summaryrefslogtreecommitdiff
path: root/.azure-pipelines.yml
blob: 0be317b388674213be6549a4638d4e8f520c4c95 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
variables:
  windows_vm: windows-2019
  ubuntu_vm: ubuntu-22.04
  macos_vm: macOS-12
  ci_runner_image: trini/u-boot-gitlab-ci-runner:jammy-20230624-20Jul2023
  # Add '-u 0' options for Azure pipelines, otherwise we get "permission
  # denied" error when it tries to "useradd -m -u 1001 vsts_azpcontainer",
  # since our $(ci_runner_image) user is not root.
  container_option: -u 0
  work_dir: /u

stages:
- stage: testsuites
  jobs:
  - job: tools_only_windows
    displayName: 'Ensure host tools build for Windows'
    pool:
      vmImage: $(windows_vm)
    steps:
      - powershell: |
          (New-Object Net.WebClient).DownloadFile("https://github.com/msys2/msys2-installer/releases/download/2021-06-04/msys2-base-x86_64-20210604.sfx.exe", "sfx.exe")
        displayName: 'Install MSYS2'
      - script: |
          sfx.exe -y -o%CD:~0,2%\
          %CD:~0,2%\msys64\usr\bin\bash -lc " "
          %CD:~0,2%\msys64\usr\bin\bash -lc "pacman --noconfirm -Syuu"
          %CD:~0,2%\msys64\usr\bin\bash -lc "pacman --noconfirm -Syuu"
        displayName: 'Update MSYS2'
      - script: |
          %CD:~0,2%\msys64\usr\bin\bash -lc "pacman --noconfirm --needed -Sy make gcc bison flex diffutils openssl-devel libgnutls-devel libutil-linux-devel"
        displayName: 'Install Toolchain'
      - script: |
          echo make tools-only_defconfig tools-only > build-tools.sh
          %CD:~0,2%\msys64\usr\bin\bash -lc "bash build-tools.sh"
        displayName: 'Build Host Tools'
        env:
          # Tell MSYS2 we need a POSIX emulation layer
          MSYSTEM: MSYS
          # Tell MSYS2 not to ‘cd’ our startup directory to HOME
          CHERE_INVOKING: yes

  - job: tools_only_macOS
    displayName: 'Ensure host tools build for macOS X'
    pool:
      vmImage: $(macos_vm)
    steps:
      - script: brew install make ossp-uuid
        displayName: Brew install dependencies
      - script: |
          gmake tools-only_config tools-only \
            HOSTCFLAGS="-I/usr/local/opt/openssl@1.1/include" \
            HOSTLDFLAGS="-L/usr/local/opt/openssl@1.1/lib" \
            -j$(sysctl -n hw.logicalcpu)
        displayName: 'Perform tools-only build'

  - job: check_for_new_CONFIG_symbols_outside_Kconfig
    displayName: 'Check for new CONFIG symbols outside Kconfig'
    pool:
      vmImage: $(ubuntu_vm)
    container:
      image: $(ci_runner_image)
      options: $(container_option)
    steps:
      # If grep succeeds and finds a match the test fails as we should
      # have no matches.
      - script: git grep -E '^#[[:blank:]]*(define|undef)[[:blank:]]*CONFIG_'
                  :^doc/ :^arch/arm/dts/ :^scripts/kconfig/lkc.h
                  :^include/linux/kconfig.h :^tools/ && exit 1 || exit 0

  - job: cppcheck
    displayName: 'Static code analysis with cppcheck'
    pool:
      vmImage: $(ubuntu_vm)
    container:
      image: $(ci_runner_image)
      options: $(container_option)
    steps:
      - script: cppcheck -j$(nproc) --force --quiet --inline-suppr .

