• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1# Types of CI pipelines:
2# | pipeline name        | context   | description                                                 |
3# |----------------------|-----------|-------------------------------------------------------------|
4# | merge pipeline       | mesa/mesa | pipeline running for an MR; if it passes the MR gets merged |
5# | pre-merge pipeline   | mesa/mesa | same as above, except its status doesn't affect the MR      |
6# | post-merge pipeline  | mesa/mesa | pipeline immediately after merging                          |
7# | fork pipeline        | fork      | pipeline running in a user fork                             |
8# | scheduled pipeline   | mesa/mesa | nightly pipelines, running every morning at 4am UTC         |
9# | direct-push pipeline | mesa/mesa | when commits are pushed directly to mesa/mesa, bypassing Marge and its gating pipeline |
10#
11# Note that the release branches maintained by the release manager fall under
12# the "direct push" category.
13#
14# "context" indicates the permissions that the jobs get; notably, any
15# container created in mesa/mesa gets pushed immediately for everyone to use
16# as soon as the image tag change is merged.
17#
18# Merge pipelines contain all jobs that must pass before the MR can be merged.
19# Pre-merge pipelines contain the exact same jobs as merge pipelines.
20# Post-merge pipelines contain *only* the `pages` job that deploys the new
21# version of the website.
22# Fork pipelines contain everything.
23# Scheduled pipelines only contain the container+build jobs, and some extra
24# test jobs (typically "full" variants of pre-merge jobs that only run 1/X
25# test cases), but not a repeat of the merge pipeline jobs.
26# Direct-push pipelines contain the same jobs as merge pipelines.
27
28workflow:
29  rules:
30    # do not duplicate pipelines on merge pipelines
31    - if: $CI_COMMIT_BRANCH && $CI_OPEN_MERGE_REQUESTS && $CI_PIPELINE_SOURCE == "push"
32      when: never
33    # merge pipeline
34    - if: &is-merge-attempt $GITLAB_USER_LOGIN == "marge-bot" && $CI_PIPELINE_SOURCE == "merge_request_event"
35      variables:
36        MESA_CI_PERFORMANCE_ENABLED: 1
37        VALVE_INFRA_VANGOGH_JOB_PRIORITY: ""  # Empty tags are ignored by gitlab
38        JOB_PRIORITY: 75
39        # fast-fail in merge pipelines: stop early if we get this many unexpected fails/crashes
40        DEQP_RUNNER_MAX_FAILS: 40
41    # post-merge pipeline
42    - if: &is-post-merge $GITLAB_USER_LOGIN == "marge-bot" && $CI_PIPELINE_SOURCE == "push"
43    # Pre-merge pipeline
44    - if: &is-pre-merge $CI_PIPELINE_SOURCE == "merge_request_event"
45    # Push to a branch on a fork
46    - if: &is-fork-push $CI_PROJECT_NAMESPACE != "mesa" && $CI_PIPELINE_SOURCE == "push"
47    # nightly pipeline
48    - if: &is-scheduled-pipeline $CI_PIPELINE_SOURCE == "schedule"
49      variables:
50        JOB_PRIORITY: 45
51        # (some) nightly builds perform LTO, so they take much longer than the
52        # short timeout allowed in other pipelines.
