Skip to content
Extraits de code Groupes Projets
Valider a3ac5155 rédigé par François De Keersmaeker's avatar François De Keersmaeker
Parcourir les fichiers

Added GitLab CI

parent 20f1c40f
Aucune branche associée trouvée
Aucune étiquette associée trouvée
Aucune requête de fusion associée trouvée
Pipeline #54312 en échec
# Dockerfile describing the container used to
# cross-compile the projet for OpenWrt,
# in GitHub Actions.
# The default platform is the TP-Link WDR4900.
# Base image: Ubuntu 22.04 LTS
FROM ubuntu:22.04
# Set build configuration variables
ARG VERSION=v22.03.5
ARG ROUTER=tl-wdr4900
ARG TOOLCHAIN_DIR=toolchain-powerpc_8540_gcc-11.2.0_musl
ARG TARGET_DIR=target-powerpc_8540_musl
# Set initial working directory
ENV HOME=/root
WORKDIR ${HOME}
# Install dependencies
RUN apt-get update && \
apt-get install -y \
build-essential \
clang \
flex \
bison \
g++ \
gawk \
gcc-multilib \
gettext \
git \
libncurses5-dev \
libssl-dev \
python3-distutils \
rsync \
unzip \
zlib1g-dev \
file \
wget \
cmake \
python3-pip
# Clone OpenWrt repository
ENV OPENWRT_HOME=${HOME}/openwrt
RUN git clone https://git.openwrt.org/openwrt/openwrt.git ${OPENWRT_HOME}
WORKDIR ${OPENWRT_HOME}
RUN git checkout ${VERSION}
# Update and install feeds
RUN ${OPENWRT_HOME}/scripts/feeds update -a
RUN ${OPENWRT_HOME}/scripts/feeds install -a
# Configure OpenWrt toolchain
COPY openwrt/${ROUTER}/config/config-minimal ${OPENWRT_HOME}/.config
ENV FORCE_UNSAFE_CONFIGURE=1
RUN make defconfig
RUN make download
RUN make -j $(($(nproc)+1))
ENV STAGING_DIR=${OPENWRT_HOME}/staging_dir
ENV TOOLCHAIN_PATH=${STAGING_DIR}/${TOOLCHAIN_DIR}
ENV TARGET_PATH=${STAGING_DIR}/${TARGET_DIR}
ENV C_INCLUDE_PATH=${TARGET_PATH}/usr/include
ENV LD_LIBRARY_PATH=${TARGET_PATH}/usr/lib
ENV PATH=${TOOLCHAIN_PATH}/bin:$PATH
# Get ready for next steps
WORKDIR ${HOME}
EXITCODE=0
for nft_script in $GITHUB_WORKSPACE/devices/*/firewall*.nft
for nft_script in devices/*/firewall*.nft
do
# Try adding the ruleset
sudo nft -f "$nft_script"
......
EXITCODE=0
PARSERS_DIR="$GITHUB_WORKSPACE/src/parsers"
PARSERS_DIR="src/parsers"
# Pattern matching on all source files
for file in $(find "$GITHUB_WORKSPACE"/include "$GITHUB_WORKSPACE"/src "$GITHUB_WORKSPACE"/devices "$GITHUB_WORKSPACE"/test "$PARSERS_DIR"/include "$PARSERS_DIR"/src "$PARSERS_DIR"/test -name *.h -o -name *.c)
......
......@@ -2,7 +2,7 @@
# Constants
TIMEOUT=5 # seconds
BIN_DIR="$GITHUB_WORKSPACE/bin"
BIN_DIR="bin"
# Ensure globbing expands to an empty list if no matches are found
shopt -s nullglob
......
EXITCODE=0
PARSERS_DIR="$GITHUB_WORKSPACE/src/parsers"
VALGRIND_SUPP="$GITHUB_WORKSPACE/.ci_scripts/firewall-test/valgrind.supp"
PARSERS_DIR="src/parsers"
VALGRIND_SUPP=".ci_scripts/firewall-test/valgrind.supp"
PREFIX=""
for file in "$GITHUB_WORKSPACE"/bin/test/* "$PARSERS_DIR"/bin/test/*
......