  - job: docs
    displayName: 'Build documentation'
    pool:
      vmImage: $(ubuntu_vm)
    container:
      image: $(ci_runner_image)
      options: $(container_option)
    steps:
      - script: |
          virtualenv -p /usr/bin/python3 /tmp/venvhtml
          . /tmp/venvhtml/bin/activate
          pip install -r doc/sphinx/requirements.txt
          make htmldocs KDOC_WERROR=1
          make infodocs

  - job: todo
    displayName: 'Search for TODO within source tree'
    pool:
      vmImage: $(ubuntu_vm)
    container:
      image: $(ci_runner_image)
      options: $(container_option)
    steps:
      - script: grep -r TODO .
      - script: grep -r FIXME .
      - script: grep -r HACK . | grep -v HACKKIT

  - job: sloccount
    displayName: 'Some statistics about the code base'
    pool:
      vmImage: $(ubuntu_vm)
    container:
      image: $(ci_runner_image)
      options: $(container_option)
    steps:
      - script: sloccount .

  - job: maintainers
    displayName: 'Ensure all configs have MAINTAINERS entries'
    pool:
      vmImage: $(ubuntu_vm)
    container:
      image: $(ci_runner_image)
      options: $(container_option)
    steps:
      - script: |
          ./tools/buildman/buildman --maintainer-check || exit 0

  - job: tools_only
    displayName: 'Ensure host tools build'
    pool:
      vmImage: $(ubuntu_vm)
    container:
      image: $(ci_runner_image)
      options: $(container_option)
    steps:
      - script: |
          make tools-only_config tools-only -j$(nproc)

  - job: envtools
    displayName: 'Ensure env tools build'
    pool:
      vmImage: $(ubuntu_vm)
    container:
      image: $(ci_runner_image)
      options: $(container_option)
    steps:
      - script: |
          make tools-only_config envtools -j$(nproc)

  - job: utils
    displayName: 'Run binman, buildman, dtoc, Kconfig and patman testsuites'
    pool:
      vmImage: $(ubuntu_vm)
    steps:
      - script: |
          cat << "EOF" > build.sh
          cd $(work_dir)
          git config --global user.name "Azure Pipelines"
          git config --global user.email bmeng.cn@gmail.com
          git config --global --add safe.directory $(work_dir)
          export USER=azure
          virtualenv -p /usr/bin/python3 /tmp/venv
          . /tmp/venv/bin/activate
          pip install -r test/py/requirements.txt
          pip install -r tools/buildman/requirements.txt
          export UBOOT_TRAVIS_BUILD_DIR=/tmp/tools-only
          export PYTHONPATH=${UBOOT_TRAVIS_BUILD_DIR}/scripts/dtc/pylibfdt
          export PATH=${UBOOT_TRAVIS_BUILD_DIR}/scripts/dtc:${PATH}
          ./tools/buildman/buildman -T0 -o ${UBOOT_TRAVIS_BUILD_DIR} -w --board tools-only
          set -ex
          ./tools/binman/binman --toolpath ${UBOOT_TRAVIS_BUILD_DIR}/tools test
          ./tools/buildman/buildman -t
          ./tools/dtoc/dtoc -t
          ./tools/patman/patman test
          make O=${UBOOT_TRAVIS_BUILD_DIR} testconfig
          EOF
          cat build.sh
          # We cannot use "container" like other jobs above, as buildman
          # seems to hang forever with pre-configured "container" environment
          docker run -v $PWD:$(work_dir) $(ci_runner_image) /bin/bash $(work_dir)/build.sh

  - job: nokia_rx51_test
    displayName: 'Run tests for Nokia RX-51 (aka N900)'
    pool:
      vmImage: $(ubuntu_vm)
    container:
      image: $(ci_runner_image)
      options: $(container_option)
    steps:
      - script: |
          mkdir nokia_rx51_tmp
          ln -s /opt/nokia/u-boot-gen-combined nokia_rx51_tmp/
          ln -s /opt/nokia/qemu-n900.tar.gz nokia_rx51_tmp/
          ln -s /opt/nokia/kernel_2.6.28-20103103+0m5_armel.deb nokia_rx51_tmp/
          ln -s /opt/nokia/libc6_2.5.1-1eglibc27+0m5_armel.deb nokia_rx51_tmp/
          ln -s /opt/nokia/busybox_1.10.2.legal-1osso30+0m5_armel.deb nokia_rx51_tmp/
          ln -s /opt/nokia/qemu-system-arm nokia_rx51_tmp/
          export PATH=/opt/gcc-13.1.0-nolibc/arm-linux-gnueabi/bin:$PATH
          test/nokia_rx51_test.sh