53        # Note: 0 = infinity = gitlab's job `timeout:` applies, which is 1h
54        BUILD_JOB_TIMEOUT_OVERRIDE: 0
55    # pipeline for direct pushes that bypassed the CI
56    - if: &is-direct-push $CI_PROJECT_NAMESPACE == "mesa" && $CI_PIPELINE_SOURCE == "push" && $GITLAB_USER_LOGIN != "marge-bot"
57      variables:
58        JOB_PRIORITY: 70
59
60
61variables:
62  FDO_UPSTREAM_REPO: mesa/mesa
63  MESA_TEMPLATES_COMMIT: &ci-templates-commit e195d80f35b45cc73668be3767b923fd76c70ed5
64  CI_PRE_CLONE_SCRIPT: |-
65          set -o xtrace
66          wget -q -O download-git-cache.sh ${CI_PROJECT_URL}/-/raw/${CI_COMMIT_SHA}/.gitlab-ci/download-git-cache.sh
67          bash download-git-cache.sh
68          rm download-git-cache.sh
69          set +o xtrace
70  S3_JWT_FILE: /s3_jwt
71  S3_JWT_FILE_SCRIPT: |-
72      echo -n '${S3_JWT}' > '${S3_JWT_FILE}' &&
73      unset CI_JOB_JWT S3_JWT  # Unsetting vulnerable env variables
74  S3_HOST: s3.freedesktop.org
75  # This bucket is used to fetch ANDROID prebuilts and images
76  S3_ANDROID_BUCKET: mesa-rootfs
77  # This bucket is used to fetch the kernel image
78  S3_KERNEL_BUCKET: mesa-rootfs
79  # Bucket for git cache
80  S3_GITCACHE_BUCKET: git-cache
81  # Bucket for the pipeline artifacts pushed to S3
82  S3_ARTIFACTS_BUCKET: artifacts
83  # Buckets for traces
84  S3_TRACIE_RESULTS_BUCKET: mesa-tracie-results
85  S3_TRACIE_PUBLIC_BUCKET: mesa-tracie-public
86  S3_TRACIE_PRIVATE_BUCKET: mesa-tracie-private
87  # per-pipeline artifact storage on MinIO
88  PIPELINE_ARTIFACTS_BASE: ${S3_HOST}/${S3_ARTIFACTS_BUCKET}/${CI_PROJECT_PATH}/${CI_PIPELINE_ID}
89  # per-job artifact storage on MinIO
90  JOB_ARTIFACTS_BASE: ${PIPELINE_ARTIFACTS_BASE}/${CI_JOB_ID}
91  # reference images stored for traces
92  PIGLIT_REPLAY_REFERENCE_IMAGES_BASE: "${S3_HOST}/${S3_TRACIE_RESULTS_BUCKET}/$FDO_UPSTREAM_REPO"
93  # For individual CI farm status see .ci-farms folder
94  # Disable farm with   `git mv .ci-farms{,-disabled}/$farm_name`
95  # Re-enable farm with `git mv .ci-farms{-disabled,}/$farm_name`
96  # NEVER MIX FARM MAINTENANCE WITH ANY OTHER CHANGE IN THE SAME MERGE REQUEST!
97  ARTIFACTS_BASE_URL: https://${CI_PROJECT_ROOT_NAMESPACE}.${CI_PAGES_DOMAIN}/-/${CI_PROJECT_NAME}/-/jobs/${CI_JOB_ID}/artifacts
98  # Python scripts for structured logger
99  PYTHONPATH: "$PYTHONPATH:$CI_PROJECT_DIR/install"
100  # No point in continuing once the device is lost
101  MESA_VK_ABORT_ON_DEVICE_LOSS: 1
102  # Avoid the wall of "Unsupported SPIR-V capability" warnings in CI job log, hiding away useful output
103  MESA_SPIRV_LOG_LEVEL: error
104  # Default priority for non-merge pipelines
105  VALVE_INFRA_VANGOGH_JOB_PRIORITY: priority:low
106  JOB_PRIORITY: 50
107
108default:
109  id_tokens:
110    S3_JWT:
111      aud: https://s3.freedesktop.org
112  before_script:
113    - |
114      if [ -z "${KERNEL_IMAGE_BASE:-}" ]; then
115        export KERNEL_IMAGE_BASE="https://${S3_HOST}/${S3_KERNEL_BUCKET}/${KERNEL_REPO}/${EXTERNAL_KERNEL_TAG:-$KERNEL_TAG}"
116      fi
117    - >
118      export SCRIPTS_DIR=$(mktemp -d) &&
119      curl -L -s --retry 4 -f --retry-all-errors --retry-delay 60 -O --output-dir "${SCRIPTS_DIR}" "${CI_PROJECT_URL}/-/raw/${CI_COMMIT_SHA}/.gitlab-ci/setup-test-env.sh" &&
120      . ${SCRIPTS_DIR}/setup-test-env.sh
121    - eval "$S3_JWT_FILE_SCRIPT"
122
123  after_script:
124    # Work around https://gitlab.com/gitlab-org/gitlab/-/issues/20338
125    - find -name '*.log' -exec mv {} {}.txt \;
126
127  # Retry when job fails. Failed jobs can be found in the Mesa CI Daily Reports:
128  # https://gitlab.freedesktop.org/mesa/mesa/-/issues/?sort=created_date&state=opened&label_name%5B%5D=CI%20daily
129  retry:
130    max: 1
131    # Ignore runner_unsupported, stale_schedule, archived_failure, or
