| # Copyright lowRISC contributors. |
| # Licensed under the Apache License, Version 2.0, see LICENSE for details. |
| # SPDX-License-Identifier: Apache-2.0 |
| # |
| # Azure Pipelines CI build configuration |
| # Documentation at https://aka.ms/yaml |
| |
| variables: |
| # |
| # If updating VERILATOR_VERSION, OPENOCD_VERSION, TOOLCHAIN_VERSION or RUST_VERSION |
| # update the definitions in util/container/Dockerfile as well. |
| # |
| VERILATOR_VERSION: 4.210 |
| OPENOCD_VERSION: 0.11.0 |
| TOOLCHAIN_PATH: /opt/buildcache/riscv |
| VERIBLE_VERSION: v0.0-2135-gb534c1fe |
| RUST_VERSION: 1.58.0 |
| # Release tag from https://github.com/lowRISC/lowrisc-toolchains/releases |
| TOOLCHAIN_VERSION: 20220210-1 |
| # This controls where builds happen, and gets picked up by build_consts.sh. |
| BUILD_ROOT: $(Build.ArtifactStagingDirectory) |
| VIVADO_VERSION: "2020.2" |
| |
| trigger: |
| batch: true |
| branches: |
| include: |
| - "*" |
| tags: |
| include: |
| - "*" |
| pr: |
| branches: |
| include: |
| - "*" |
| |
| jobs: |
| - job: lint |
| displayName: Run code quality checks (quick lint) |
| pool: |
| vmImage: ubuntu-18.04 |
| steps: |
| - bash: | |
| sudo apt-get remove -y clang-6.0 libclang-common-6.0-dev libclang1-6.0 libllvm6.0 |
| displayName: Remove existing Clang installation |
| - template: ci/install-package-dependencies.yml |
| ## !!! |
| ## |
| ## The steps below here are duplicated in ci/jobs/quick-lint.sh |
| ## to allow developers to "run CI" locally. Keep them in sync. |
| ## |
| ## !!! |
| - bash: ci/scripts/show-env.sh |
| displayName: Display environment information |
| - bash: ci/scripts/lint-commits.sh $SYSTEM_PULLREQUEST_TARGETBRANCH |
| condition: eq(variables['Build.Reason'], 'PullRequest') |
| displayName: Check commit metadata |
| - bash: ci/scripts/check-licence-headers.sh $SYSTEM_PULLREQUEST_TARGETBRANCH |
| condition: eq(variables['Build.Reason'], 'PullRequest') |
| displayName: Check Licence Headers |
| - bash: ci/scripts/exec-check.sh |
| condition: eq(variables['Build.Reason'], 'PullRequest') |
| displayName: Check executable bits |
| - bash: ci/scripts/check-ascii.sh |
| condition: eq(variables['Build.Reason'], 'PullRequest') |
| displayName: Check for non-ASCII characters in source code |
| - bash: ci/scripts/python-lint.sh $SYSTEM_PULLREQUEST_TARGETBRANCH |
| condition: eq(variables['Build.Reason'], 'PullRequest') |
| displayName: Run Python lint (flake8) |
| continueOnError: true |
| - bash: ci/scripts/mypy.sh |
| condition: eq(variables['Build.Reason'], 'PullRequest') |
| displayName: Run Python lint (mypy) |
| - bash: ci/scripts/check-generated.sh |
| displayName: Ensure all generated files are clean and up-to-date |
| - bash: ci/scripts/clang-format.sh $SYSTEM_PULLREQUEST_TARGETBRANCH |
| condition: eq(variables['Build.Reason'], 'PullRequest') |
| displayName: Use clang-format to check C/C++ coding style |
| - bash: ci/scripts/rust-format.sh $SYSTEM_PULLREQUEST_TARGETBRANCH |
| condition: eq(variables['Build.Reason'], 'PullRequest') |
| displayName: Use rustfmt to check Rust coding style |
| - bash: ci/scripts/include-guard.sh $SYSTEM_PULLREQUEST_TARGETBRANCH |
| condition: eq(variables['Build.Reason'], 'PullRequest') |
| displayName: Check formatting on header guards |
| - bash: ci/scripts/whitespace.sh $SYSTEM_PULLREQUEST_TARGETBRANCH |
