graphene/Jenkinsfiles/Linux-SGX-18.04

pipeline {
        agent {
            dockerfile { filename 'Jenkinsfiles/ubuntu-18.04.dockerfile'
                         label 'sgx_slave'
                         args "-v /lib/modules:/lib/modules:ro -v /usr/src:/usr/src:ro -v /var/run/aesmd/aesm.socket:/var/run/aesmd/aesm.socket --device=/dev/gsgx:/dev/gsgx --device=/dev/isgx:/dev/isgx"
                       }
        }
        stages {
                stage('Lint') {
                    steps {
                        sh '''
                            ./.ci/run-pylint -f text || :
                            ./.ci/run-pylint -f json | ./.ci/prfilter

                            ./.ci/run-shellcheck || :
                            ./.ci/run-shellcheck -f json | ./.ci/prfilter
                        '''
                    }
                }
                stage('Build') {
                    steps {
                        sh '''
                           ./Scripts/clean-check-prepare
                        '''
                        sh '''
                            cd Pal/src/host/Linux-SGX/signer/ && openssl genrsa -3 -out enclave-key.pem 3072
                        '''
                        sh '''
                           cd /opt/intel
                           git clone https://github.com/01org/linux-sgx-driver.git
                           cd linux-sgx-driver
                           git checkout sgx_driver_1.9
                           make
                        '''
                        sh '''
                            cd Pal/src/host/Linux-SGX/sgx-driver
                            ISGX_DRIVER_PATH=/opt/intel/linux-sgx-driver ISGX_DRIVER_VERSION=1.9 make
                        '''
                        sh '''
                            make -j 8 SGX=1 WERROR=1
                            make -j 8 SGX=1 WERROR=1 test
                        '''
                        sh '''
                            make SGX=1 sgx-tokens
                        '''
                    }
                }
                stage('Test') {
                    steps {
                        timeout(time: 15, unit: 'MINUTES') {
                            sh '''
                                cd Pal/regression
                                if [ "${ra_client_spid}" != "" ]; then \
                                    make clean SGX=1; \
                                    make SGX=1 RA_CLIENT_SPID=${ra_client_spid} \
                                        RA_CLIENT_KEY=${ra_client_key}; \
                                else \
                                    make SGX=1; \
                                fi
                                make SGX=1 all sgx-tokens
                                make SGX=1 KEEP_LOG=1 regression
                                '''
                        }
                        timeout(time: 15, unit: 'MINUTES') {
                            sh '''
                                cd LibOS/shim/test/regression
                                make SGX=1 all sgx-tokens
                                make SGX=1 regression
                            '''
                        }
                        timeout(time: 5, unit: 'MINUTES') {
                            sh '''
                                cd LibOS/shim/test/fs
                                make SGX=1 all sgx-tokens
                                make SGX=1 test
                            '''
                        }

                        // LTP is ignored under SGX because of random segfaults
                        sh '''
                            cd LibOS/shim/test/apps/ltp
                            make SGX=1 all sgx-tokens
                            make SGX=1 ltp-sgx.xml || :
                            '''
                        sh '''
                           # Workaround LTP bug (see https://github.com/linux-test-project/ltp/issues/560 for upstream fix):
                           git -C LibOS/shim/test/apps/ltp/src checkout -- utils/ffsb-6.0-rc2/config.h.in utils/ffsb-6.0-rc2/configure

                           ./Scripts/gitignore-test
                        '''
                        sh '''
                           cd "$(./Scripts/clean-check-test-copy)"

                           rm Pal/src/host/Linux-SGX/signer/enclave-key.pem
                           make SGX=1 distclean
                           make -C LibOS/shim/test/regression SGX=1 clean
                           make -C LibOS/shim/test/apps/ltp clean
                           # LTP's make clean is broken, see https://github.com/linux-test-project/ltp/issues/559
                           rm -rf /tmp/graphene-sgx-18.04.clean-check.clean/LibOS/shim/test/apps/ltp/src
                           rm -rf LibOS/shim/test/apps/ltp/src

                           ./Scripts/clean-check
                        '''
                    }
                    post {
                        always {
                            archiveArtifacts 'LibOS/shim/test/apps/ltp/ltp-sgx.xml'

                            junit 'Pal/regression/pal-regression.xml'
                            junit 'LibOS/shim/test/regression/libos-regression.xml'

                            // LTP is ignored under SGX because of random segfaults
                            //junit 'LibOS/shim/test/apps/ltp/ltp-sgx.xml'
                        }
                    }
                }
                stage('Deploy') {
                    steps {
                        sh 'echo Deploying code'
                    }
                }
        }
        post {
                success {
                        echo 'Deployment successful'
                }
                failure {
                        echo 'Failure while on the pipeline'
                }
                unstable {
                        echo 'Pipeline marked as "unstable"'
                }
        }
}