  - job: pylint
    displayName: Check for any pylint regressions
    pool:
      vmImage: $(ubuntu_vm)
    container:
      image: $(ci_runner_image)
      options: $(container_option)
    steps:
      - script: |
          git config --global --add safe.directory $(work_dir)
          export USER=azure
          pip install -r test/py/requirements.txt
          pip install -r tools/buildman/requirements.txt
          pip install asteval pylint==2.12.2 pyopenssl
          export PATH=${PATH}:~/.local/bin
          echo "[MASTER]" >> .pylintrc
          echo "load-plugins=pylint.extensions.docparams" >> .pylintrc
          export UBOOT_TRAVIS_BUILD_DIR=/tmp/tools-only
          ./tools/buildman/buildman -T0 -o ${UBOOT_TRAVIS_BUILD_DIR} -w --board tools-only
          set -ex
          pylint --version
          export PYTHONPATH=${UBOOT_TRAVIS_BUILD_DIR}/scripts/dtc/pylibfdt
          make pylint_err

  - job: check_for_pre_schema_tags
    displayName: 'Check for pre-schema driver model tags'
    pool:
      vmImage: $(ubuntu_vm)
    container:
      image: $(ci_runner_image)
      options: $(container_option)
    steps:
      # If grep succeeds and finds a match the test fails as we should
      # have no matches.
      - script: git grep u-boot,dm- -- '*.dts*' && exit 1 || exit 0

  - job: check_packing_of_python_tools
    displayName: 'Check we can package the Python tools'
    pool:
      vmImage: $(ubuntu_vm)
    container:
      image: $(ci_runner_image)
      options: $(container_option)
    steps:
      - script: make pip