| condition: eq(variables['Build.Reason'], 'PullRequest') |
| displayName: Check trailing whitespace |
| - bash: ci/scripts/build-docs.sh |
| displayName: Render documentation |
| - bash: ci/scripts/build-site.sh |
| displayName: Render landing site |
| - bash: ci/scripts/get-build-type.sh "$SYSTEM_PULLREQUEST_TARGETBRANCH" "$(Build.Reason)" |
| displayName: Check what kinds of changes the PR contains |
| name: DetermineBuildType |
| |
| - job: slow_lints |
| displayName: Run code quality checks (in-depth lint) |
| dependsOn: lint |
| pool: |
| vmImage: ubuntu-18.04 |
| steps: |
| - template: ci/install-package-dependencies.yml |
| - bash: ci/bazelisk.sh run buildifier_check |
| displayName: Use buildifier to check Bazel coding style |
| - bash: ci/scripts/check-vendoring.sh |
| displayName: Check vendored directories are up-to-date |
| - bash: ci/scripts/verible-lint.sh rtl |
| condition: eq(variables['Build.Reason'], 'PullRequest') |
| displayName: Style-Lint RTL Verilog source files with Verible |
| - bash: ci/scripts/verible-lint.sh dv |
| condition: eq(variables['Build.Reason'], 'PullRequest') |
| displayName: Style-Lint DV Verilog source files with Verible |
| - bash: ci/scripts/verible-lint.sh fpv |
| condition: eq(variables['Build.Reason'], 'PullRequest') |
| displayName: Style-Lint FPV Verilog source files with Verible |
| |
| - job: sw_build |
| displayName: Build Software for Earl Grey toplevel design |
| dependsOn: lint |
| condition: and(succeeded(), eq(dependencies.lint.outputs['DetermineBuildType.onlyDocChanges'], '0')) |
| pool: ci-public |
| steps: |
| - template: ci/install-package-dependencies.yml |
| - bash: | |
| set -x |
| sudo util/get-toolchain.py \ |
| --install-dir="$TOOLCHAIN_PATH" \ |
| --release-version="$TOOLCHAIN_VERSION" \ |
| --update |
| displayName: Install toolchain |
| - bash: | |
| . util/build_consts.sh |
| ./meson_init.sh -A |
| ninja -C "$OBJ_DIR" all |
| displayName: Build embedded targets |
| - bash: | |
| . util/build_consts.sh |
| ninja -C "$OBJ_DIR" test |
| displayName: Run unit tests |
| - template: ci/upload-artifacts-template.yml |
| parameters: |
| includePatterns: |
| - "/sw/***" |
| |
| - job: cw310_sw_build |
| displayName: Build Software required for CW310 FPGA synthesis |
| dependsOn: lint |
| condition: and(succeeded(), eq(dependencies.lint.outputs['DetermineBuildType.onlyDocChanges'], '0')) |
| pool: |
| vmImage: ubuntu-18.04 |
| steps: |
| - template: ci/install-package-dependencies.yml |
| - bash: | |
| set -x |
| sudo util/get-toolchain.py \ |
| --install-dir="$TOOLCHAIN_PATH" \ |
| --release-version="$TOOLCHAIN_VERSION" \ |
| --update |
| displayName: Install toolchain |
| - bash: | |
| . util/build_consts.sh |
| ./meson_init.sh -A |
| ninja -C "$OBJ_DIR" \ |
| sw/device/otp_img/otp_img_export_fpga_cw310 \ |
| sw/device/lib/testing/test_rom/test_rom_export_fpga_cw310 |
| displayName: Build embedded targets |
| - template: ci/upload-artifacts-template.yml |
| parameters: |
| includePatterns: |
| - "/sw/***" |
| |
| # Software targeting the English Breakfast top level is produced by patching |
| # the source tree before building. This builds a selected subset of software |
| # only. |
| # TODO: This is a rather ugly hack, which will go away once we properly support |
| # building more than one top-level design with different parametrizations. |
