bstein/lesavka
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

ci(lesavka): run safe gate in one exec

Browse Source
This commit is contained in:
Brad Stein 2026-05-18 11:02:18 -03:00
parent ff9504d55e
commit a9ca599bc3
1 changed files with 98 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

109
Jenkinsfile vendored
View File

@ -76,6 +76,9 @@ spec:
}
stage('Bootstrap CI Toolchain') {
when {
expression { return params.LESAVKA_CI_PROFILE != 'safe' }
}
steps {
container('rust-ci') {
sh '''
@ -113,6 +116,90 @@ spec:
}
}
stage('Safe Gate (Single Exec)') {
when {
expression { return params.LESAVKA_CI_PROFILE == 'safe' }
}
steps {
container('rust-ci') {
sh '''
set -eu
apt-get update
DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
python3 \
build-essential \
curl \
file \
git \
clang \
llvm \
pkg-config \
libssl-dev \
ca-certificates \
libgstreamer1.0-dev \
libgstreamer-plugins-base1.0-dev \
gstreamer1.0-tools \
gstreamer1.0-plugins-base \
gstreamer1.0-plugins-good \
gstreamer1.0-plugins-bad \
gstreamer1.0-plugins-ugly \
gstreamer1.0-libav \
protobuf-compiler \
libpango1.0-dev \
libcairo2-dev \
libgdk-pixbuf-2.0-dev \
libgtk-4-dev
rm -rf /var/lib/apt/lists/*
rustup component add rustfmt llvm-tools-preview clippy
git config --global --add safe.directory "$WORKSPACE"
overall_rc=0
run_gate() {
name="$1"
shift
printf '\\n== %s ==\\n' "$name"
if "$@"; then
return 0
else
rc=$?
printf 'gate failed: %s (rc=%s)\\n' "$name" "$rc" >&2
overall_rc=1
fi
}
export QUALITY_GATE_PUSHGATEWAY_URL="${QUALITY_GATE_PUSHGATEWAY_URL}"
run_gate "style/docs/loc/naming" scripts/ci/hygiene_gate.sh
run_gate "tests" scripts/ci/test_gate.sh
if ! cargo llvm-cov --version >/dev/null 2>&1; then
if ! cargo install --locked cargo-llvm-cov; then
overall_rc=1
fi
fi
run_gate "coverage" scripts/ci/quality_gate.sh
run_gate "performance" scripts/ci/performance_gate.sh
run_gate "media reliability" scripts/ci/media_reliability_gate.sh
if [ "${RUN_DISRUPTIVE_INPUT_TESTS}" = "true" ]; then
run_gate "input transport" env LESAVKA_ALLOW_DISRUPTIVE_INPUT_TESTS=1 scripts/ci/input_transport_gate.sh
fi
if [ "${RUN_LAB_HARDWARE_GATES}" = "true" ] || [ "${LESAVKA_CI_PROFILE}" = "lab" ]; then
run_gate "bare-metal lab" env LESAVKA_ALLOW_LAB_HARDWARE_TESTS=1 scripts/ci/baremetal_lab_gate.sh
fi
run_gate "gate glue" scripts/ci/gate_glue_gate.sh
run_gate "sonarqube" scripts/ci/sonarqube_gate.sh
run_gate "build dist" scripts/ci/build-dist.sh
run_gate "supply chain" scripts/ci/supply_chain_gate.sh
exit "$overall_rc"
'''
}
}
}
stage('Daily Master Gate') {
when {
expression { return params.LESAVKA_CI_PROFILE == 'daily' }
@ -128,7 +215,7 @@ spec:
stage('Style Docs LOC Naming') {
when {
expression { return params.LESAVKA_CI_PROFILE != 'daily' }
expression { return params.LESAVKA_CI_PROFILE != 'daily' && params.LESAVKA_CI_PROFILE != 'safe' }
}
steps {
container('rust-ci') {
@ -141,7 +228,7 @@ spec:
stage('Tests') {
when {
expression { return params.LESAVKA_CI_PROFILE != 'daily' }
expression { return params.LESAVKA_CI_PROFILE != 'daily' && params.LESAVKA_CI_PROFILE != 'safe' }
}
steps {
container('rust-ci') {
@ -154,7 +241,7 @@ spec:
stage('Coverage') {
when {
expression { return params.LESAVKA_CI_PROFILE != 'daily' }
expression { return params.LESAVKA_CI_PROFILE != 'daily' && params.LESAVKA_CI_PROFILE != 'safe' }
}
steps {
container('rust-ci') {
@ -173,7 +260,7 @@ spec:
stage('Performance') {
when {
expression { return params.LESAVKA_CI_PROFILE != 'daily' }
expression { return params.LESAVKA_CI_PROFILE != 'daily' && params.LESAVKA_CI_PROFILE != 'safe' }
}
steps {
container('rust-ci') {
@ -186,7 +273,7 @@ spec:
stage('Media Reliability') {
when {
expression { return params.LESAVKA_CI_PROFILE != 'daily' }
expression { return params.LESAVKA_CI_PROFILE != 'daily' && params.LESAVKA_CI_PROFILE != 'safe' }
}
steps {
container('rust-ci') {
@ -199,7 +286,7 @@ spec:
stage('Input Transport (Isolated Opt-In)') {
when {
expression { return params.RUN_DISRUPTIVE_INPUT_TESTS }
expression { return params.RUN_DISRUPTIVE_INPUT_TESTS && params.LESAVKA_CI_PROFILE != 'safe' }
}
steps {
container('rust-ci') {
@ -212,7 +299,7 @@ spec:
stage('Bare-Metal Lab Gates (Opt-In)') {
when {
expression { return params.RUN_LAB_HARDWARE_GATES || params.LESAVKA_CI_PROFILE == 'lab' }
expression { return (params.RUN_LAB_HARDWARE_GATES || params.LESAVKA_CI_PROFILE == 'lab') && params.LESAVKA_CI_PROFILE != 'safe' }
}
steps {
container('rust-ci') {
@ -225,7 +312,7 @@ spec:
stage('Gate Glue') {
when {
expression { return params.LESAVKA_CI_PROFILE != 'daily' }
expression { return params.LESAVKA_CI_PROFILE != 'daily' && params.LESAVKA_CI_PROFILE != 'safe' }
}
steps {
container('rust-ci') {
@ -238,7 +325,7 @@ spec:
stage('SonarQube') {
when {
expression { return params.LESAVKA_CI_PROFILE != 'daily' }
expression { return params.LESAVKA_CI_PROFILE != 'daily' && params.LESAVKA_CI_PROFILE != 'safe' }
}
steps {
container('rust-ci') {
@ -251,7 +338,7 @@ spec:
stage('Build Dist') {
when {
expression { return params.LESAVKA_CI_PROFILE != 'daily' }
expression { return params.LESAVKA_CI_PROFILE != 'daily' && params.LESAVKA_CI_PROFILE != 'safe' }
}
steps {
container('rust-ci') {
@ -264,7 +351,7 @@ spec:
stage('Supply Chain Artifact Security') {
when {
expression { return params.LESAVKA_CI_PROFILE != 'daily' }
expression { return params.LESAVKA_CI_PROFILE != 'daily' && params.LESAVKA_CI_PROFILE != 'safe' }
}
steps {
container('rust-ci') {