Skip to content

Commit

Permalink
Merge pull request sonic-net#50 from oleksandrivantsiv/bluefield-merge
Browse files Browse the repository at this point in the history
Merge upstream/master into bluefield branch
  • Loading branch information
oleksandrivantsiv authored Jun 19, 2022
2 parents 4a75816 + 17c3067 commit f2c05f9
Show file tree
Hide file tree
Showing 760 changed files with 103,657 additions and 8,592 deletions.
24 changes: 17 additions & 7 deletions .azure-pipelines/azure-pipelines-UpgrateVersion.yml
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,14 @@ schedules:
- 202006
always: true

resources:
repositories:
- repository: buildimage
type: github
name: Azure/sonic-buildimage
ref: master
endpoint: build

pool: sonicbld

parameters:
Expand All @@ -30,22 +38,24 @@ parameters:
- centec
- centec-arm64
- generic
- innovium
- marvell-armhf
- mellanox

stages:
- stage: Build
variables:
CACHE_MODE: none
VERSION_CONTROL_OPTIONS: 'SONIC_VERSION_CONTROL_COMPONENTS='
- name: CACHE_MODE
value: none
- name: VERSION_CONTROL_OPTIONS
value: 'SONIC_VERSION_CONTROL_COMPONENTS='
- template: .azure-pipelines/template-variables.yml@buildimage
jobs:
- template: azure-pipelines-build.yml
parameters:
jobFilters: ${{ parameters.jobFilters }}
buildOptions: '${{ variables.VERSION_CONTROL_OPTIONS }} SONIC_BUILD_JOBS=$(nproc) ENABLE_IMAGE_SIGNATURE=y'
buildOptions: '${{ variables.VERSION_CONTROL_OPTIONS }} ENABLE_DOCKER_BASE_PULL=n SONIC_BUILD_JOBS=$(nproc) ENABLE_IMAGE_SIGNATURE=y'
preSteps:
- template: template-clean-sonic-slave.yml
- template: .azure-pipelines/template-clean-sonic-slave.yml@buildimage
- stage: UpgradeVersions
jobs:
- job: UpgradeVersions
Expand All @@ -69,14 +79,14 @@ stages:
default_platform=broadcom
artifacts=$(find $(Pipeline.Workspace) -maxdepth 1 -type d -name 'sonic-buildimage.*' | grep -v "sonic-buildimage.${default_platform}")
echo "artifacts$artifacts"
cp -r $(Pipeline.Workspace)/sonic-buildimage.${default_platform}/versions target/
cp -r $(Pipeline.Workspace)/sonic-buildimage.${default_platform}/target/versions target/
make freeze FREEZE_VERSION_OPTIONS=-r
find files/build/versions
ordered_artifacts=$(echo "$artifacts" | grep -v -E "arm64|armhf" && echo "$artifacts" | grep -E "arm64|armhf")
for artifact in $ordered_artifacts
do
rm -rf target/versions
cp -r $artifact/versions target/
cp -r $artifact/target/versions target/
OPTIONS="-a -d"
[[ "$artifact" == *arm64* || "$artifact" == *armhf* ]] && OPTIONS="-d"
make freeze FREEZE_VERSION_OPTIONS="$OPTIONS"
Expand Down
2 changes: 2 additions & 0 deletions .azure-pipelines/azure-pipelines-build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -50,6 +50,7 @@ jobs:
swi_image: yes

- name: broadcom
timeoutInMinutes: 1440
variables:
dbg_image: yes
swi_image: yes
Expand Down Expand Up @@ -131,3 +132,4 @@ jobs:
make $BUILD_OPTIONS target/sonic-$(GROUP_NAME).bin
fi
displayName: "Build sonic image"
- template: check-dirty-version.yml
33 changes: 33 additions & 0 deletions .azure-pipelines/azure-pipelines-download-certificate.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
parameters:
- name: connectionName
type: string
default: sonic-dev-connection
- name: kevaultName
type: string
default: sonic-kv
- name: certificateName
type: string
default: sonic-secure-boot

steps:
- task: AzureKeyVault@2
inputs:
connectedServiceName: ${{ parameters.connectionName }}
keyVaultName: ${{ parameters.kevaultName }}
secretsFilter: ${{ parameters.certificateName }}