| # Work towards this goal is tracked in issue #4669. |
| - job: sw_build_englishbreakfast |
| displayName: Build Software for English Breakfast toplevel design |
| dependsOn: lint |
| condition: and(succeeded(), eq(dependencies.lint.outputs['DetermineBuildType.onlyDocChanges'], '0')) |
| pool: |
| vmImage: ubuntu-18.04 |
| steps: |
| - template: ci/install-package-dependencies.yml |
| - bash: | |
| set -x |
| sudo util/get-toolchain.py \ |
| --install-dir="$TOOLCHAIN_PATH" \ |
| --release-version="$TOOLCHAIN_VERSION" \ |
| --update |
| displayName: Install toolchain |
| - bash: | |
| . util/build_consts.sh |
| ./meson_init.sh -A |
| # Patch software. |
| ./hw/top_englishbreakfast/util/prepare_sw.py |
| # Build FPGA boot ROM and aes_serial binary for FPGA SCA. |
| ninja -C "$OBJ_DIR" sw/device/lib/testing/test_rom/test_rom_export_fpga_nexysvideo |
| ninja -C "$OBJ_DIR" sw/device/sca/aes_serial_export_fpga_nexysvideo |
| # Build binaries for Verilator simulation. |
| ninja -C "$OBJ_DIR" sw/device/lib/testing/test_rom/test_rom_export_sim_verilator |
| ninja -C "$OBJ_DIR" sw/device/tests/aes_smoketest_export_sim_verilator |
| ninja -C "$OBJ_DIR" sw/device/examples/hello_world/hello_world_export_sim_verilator |
| displayName: Build embedded targets |
| - template: ci/upload-artifacts-template.yml |
| parameters: |
| includePatterns: |
| - "/sw/device/***" |
| |
| - job: chip_englishbreakfast_verilator |
| displayName: Build Verilator simulation of the English Breakfast toplevel design |
| dependsOn: lint |
| condition: and(succeeded(), eq(dependencies.lint.outputs['DetermineBuildType.onlyDocChanges'], '0')) |
| pool: |
| vmImage: ubuntu-18.04 |
| steps: |
| - template: ci/install-package-dependencies.yml |
| - bash: | |
| python3 --version |
| fusesoc --version |
| verilator --version |
| verible-verilog-lint --version |
| displayName: Display environment |
| - bash: ci/scripts/build-chip-verilator.sh englishbreakfast |
| displayName: Build simulation with Verilator |
| - template: ci/upload-artifacts-template.yml |
| parameters: |
| includePatterns: |
| - "/hw/top_englishbreakfast/Vchip_englishbreakfast_verilator" |
| |
| - job: execute_verilated_tests |
| displayName: Build and run fast tests on sim_verilator |
| pool: ci-public |
| timeoutInMinutes: 200 |
| dependsOn: lint |
| steps: |
| - template: ci/install-package-dependencies.yml |
| - task: DownloadSecureFile@1 |
| condition: eq(variables['Build.SourceBranchName'], 'master') |
| name: bazelCacheGcpKey |
| inputs: |
| secureFile: "bazel_cache_gcp_key.json" |
| - bash: echo "##vso[task.setvariable variable=bazelCacheGcpKeyPath]$(bazelCacheGcpKey.secureFilePath)" |
| condition: eq(variables['Build.SourceBranchName'], 'master') |
| displayName: Set the remote cache GCP key path |
| - bash: | |
| export GCP_BAZEL_CACHE_KEY=$(bazelCacheGcpKeyPath) |
| ci/scripts/run-verilator-tests.sh |
| displayName: Build and execute tests |
| continueOnError: true # Temporary workaround for #12603 |
| # TODO: build and cache the verilator model to avoid building twice (#12574) |
| - bash: | |
| . util/build_consts.sh |
| mkdir -p "$BIN_DIR/hw/top_earlgrey/" |
| cp $(find bazel-out/* -name Vchip_sim_tb) \ |
| "$BIN_DIR/hw/top_earlgrey/Vchip_earlgrey_verilator" |
| displayName: Copy //hw:verilator to $BIN_DIR |
| - template: ci/upload-artifacts-template.yml |
