From: Jan Kiszka <[email protected]>

Travis is no longer free and insufficiently predictable for OSS, so
migrate our CI to Github Actions. The same, just different: The workflow
language takes time to familiarize, but Coverity integration is actually
even simpler when open-coding (though that might have been true for
Travis already).

What is dropped at this chance is support for coverity_scan-<arch>. This
wasn't used for many years, the combined scan gives enough accuracy.

Signed-off-by: Jan Kiszka <[email protected]>
---
 .github/workflows/main.yaml | 81 +++++++++++++++++++++++++++++++++++++
 .travis.yml                 | 60 ---------------------------
 CONTRIBUTING.md             |  4 +-
 README.md                   |  6 +--
 ci/README.md                | 10 ++---
 ci/build-all-configs.sh     |  5 ---
 ci/coverity-scan-build.sh   | 36 -----------------
 7 files changed, 90 insertions(+), 112 deletions(-)
 create mode 100644 .github/workflows/main.yaml
 delete mode 100644 .travis.yml
 delete mode 100644 ci/coverity-scan-build.sh

diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml
new file mode 100644
index 00000000..fbf38841
--- /dev/null
+++ b/.github/workflows/main.yaml
@@ -0,0 +1,81 @@
+#
+# Jailhouse, a Linux-based partitioning hypervisor
+#
+# Copyright (c) Siemens AG, 2014-2021
+#
+# Authors:
+#  Jan Kiszka <[email protected]>
+#
+# This work is licensed under the terms of the GNU GPL, version 2.  See
+# the COPYING file in the top-level directory.
+#
+
+name: CI
+
+on:
+  push:
+  workflow_dispatch:
+    inputs:
+      clear-cache:
+        description: Clear cache
+        required: false
+        default: false
+
+jobs:
+  build:
+    runs-on: ubuntu-20.04
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+      - name: Install dependencies
+        run: |
+          sudo apt-get install --no-install-recommends \
+              python3-mako gcc-arm-linux-gnueabihf libc6-dev-armhf-cross \
+              gcc-aarch64-linux-gnu libc6-dev-arm64-cross
+      - name: Install Coverity
+        if: ${{ github.ref == 'refs/heads/coverity_scan' }}
+        run: |
+          wget https://scan.coverity.com/download/cxx/linux64 \
+              --post-data "token=$COVERITY_TOKEN&project=siemens%2Fjailhouse" \
+              -O coverity_tool.tar.gz
+          tar -xf coverity_tool.tar.gz
+          ln -s cov-analysis-linux64-* cov-analysis-linux64
+      - name: Cache kernel build environment
+        uses: actions/cache@v2
+        id: cache-kernel
+        with:
+          key: kernel-build
+          path: |
+            ci/linux
+            ci/linux-4.13
+      - name: Install kernel build environment
+        if: ${{ github.event.inputs.clear-cache == 'true' || 
steps.cache-kernel.outputs.cache-hit != 'true' }}
+        run: |
+          cd ci
+          rm -rf linux linux-4.13
+          wget http://www.kiszka.org/downloads/jailhouse-ci/kernel-build.tar.xz
+          tar xJf kernel-build.tar.xz
+      - name: Build
+        if: ${{ github.ref != 'refs/heads/coverity_scan' }}
+        run: |
+          ci/build-all-configs.sh
+      - name: Build for Coverity
+        if: ${{ github.ref == 'refs/heads/coverity_scan' }}
+        run: |
+          export PATH=$PWD/cov-analysis-linux64/bin:$PATH
+          cov-configure --comptype gcc --compiler arm-linux-gnueabihf-gcc 
--template
+          cov-configure --comptype gcc --compiler aarch64-linux-gnu-gcc 
--template
+          ci/build-all-configs.sh --cov cov-int
+      - name: Submit Coverity results
+        if: ${{ github.ref == 'refs/heads/coverity_scan' }}
+        run: |
+          tar caf jailhouse-scan.tar.bz2 cov-int
+          curl --form token=$COVERITY_TOKEN \
+            --form email=$COVERITY_EMAIL \
+            --form [email protected] \
+            --form version="${{ github.sha }}" \
+            --form description="Jailhouse Coverity Scan" \
+            https://scan.coverity.com/builds?project=siemens%2Fjailhouse
+    env:
+      COVERITY_TOKEN: ${{ secrets.COVERITY_TOKEN }}
+      COVERITY_EMAIL: ${{ secrets.COVERITY_EMAIL }}
diff --git a/.travis.yml b/.travis.yml
deleted file mode 100644
index 2d120561..00000000
--- a/.travis.yml
+++ /dev/null
@@ -1,60 +0,0 @@
-#
-# Jailhouse, a Linux-based partitioning hypervisor
-#
-# Copyright (c) Siemens AG, 2014-2019
-#
-# Authors:
-#  Jan Kiszka <[email protected]>
-#
-# This work is licensed under the terms of the GNU GPL, version 2.  See
-# the COPYING file in the top-level directory.
-#
-
-language: c
-dist: bionic
-
-compiler:
-  - gcc
-
-addons:
-  apt:
-    packages:
-      - python-mako
-      - gcc-8
-      - gcc-8-arm-linux-gnueabihf
-      - libc6-dev-armhf-cross
-      - gcc-8-aarch64-linux-gnu
-      - libc6-dev-arm64-cross
-  coverity_scan:
-    project:
-      name: "siemens/jailhouse"
-    notification_email: [email protected]
-    build_script_url: 
https://raw.githubusercontent.com/$TRAVIS_REPO_SLUG/$TRAVIS_BRANCH/ci/coverity-scan-build.sh
-    build_command_prepend: "cov-configure --comptype gcc --compiler 
arm-linux-gnueabihf-gcc --template; cov-configure --comptype gcc --compiler 
aarch64-linux-gnu-gcc --template"
-    build_command: "unused"
-    branch_pattern: coverity_scan.*
-
-install:
-  - sudo update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-8 800
-  - sudo update-alternatives --install /usr/bin/aarch64-linux-gnu-gcc 
aarch64-linux-gnu-gcc /usr/bin/aarch64-linux-gnu-gcc-8 800
-  - sudo update-alternatives --install /usr/bin/arm-linux-gnueabihf-gcc 
arm-linux-gnueabihf-gcc /usr/bin/arm-linux-gnueabihf-gcc-8 800
-  # Work around broken certificate of scan.coverity.com
-  - sudo curl -s -L https://entrust.com/root-certificates/entrust_l1k.cer -o 
/usr/local/share/ca-certificates/entrust_l1k.crt
-  - sudo update-ca-certificates
-  # Install kernel build environment if it's not in the cache
-  - if [ ! -L ci/linux ]; then
-        pushd ci;
-        wget http://www.kiszka.org/downloads/travis-ci/kernel-build.tar.xz;
-        tar xJf kernel-build.tar.xz;
-        popd;
-    fi
-
-cache:
-  directories:
-  - ci/linux
-  - ci/linux-4.13
-
-script:
-  - if [ ${COVERITY_SCAN_BRANCH} != 1 ];
-        then ci/build-all-configs.sh;
-    fi
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index dc4d9785..eb644c81 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -31,9 +31,9 @@ Contribution Checklist
 