- stage: test_py
  jobs:
  - job: test_py
    displayName: 'test.py'
    pool:
      vmImage: $(ubuntu_vm)
    strategy:
      matrix:
        sandbox:
          TEST_PY_BD: "sandbox"
        sandbox_clang:
          TEST_PY_BD: "sandbox"
          OVERRIDE: "-O clang-16"
        sandbox_nolto:
          TEST_PY_BD: "sandbox"
          BUILD_ENV: "NO_LTO=1"
        sandbox_spl:
          TEST_PY_BD: "sandbox_spl"
          TEST_PY_TEST_SPEC: "test_ofplatdata or test_handoff or test_spl"
        sandbox_vpl:
          TEST_PY_BD: "sandbox_vpl"
          TEST_PY_TEST_SPEC: "vpl or test_spl"
        sandbox_noinst:
          TEST_PY_BD: "sandbox_noinst"
          TEST_PY_TEST_SPEC: "test_ofplatdata or test_handoff or test_spl"
        sandbox_flattree:
          TEST_PY_BD: "sandbox_flattree"
        sandbox_trace:
          TEST_PY_BD: "sandbox"
          BUILD_ENV: "FTRACE=1 NO_LTO=1"
          TEST_PY_TEST_SPEC: "trace"
          OVERRIDE: "-a CONFIG_TRACE=y -a CONFIG_TRACE_EARLY=y -a CONFIG_TRACE_EARLY_SIZE=0x01000000"
        coreboot:
          TEST_PY_BD: "coreboot"
          TEST_PY_ID: "--id qemu"
          TEST_PY_TEST_SPEC: "not sleep"
        evb_ast2500:
          TEST_PY_BD: "evb-ast2500"
          TEST_PY_ID: "--id qemu"
        evb_ast2600:
          TEST_PY_BD: "evb-ast2600"
          TEST_PY_ID: "--id qemu"
        vexpress_ca9x4:
          TEST_PY_BD: "vexpress_ca9x4"
          TEST_PY_ID: "--id qemu"
        integratorcp_cm926ejs:
          TEST_PY_BD: "integratorcp_cm926ejs"
          TEST_PY_ID: "--id qemu"
          TEST_PY_TEST_SPEC: "not sleep"
        qemu_arm:
          TEST_PY_BD: "qemu_arm"
          TEST_PY_TEST_SPEC: "not sleep"
        qemu_arm64:
          TEST_PY_BD: "qemu_arm64"
          TEST_PY_TEST_SPEC: "not sleep"
        qemu_m68k:
          TEST_PY_BD: "M5208EVBE"
          TEST_PY_ID: "--id qemu"
          TEST_PY_TEST_SPEC: "not sleep and not efi"
          OVERRIDE: "-a CONFIG_M68K_QEMU=y -a ~CONFIG_MCFTMR"
        qemu_malta:
          TEST_PY_BD: "malta"
          TEST_PY_ID: "--id qemu"
          TEST_PY_TEST_SPEC: "not sleep and not efi"
        qemu_maltael:
          TEST_PY_BD: "maltael"
          TEST_PY_ID: "--id qemu"
          TEST_PY_TEST_SPEC: "not sleep and not efi"
        qemu_malta64:
          TEST_PY_BD: "malta64"
          TEST_PY_ID: "--id qemu"
          TEST_PY_TEST_SPEC: "not sleep and not efi"
        qemu_malta64el:
          TEST_PY_BD: "malta64el"
          TEST_PY_ID: "--id qemu"
          TEST_PY_TEST_SPEC: "not sleep and not efi"
        qemu_ppce500:
          TEST_PY_BD: "qemu-ppce500"
          TEST_PY_TEST_SPEC: "not sleep"
        qemu_riscv32:
          TEST_PY_BD: "qemu-riscv32"
          TEST_PY_TEST_SPEC: "not sleep"
        qemu_riscv64:
          TEST_PY_BD: "qemu-riscv64"
          TEST_PY_TEST_SPEC: "not sleep"
        qemu_riscv32_spl:
          TEST_PY_BD: "qemu-riscv32_spl"
          TEST_PY_TEST_SPEC: "not sleep"
        qemu_riscv64_spl:
          TEST_PY_BD: "qemu-riscv64_spl"
          TEST_PY_TEST_SPEC: "not sleep"
        qemu_x86:
          TEST_PY_BD: "qemu-x86"
          TEST_PY_TEST_SPEC: "not sleep"
        qemu_x86_64:
          TEST_PY_BD: "qemu-x86_64"
          TEST_PY_TEST_SPEC: "not sleep"
        r2dplus_i82557c:
          TEST_PY_BD: "r2dplus"