| parameters: |
| includePatterns: |
| - "/hw/top_earlgrey/Vchip_earlgrey_verilator" |
| |
| - job: execute_verilated_tests_englishbreakfast |
| displayName: Execute tests on the Verilated English Breakfast toplevel design |
| pool: ci-public |
| dependsOn: |
| - chip_englishbreakfast_verilator |
| - sw_build_englishbreakfast |
| steps: |
| - template: ci/install-package-dependencies.yml |
| - template: ci/download-artifacts-template.yml |
| parameters: |
| downloadPartialBuildBinFrom: |
| - chip_englishbreakfast_verilator |
| - sw_build_englishbreakfast |
| - bash: | |
| # Install an additional pytest dependency for result upload. |
| pip3 install pytest-azurepipelines |
| |
| . util/build_consts.sh |
| pytest --version |
| pytest test/systemtest/englishbreakfast/test_sim_verilator.py \ |
| -m "not slow" \ |
| --log-cli-level=DEBUG \ |
| --test-run-title="Run English Breakfast system tests with Verilator simulation" \ |
| --napoleon-docstrings |
| displayName: Execute tests |
| |
| - job: otbn_standalone_tests |
| displayName: Run OTBN Smoke Test |
| dependsOn: lint |
| pool: |
| vmImage: ubuntu-18.04 |
| timeoutInMinutes: 10 |
| steps: |
| - template: ci/install-package-dependencies.yml |
| - bash: | |
| set -x |
| sudo util/get-toolchain.py \ |
| --install-dir="$TOOLCHAIN_PATH" \ |
| --release-version="$TOOLCHAIN_VERSION" \ |
| --update |
| echo "##vso[task.prependpath]$TOOLCHAIN_PATH/bin" |
| displayName: Install toolchain |
| - bash: | |
| python3 --version |
| fusesoc --version |
| verilator --version |
| displayName: Display environment |
| - bash: | |
| make -C hw/ip/otbn/dv/otbnsim test |
| displayName: OTBN ISS Test |
| - bash: | |
| ./hw/ip/otbn/dv/smoke/run_smoke.sh |
| displayName: OTBN Smoke Test |
| - bash: | |
| make -C hw/ip/otbn/util asm-check |
| displayName: Assemble and link code snippets |
| |
| - job: chip_earlgrey_cw310 |
| displayName: Build CW310 variant of the Earl Grey toplevel design using Vivado |
| dependsOn: |
| - lint |
| # The bootrom is built into the FPGA image at synthesis time. |
| - cw310_sw_build |
| condition: and(succeeded(), eq(dependencies.lint.outputs['DetermineBuildType.onlyDocChanges'], '0'), eq(dependencies.lint.outputs['DetermineBuildType.onlyDvChanges'], '0')) |
| pool: ci-public |
| timeoutInMinutes: 120 # 2 hours |
| steps: |
| - template: ci/install-package-dependencies.yml |
| - template: ci/download-artifacts-template.yml |
| parameters: |
| downloadPartialBuildBinFrom: |
| - cw310_sw_build |
| - bash: | |
| set -e |
| module load "xilinx/vivado/$(VIVADO_VERSION)" |
| ci/scripts/build-bitstream-vivado.sh top_earlgrey cw310 |
| displayName: Build bitstream with Vivado |
| - bash: | |
| . util/build_consts.sh |
| echo Synthesis log |
| cat $OBJ_DIR/hw/synth-vivado/lowrisc_systems_chip_earlgrey_cw310_0.1.runs/synth_1/runme.log || true |
| |
| echo Implementation log |
| cat $OBJ_DIR/hw/synth-vivado/lowrisc_systems_chip_earlgrey_cw310_0.1.runs/impl_1/runme.log || true |
| condition: always() |
| displayName: Display synthesis and implementation logs |
| - template: ci/upload-artifacts-template.yml |
| parameters: |
| includePatterns: |
| - "/hw/***" |
| - publish: "$(Build.ArtifactStagingDirectory)" |
| artifact: chip_earlgrey_cw310-build-out |
| displayName: Upload all Vivado artifacts for CW310 |
| condition: failed() |
| |