132    # unmet_prerequisites
133    when:
134      - api_failure
135      - runner_system_failure
136      - script_failure
137      - job_execution_timeout
138      - scheduler_failure
139      - data_integrity_failure
140      - unknown_failure
141
142stages:
143  - sanity
144  - container
145  - git-archive
146  - build-for-tests
147  - build-only
148  - code-validation
149  - amd
150  - amd-postmerge
151  - intel
152  - intel-postmerge
153  - nouveau
154  - nouveau-postmerge
155  - arm
156  - arm-postmerge
157  - broadcom
158  - broadcom-postmerge
159  - freedreno
160  - freedreno-postmerge
161  - etnaviv
162  - etnaviv-postmerge
163  - software-renderer
164  - software-renderer-postmerge
165  - layered-backends
166  - layered-backends-postmerge
167  - performance
168  - deploy
169
170include:
171  - project: 'freedesktop/ci-templates'
172    ref: 16bc29078de5e0a067ff84a1a199a3760d3b3811
173    file:
174      - '/templates/ci-fairy.yml'
175  - project: 'freedesktop/ci-templates'
176    ref: *ci-templates-commit
177    file:
178      - '/templates/alpine.yml'
179      - '/templates/debian.yml'
180      - '/templates/fedora.yml'
181  - local: '.gitlab-ci/image-tags.yml'
182  - local: '.gitlab-ci/lava/lava-gitlab-ci.yml'
183  - local: '.gitlab-ci/container/gitlab-ci.yml'
184  - local: '.gitlab-ci/build/gitlab-ci.yml'
185  - local: '.gitlab-ci/test/gitlab-ci.yml'
186  - local: '.gitlab-ci/farm-rules.yml'
187  - local: '.gitlab-ci/test-source-dep.yml'
188  - local: 'docs/gitlab-ci.yml'
189  - local: 'src/**/ci/gitlab-ci.yml'
190
191
192# Rules applied to every job in the pipeline
193.common-rules:
194  rules:
195    - if: *is-fork-push
196      when: manual
197
198.never-post-merge-rules:
199  rules:
200    - if: *is-post-merge
201      when: never
202
203
204.container+build-rules:
205  rules:
206    - !reference [.common-rules, rules]
207    # Run when re-enabling a disabled farm, but not when disabling it
208    - !reference [.disable-farm-mr-rules, rules]
209    # Never run immediately after merging, as we just ran everything
210    - !reference [.never-post-merge-rules, rules]
211    # Build everything in merge pipelines, if any files affecting the pipeline
212    # were changed
213    - if: *is-merge-attempt
214      changes: &all_paths
215        - VERSION
216        - bin/git_sha1_gen.py
217        - bin/install_megadrivers.py
218        - bin/symbols-check.py
219        - bin/ci/**/*
220        # GitLab CI
221        - .gitlab-ci.yml
222        - .gitlab-ci/**/*
223        - .ci-farms/*
224        # Meson
225        - meson*
226        - build-support/**/*
227        - subprojects/**/*
228        # clang format
229        - .clang-format
230        - .clang-format-include
231        - .clang-format-ignore
232        # Source code
233        - include/**/*
234        - src/**/*
235      when: on_success
236    # Same as above, but for pre-merge pipelines
237    - if: *is-pre-merge
238      changes:
239        *all_paths
240      when: manual
241    # Skip everything for pre-merge and merge pipelines which don't change
242    # anything in the build
243    - if: *is-merge-attempt
244      when: never
245    - if: *is-pre-merge
246      when: never
247    # Build everything after someone bypassed the CI
248    - if: *is-direct-push
249      when: on_success
250    # Build everything in scheduled pipelines
251    - if: *is-scheduled-pipeline
252      when: on_success
253    # Allow building everything in fork pipelines, but build nothing unless
254    # manually triggered
255    - when: manual
256
257
258.ci-deqp-artifacts:
259  artifacts:
260    name: "mesa_${CI_JOB_NAME}"
261    when: always
262    untracked: false
263    paths:
264      # Watch out!  Artifacts are relative to the build dir.
