git/.gitlab-ci.yml

default:
  timeout: 2h

stages:
  - build
  - test
  - analyze

workflow:
  rules:
    - if: $CI_PIPELINE_SOURCE == "merge_request_event"
    - if: $CI_COMMIT_TAG
    - if: $CI_COMMIT_REF_PROTECTED == "true"

test:linux:
  image: $image
  stage: test
  needs: [ ]
  tags:
    - saas-linux-medium-amd64
  variables:
    CUSTOM_PATH: "/custom"
  before_script:
    - ./ci/install-dependencies.sh
  script:
    - useradd builder --create-home
    - chown -R builder "${CI_PROJECT_DIR}"
    - sudo --preserve-env --set-home --user=builder ./ci/run-build-and-tests.sh
  after_script:
    - |
      if test "$CI_JOB_STATUS" != 'success'
      then
        sudo --preserve-env --set-home --user=builder ./ci/print-test-failures.sh
      fi
  parallel:
    matrix:
      - jobname: linux-old
        image: ubuntu:16.04
        CC: gcc
      - jobname: linux-sha256
        image: ubuntu:latest
        CC: clang
      - jobname: linux-reftable
        image: ubuntu:latest
        CC: clang
      - jobname: linux-gcc
        image: ubuntu:20.04
        CC: gcc
        CC_PACKAGE: gcc-8
      - jobname: linux-TEST-vars
        image: ubuntu:20.04
        CC: gcc
        CC_PACKAGE: gcc-8
      - jobname: linux-gcc-default
        image: ubuntu:latest
        CC: gcc
      - jobname: linux-leaks
        image: ubuntu:latest
        CC: gcc
      - jobname: linux-reftable-leaks
        image: ubuntu:latest
        CC: gcc
      - jobname: linux-asan-ubsan
        image: ubuntu:latest
        CC: clang
      - jobname: pedantic
        image: fedora:latest
      - jobname: linux-musl
        image: alpine:latest
  artifacts:
    paths:
      - t/failed-test-artifacts
    when: on_failure

test:osx:
  image: $image
  stage: test
  needs: [ ]
  tags:
    - saas-macos-medium-m1
  variables:
    TEST_OUTPUT_DIRECTORY: "/Volumes/RAMDisk"
  before_script:
    # Create a 4GB RAM disk that we use to store test output on. This small hack
    # significantly speeds up tests by more than a factor of 2 because the
    # macOS runners use network-attached storage as disks, which is _really_
    # slow with the many small writes that our tests do.
    - sudo diskutil apfs create $(hdiutil attach -nomount ram://8192000) RAMDisk
    - ./ci/install-dependencies.sh
  script:
    - ./ci/run-build-and-tests.sh
  after_script:
    - |
      if test "$CI_JOB_STATUS" != 'success'
      then
        ./ci/print-test-failures.sh
        mv "$TEST_OUTPUT_DIRECTORY"/failed-test-artifacts t/
      fi
  parallel:
    matrix:
      - jobname: osx-clang
        image: macos-13-xcode-14
        CC: clang
      - jobname: osx-reftable
        image: macos-13-xcode-14
        CC: clang
  artifacts:
    paths:
      - t/failed-test-artifacts
    when: on_failure

build:mingw64:
  stage: build
  tags:
    - saas-windows-medium-amd64
  variables:
    NO_PERL: 1
  before_script:
    - ./ci/install-sdk.ps1 -directory "git-sdk"
  script:
    - git-sdk/usr/bin/bash.exe -l -c 'ci/make-test-artifacts.sh artifacts'
  artifacts:
    paths:
      - artifacts
      - git-sdk

test:mingw64:
  stage: test
  tags:
    - saas-windows-medium-amd64
  needs:
    - job: "build:mingw64"
      artifacts: true
  before_script:
    - git-sdk/usr/bin/bash.exe -l -c 'tar xf artifacts/artifacts.tar.gz'
    - New-Item -Path .git/info -ItemType Directory
    - New-Item .git/info/exclude -ItemType File -Value "/git-sdk"
  script:
    - git-sdk/usr/bin/bash.exe -l -c "ci/run-test-slice.sh $CI_NODE_INDEX $CI_NODE_TOTAL"
  after_script:
    - git-sdk/usr/bin/bash.exe -l -c 'ci/print-test-failures.sh'
  parallel: 10

test:fuzz-smoke-tests:
  image: ubuntu:latest
  stage: test
  needs: [ ]
  variables:
    CC: clang
  before_script:
    - ./ci/install-dependencies.sh
  script:
    - ./ci/run-build-and-minimal-fuzzers.sh

static-analysis:
  image: ubuntu:22.04
  stage: analyze
  needs: [ ]
  variables:
    jobname: StaticAnalysis
  before_script:
    - ./ci/install-dependencies.sh
  script:
    - ./ci/run-static-analysis.sh
    - ./ci/check-directional-formatting.bash

check-whitespace:
  image: ubuntu:latest
  stage: analyze
  needs: [ ]
  before_script:
    - ./ci/install-dependencies.sh
  # Since $CI_MERGE_REQUEST_TARGET_BRANCH_SHA is only defined for merged
  # pipelines, we fallback to $CI_MERGE_REQUEST_DIFF_BASE_SHA, which should
  # be defined in all pipelines.
  script:
    - |
      R=${CI_MERGE_REQUEST_TARGET_BRANCH_SHA-${CI_MERGE_REQUEST_DIFF_BASE_SHA:?}} || exit
      ./ci/check-whitespace.sh "$R"
  rules:
    - if: $CI_PIPELINE_SOURCE == 'merge_request_event'

check-style:
  image: ubuntu:latest
  stage: analyze
  needs: [ ]
  allow_failure: true
  variables:
    CC: clang
    jobname: ClangFormat
  before_script:
    - ./ci/install-dependencies.sh
  # Since $CI_MERGE_REQUEST_TARGET_BRANCH_SHA is only defined for merged
  # pipelines, we fallback to $CI_MERGE_REQUEST_DIFF_BASE_SHA, which should
  # be defined in all pipelines.
  script:
    - |
      R=${CI_MERGE_REQUEST_TARGET_BRANCH_SHA-${CI_MERGE_REQUEST_DIFF_BASE_SHA:?}} || exit
      ./ci/run-style-check.sh "$R"
  rules:
    - if: $CI_PIPELINE_SOURCE == 'merge_request_event'

documentation:
  image: ubuntu:latest
  stage: analyze
  needs: [ ]
  variables:
    jobname: Documentation
  before_script:
    - ./ci/install-dependencies.sh
  script:
    - ./ci/test-documentation.sh