| - job: chip_earlgrey_cw310_splice_mask_rom |
| displayName: Splice mask ROM binary into CW310 bitstream using Vivado |
| dependsOn: |
| - chip_earlgrey_cw310 |
| - sw_build |
| condition: and(succeeded(), eq(dependencies.lint.outputs['DetermineBuildType.onlyDocChanges'], '0'), eq(dependencies.lint.outputs['DetermineBuildType.onlyDvChanges'], '0')) |
| pool: ci-public |
| timeoutInMinutes: 10 |
| steps: |
| - template: ci/install-package-dependencies.yml |
| - template: ci/download-artifacts-template.yml |
| parameters: |
| downloadPartialBuildBinFrom: |
| - chip_earlgrey_cw310 |
| - sw_build |
| - bash: | |
| set -e |
| . util/build_consts.sh |
| |
| module load "xilinx/vivado/$(VIVADO_VERSION)" |
| |
| util/fpga/splice_rom.sh -t cw310 -T earlgrey -b PROD |
| |
| displayName: Splicing bitstream with Vivado |
| - template: ci/upload-artifacts-template.yml |
| parameters: |
| includePatterns: |
| - "/hw/***" |
| - ${{ if eq(variables['Build.SourceBranchName'], 'master') }}: |
| - template: ci/gcp-upload-bitstream-template.yml |
| parameters: |
| parentDir: "$BIN_DIR/hw/top_earlgrey" |
| includeFiles: |
| - "lowrisc_systems_chip_earlgrey_cw310_0.1.bit.orig" |
| - "lowrisc_systems_chip_earlgrey_cw310_0.1.bit.splice" |
| gcpKeyFile: "gcpkey.json" |
| bucketURI: "gs://opentitan-bitstreams/master" |
| - publish: "$(Build.ArtifactStagingDirectory)" |
| artifact: chip_earlgrey_cw310-splice-mask-rom-build-out |
| displayName: Upload all Vivado artifacts for CW310 |
| condition: failed() |
| |
| - job: chip_englishbreakfast_cw305 |
| displayName: Build CW305 variant of the English Breakfast toplevel design using Vivado |
| dependsOn: |
| - lint |
| - sw_build_englishbreakfast |
| condition: and(succeeded(), eq(dependencies.lint.outputs['DetermineBuildType.onlyDocChanges'], '0'), eq(dependencies.lint.outputs['DetermineBuildType.onlyDvChanges'], '0')) |
| pool: ci-public |
| timeoutInMinutes: 120 # 2 hours |
| steps: |
| - template: ci/install-package-dependencies.yml |
| - template: ci/download-artifacts-template.yml |
| parameters: |
| downloadPartialBuildBinFrom: |
| - sw_build_englishbreakfast |
| - bash: | |
| set -e |
| module load "xilinx/vivado/$(VIVADO_VERSION)" |
| ci/scripts/build-bitstream-vivado.sh top_englishbreakfast cw305 |
| displayName: Build bitstream with Vivado |
| - template: ci/upload-artifacts-template.yml |
| parameters: |
| includePatterns: |
| - "/hw/top_englishbreakfast/lowrisc_systems_chip_englishbreakfast_cw305_0.1.bit" |
| |
| - job: execute_fpga_tests_cw310 |
| displayName: Execute tests on ChipWhisperer CW310 FPGA board |
| pool: FPGA |
| timeoutInMinutes: 8 |
| dependsOn: |
| - chip_earlgrey_cw310 |
| - sw_build |
| steps: |
| - template: ci/install-package-dependencies.yml |
| - template: ci/download-artifacts-template.yml |
| parameters: |
| downloadPartialBuildBinFrom: |
| - chip_earlgrey_cw310 |
| - sw_build |
| - bash: | |
| set -e |
| |
| # Install an additional pytest dependency for result upload. |
| pip3 install pytest-azurepipelines |
| |
| . util/build_consts.sh |
| pytest --version |
| pytest test/systemtest/earlgrey/test_fpga_cw310.py \ |
| --log-cli-level=DEBUG \ |
| --test-run-title="Run system tests on ChipWhisperer CW310 FPGA board" \ |
| --napoleon-docstrings |
| displayName: Execute tests |
| |
| - job: deploy_release_artifacts |