265      # https://gitlab.com/gitlab-org/gitlab-ce/commit/8788fb925706cad594adf6917a6c5f6587dd1521
266      - artifacts
267      - _build/meson-logs/*.txt
268      - _build/meson-logs/strace
269
270# Git archive
271
272make git archive:
273  extends:
274    - .fdo.ci-fairy
275  stage: git-archive
276  rules:
277    - !reference [.scheduled_pipeline-rules, rules]
278  # ensure we are running on packet
279  tags:
280    - packet.net
281  script:
282    # Compactify the .git directory
283    - git gc --aggressive
284    # Download & cache the perfetto subproject as well.
285    - rm -rf subprojects/perfetto ; mkdir -p subprojects/perfetto && curl https://android.googlesource.com/platform/external/perfetto/+archive/$(grep 'revision =' subprojects/perfetto.wrap | cut -d ' ' -f3).tar.gz | tar zxf - -C subprojects/perfetto
286    # compress the current folder
287    - tar -cvzf ../$CI_PROJECT_NAME.tar.gz .
288
289    - ci-fairy s3cp --token-file "${S3_JWT_FILE}" ../$CI_PROJECT_NAME.tar.gz https://$S3_HOST/git-cache/$CI_PROJECT_NAMESPACE/$CI_PROJECT_NAME/$CI_PROJECT_NAME.tar.gz
290
291# Sanity checks of MR settings and commit logs
292sanity:
293  extends:
294    - .fdo.ci-fairy
295  stage: sanity
296  rules:
297    - if: *is-pre-merge
298      when: on_success
299    - when: never
300  variables:
301    GIT_STRATEGY: none
302  script:
303    # ci-fairy check-commits --junit-xml=check-commits.xml
304    - ci-fairy check-merge-request --require-allow-collaboration --junit-xml=check-merge-request.xml
305    - |
306      set -eu
307      image_tags=(
308        ALPINE_X86_64_BUILD_TAG
309        ALPINE_X86_64_LAVA_SSH_TAG
310        DEBIAN_BASE_TAG
311        DEBIAN_BUILD_TAG
312        DEBIAN_PYUTILS_TAG
313        DEBIAN_TEST_ANDROID_TAG
314        DEBIAN_TEST_GL_TAG
315        DEBIAN_TEST_VK_TAG
316        FEDORA_X86_64_BUILD_TAG
317        KERNEL_ROOTFS_TAG
318        KERNEL_TAG
319        PKG_REPO_REV
320        WINDOWS_X64_BUILD_TAG
321        WINDOWS_X64_MSVC_TAG
322        WINDOWS_X64_TEST_TAG
323      )
324      for var in "${image_tags[@]}"
325      do
326        if [ "$(echo -n "${!var}" | wc -c)" -gt 20 ]
327        then
328          echo "$var is too long; please make sure it is at most 20 chars."
329          exit 1
330        fi
331      done
332  artifacts:
333    when: on_failure
334    reports:
335      junit: check-*.xml
336  tags:
337    - placeholder-job
338
339
340mr-label-maker-test:
341  extends:
342    - .fdo.ci-fairy
343  stage: sanity
344  rules:
345    - !reference [.mr-label-maker-rules, rules]
346  variables:
347    GIT_STRATEGY: fetch
348  timeout: 10m
349  script:
350    - set -eu
351    - python3 -m venv .venv
352    - source .venv/bin/activate
353    - pip install git+https://gitlab.freedesktop.org/freedesktop/mr-label-maker
354    - mr-label-maker --dry-run --mr $CI_MERGE_REQUEST_IID
355
356# Jobs that need to pass before spending hardware resources on further testing
357.required-for-hardware-jobs:
358  needs:
359    - job: clang-format
360      optional: true
361    - job: rustfmt
362      optional: true
363    - job: toml-lint
364      optional: true
365