 - test patches sufficiently (obvious, but...) [**required**]
     - no regressions are caused in affected code
-    - seemingly unaffected architectures still build (use Travis CI e.g.)
+    - seemingly unaffected architectures still build (use github actions e.g.)
     - static code analyzer finds no new defects (register a github fork with
-      Travis CI and Coverity for free scanning) [*recommended*]
+      Coverity for free scanning) [*recommended*]
     - python code shall be tested with python 3 [**required**]
     - the world is still spinning
 
diff --git a/README.md b/README.md
index 3029f6a3..f1b0cbe3 100644
--- a/README.md
+++ b/README.md
@@ -61,11 +61,11 @@ Mailing list:
 
 Continuous integration:
 
-  - https://travis-ci.com/siemens/jailhouse
+  - https://github.com/siemens/jailhouse/actions
 
   - Status:
-    - ![](https://travis-ci.com/siemens/jailhouse.svg?branch=master) on master
-    - ![](https://travis-ci.com/siemens/jailhouse.svg?branch=next) on next
+    - 
![](https://github.com/siemens/jailhouse/actions/workflows/main.yaml/badge.svg?branch=master)
 on master
+    - 
![](https://github.com/siemens/jailhouse/actions/workflows/main.yaml/badge.svg?branch=next)
 on next
 
