Using the same approach as we have for code style checks (the
`style-check-diff` CI job), check the diff for any banned keywords like
‘TODO’, and also check the commit messages.
The keyword ‘TODO’ is often used by developers to indicate a part of a
commit which needs further work, and hence which shouldn’t yet be merged.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
Fixes: #1551
This is a partial revert of commit 595e12b5fb for macOS only, since we
can’t run a VM image on that CI runner, and hence can’t easily
pre-populate it with cached dependencies.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
The CI should not waste resources in downloading subprojects for each
task. It should also not rely on external hosts to be available.
Windows case will be handled in MR #402 by migrating to docker.
We had one before, but the runner machine was too flaky to be useful.
Re-add it now that the Foundation have sorted out a more reliable
machine. (Thanks!)
Signed-off-by: Philip Withnall <withnall@endlessm.com>
Fixes: #1416
The valgrind analysis stage inherits from existing artefacts, so make
sure to reset the permissions on the glib build directory to avoid a new
build failing.
$ meson ${MESON_COMMON_OPTIONS} --werror -Dsystemtap=true -Ddtrace=true -Dfam=true -Dinstalled_tests=true _build
<snip>
PermissionError: [Errno 13] Permission denied: '/builds/GNOME/glib/_build/meson-logs/meson-log.txt'
This doesn’t change how they run, but does split the code out a bit and
mean we can interleave it with comments. Should make it a little less
vile.
Suggested by Emmanuele Bassi; see !1252.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
This makes things slightly more extensible in future, but introduces no
functional differences right now.
See https://docs.gitlab.com/ce/ci/yaml/README.html#extends.
Suggested by Jordan Petridis.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
Since we added `only: [merge_requests]` for the `style-check-diff` job,
that started running detached pipelines only for merge requests and only
containing that job, and not running the other jobs for merge requests
(only for branches).
That wasn’t the intention.
Follow the guide on
https://docs.gitlab.com/ee/ci/merge_request_pipelines/index.html#excluding-certain-jobs
to ensure that all jobs (including `style-check-diff`) are run for merge
requests.
This means we can no longer unconditionally use
`${CI_MERGE_REQUEST_TARGET_BRANCH_{NAME,SHA}}`, since they are only
defined for jobs which are running against a merge request rather than a
branch. Instead, use some `git rev-list` magic from
https://stackoverflow.com/a/4991675/2931197 to find the newest common
ancestor commit between the detached head that CI is running on, and the
known or likely target branch. Do the style check against the diff
between the newest common ancestor commit and the detached head.
(Note that `${CI_MERGE_REQUEST_TARGET_BRANCH_SHA}` was never actually
defined for any of our pipelines, since it’s only available for CI
pipelines running on merged branches, which is a GitLab Premium
feature. Oops, my bad.)
In order to find the newest common ancestor commit, we need to pull the
upstream remote, since the CI pipeline might be running on a fork of the
main repository where various branches (particularly `master`) are out
of date.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
We can use a template to factor these out and make things a bit more
maintainable. This should introduce no functional changes.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
This shouldn’t affect them (since it just adds the `clang-format-7`
package), but it’s good to keep everything on the same version.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
See: #1552
Add a separate CI job which runs memcheck on the unit tests. This is
done as a separate job from the main build, since we don’t want it to
interact with code coverage at all.
Currently, failure of this job is ignored. Issue #333 will eventually
fix that.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
Fixes: #487
The build artifacts from earlier jobs in the pipeline all use the
`_build` directory. When they are copied in to the scan-build job, they
are probably marked as read-only. This means that the `meson scan-build`
run can’t write to `_build/meson-logs/meson-log.txt` and fails.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
Use Meson’s support for running scan-build (Clang’s static analyser)
against the build, so that we get static analysis of each pipeline. Add
it in a new pipeline stage, after code coverage, so that we don’t waste
resources on it unless the unit tests pass — a static analysis build
takes perhaps 10× as long as a normal GCC build.
https://mesonbuild.com/howtox.html#use-clang-static-analyzer
Currently, the static analysis results are uploaded as artifacts, but
the job will always succeed (regardless of whether there are any bugs
found in the analysis).
Currently, a large number of reports are outputted by the analyser,
which need to be fixed before we can gate the pipeline on it.
Furthermore, in order to get scan-build to exit with a non-zero status
if any bugs are found, we need to depend on Meson ≥ 0.49.0, which
contains the fix https://github.com/mesonbuild/meson/issues/4334,
allowing us to add the following to .gitlab-ci.yml:
```
variables:
# Exit with a non-zero status if any bugs are found
SCANBUILD: "scan-build --status-bugs"
```
Signed-off-by: Philip Withnall <withnall@endlessm.com>
GitLab can show the results of a CI pipeline if the pipeline generates a
report using the JUnit XML format.
Since Meson provides a machine parseable output for `meson test`, we can
take that and turn it into XML soup.
We want GLib to build correctly with this defined, and for all its tests
to still pass.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
Helps: #1708
This effectively renders those tests useless (since realistically nobody
runs tests locally), but it’s better than every other CI run failing for
unrelated reasons. The idea is that the ‘flaky’ tag can be temporarily
applied to a test while a problem is being investigated or fixed, and
then removed later.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
Since we are unable to promote our FreeBSD runner to a shared runner,
we can only enable it in GNOME group. This should avoid problems when
submitting merge requests from forks.
While we can’t add markers to the macro implementations to cause lcov to
ignore them automatically, we can change our lcov configuration to
ignore all calls to them.