          TEST_PY_ID: "--id i82557c_qemu"
        r2dplus_pcnet:
          TEST_PY_BD: "r2dplus"
          TEST_PY_ID: "--id pcnet_qemu"
        r2dplus_rtl8139:
          TEST_PY_BD: "r2dplus"
          TEST_PY_ID: "--id rtl8139_qemu"
        r2dplus_tulip:
          TEST_PY_BD: "r2dplus"
          TEST_PY_ID: "--id tulip_qemu"
        sifive_unleashed_sdcard:
          TEST_PY_BD: "sifive_unleashed"
          TEST_PY_ID: "--id sdcard_qemu"
        sifive_unleashed_spi-nor:
          TEST_PY_BD: "sifive_unleashed"
          TEST_PY_ID: "--id spi-nor_qemu"
        xilinx_zynq_virt:
          TEST_PY_BD: "xilinx_zynq_virt"
          TEST_PY_ID: "--id qemu"
          TEST_PY_TEST_SPEC: "not sleep"
        xilinx_versal_virt:
          TEST_PY_BD: "xilinx_versal_virt"
          TEST_PY_ID: "--id qemu"
          TEST_PY_TEST_SPEC: "not sleep"
        xtfpga:
          TEST_PY_BD: "xtfpga"
          TEST_PY_ID: "--id qemu"
          TEST_PY_TEST_SPEC: "not sleep"
    steps:
      - script: |
          cat << EOF > test.sh
          set -ex
          # make environment variables available as tests are running inside a container
          export WORK_DIR="${WORK_DIR}"
          export TEST_PY_BD="${TEST_PY_BD}"
          export TEST_PY_ID="${TEST_PY_ID}"
          export TEST_PY_TEST_SPEC="${TEST_PY_TEST_SPEC}"
          export OVERRIDE="${OVERRIDE}"
          export BUILD_ENV="${BUILD_ENV}"
          EOF
          cat << "EOF" >> test.sh
          # the below corresponds to .gitlab-ci.yml "before_script"
          cd ${WORK_DIR}
          git config --global --add safe.directory ${WORK_DIR}
          git clone --depth=1 https://source.denx.de/u-boot/u-boot-test-hooks /tmp/uboot-test-hooks
          ln -s travis-ci /tmp/uboot-test-hooks/bin/`hostname`
          ln -s travis-ci /tmp/uboot-test-hooks/py/`hostname`
          grub-mkimage --prefix=\"\" -o ~/grub_x86.efi -O i386-efi normal  echo lsefimmap lsefi lsefisystab efinet tftp minicmd
          grub-mkimage --prefix=\"\" -o ~/grub_x64.efi -O x86_64-efi normal  echo lsefimmap lsefi lsefisystab efinet tftp minicmd
          if [[ "${TEST_PY_BD}" == "qemu-riscv32_spl" ]]; then
              wget -O - https://github.com/riscv-software-src/opensbi/releases/download/v1.2/opensbi-1.2-rv-bin.tar.xz | tar -C /tmp -xJ;
              export OPENSBI=/tmp/opensbi-1.2-rv-bin/share/opensbi/ilp32/generic/firmware/fw_dynamic.bin;
          fi
          if [[ "${TEST_PY_BD}" == "qemu-riscv64_spl" ]] || [[ "${TEST_PY_BD}" == "sifive_unleashed" ]]; then
              wget -O - https://github.com/riscv-software-src/opensbi/releases/download/v1.2/opensbi-1.2-rv-bin.tar.xz | tar -C /tmp -xJ;
              export OPENSBI=/tmp/opensbi-1.2-rv-bin/share/opensbi/lp64/generic/firmware/fw_dynamic.bin;
          fi
          # the below corresponds to .gitlab-ci.yml "script"
          cd ${WORK_DIR}
          export UBOOT_TRAVIS_BUILD_DIR=/tmp/${TEST_PY_BD};
          if [ -n "${BUILD_ENV}" ]; then
              export ${BUILD_ENV};
          fi
          pip install -r tools/buildman/requirements.txt
          tools/buildman/buildman -o ${UBOOT_TRAVIS_BUILD_DIR} -w -E -W -e --board ${TEST_PY_BD} ${OVERRIDE}
          cp ~/grub_x86.efi ${UBOOT_TRAVIS_BUILD_DIR}/
          cp ~/grub_x64.efi ${UBOOT_TRAVIS_BUILD_DIR}/