# NFQueue start index
NFQ_ID_START=0
for DEVICE in $GITHUB_WORKSPACE/devices/*
for DEVICE in devices/*
do
if [ -d $DEVICE ]
then
python3 "$GITHUB_WORKSPACE/src/translator/translator.py" "$DEVICE/profile.yaml" $NFQ_ID_START
python3 "src/translator/translator.py" "$DEVICE/profile.yaml" $NFQ_ID_START
NFQ_ID_START=$((NFQ_ID_START+1000))
fi
done
......@@ -16,6 +16,7 @@ docs
.vscode/
.vagrant/
__pycache__/
.venv
# PCAP traces
**/traces/
variables:
GIT_SUBMODULE_STRATEGY: recursive
# Natively build and test the project
job-native-build:
script:
- sudo .ci_scripts/native-build/install_packages.sh
- python3 -m venv .venv
- source .venv/bin/activate
- pip3 install -r requirements.txt
- .ci_scripts/firewall-test/translate_profiles.sh
- firewall/build.sh -C firewall
- .ci_scripts/native-build/run_tests.sh
- .ci_scripts/native-build/run_tests.sh valgrind
- .ci_scripts/native-build/run_cppcheck.sh
- .ci_scripts/native-build/add_nft_rules.sh
- .ci_scripts/native-build/run_exec.sh
# Cross-compile the project for the TL-WDR4900 router
job-cross-compilation:
script:
- python3 -m venv .venv
- source .venv/bin/activate
- pip3 install -r requirements.txt
- .ci_scripts/firewall-test/translate_profiles.sh
- docker compose run cross-compilation /home/user/iot-firewall/docker_cmd.sh tl-wdr4900 $(id -u $USER) $(id -g $USER)
services:
openwrt:
cross-compilation:
image: fdekeers/openwrt_tl-wdr4900
#image: fdekeers/openwrt_linksys-wrt1200ac
container_name: openwrt-firewall
......@@ -8,6 +8,6 @@ services:
#- ROUTER=linksys-wrt1200ac
volumes:
- .:/home/user/iot-firewall
command: ["/home/user/iot-firewall/build.sh", "-t", "/home/user/iot-firewall/openwrt/tl-wdr4900/tl-wdr4900.cmake"]
#command: ["/home/user/iot-firewall/build.sh", "-t", "/home/user/iot-firewall/openwrt/linksys-wrt1200ac/linksys-wrt1200ac.cmake"]
command: ["/home/user/iot-firewall/docker_cmd.sh", "tl-wdr4900", "1000", "1000"]
#command: ["/home/user/iot-firewall/docker_cmd.sh", "linksys-wrt1200ac", "1000", "1000"]
restart: no
#!/bin/bash
# Script to run inside the cross-compilation Docker container.
# Base directory
BASE_DIR="$( cd -- "$(dirname "$0")" >/dev/null 2>&1 ; pwd -P )"
### ARGUMENTS ###
# Print usage information
usage() {
echo "Usage: $0 ROUTER NEW_ID NEW_GID" 1>&2
exit 1
}
# Verify number of arguments
if [[ $# -ne 2 ]] && [[ $# -ne 3 ]]; then
usage
fi
## Get command line arguments
ROUTER=$1
NEW_UID=$2
# GID (optional)
# If not provided, equal to UID
if [[ $# -eq 2 ]]; then
NEW_GID=$NEW_UID
elif [[ $# -eq 3 ]]; then
NEW_GID=$3
fi
### MAIN ###
# Cross-compile sources
"$BASE_DIR"/build.sh -C "$BASE_DIR" -t "$BASE_DIR"/firewall/openwrt/$ROUTER/$ROUTER.cmake
# Change perimissions
ROOT_UID=0
for DIR in build bin; do
DIR="$BASE_DIR"/$DIR
find $DIR -uid $ROOT_UID -exec chown -h $NEW_UID {} \;
find $DIR -gid $ROOT_UID -exec chgrp -h $NEW_GID {} \;
done
Subproject commit 746030e98cab5d64007c71b21aa113db77175959
Subproject commit d052494c48b97becbd08b114bafa58f59471f567
0% Chargement en cours ou .
You are about to add 0 people to the discussion. Proceed with caution.
Terminez d'abord l'édition de ce message.
Veuillez vous inscrire ou vous pour commenter