- script: |
set -e
TMP_FILE=$(mktemp)
echo "$CERTIFICATE" | base64 -d > $TMP_FILE
sudo mkdir -p /etc/certificates
mkdir -p $(Build.StagingDirectory)/target
# Save the public key
openssl pkcs12 -in $TMP_FILE -clcerts --nokeys -nodes -passin pass: | sed -z -e "s/.*\(-----BEGIN CERTIFICATE\)/\1/" > $(SIGNING_CERT)
# Save the private key
openssl pkcs12 -in $TMP_FILE -nocerts -nodes -passin pass: | sed -z -e "s/.*\(-----BEGIN PRIVATE KEY\)/\1/" | sudo tee $(SIGNING_KEY) 1>/dev/null
ls -lt $(SIGNING_CERT) $(SIGNING_KEY)
rm $TMP_FILE
env:
CERTIFICATE: $(${{ parameters.certificateName }})
displayName: "Save certificate"
11 changes: 9 additions & 2 deletions .azure-pipelines/azure-pipelines-image-template.yml
Original file line number Diff line number Diff line change
Expand Up @@ -48,16 +48,23 @@ jobs:
ENABLE_DOCKER_BASE_PULL=y make PLATFORM=$(PLATFORM_AZP) PLATFORM_ARCH=$(PLATFORM_ARCH) $(BUILD_OPTIONS) configure
displayName: 'Make configure'
postSteps:
- script: cp target -r $(Build.ArtifactStagingDirectory)/
- script: |
mkdir -p $(Build.ArtifactStagingDirectory)/target
mv target/* $(Build.ArtifactStagingDirectory)/target/
displayName: Copy Artifacts
condition: always()
- publish: $(Build.ArtifactStagingDirectory)
artifact: 'sonic-buildimage.$(GROUP_NAME)$(GROUP_EXTNAME)'
displayName: "Archive sonic image"
- publish: $(Build.ArtifactStagingDirectory)
condition: failed()
condition: or(failed(), canceled())
artifact: 'sonic-buildimage.$(GROUP_NAME)$(GROUP_EXTNAME)$(System.JobAttempt)'
displayName: "Archive failed sonic image"
- ${{ if ne(variables['Build.Reason'], 'PullRequest') }}:
- template: trigger-publish-artifacts-build.yml
parameters:
artifactName: 'sonic-buildimage.$(GROUP_NAME)$(GROUP_EXTNAME)'
publishPrefix: '$(Build.DefinitionName)/$(Build.SourceBranchName)/$(GROUP_NAME)'
- ${{ parameters.postSteps }}
- template: cleanup.yml
jobGroups: ${{ parameters.jobGroups }}
Expand Down
19 changes: 19 additions & 0 deletions .azure-pipelines/build-commonlib.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
pr: none
trigger: none
schedules:
- cron: "0 0 * * *"
displayName: Daily build
branches:
include:
- master
- 202???
resources:
repositories:
- repository: buildimage
type: github
name: Azure/sonic-buildimage
ref: master
endpoint: build

jobs:
- template: .azure-pipelines/template-commonlib.yml@buildimage
16 changes: 16 additions & 0 deletions .azure-pipelines/check-dirty-version.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
steps:
- script: |
. functions.sh
SONIC_VERSION=$(sonic_get_version)
echo "SONIC_VERSION=$SONIC_VERSION"
if [[ "$SONIC_VERSION" == *dirty* ]]; then
# Print the detail dirty info
git status --untracked-files=no -s --ignore-submodules
# Exit with error, if it is a PR build
if [ "$(Build.Reason)" == "PullRequest" ]; then
echo "Build failed for the dirty version: $SONIC_VERSION" 1>&2
exit 1
fi
fi
displayName: "Check the dirty version"
8 changes: 8 additions & 0 deletions .azure-pipelines/docker-sonic-slave-arm64.yml
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,13 @@
# Add steps that build, run tests, deploy, and more:
# https://aka.ms/yaml
# Build and push sonic-slave-[buster|jessie|stretch] images for amd64/armhf/arm64
resources:
repositories:
- repository: buildimage
type: github
name: Azure/sonic-buildimage
ref: master
endpoint: build

