Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge NSS trunk to NSS_TLS13_DRAFT19_BRANCH
--HG-- branch : NSS_TLS13_DRAFT19_BRANCH rename : automation/taskcluster/docker/bin/checkout.sh => automation/taskcluster/docker-hacl/bin/checkout.sh extra : rebase_source : 539f7521c7deb8f828cc1fbef51051568deedccb
- Loading branch information
Showing
143 changed files
with
9,853 additions
and
2,194 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1 @@ | ||
NSS_3_32_BRANCH | ||
NSS_3_33_BRANCH |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,30 @@ | ||
FROM ubuntu:14.04 | ||
MAINTAINER Tim Taubert <ttaubert@mozilla.com> | ||
|
||
RUN useradd -d /home/worker -s /bin/bash -m worker | ||
WORKDIR /home/worker | ||
|
||
# Add build and test scripts. | ||
ADD bin /home/worker/bin | ||
RUN chmod +x /home/worker/bin/* | ||
|
||
# Install dependencies. | ||
ADD setup.sh /tmp/setup.sh | ||
RUN bash /tmp/setup.sh | ||
|
||
# Change user. | ||
USER worker | ||
|
||
# Env variables. | ||
ENV HOME /home/worker | ||
ENV SHELL /bin/bash | ||
ENV USER worker | ||
ENV LOGNAME worker | ||
ENV HOSTNAME taskcluster-worker | ||
ENV LANG en_US.UTF-8 | ||
ENV LC_ALL en_US.UTF-8 | ||
ENV HOST localhost | ||
ENV DOMSUF localdomain | ||
|
||
# Set a default command for debugging. | ||
CMD ["/bin/bash", "--login"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
#!/usr/bin/env bash | ||
|
||
set -v -e -x | ||
|
||
if [ $(id -u) = 0 ]; then | ||
# Drop privileges by re-running this script. | ||
exec su worker $0 | ||
fi | ||
|
||
# Default values for testing. | ||
REVISION=${NSS_HEAD_REVISION:-default} | ||
REPOSITORY=${NSS_HEAD_REPOSITORY:-https://hg.mozilla.org/projects/nss} | ||
|
||
# Clone NSS. | ||
for i in 0 2 5; do | ||
sleep $i | ||
hg clone -r $REVISION $REPOSITORY nss && exit 0 | ||
rm -rf nss | ||
done | ||
exit 1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,30 @@ | ||
#!/usr/bin/env bash | ||
|
||
set -v -e -x | ||
|
||
# Update packages. | ||
export DEBIAN_FRONTEND=noninteractive | ||
apt-get -y update && apt-get -y upgrade | ||
|
||
apt_packages=() | ||
apt_packages+=('ca-certificates') | ||
apt_packages+=('g++-4.4') | ||
apt_packages+=('gcc-4.4') | ||
apt_packages+=('locales') | ||
apt_packages+=('make') | ||
apt_packages+=('mercurial') | ||
apt_packages+=('zlib1g-dev') | ||
|
||
# Install packages. | ||
apt-get -y update | ||
apt-get install -y --no-install-recommends ${apt_packages[@]} | ||
|
||
locale-gen en_US.UTF-8 | ||
dpkg-reconfigure locales | ||
|
||
# Cleanup. | ||
rm -rf ~/.ccache ~/.cache | ||
apt-get autoremove -y | ||
apt-get clean | ||
apt-get autoclean | ||
rm $0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,70 @@ | ||
FROM ubuntu:xenial | ||
|
||
MAINTAINER Franziskus Kiefer <franziskuskiefer@gmail.com> | ||
# Based on the HACL* image from Benjamin Beurdouche and | ||
# the original F* formula with Daniel Fabian | ||
|
||
# Pinned versions of HaCl* (F* and KreMLin are pinned as submodules) | ||
ENV haclrepo https://github.com/mitls/hacl-star.git | ||
|
||
# Define versions of dependencies | ||
ENV opamv 4.04.2 | ||