 Static code analysis:
 
diff --git a/ci/README.md b/ci/README.md
index 9fdf8fcf..639ec80e 100644
--- a/ci/README.md
+++ b/ci/README.md
@@ -2,15 +2,13 @@ Jailhouse Continuous Integration Build Environment
 ==================================================
 
 This collects tools and generates the Linux kernel binaries required to build
-Jailhouse in continuous integration environments. Currently, travis-ci.com is
+Jailhouse in continuous integration environments. Currently, GitHub Actions is
 the target environment.
 
 How to use
 ----------
 
-- Prepare an Ubuntu system according to the
-  [travis-ci specifications](http://docs.travis-ci.com/user/ci-environment)
-  or via the [Chef recipes](https://github.com/travis-ci/travis-cookbooks).
+- Prepare an Ubuntu system according to .github/workflows/main.yaml.
 - Run gen-kernel-build.sh on that system.
-- Upload ci/out/kernel-build.tar.xz to the location where Jailhouse's
-  .travis.yml expects it.
+- Upload ci/out/kernel-build.tar.xz to the location where Jailhouse's CI
+  expects it.
diff --git a/ci/build-all-configs.sh b/ci/build-all-configs.sh
index 81898fc1..ef7ae2b7 100755
--- a/ci/build-all-configs.sh
+++ b/ci/build-all-configs.sh
@@ -15,11 +15,6 @@ set -e
 
 CONFIGS="x86 banana-pi amd-seattle"
 
-# only build a specific config if the branch selects it
-if [ ${TRAVIS_BRANCH#coverity_scan-} != ${TRAVIS_BRANCH} ]; then
-       CONFIGS=${TRAVIS_BRANCH#coverity_scan-}
-fi
-
 PREFIX=
 if [ "$1" == "--cov" ]; then
        export COVERITY_UNSUPPORTED=1
diff --git a/ci/coverity-scan-build.sh b/ci/coverity-scan-build.sh
deleted file mode 100644
index 72e0486d..00000000
--- a/ci/coverity-scan-build.sh
+++ /dev/null
@@ -1,36 +0,0 @@
-#!/bin/bash
-#
-# Jailhouse, a Linux-based partitioning hypervisor
-#
-# Copyright (c) Siemens AG, 2015
-#
-# Authors:
-#  Jan Kiszka <[email protected]>
-#
-# This work is licensed under the terms of the GNU GPL, version 2.  See
-# the COPYING file in the top-level directory.
-#
-
-curl -s https://scan.coverity.com/scripts/travisci_build_coverity_scan.sh \
-       -o ci/travisci_build_coverity_scan.sh.orig
-
-# Patch the line that starts the build.
-# We need to control this step via our build script.
-sed 's/^COVERITY_UNSUPPORTED=1 cov-build --dir.*/ci\/build-all-configs.sh 
--cov \$RESULTS_DIR \$COV_BUILD_OPTIONS/' \
-       ci/travisci_build_coverity_scan.sh.orig > 
ci/travisci_build_coverity_scan.sh.step1
-
-# Path the branch name into the description.
-sed 's/^  --form description=.*/  --form description="Travis CI build (branch: 
\$TRAVIS_BRANCH)" \\/' \
-       ci/travisci_build_coverity_scan.sh.step1 > 
ci/travisci_build_coverity_scan.sh
-
-# Check if the patch applied, bail out if not.
-if diff -q ci/travisci_build_coverity_scan.sh.orig \
-          ci/travisci_build_coverity_scan.sh.step1 > /dev/null || \
-   diff -q ci/travisci_build_coverity_scan.sh.step1 \
-          ci/travisci_build_coverity_scan.sh > /dev/null; then
-       echo "Unable to patch Coverity script!"
-       exit 1
-fi
-
-# Run the patched scanner script.
-. ci/travisci_build_coverity_scan.sh
-- 
2.31.1

-- 
You received this message because you are subscribed to the Google Groups 
"Jailhouse" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jailhouse-dev/722bb780c5cfcd589bd11041b5cecb91ff94d7b4.1629819671.git.jan.kiszka%40siemens.com.

Reply via email to