schedules:
- cron: "0 8 * * *"
Expand All @@ -23,6 +30,7 @@ pr:
- sonic-slave-stretch
- sonic-slave-buster
- sonic-slave-bullseye
- .azure-pipelines

parameters:
- name: 'dists'
Expand Down
8 changes: 8 additions & 0 deletions .azure-pipelines/docker-sonic-slave-armhf.yml
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,13 @@
# Add steps that build, run tests, deploy, and more:
# https://aka.ms/yaml
# Build and push sonic-slave-[buster|jessie|stretch] images for amd64/armhf/arm64
resources:
repositories:
- repository: buildimage
type: github
name: Azure/sonic-buildimage
ref: master
endpoint: build

schedules:
- cron: "0 8 * * *"
Expand All @@ -23,6 +30,7 @@ pr:
- sonic-slave-stretch
- sonic-slave-buster
- sonic-slave-bullseye
- .azure-pipelines

parameters:
- name: 'dists'
Expand Down
31 changes: 26 additions & 5 deletions .azure-pipelines/docker-sonic-slave-template.yml
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,6 @@
# Add steps that build, run tests, deploy, and more:
# https://aka.ms/yaml
# Build and push sonic-slave-[buster|jessie|stretch] images for amd64/armhf/arm64

parameters:
- name: arch
type: string
Expand Down Expand Up @@ -38,7 +37,10 @@ jobs:
pool: ${{ parameters.pool }}
steps:
- template: cleanup.yml
- template: template-clean-sonic-slave.yml
- ${{ if eq(variables['Build.Reason'], 'PullRequest') }}:
- template: template-clean-sonic-slave.yml
- ${{ else }}:
- template: '/.azure-pipelines/template-clean-sonic-slave.yml@buildimage'
- checkout: self
clean: true
submodules: recursive
Expand Down Expand Up @@ -81,6 +83,10 @@ jobs:
docker tag $SLAVE_BASE_IMAGE:$SLAVE_BASE_TAG $REGISTRY_SERVER/$SLAVE_BASE_IMAGE_UPLOAD:latest
docker tag $SLAVE_BASE_IMAGE:$SLAVE_BASE_TAG $REGISTRY_SERVER/$SLAVE_BASE_IMAGE_UPLOAD:$SLAVE_BASE_TAG
if [ "$SLAVE_BASE_IMAGE_UPLOAD" != "$SLAVE_DIR" ]; then
docker tag $SLAVE_BASE_IMAGE:$SLAVE_BASE_TAG $REGISTRY_SERVER/$SLAVE_DIR:latest-${{ parameters.arch }}
docker tag $SLAVE_BASE_IMAGE:$SLAVE_BASE_TAG $REGISTRY_SERVER/$SLAVE_DIR:$SLAVE_BASE_TAG
fi
set +x
echo "##vso[task.setvariable variable=VARIABLE_SLAVE_BASE_IMAGE]$SLAVE_BASE_IMAGE_UPLOAD"
echo "##vso[task.setvariable variable=VARIABLE_SLAVE_BASE_TAG]$SLAVE_BASE_TAG"
Expand All @@ -89,11 +95,26 @@ jobs:
displayName: Build sonic-slave-${{ parameters.dist }}-${{ parameters.arch }}
- task: Docker@2
condition: ne(variables['Build.Reason'], 'PullRequest')
displayName: Upload image
inputs:
containerRegistry: ${{ parameters.registry_conn }}
repository: $(VARIABLE_SLAVE_BASE_IMAGE)
command: push
tags: |
$(VARIABLE_SLAVE_BASE_TAG)
latest
${{ if eq(variables['Build.SourceBranchName'], 'master') }}:
tags: |
$(VARIABLE_SLAVE_BASE_TAG)
latest
${{ else }}:
tags: |
$(VARIABLE_SLAVE_BASE_TAG)
- ${{ if ne(parameters.arch, 'amd64') }}:
- task: Docker@2
condition: ne(variables['Build.Reason'], 'PullRequest')
displayName: Upload image ${{ parameters.dist }}
inputs:
containerRegistry: ${{ parameters.registry_conn }}
repository: "sonic-slave-${{ parameters.dist }}"
command: push
tags: |
$(VARIABLE_SLAVE_BASE_TAG)
25 changes: 20 additions & 5 deletions .azure-pipelines/docker-sonic-slave.yml
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,13 @@
# Add steps that build, run tests, deploy, and more:
# https://aka.ms/yaml
# Build and push sonic-slave-[buster|jessie|stretch] images for amd64/armhf/arm64
resources:
repositories:
- repository: buildimage
type: github
name: Azure/sonic-buildimage
ref: master
endpoint: build

