433 fi 434 - cd .. 435 - arch -arch arm64 ninja test-programs 436 - arch -arch arm64 ctest --parallel 4 --output-on-failure 437 needs: [] 438 439macOS Intel Package: 440 stage: build 441 rules: !reference [.if-w-w-only-merged] 442 variables: 443 CODE_SIGN_IDENTITY: "Wireshark Foundation, Inc." 444 tags: 445 - wireshark-macos-intel-package 446 retry: 1 447 script: 448 - export CMAKE_PREFIX_PATH=/usr/local/Qt-5.15.3/lib/cmake 449 - export PATH="$PATH:$HOME/bin" 450 - perl tools/make-version.pl --set-release 451 - mkdir build 452 - cd build 453 - printf "\e[0Ksection_start:%s:cmake_section[collapsed=true]\r\e[0KRunning CMake" "$( date +%s)" 454 - cmake -DENABLE_CCACHE=ON -DCMAKE_OSX_DEPLOYMENT_TARGET=10.13 -DCMAKE_OSX_SYSROOT=macosx10.15 -DTEST_EXTRA_ARGS=--enable-release -G Ninja .. 455 - printf "\e[0Ksection_end:%s:cmake_section\r\e[0K" "$( date +%s)" 456 - ninja 457 - package-prep 458 - ninja dmg_package 459 - cd run 460 - notarize-build 461 - stat -f "%N %z bytes" Wireshark*Intel*.dmg 462 - for digest in sha256 rmd160 sha1 ; do openssl $digest Wireshark*Intel*.dmg ; done 463 - | 464 if [ -n "$S3_DESTINATION_MACOS_INTEL64" ] ; then 465 aws s3 cp Wireshark*Intel*.dmg "$S3_DESTINATION_MACOS_INTEL64/" 466 fi 467 - cd .. 468 - ninja test-programs 469 - ctest --parallel 4 --output-on-failure 470 needs: [] 471 472# Build the User's Guide and Developer's Guide 473Documentation: 474 extends: .build-linux 475 image: registry.gitlab.com/wireshark/wireshark-containers/ubuntu-dev 476 rules: 477 - if: '$CI_PIPELINE_SOURCE == "push" && $CI_PROJECT_URL =~ /.*gitlab.com\/wireshark\/wireshark/' 478 changes: 479 - "docbook/**" 480 - "epan/wslua/**" 481 when: always 482 - if: '$CI_PIPELINE_SOURCE == "push"' 483 changes: 484 - "docbook/**" 485 - "epan/wslua/**" 486 when: manual 487 script: 488 # XXX We might want to move this to wireshark-ubuntu-dev or debian-setup.sh. 489 - DEBIAN_FRONTEND=noninteractive apt-get update 490 - DEBIAN_FRONTEND=noninteractive apt-get --yes install ruby-coderay ruby-asciidoctor-pdf 491 - NOKOGIRI_USE_SYSTEM_LIBRARIES=1 gem install asciidoctor-epub3 492 - mkdir build 493 - cd build 494 - printf "\e[0Ksection_start:%s:cmake_section[collapsed=true]\r\e[0KRunning CMake" "$( date +%s)" 495 - cmake -GNinja .. 496 - printf "\e[0Ksection_end:%s:cmake_section\r\e[0K" "$( date +%s)" 497 - ninja all_guides 498 - cd docbook 499 - for HTML_DIR in wsug_html wsug_html_chunked wsdg_html wsdg_html_chunked ; do zip -9 -r "$HTML_DIR.zip" "$HTML_DIR" ; done 500 after_script: 501 - mv -v build/docbook/ws[ud]g_html{,_chunked}.zip . 502 - mv -v build/docbook/Wireshark*Guide.{epub,pdf} . 503 - | 504 if [ -n "$S3_DESTINATION_DOCS" ] ; then 505 for DOC_FILE in ws[ud]g_html{,_chunked}.zip Wireshark*Guide.