forked from CERT-Polska/drakvuf-sandbox
-
Notifications
You must be signed in to change notification settings - Fork 0
/
.drone.yml
249 lines (241 loc) · 6.37 KB
/
.drone.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
kind: pipeline
type: docker
name: check-drakcore
steps:
- name: flake8 drakcore
image: python:3.8-buster
commands:
- pip3 install flake8
- pip3 install -r drakcore/requirements.txt
- cd drakcore && flake8 --ignore E402,F401,E501
- name: Check formatting with prettier
image: node:14
commands:
- cd drakcore/drakcore/frontend
- npm install
- npx prettier --check src/
node:
purpose: generic
trigger:
branch:
- master
---
kind: pipeline
type: docker
name: check-drakrun
steps:
- name: lint drakrun
image: python:3.8-buster
commands:
- pip3 install flake8
- pip3 install -r drakrun/requirements.txt
- cd drakrun && flake8 --ignore E402,F401,E501
- name: run drakrun tests
image: python:3.8-buster
commands:
- pip3 install -r drakrun/drakrun/test/requirements.txt
- pip3 install ./drakrun
- pytest -v drakrun/drakrun/test/
node:
purpose: generic
trigger:
branch:
- master
---
kind: pipeline
type: docker
name: build-drakcore
steps:
- name: package drakcore
image: debian:buster
commands:
- export DEBIAN_FRONTEND=noninteractive
- apt-get update
- apt-get install -y wget curl python3 python3-venv python3-pip dh-virtualenv debhelper devscripts
- curl -sL https://deb.nodesource.com/setup_14.x | bash -
- apt-get install -y nodejs
- cd drakcore
- wget -q -O drakcore/systemd/minio $CACHE_SERVER/minio
- package/find-python.sh
- dpkg-buildpackage -us -uc -b
environment:
CACHE_SERVER: http://192.168.21.1:5000/static
- name: upload deb
image: minio/mc
commands:
- mc config host add cache "$MINIO_SERVER" "$MINIO_ACCESS_KEY" "$MINIO_SECRET_KEY"
- mc mb --ignore-existing cache/debs
- mc cp ./drakcore_*_amd64.deb "cache/debs/drakcore_drone-$DRONE_BUILD_NUMBER.deb"
environment:
MINIO_ACCESS_KEY:
from_secret: MINIO_ACCESS_KEY
MINIO_SECRET_KEY:
from_secret: MINIO_SECRET_KEY
MINIO_SERVER: http://192.168.21.131:9000
node:
purpose: generic
trigger:
branch:
- master
---
kind: pipeline
type: docker
name: build-drakrun
steps:
- name: package drakrun
image: debian:buster
commands:
- export DEBIAN_FRONTEND=noninteractive
- apt-get update
- apt-get install -y wget python2.7 python3 python3-pip python3-venv dh-virtualenv debhelper devscripts libpixman-1-0 libpng16-16 libfdt1 libglib2.0-dev libjson-c3 libyajl2 libaio1 libc6-dev-i386
- wget -O drakvuf.deb https://github.com/tklengyel/drakvuf-builds/releases/download/20200317014821-a1ef03c/drakvuf-bundle-0.7-a1ef03c-generic.deb
- dpkg -i drakvuf.deb
- sh -c "cd /opt && git clone https://xenbits.xen.org/git-http/xtf.git && cd xtf && git checkout 8ab15139728a8efd3ebbb60beb16a958a6a93fa1 && make PYTHON=python2 -j4"
- cd drakrun
- package/find-python.sh
- dpkg-buildpackage -us -uc -b
- name: upload deb
image: minio/mc
commands:
- mc config host add cache "$MINIO_SERVER" "$MINIO_ACCESS_KEY" "$MINIO_SECRET_KEY"
- mc mb --ignore-existing cache/debs
- mc cp ./drakrun_*_amd64.deb "cache/debs/drakrun_drone-$DRONE_BUILD_NUMBER.deb"