ENV z3v 4.5.1.1f29cebd4df6-x64-ubuntu-14.04 | ||
ENV haclversion 0030539598cde15d1a0e5f93b32e121f7b7b5a1c | ||
ENV haclbranch production-nss | ||
|
||
# Install required packages and set versions | ||
RUN apt-get -qq update | ||
RUN apt-get install --yes sudo libssl-dev libsqlite3-dev g++-5 gcc-5 m4 make opam pkg-config python libgmp3-dev cmake curl libtool-bin autoconf | ||
RUN update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-5 200 | ||
RUN update-alternatives --install /usr/bin/g++ g++ /usr/bin/g++-5 200 | ||
|
||
# Create user | ||
RUN useradd -ms /bin/bash worker | ||
RUN echo "worker ALL=(ALL:ALL) NOPASSWD:ALL" >> /etc/sudoers | ||
WORKDIR /home/worker | ||
|
||
# Add build and test scripts. | ||
ADD bin /home/worker/bin | ||
RUN chmod +x /home/worker/bin/* | ||
USER worker | ||
|
||
# Add "known-good" version of Z3 | ||
RUN curl -LO https://github.com/FStarLang/binaries/raw/master/z3-tested/z3-${z3v}.zip | ||
RUN unzip z3-${z3v}.zip | ||
RUN rm z3-${z3v}.zip | ||
RUN mv z3-${z3v} z3 | ||
ENV PATH "/home/worker/z3/bin:$PATH" | ||
|
||
# Prepare build (OCaml packages) | ||
ENV OPAMYES true | ||
RUN opam init | ||
RUN echo ". /home/worker/.opam/opam-init/init.sh > /dev/null 2> /dev/null || true" >> .bashrc | ||
RUN opam switch -v ${opamv} | ||
RUN opam install ocamlfind batteries sqlite3 fileutils yojson ppx_deriving_yojson zarith pprint menhir ulex process fix wasm stdint | ||
|
||
# Get the HaCl* code | ||
RUN git clone ${haclrepo} hacl-star | ||
RUN git -C hacl-star checkout ${haclversion} | ||
|
||
# Prepare submodules, and build, verify, test, and extract c code | ||
# This caches the extracted c code (pins the HaCl* version). All we need to do | ||
# on CI now is comparing the code in this docker image with the one in NSS. | ||
RUN opam config exec -- make -C hacl-star nss -j$(nproc) | ||
|
||
# Get clang-format-3.9 | ||
RUN curl -LO http://releases.llvm.org/3.9.1/clang+llvm-3.9.1-x86_64-linux-gnu-ubuntu-16.04.tar.xz | ||
RUN curl -LO http://releases.llvm.org/3.9.1/clang+llvm-3.9.1-x86_64-linux-gnu-ubuntu-16.04.tar.xz.sig | ||
# Verify the signature. | ||
RUN gpg --keyserver pool.sks-keyservers.net --recv-keys B6C8F98282B944E3B0D5C2530FC3042E345AD05D | ||
RUN gpg --verify *.tar.xz.sig | ||
# Install into /usr/local/. | ||
RUN sudo tar xJvf *.tar.xz -C /usr/local --strip-components=1 | ||
# Cleanup. | ||
RUN rm *.tar.xz* | ||
|
||
# Cleanup | ||
RUN rm -rf ~/.ccache ~/.cache | ||
RUN sudo apt-get autoremove -y | ||
RUN sudo apt-get clean | ||
RUN sudo apt-get autoclean |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
#!/usr/bin/env bash | ||
|
||
set -v -e -x | ||
|
||
if [ $(id -u) = 0 ]; then | ||
# Drop privileges by re-running this script. | ||
exec su worker $0 | ||
fi | ||
|
||
# Default values for testing. | ||
REVISION=${NSS_HEAD_REVISION:-default} | ||
REPOSITORY=${NSS_HEAD_REPOSITORY:-https://hg.mozilla.org/projects/nss} | ||
|
||
# Clone NSS. | ||
for i in 0 2 5; do | ||
sleep $i | ||
hg clone -r $REVISION $REPOSITORY nss && exit 0 | ||
rm -rf nss | ||
done | ||
exit 1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.