{epub,pdf} ; do 506 aws s3 cp "$DOC_FILE" "$S3_DESTINATION_DOCS/" 507 done 508 fi 509 artifacts: 510 paths: 511 - wsug_html.zip 512 - wsug_html_chunked.zip 513 - wsdg_html.zip 514 - wsdg_html_chunked.zip 515 - "Wireshark User's Guide.pdf" 516 - "Wireshark Developer's Guide.pdf" 517 - "Wireshark User's Guide.epub" 518 - "Wireshark Developer's Guide.epub" 519 needs: [] 520 521 522# https://docs.gitlab.com/ee/user/gitlab_com/index.html#linux-shared-runners 523 524Commit Check: 525 extends: .build-ubuntu 526 rules: !reference [.if-merge-request] 527 script: 528 # build-ubuntu puts us in `build`. 529 - cd .. 530 - bash ./tools/pre-commit 'HEAD^1' 531 - tools/validate-commit.py 532 533Ubuntu .dpkg: 534 extends: .build-ubuntu 535 rules: !reference [.if-merge-request] 536 script: 537 # build-ubuntu puts us in `build`. 538 - cd .. 539 - CC=/usr/lib/ccache/gcc CXX=/usr/lib/ccache/g++ MAKE=ninja dpkg-buildpackage -us -uc -rfakeroot -jauto -Zgzip -zfast 540 - lintian --suppress-tags library-not-linked-against-libc,copyright-excludes-files-in-native-package --display-experimental --display-info --pedantic --profile debian 541 after_script: 542 # dpkg-buildpackage builds in obj-<triplet>, so we need to override 543 # .build-ubuntu. We also build more stuff, so decrease our multiplier. 544 - ccache --max-size $( du --summarize --block-size=1M --total "$CI_PROJECT_DIR"/obj-* | awk '/total$/ {printf ("%dM", $1 * 1.25)}' ) 545 546GCC Warnings: 547 extends: .build-ubuntu 548 rules: !reference [.if-merge-request] 549 script: 550 # build-ubuntu puts us in `build`. 551 - printf "\e[0Ksection_start:%s:cmake_section[collapsed=true]\r\e[0KRunning CMake" "$( date +%s)" 552 - CC=gcc CXX=g++ cmake -DENABLE_EXTRA_COMPILER_WARNINGS=on -DCMAKE_EXPORT_COMPILE_COMMANDS=on -DENABLE_CCACHE=ON -G Ninja .. 553 - printf "\e[0Ksection_end:%s:cmake_section\r\e[0K" "$( date +%s)" 554 - script --command ninja --flush --quiet --return ../gcc_report.txt 555 - ansi2html < ../gcc_report.txt > ../gcc_report.html 556 - ninja test-programs 557 - chown -R user . 558 - su user -c "ctest --parallel $(getconf _NPROCESSORS_ONLN) --force-new-ctest-process --output-on-failure" 559 artifacts: 560 paths: 561 - gcc_report.html 562 563Code Checks + Clang Warnings: 564 extends: .build-ubuntu 565 rules: !reference [.if-merge-request] 566 variables: 567 CC: "clang-$CLANG_VERSION" 568 CXX: "clang++-$CLANG_VERSION" 569 script: 570 # build-ubuntu puts us in `build`. 571 - cd .. 572 - python3 tools/checklicenses.py 573 - mkdir cppcheck 574 - ./tools/cppcheck/cppcheck.sh -l 1 | tee cppcheck/cppcheck_report.txt 575 - if [[ -s "cppcheck/cppcheck_report.txt" ]]; then ./tools/cppcheck/cppcheck.sh -l 1 -x > cppcheck/cppcheck_report.xml ; fi 576 - if [[ -s "cppcheck/cppcheck_report.txt" ]]; then cppcheck-htmlreport --file cppcheck/cppcheck_report.xml --report-dir cppcheck ; fi 577 - ./tools/check_typed_item_calls.py --commits 1 | tee item_calls_check.txt 578 - ./tools/check_tfs.py --commits 1 | tee tfs_check.txt 579 - cd build 580 - printf "\e[0Ksection_start:%s:cmake_section[collapsed=true]\r\e[0KRunning CMake" "$( date +%s)" 581 - cmake -DENABLE_EXTRA_COMPILER_WARNINGS=on -DENABLE_CHECKHF_CONFLICT=on -DCMAKE_EXPORT_COMPILE_COMMANDS=on -DENABLE_CCACHE=ON -G Ninja .. 