Only the Visual Studio 2017 toolset is currently preinstalled on Travis.
Use this, instead of our solution's default which is VS 2010.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Travis now offers a Windows environment. Do a build with Visual
Studio. This brings diversity into the Travis CI which otherwise only
uses GCC and Clang.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Just do the default build with Clang and run the unit tests. The
objective is to have one build on a Unix-like platform other than
Linux.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Add a baremetal build to Travis, to catch inadvertent dependencies on
platform functions.
The exact choice of target platform doesn't matter for this purpose.
Pick one that's present in all.sh, that uses a compiler that's
available in the Travis build environment (Ubuntu 16.04), and that
happens to be close to the Debian "armel" distribution.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Call all.sh to run all the available test_depends_* components. This
adds a run of depends-hashes.pl and depends-pkgalgs.pl.
Keep invoking test-ref-configs.pl rather than via all.sh so that it
doesn't run with ASan. This saves some time and ASan there doesn't
turn up much more than in the full config.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Some jobs don't actually test against GnuTLS, but all.sh checks its
presence in all test jobs, so it needs to be installed regardless.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
For the one long job with ASan, use the full configuration.
We get more coverage this way, at the cost of a slightly longer
runtime which we can afford since the "enumerated configurations" job
is slower.
Add a default-configuration build to the "basic checks" job. This job
is fairly quick (no ASan, no SSL testing).
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This way anything we change in all.sh, such as adding tests for
programs/*/*, will be reflected here.
The build now uses GCC instead of Clang, which doesn't make much
difference in practice. The build now enables ASan and UBSan.
The tests now run compat.sh and ssl-opt.sh fully.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Different releases have different sets of sanity checks. Keep the list
in one place, namely all.sh.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Declare an explicit Python version. Pick 3.5 which is the default
version on Ubuntu 16.04. This is necessary on Travis to have a working
pip for Python 3.
Install Pylint 2.4.4. There's nothing special about this version, it's
just the latest version.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Split the build between:
* Basic checks
* A build in the default configuration with extensive tests
* Builds in other configurations with less testing
The intent is to have one shorter job with basic tests, and two longer
jobs that take roughly the same amount of time (split as evenly as
possible while keeping an easy-to-understand separation).
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
In practice, we hardly ever get different outcomes, so there is no
gain in running tests with different compilers.
Experimentally, with the builds and tests we currently do and with the
compiler versions on a Travis Ubuntu 16.04, gcc jobs are significantly
faster than clang jobs (13 min vs 24 min). So use gcc.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
"coverity_scan" branch is been removed as Travis shouldn't be
blocked from triggering it to run Coverity on it.
"development-psa" branch isn't used anymore and also it used to
depend on a private submodule which Travis would fail to get.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This is what we do in Jenkins, so it only makes sense to do it here as well.
This will avoid random failures for no other reason than the proxy was
dropping all the messages due to an unlucky PRNG seed.
See https://docs.travis-ci.com/user/environment-variables/ for syntax
Apparently the version of openssl available on travis machines does not
support all the ciphersuites expected by compat.sh. While waiting for this
script to handle various openssl versions better, just disable openssl.
Causing spurious fails of ssl-opt.sh. Likely a version issue. It would be
better to investigate the exact problem, and maybe adapt ssl-opt.sh to be
check for a minimum version just as compat.sh does, but this is a quick fix.