          cp /opt/grub/grubriscv64.efi ${UBOOT_TRAVIS_BUILD_DIR}/grub_riscv64.efi
          cp /opt/grub/grubaa64.efi ${UBOOT_TRAVIS_BUILD_DIR}/grub_arm64.efi
          cp /opt/grub/grubarm.efi ${UBOOT_TRAVIS_BUILD_DIR}/grub_arm.efi
          # create sdcard / spi-nor images for sifive unleashed using genimage
          if [[ "${TEST_PY_BD}" == "sifive_unleashed" ]]; then
              mkdir -p root;
              cp ${UBOOT_TRAVIS_BUILD_DIR}/spl/u-boot-spl.bin .;
              cp ${UBOOT_TRAVIS_BUILD_DIR}/u-boot.itb .;
              rm -rf tmp;
              genimage --inputpath . --config board/sifive/unleashed/genimage_sdcard.cfg;
              cp images/sdcard.img ${UBOOT_TRAVIS_BUILD_DIR}/;
              rm -rf tmp;
              genimage --inputpath . --config board/sifive/unleashed/genimage_spi-nor.cfg;
              cp images/spi-nor.img ${UBOOT_TRAVIS_BUILD_DIR}/;
          fi
          if [[ "${TEST_PY_BD}" == "coreboot" ]]; then
              wget -O - "https://drive.google.com/uc?id=1uJ2VkUQ8czWFZmhJQ90Tp8V_zrJ6BrBH&export=download" |xz -dc >${UBOOT_TRAVIS_BUILD_DIR}/coreboot.rom;
              wget -O - "https://drive.google.com/uc?id=149Cz-5SZXHNKpi9xg6R_5XITWohu348y&export=download" >cbfstool;
              chmod a+x cbfstool;
              ./cbfstool ${UBOOT_TRAVIS_BUILD_DIR}/coreboot.rom add-flat-binary -f ${UBOOT_TRAVIS_BUILD_DIR}/u-boot.bin -n fallback/payload -c LZMA -l 0x1110000 -e 0x1110000;
          fi
          virtualenv -p /usr/bin/python3 /tmp/venv
          . /tmp/venv/bin/activate
          pip install -r test/py/requirements.txt
          pip install pytest-azurepipelines
          export PATH=/opt/qemu/bin:/tmp/uboot-test-hooks/bin:${PATH};
          export PYTHONPATH=/tmp/uboot-test-hooks/py/travis-ci;
          # "${var:+"-k $var"}" expands to "" if $var is empty, "-k $var" if not
          ./test/py/test.py -ra -o cache_dir="$UBOOT_TRAVIS_BUILD_DIR"/.pytest_cache --bd ${TEST_PY_BD} ${TEST_PY_ID} ${TEST_PY_TEST_SPEC:+"-k ${TEST_PY_TEST_SPEC}"} --build-dir "$UBOOT_TRAVIS_BUILD_DIR" --report-dir "$UBOOT_TRAVIS_BUILD_DIR";
          # the below corresponds to .gitlab-ci.yml "after_script"
          rm -rf /tmp/uboot-test-hooks /tmp/venv
          EOF
          cat test.sh
          # make current directory writeable to uboot user inside the container
          # as sandbox testing need create files like spi flash images, etc.
          # (TODO: clean up this in the future)
          chmod 777 .
          # Filesystem tests need extra docker args to run
          set --
          if [[ "${TEST_PY_BD}" == "sandbox" ]]; then
              # mount -o loop needs the loop devices
              if modprobe loop; then
                  for d in $(find /dev -maxdepth 1 -name 'loop*'); do
                      set -- "$@" --device $d:$d
                  done
              fi
              # Needed for mount syscall (for guestmount as well)
              set -- "$@" --cap-add SYS_ADMIN
              # Default apparmor profile denies mounts
              set -- "$@" --security-opt apparmor=unconfined
          fi
          # Some tests using libguestfs-tools need the fuse device to run
          docker run "$@" --device /dev/fuse:/dev/fuse -v $PWD:$(work_dir) $(ci_runner_image) /bin/bash $(work_dir)/test.sh
        retryCountOnTaskFailure: 2 # QEMU may be too slow, etc.