582 - printf "\e[0Ksection_end:%s:cmake_section\r\e[0K" "$( date +%s)" 583 - mkdir ../html 584 - script --command ninja --flush --quiet --return ../tmp_clang_report.txt 585 - ansi2txt < ../tmp_clang_report.txt > ../clang_report.txt 586 - ansi2html < ../tmp_clang_report.txt > ../html/clang_report.html 587 - ./run/tshark -v 2> >(tee ../checkhf_conflict.txt) 588 - ../tools/validate-clang-check.sh -c $CLANG_VERSION 2> >(tee ../tmp_clang_analyzer_check.txt) 589 - ansi2txt < ../tmp_clang_analyzer_check.txt > ../clang_analyzer_check.txt 590 - ansi2html < ../tmp_clang_analyzer_check.txt > ../html/clang_analyzer_check.html 591 - ninja checkAPI 592 artifacts: 593 paths: 594 - clang_report.txt 595 - clang_analyzer_check.txt 596 - cppcheck 597 - item_calls_check.txt 598 - tfs_check.txt 599 - checkhf_conflict.txt 600 - html/ 601 602# Windows runners are still beta, at least technically: 603# https://docs.gitlab.com/ee/user/gitlab_com/index.html#windows-shared-runners-beta 604Windows Build: 605 extends: .build-windows 606 rules: !reference [.if-w-w-only-merge-request] 607 tags: 608 - wireshark-windows-merge-req 609 script: 610 - cmake -G "Visual Studio 16 2019" -A x64 -DDISABLE_WERROR=OFF -DTEST_EXTRA_ARGS=--enable-release -DENABLE_LTO=off .. 611 - msbuild /verbosity:minimal /maxcpucount Wireshark.sln 612 - msbuild /verbosity:minimal /maxcpucount test-programs.vcxproj 613 - ctest -C RelWithDebInfo --parallel 3 --force-new-ctest-process --output-on-failure 614 615# Fuzz TShark using ASAN and valgrind. 616.fuzz-ubuntu: 617 extends: .build-ubuntu 618 rules: !reference [.if-fuzz-schedule] 619 tags: 620 - wireshark-ubuntu-fuzz 621 resource_group: fuzz-release-3.6 622 variables: 623 CC: "clang-$CLANG_VERSION" 624 CXX: "clang++-$CLANG_VERSION" 625 INSTALL_PREFIX: "$CI_PROJECT_DIR/_install" 626 MIN_PLUGINS: 10 627 MAX_PASSES: 15 628 before_script: 629 - DEBIAN_FRONTEND=noninteractive apt-get update 630 - DEBIAN_FRONTEND=noninteractive apt-get --yes install llvm-$CLANG_VERSION 631 - mkdir -p ccache 632 # Signal after_script, which runs in its own shell. 633 - echo "export FUZZ_PASSED=true" > /tmp/fuzz_result.sh 634 - mkdir /tmp/fuzz 635 - mkdir build 636 - cd build 637 after_script: 638 - . /tmp/fuzz_result.sh 639 - if $FUZZ_PASSED ; then exit 0 ; fi 640 - echo Fuzzing failed. Generating report. 