See https://github.com/linux-test-project/lcov/issues/44.
This causes all the un-takeable branches and un-reachable assertions to
be ignored by our code coverage, which bumps our statistics:
• Lines: 74.9% → 74.8%
• Functions: 82.3% → 82.3%
• Branches: 53.3% → 64.2%
The rationale is that nobody should be testing programmer error
handling, as g_return_*if_fail() are used to guard against — so it’s not
reasonable to count missed branches like that in code coverage
statistics.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
This partially reverts commit bfc362cb68.
The FreeBSD CI runner still seems to be a bit flakey, and appears to be
offline entirely at the moment.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
Reviewed-by: nobody
It fails because dist-job (correctly) doesn’t build with the code
coverage CFLAGS enabled.
Leave coverage to be generated on master and development branches.
See this pipeline for an example of when it fails:
https://gitlab.gnome.org/GNOME/glib/pipelines/26349
Signed-off-by: Philip Withnall <withnall@endlessm.com>
Similar issue was fixed with commit f929d148, but it's happening again.
Define G_MESSAGES_DEBUG=all when running CI to ensure we won't regress
anymore.
See comment in !151. Using the "--initial" option of lcov we collect
the coverage of all compiled files and merge them later into the final
report. This way we can see which files are built but never executed
by the test suite.
Because the --initial switch also collects files in the ccache directory
we have to point it to the build directory instead, which in turn breaks
--no-external. Instead of using --no-external in the collection step,
filter out any files not in the source tree in the final coverage job
through a path filter.
This requires meson >= 0.47.0 otherwise building the doc fails:
https://github.com/mesonbuild/meson/issues/3379
While at it, no need to to pass --prefix --libdir to meson, other CIs
don't have them.
- Split the download part into a separate script to so docker keeps that
step in cache and avoid redownloading it.
- With API level >= 28 libiconv is not needed anymore because it's part
of Android's libc.
- Generate standalone toolchains to reduce the docker image size. It's
also easier because it doesn't need to pass sysroot args.
- Use clang compiler because gcc is deprecated in this Android NDK and
will be removed in the next release.
Job names in gitlab pipeline view gets truncated to "fedora-meson-..."
for all jobs which is not really useful. All our CIs are using Meson,
and the host distro is not relevant when doing cross builds.
We should be testing latest NDK release but keep using API level 21 to
ensure GLib does not start using newer APIs. We could also later add a
runner for latest API level 28 which includes iconv API in Android's
libc so we don't need GNU libiconv anymore.
The default `when: on_success` means no artifacts are exported when the
tests fail, which is precisely when we want to see the artifacts.
Always export them, and rely on GitLab to garbage collect them as
appropriate (typically after 30 days, I think).
Signed-off-by: Philip Withnall <withnall@endlessm.com>
This means that compilation and test failures will leave logs on the CI
machines which we can use to debug the failures.
Always export the artifacts. The default `when: on_success` is
appropriate for now, but won’t be in future when the tests actual report
their success value correctly.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
This adds to the CI a cross build for Android NDK r16 API 21 (because
thats what GStreamer currently use) for arm64.
GNU iconv must be built manually into our docker image because Android
NDK doesn't seems to ship it. The latest NDK r17 API 28 has iconv.h but
iconv_open() symbol isn't found by the linker. Looks like broken NDK.
libffi also needs to be built manually because the meson subproject
doesn't support building for Android platform. It needs a recent RC
release because latest stable release is 4 years old and fails to
build.
Fixes#1385.
GitLab can then use this to annotate each pipeline with its code
coverage statistics. It can only use one figure, so we choose lines
(rather than function or branch coverage) since it’s the most intuitive
figure.
This parses the ‘lines’ line from output like:
Overall coverage rate:
lines......: 76.7% (108959 of 142122 lines)
functions..: 80.7% (10294 of 12763 functions)
branches...: 51.3% (50226 of 97953 branches)
Signed-off-by: Philip Withnall <withnall@endlessm.com>
It looks like the coverage generation makes the tests a bit slower and
some are now hitting timeouts. Flaky tests are always more annoying than
slow ones, and we don't know how much resources we get under CI,
so increase the timeout.
https://bugzilla.gnome.org/show_bug.cgi?id=795636
Use lcov for both Fedora and MSYS2 to create coverage reports and add a second
ci stage which merges the coverage and creates a html report using genhtml.
In the final stage, which is only run on master, the result is published on
gitlab pages.
https://bugzilla.gnome.org/show_bug.cgi?id=795636
This builds glib using meson/ninja/ccache with mingw-w64 on a Windows
machine.
The CI scripts expect a gitlab runner to exist with the "win32" tag
which uses the default "cmd" shell by default.
Before running the tests pacman is invoked to update the system
(potentially including bash etc, thus the extra step)
Then a login shell is started with CHERE_INVOKING to not change the
cwd and finally the test script is executed.
https://bugzilla.gnome.org/show_bug.cgi?id=793729
We're mostly interested into building and testing everything that gets
pushed to the repository — including merge requests.
When pushing tags, though, we should assume we're spinning a release, so
let's run the dist target, and store the tarball, and the generated
documentation while we're at it, as artifacts on GitLab.
The Dockerfile for the image used for the build is included in tree, and
published on Docker Hub. Using a custom image allows us to avoid the
costly "download and install build dependencies" phase, as well as
controlling the environment a little bit better.
https://bugzilla.gnome.org/show_bug.cgi?id=793635