| displayName: Package and deploy release distribution |
| pool: |
| vmImage: ubuntu-18.04 |
| dependsOn: |
| - lint |
| - sw_build |
| - execute_verilated_tests |
| - chip_earlgrey_cw310 |
| condition: and(eq(dependencies.lint.outputs['DetermineBuildType.onlyDocChanges'], '0'), eq(dependencies.lint.outputs['DetermineBuildType.onlyDvChanges'], '0')) |
| steps: |
| - template: ci/install-package-dependencies.yml |
| - template: ci/download-artifacts-template.yml |
| parameters: |
| downloadPartialBuildBinFrom: |
| - sw_build |
| - execute_verilated_tests |
| - chip_earlgrey_cw310 |
| - chip_englishbreakfast_verilator |
| - bash: | |
| . util/build_consts.sh |
| |
| util/make_distribution.sh |
| |
| tar --list -f $BIN_DIR/opentitan-*.tar.xz |
| # Put the resulting tar file into a directory the |publish| step below can reference. |
| mkdir "$BUILD_ROOT/dist-final" |
| mv $BIN_DIR/opentitan-*.tar.xz "$BUILD_ROOT/dist-final" |
| displayName: Create final dist directory out of partial ones |
| - publish: $(Build.ArtifactStagingDirectory)/dist-final |
| artifact: opentitan-dist |
| displayName: Upload release artifacts as Azure artifact |
| - task: GithubRelease@0 |
| displayName: Upload to GitHub releases (only tags) |
| condition: and(succeeded(), startsWith(variables['Build.SourceBranch'], 'refs/tags/')) |
| inputs: |
| gitHubConnection: opentitan-release-upload |
| repositoryName: lowrisc/opentitan |
| addChangeLog: false |
| assets: | |
| $(Build.ArtifactStagingDirectory)/dist-final/* |
| |
| |
| - job: build_docker_containers |
| displayName: "Build Docker Containers" |
| pool: |
| vmImage: ubuntu-18.04 |
| dependsOn: |
| - lint |
| steps: |
| - task: Docker@2 |
| displayName: Build Developer Utility Container |
| inputs: |
| command: build |
| Dockerfile: ./util/container/Dockerfile |
| buildContext: . |
| - task: Docker@2 |
| displayName: Build Documentation Builder Container |
| inputs: |
| command: build |
| tags: gcr.io/active-premise-257318/builder |
| Dockerfile: ./site/docs/builder.Dockerfile |
| buildContext: . |
| - task: Docker@2 |
| displayName: Build Documentation Redirector Container |
| inputs: |
| command: build |
| Dockerfile: ./site/redirector/Dockerfile |
| buildContext: ./site/redirector |
| |
| - job: bazel_test |
| displayName: Bazel Software Build and Test |
| timeoutInMinutes: 120 |
| dependsOn: lint |
| pool: |
| vmImage: ubuntu-18.04 |
| variables: |
| - name: bazelCacheGcpKeyPath |
| value: '' |
| steps: |
| - template: ci/install-package-dependencies.yml |
| - task: DownloadSecureFile@1 |
| condition: eq(variables['Build.SourceBranchName'], 'master') |
| name: bazelCacheGcpKey |
| inputs: |
| secureFile: "bazel_cache_gcp_key.json" |
| - bash: echo "##vso[task.setvariable variable=bazelCacheGcpKeyPath]$(bazelCacheGcpKey.secureFilePath)" |
| condition: eq(variables['Build.SourceBranchName'], 'master') |
| displayName: Set the remote cache GCP key path |
| - bash: | |
| # This command builds all software and runs all unit tests that run on |
| # the host. |
| export GCP_BAZEL_CACHE_KEY=$(bazelCacheGcpKeyPath) |
| ci/bazelisk.sh test \ |
| --build_tests_only=false \ |
| --define DISABLE_VERILATOR_BUILD=true \ |
| --test_tag_filters=-broken,-cw310,-verilator,-dv \ |
| --build_tag_filters=-verilator,-test_suite \ |
| //sw/... |
| displayName: "Build and Unit Test Software with Bazel" |