641 - FUZZ_CAPTURE=$( ls /tmp/fuzz/fuzz-*.pcap | head -n 1 ) 642 - FUZZ_ERRORS="/tmp/fuzz/$( basename "$FUZZ_CAPTURE" .pcap ).err" 643 - printf "\nfuzz-test.sh stderr:\n" >> "$FUZZ_ERRORS" 644 - cat fuzz-test.err >> "$FUZZ_ERRORS" 645 - | 646 if [ -n "$S3_DESTINATION_FUZZ" ] ; then 647 aws s3 cp "$FUZZ_CAPTURE" "$S3_DESTINATION_FUZZ/" 648 aws s3 cp "$FUZZ_ERRORS" "$S3_DESTINATION_FUZZ/" 649 fi 650 # The cache should be large enough to be useful but it shouldn't take 651 # too long to restore+save each run. 652 - ccache --max-size $( du --summarize --block-size=1M "$CI_PROJECT_DIR/build" | awk '{printf ("%dM", $1 * 1.5)}' ) 653 654ASan Menagerie Fuzz: 655 extends: .fuzz-ubuntu 656 stage: fuzz-asan 657 script: 658 - MAX_SECONDS=$(( 4 * 60 * 60 )) 659 - printf "\e[0Ksection_start:%s:cmake_section[collapsed=true]\r\e[0KRunning CMake" "$( date +%s)" 660 - cmake -G Ninja -DBUILD_wireshark=OFF -DCMAKE_BUILD_TYPE=Debug -DENABLE_ASAN=ON -DCMAKE_INSTALL_PREFIX=$INSTALL_PREFIX -DENABLE_CCACHE=ON .. 661 - printf "\e[0Ksection_end:%s:cmake_section\r\e[0K" "$( date +%s)" 662 - ninja 663 - ninja install 664 - cd .. 665 # /var/menagerie contains captures harvested from wireshark.org's mailing list, wiki, issues, etc. 666 # We have more captures than we can fuzz in $MAX_SECONDS, so we shuffle them each run. 667 - ./tools/fuzz-test.sh -a -2 -P $MIN_PLUGINS -b $INSTALL_PREFIX/bin -d /tmp/fuzz -t $MAX_SECONDS $( shuf -e /var/menagerie/*/* ) 2> fuzz-test.err || echo "export FUZZ_PASSED=false" > /tmp/fuzz_result.sh 668 669ASan randpkt Fuzz: 670 extends: .fuzz-ubuntu 671 stage: fuzz-randpkt 672 script: 673 # XXX Reuse fuzz-asan? 674 - printf "\e[0Ksection_start:%s:cmake_section[collapsed=true]\r\e[0KRunning CMake" "$( date +%s)" 675 - cmake -G Ninja -DBUILD_wireshark=OFF -DCMAKE_BUILD_TYPE=Debug -DENABLE_ASAN=ON -DCMAKE_INSTALL_PREFIX=$INSTALL_PREFIX -DENABLE_CCACHE=ON .. 676 - printf "\e[0Ksection_end:%s:cmake_section\r\e[0K" "$( date +%s)" 677 - ninja 678 - ninja install 679 - cd .. 680 - ./tools/randpkt-test.sh -a -b $INSTALL_PREFIX/bin -d /tmp/fuzz -p $MAX_PASSES 2> fuzz-test.err || echo "export FUZZ_PASSED=false" > /tmp/fuzz_result.sh 681 needs: [ 'ASan Menagerie Fuzz' ] 682 683Valgrind Menagerie Fuzz: 684 extends: .fuzz-ubuntu 685 stage: fuzz-valgrind 686 script: 687 - DEBIAN_FRONTEND=noninteractive apt-get update 688 - DEBIAN_FRONTEND=noninteractive apt-get --yes install valgrind 689 - MAX_SECONDS=$(( 3 * 60 * 60 )) 690 - printf "\e[0Ksection_start:%s:cmake_section[collapsed=true]\r\e[0KRunning CMake" "$( date +%s)" 691 - cmake -G Ninja -DBUILD_wireshark=OFF -DCMAKE_BUILD_TYPE=Debug -DENABLE_ASAN=OFF -DCMAKE_INSTALL_PREFIX=$INSTALL_PREFIX -DENABLE_CCACHE=ON .. 692 - printf "\e[0Ksection_end:%s:cmake_section\r\e[0K" "$( date +%s)" 693 - ninja 694 - ninja install 695 - cd .. 696 - ./tools/fuzz-test.sh -g -P $MIN_PLUGINS -b $INSTALL_PREFIX/bin -d /tmp/fuzz -t $MAX_SECONDS $( shuf -e /var/menagerie/*/* ) 2> fuzz-test.err || echo "export FUZZ_PASSED=false" > /tmp/fuzz_result.sh 697 needs: [ 'ASan randpkt Fuzz' ] 698