schedules:
- cron: "0 8 * * *"
Expand All @@ -24,6 +31,7 @@ pr:
- sonic-slave-buster
- sonic-slave-bullseye
- src/sonic-build-hooks
- .azure-pipelines

parameters:
- name: 'arches'
Expand Down Expand Up @@ -52,8 +60,15 @@ stages:
- ${{ each dist in parameters.dists }}:
- ${{ if endswith(variables['Build.DefinitionName'], dist) }}:
- ${{ each arch in parameters.arches }}:
- template: docker-sonic-slave-template.yml
parameters:
pool: sonicbld
arch: ${{ arch }}
dist: ${{ dist }}
- ${{ if eq(variables['Build.Reason'], 'PullRequest') }}:
- template: docker-sonic-slave-template.yml
parameters:
pool: sonicbld
arch: ${{ arch }}
dist: ${{ dist }}
- ${{ else }}:
- template: '/.azure-pipelines/docker-sonic-slave-template.yml@buildimage'
parameters:
pool: sonicbld
arch: ${{ arch }}
dist: ${{ dist }}
13 changes: 13 additions & 0 deletions .azure-pipelines/official-build-cisco-8000.yml
Original file line number Diff line number Diff line change
Expand Up @@ -22,10 +22,17 @@ resources:
name: Cisco-8000-sonic/platform-cisco-8000
endpoint: cisco-connection


variables:
- group: SONIC-AKV-STROAGE-1
- name: StorageSASKey
value: $(sonicstorage-SasToken)
- name: SONIC_ENABLE_SECUREBOOT_SIGNATURE
value: y
- name: SIGNING_KEY
value: /etc/certificates/sonic-secure-boot-private.pem
- name: SIGNING_CERT
value: $(Build.StagingDirectory)/target/sonic-secure-boot-public.pem

stages:
- stage: Build
Expand All @@ -41,6 +48,7 @@ stages:
parameters:
buildOptions: 'USERNAME=admin SONIC_BUILD_JOBS=$(nproc) ${{ variables.VERSION_CONTROL_OPTIONS }}'
preSteps:
- template: azure-pipelines-download-certificate.yml
- checkout: self
submodules: recursive
path: s
Expand Down Expand Up @@ -90,5 +98,10 @@ stages:
StorageSASKey: $(StorageSASKey)
condition: ne(variables['Build.Reason'], 'PullRequest')
displayName: "Override cisco sai packages"
- script: |
echo "SONIC_ENABLE_SECUREBOOT_SIGNATURE := y" >> rules/config.user
echo "SIGNING_KEY := $(SIGNING_KEY)" >> rules/config.user
echo "SIGNING_CERT := $(SIGNING_CERT)" >> rules/config.user
displayName: "Enable secure boot signature"
jobGroups:
- name: cisco-8000
11 changes: 11 additions & 0 deletions .azure-pipelines/official-build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -18,9 +18,20 @@ schedules:
- 201911
- 201811

resources:
repositories:
- repository: buildimage
type: github
name: Azure/sonic-buildimage
ref: master
endpoint: build

trigger: none
pr: none

variables:
- template: .azure-pipelines/template-variables.yml@buildimage

stages:
- stage: Build
pool: sonicbld
Expand Down
Loading

0 comments on commit f2c05f9

Please sign in to comment.