- stage: world_build
  jobs:
  - job: build_the_world
    displayName: 'Build the World'
    pool:
      vmImage: $(ubuntu_vm)
    strategy:
      # Use almost the same target division in .travis.yml, only merged
      # 3 small build jobs (arc/microblaze/xtensa) into one.
      matrix:
        arc_nios2_m68k_microblaze_xtensa:
          BUILDMAN: "arc nios2 microblaze m68k xtensa"
        amlogic:
          BUILDMAN: "amlogic"
        arm11_arm7_arm920t_arm946es:
          BUILDMAN: "arm11 arm7 arm920t arm946es"
        arm926ejs:
          BUILDMAN: "arm926ejs -x freescale,siemens,at91,kirkwood,omap"
        at91_non_armv7:
          BUILDMAN: "at91 -x armv7"
        at91_non_arm926ejs:
          BUILDMAN: "at91 -x arm926ejs"
        boundary_engicam_toradex:
          BUILDMAN: "boundary engicam toradex"
        arm_bcm:
          BUILDMAN: "bcm -x mips"
        nxp_arm32:
          BUILDMAN: "freescale -x powerpc,m68k,aarch64,ls101,ls102,ls104,ls108,ls20,lx216"
        nxp_ls101x_ls108x:
          BUILDMAN: "freescale&ls101 freescale&ls108"
        nxp_ls102x:
          BUILDMAN: "freescale&ls102 -x keymile"
        nxp_ls104x:
          BUILDMAN: "freescale&ls104"
        nxp_ls20xx_lx216x:
          BUILDMAN: "freescale&ls20 freescale&lx216"
        imx6:
          BUILDMAN: "mx6 -x boundary,engicam,freescale,technexion,toradex"
        imx:
          BUILDMAN: "mx -x mx6,imx8,freescale,technexion,toradex"
        imx8_imx9:
          BUILDMAN: "imx8 imx9 -x engicam,technexion,toradex"
        keymiles_siemens_technexion:
          BUILDMAN: "keymile siemens technexion"
        keystone2_keystone3:
          BUILDMAN: "k2 k3 -x siemens,toradex"
        sandbox_asan:
          BUILDMAN: "sandbox"
          OVERRIDE: "-a ASAN"
        sandbox_clang_asan:
          BUILDMAN: "sandbox"
          OVERRIDE: "-O clang-16 -a ASAN"
        samsung_socfpga_renesas:
          BUILDMAN: "samsung socfpga renesas"
        sun4i_sun9i:
          BUILDMAN: "sun4i sun9i"
        sun5i_sun6i:
          BUILDMAN: "sun5i sun6i"
        sun7i:
          BUILDMAN: "sun7i"
        sun8i:
          BUILDMAN: "sun8i"
        sun50i:
          BUILDMAN: "sun50i"
        arm_catch_all:
          BUILDMAN: "arm -x arm11,arm7,arm9,aarch64,at91,bcm,freescale,kirkwood,mvebu,renesas,siemens,tegra,uniphier,mx,samsung,sunxi,am33xx,omap,toradex,socfpga,k2,k3,zynq"
        sandbox_x86:
          BUILDMAN: "sandbox x86"
        kirkwood_mvebu_uniphier:
          BUILDMAN: "kirkwood mvebu uniphier"
        mips:
          BUILDMAN: "mips"
        powerpc:
          BUILDMAN: "powerpc -x keymile"
        tegra:
          BUILDMAN: "tegra -x toradex"
        am33xx_omap:
          BUILDMAN: "am33xx omap -x siemens"
        aarch64_catch_all:
          BUILDMAN: "aarch64 -x amlogic,bcm,imx8,imx9,k3,tegra,ls1,ls2,lx216,mvebu,uniphier,renesas,sunxi,samsung,socfpga,rk,versal,zynq"
        rk_non_rockchip_64bit:
          BUILDMAN: "rk&aarch64 -x rockchip"
        rk_rockchip_64bit:
          BUILDMAN: "rk&aarch64&rockchip"
        zynq_zynqmp_versal:
          BUILDMAN: "zynq&armv7 versal zynqmp&aarch64"
        riscv:
          BUILDMAN: "riscv"
    steps:
      - script: |
          cat << EOF > build.sh
          set -ex
          cd ${WORK_DIR}
          # make environment variables available as tests are running inside a container
          export BUILDMAN="${BUILDMAN}"
          git config --global --add safe.directory ${WORK_DIR}
          pip install -r tools/buildman/requirements.txt
          EOF
          cat << "EOF" >> build.sh
          if [[ "${BUILDMAN}" != "" ]]; then
              ret=0;
              tools/buildman/buildman -o /tmp -PEWM ${BUILDMAN} ${OVERRIDE} || ret=$?;
              if [[ $ret -ne 0 ]]; then
                  tools/buildman/buildman -o /tmp -seP ${BUILDMAN};
                  exit $ret;
              fi;
          fi
          EOF
          cat build.sh
          docker run -v $PWD:$(work_dir) $(ci_runner_image) /bin/bash $(work_dir)/build.sh