-
Notifications
You must be signed in to change notification settings - Fork 202
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
WIP [CI] Add pipeline for noble (Ubuntu 24.04 LTS)
noble is not yet released at this point Signed-off-by: Wojtek Porczyk <[email protected]>
- Loading branch information
Showing
2 changed files
with
69 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,21 @@ | ||
| node('sgx') { | ||
| checkout scm | ||
|
|
||
| env.SGX = '1' | ||
| env.SGX_DRIVER = 'upstream' | ||
|
|
||
| load '.ci/lib/config-docker.jenkinsfile' | ||
| docker.build( | ||
| "local:${env.BUILD_TAG}", | ||
| '-f .ci/ubuntu24.04.dockerfile .' | ||
| ).inside("${env.DOCKER_ARGS_COMMON} ${env.DOCKER_ARGS_SGX}") { | ||
| load '.ci/lib/config.jenkinsfile' | ||
| load '.ci/lib/config-release.jenkinsfile' | ||
|
|
||
| load '.ci/lib/stage-lint.jenkinsfile' | ||
| load '.ci/lib/stage-clean-check-prepare.jenkinsfile' | ||
| load '.ci/lib/stage-build-sgx.jenkinsfile' | ||
| load '.ci/lib/stage-test.jenkinsfile' | ||
| load '.ci/lib/stage-clean-check.jenkinsfile' | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,48 @@ | ||
| FROM ubuntu:noble | ||
|
|
||
| ENV DEBIAN_FRONTEND=noninteractive | ||
|
|
||
| RUN apt-get update && apt-get install -y ca-certificates | ||
|
|
||
| # Intel's RSA-2048 key signing the intel-sgx/sgx_repo repository. Expires 2027-03-20. | ||
| # https://download.01.org/intel-sgx/sgx_repo/ubuntu/intel-sgx-deb.key | ||
| # TODO after Intel releases for noble: fix mantic to noble | ||
| COPY .ci/intel-sgx-deb.key /etc/apt/trusted.gpg.d/intel-sgx-deb.asc | ||
| RUN echo deb [arch=amd64] https://download.01.org/intel-sgx/sgx_repo/ubuntu mantic main > /etc/apt/sources.list.d/intel-sgx.list | ||
|
|
||
| # Dependencies for actual build. | ||
| # NOTE: COPY invalidates docker cache when source file changes, | ||
| # so `apt-get build-dep` will rerun if dependencies change, despite no change | ||
| # in dockerfile. | ||
| RUN mkdir /debian | ||
| COPY debian/control /debian | ||
| RUN apt-get update && apt-get -y build-dep --no-install-recommends --no-install-suggests / | ||
| RUN rm -rf /debian | ||
|
|
||
| # runtime dependencies of Gramine, for running tests | ||
| # keep this synced with debian/control | ||
| RUN apt-get update && apt-get satisfy -y \ | ||
| 'libcurl4 (>= 7.58)' \ | ||
| 'libprotobuf-c1' \ | ||
| 'python3' \ | ||
| 'python3 (>= 3.10) | python3-pkg-resources' \ | ||
| 'python3-click (>= 6.7)' \ | ||
| 'python3-cryptography' \ | ||
| 'python3-jinja2' \ | ||
| 'python3-pyelftools' \ | ||
| 'python3-tomli (>= 1.1.0)' \ | ||
| 'python3-tomli-w (>= 0.4.0)' | ||
|
|
||
| # dependencies for various tests, CI-Examples, etc. | ||
| # git: scripts/gitignore-test (among others) | ||
| # libunwind8: libos/test/regression/bootstrap_cpp.manifest.template | ||
| # nginx: CI-Examples/ra-tls-nginx | ||
| # shellcheck: .ci/run-shellcheck | ||
| RUN apt-get update && apt-get install -y \ | ||
| git \ | ||
| libunwind8 \ | ||
| nginx \ | ||
| python3-pytest \ | ||
| shellcheck | ||
|
|
||
| CMD ["bash"] |