environment:
MINIO_ACCESS_KEY:
from_secret: MINIO_ACCESS_KEY
MINIO_SECRET_KEY:
from_secret: MINIO_SECRET_KEY
MINIO_SERVER: http://192.168.21.131:9000
node:
purpose: generic
trigger:
branch:
- master
---
kind: pipeline
type: docker
name: build-docs
steps:
- name: build-docs
image: python:3.8-buster
commands:
- cd docs
- pip install -r requirements.txt
- make html
node:
purpose: generic
trigger:
branch:
- master
---
kind: pipeline
type: docker
name: build-drakvuf-bundle
steps:
- name: package drakvuf-bundle
image: debian:buster
commands:
# Install dependencies
- export DEBIAN_FRONTEND=noninteractive
- apt-get update && apt-get install -y -q git wget
# Configure Minio
- wget -q -O /usr/local/bin/mc http://192.168.21.1:5000/static/mc
- chmod +x /usr/local/bin/mc
- mc config host add cache http://192.168.21.131:9000 "$MINIO_ACCESS_KEY" "$MINIO_SECRET_KEY"
- mc mb --ignore-existing cache/debs
# Checkout submodules
- git submodule update --init --recursive
- export DRAKVUF_COMMIT=$(git ls-tree HEAD drakvuf | awk '{ print $3 }')
# Build drakvuf-bundle
- sh drakvuf/package/depends.sh
- bash ci/build_bundle.sh
environment:
MINIO_ACCESS_KEY:
from_secret: MINIO_ACCESS_KEY
MINIO_SECRET_KEY:
from_secret: MINIO_SECRET_KEY
node:
purpose: generic
trigger:
branch:
- master
---
kind: pipeline
type: docker
name: build-base-image
steps:
- name: get DRAKVUF commit
image: alpine/git
commands:
- git submodule update --init --recursive
- export DRAKVUF_COMMIT=$(git ls-tree HEAD drakvuf | awk '{ print $3 }')
- echo "$DRAKVUF_COMMIT" > drakvuf_commit.txt
- name: get mc
image: minio/mc
commands:
# Get mc binary for next step
- cp /bin/mc .
- name: build VM
image: hashicorp/packer:light
commands:
- mv mc /bin
- mc config host add cache "$MINIO_SERVER" "$MINIO_ACCESS_KEY" "$MINIO_SECRET_KEY"
- mc mb --ignore-existing cache/images
- export DRAKVUF_COMMIT=$(cat drakvuf_commit.txt)
- apk add qemu-system-x86_64 qemu-img
- cd ci/packer
- sh build_vm.sh
environment:
MINIO_ACCESS_KEY:
from_secret: MINIO_ACCESS_KEY
MINIO_SECRET_KEY:
from_secret: MINIO_SECRET_KEY
MINIO_SERVER: http://192.168.21.131:9000
node:
purpose: generic
depends_on:
- build-drakvuf-bundle
trigger:
branch:
- master
---
kind: pipeline
type: docker
name: test-e2e
steps:
- name: test-e2e
image: python:3.8-buster
commands:
- apt-get update && apt-get install -y git
- mkdir -p ~/.ssh/
- echo "$ZEN_SSH_KEY" > ~/.ssh/id_rsa
- chmod 600 ~/.ssh/id_rsa
- cd test
- pip install -r requirements.txt
- pytest --capture=no
environment:
# Clean debian image
# VM_SNAPSHOT_BASE = "snap1585837798"
# Debian with preconfigured Windows in /var/lib/drakrun and /etc/drakrun
VM_SNAPSHOT_BASE: snap1587390752
VM_RUNNER_HOST: "192.168.21.1:5000"
VM_HOST: "192.168.21.129"
MINIO_HOST: "192.168.21.131:9000"
MINIO_ACCESS_KEY:
from_secret: MINIO_ACCESS_KEY
MINIO_SECRET_KEY:
from_secret: MINIO_SECRET_KEY
ZEN_SSH_KEY:
from_secret: ZEN_SSH_KEY
node:
purpose: e2e
depends_on:
- check-drakcore
- check-drakrun
- build-drakcore
- build-drakrun
- build-drakvuf-bundle
- build-base-image
trigger:
branch:
- master