config.yml

version: 2.0
jobs:
  build:
    docker:
      - image: docker.io/openwrtorg/packages-cci:v1.0.5
    environment:
      - SDK_HOST: "downloads.openwrt.org"
      - SDK_PATH: "snapshots/targets/ath79/generic"
      - SDK_FILE: "openwrt-sdk-ath79-generic_*.Linux-x86_64.tar.xz"
      - BRANCH: "master"
    steps:
      - checkout:
          path: ~/openwrt_packages

      - run:
          name: Check changes / verify commits
          working_directory: ~/openwrt_packages
          command: |
             cat >> $BASH_ENV <<EOF
             echo_red()   { printf "\033[1;31m\$*\033[m\n"; }
             echo_green() { printf "\033[1;32m\$*\033[m\n"; }
             echo_blue()  { printf "\033[1;34m\$*\033[m\n"; }
             EOF
             source $BASH_ENV

             RET=0
             for commit in $(git rev-list HEAD ^origin/$BRANCH); do
               echo_blue "=== Checking commit '$commit'"
               if git show --format='%P' -s $commit | grep -qF ' '; then
                 echo_red "Pull request should not include merge commits"
                 RET=1
               fi

               author="$(git show -s --format=%aN $commit)"
               if echo $author | grep -q '\S\+\s\+\S\+'; then
                 echo_green "Author name ($author) seems ok"
               else
                 echo_red "Author name ($author) need to be your real name 'firstname lastname'"
                 RET=1
               fi

               subject="$(git show -s --format=%s $commit)"
               if echo "$subject" | grep -q -e '^[0-9A-Za-z,+/_-]\+: ' -e '^Revert '; then
                 echo_green "Commit subject line seems ok ($subject)"
               else
                 echo_red "Commit subject line MUST start with '<package name>: ' ($subject)"
                 RET=1
               fi

               body="$(git show -s --format=%b $commit)"
               sob="$(git show -s --format='Signed-off-by: %aN <%aE>' $commit)"
               if echo "$body" | grep -qF "$sob"; then
                 echo_green "Signed-off-by match author"
               else
                 echo_red "Signed-off-by is missing or doesn't match author (should be '$sob')"
                 RET=1
               fi
             done

             exit $RET

      - run:
          name: Download the SDK
          working_directory: ~/sdk
          command: |
             curl "https://$SDK_HOST/$SDK_PATH/sha256sums" -sS -o sha256sums
             curl "https://$SDK_HOST/$SDK_PATH/sha256sums.asc" -fs -o sha256sums.asc || true
             curl "https://$SDK_HOST/$SDK_PATH/sha256sums.sig" -fs -o sha256sums.sig || true
             if [ ! -f sha256sums.asc ] && [ ! -f sha256sums.sig ]; then
                 echo_red "Missing sha256sums signature files"
                 exit 1
             fi
             [ ! -f sha256sums.asc ] || gpg --with-fingerprint --verify sha256sums.asc sha256sums
             if [ -f sha256sums.sig ]; then
                 VERIFIED=
                 for KEY in ~/usign/*; do
                     echo "Trying $KEY..."
                     if signify-openbsd -V -q -p "$KEY" -x sha256sums.sig -m sha256sums; then
                         echo "...verified"
                         VERIFIED=1
                         break
                     fi
                 done
                 if [ -z "$VERIFIED" ]; then
                     echo_red "Could not verify usign signature"
                     exit 1
                 fi
             fi
             rsync -av "$SDK_HOST::downloads/$SDK_PATH/$SDK_FILE" .
             sha256sum -c --ignore-missing sha256sums

      - run:
          name: Prepare build_dir
          working_directory: ~/build_dir
          command: |
             tar Jxf ~/sdk/$SDK_FILE --strip=1
             touch .config
             make prepare-tmpinfo scripts/config/conf
             ./scripts/config/conf --defconfig=.config Config.in
             make prereq
             rm .config
             cat > feeds.conf <<EOF
             src-git base https://github.com/openwrt/openwrt.git;$BRANCH
             src-link packages $HOME/openwrt_packages
             src-git luci https://github.com/openwrt/luci.git;$BRANCH
             EOF
             cat feeds.conf
             ./scripts/feeds update -a > /dev/null
             make defconfig > /dev/null
             # enable BUILD_LOG
             sed -i 's/# CONFIG_BUILD_LOG is not set/CONFIG_BUILD_LOG=y/' .config

      - run:
          name: Install & download source, check package, compile
          working_directory: ~/build_dir
          command: |
             set +o pipefail
             PKGS=$(cd ~/openwrt_packages; git diff --diff-filter=d --name-only "origin/$BRANCH..." | grep 'Makefile$' | grep -Ev '/files/|/src/' | awk -F/ '{ print $(NF-1) }')
             if [ -z "$PKGS" ] ; then
                 echo_blue "WARNING: No new or modified packages found!"
                 exit 0
             fi

             echo_blue "=== Found new/modified packages: $PKGS"
             for PKG in $PKGS ; do
                 echo_blue "===+ Install: $PKG"
                 ./scripts/feeds install "$PKG"

                 echo_blue "===+ Download: $PKG"
                 make "package/$PKG/download" V=s

                 echo_blue "===+ Check package: $PKG"
                 make "package/$PKG/check" V=s 2>&1 | tee logtmp
                 RET=${PIPESTATUS[0]}

                 if [ $RET -ne 0 ]; then
                     echo_red   "=> Package check failed: $RET)"
                     exit $RET
                 fi

                 badhash_msg="HASH does not match "
                 badhash_msg+="|HASH uses deprecated hash,"
                 badhash_msg+="|HASH is missing,"
                 if grep -qE "$badhash_msg" logtmp; then
                     echo_red   "=> Package HASH check failed"
                     exit 1
                 fi
                 echo_green "=> Package check OK"
             done

             make \
                 -f .config \
                 -f tmp/.packagedeps \
                 -f <(echo '$(info $(sort $(package-y) $(package-m)))'; echo -en 'a:\n\t@:') \
              | tr ' ' '\n' >enabled-package-subdirs.txt
             for PKG in $PKGS ; do
                 if ! grep -m1 -qE "(^|/)$PKG$" enabled-package-subdirs.txt; then
                        echo_red "===+ Building: $PKG skipped. It cannot be enabled with $SDK_FILE"
                        continue
                 fi
                 echo_blue "===+ Building: $PKG"
                 make "package/$PKG/compile" -j3 V=s || {
                        RET=$?
                        echo_red "===+ Building: $PKG failed, rebuilding with -j1 for human readable error log"
                        make "package/$PKG/compile" -j1 V=s; exit $RET
                 }
             done

      - store_artifacts:
          path: ~/build_dir/logs

      - store_artifacts:
          path: ~/build_dir/bin

workflows:
  version: 2
  buildpr:
    jobs:
      - build:
          filters:
            branches:
              ignore: master