osquery-1/azure-pipelines.yml

trigger:
- master

jobs:

# LINUX

  - job: LinuxBuild
    displayName: "Linux"

    strategy:
      matrix:
        Release:
          BUILD_TYPE: Release
          EXTRA_CMAKE_ARGS:
        Debug:
          BUILD_TYPE: Debug
          EXTRA_CMAKE_ARGS: -DOSQUERY_NO_DEBUG_SYMBOLS=ON

    pool:
      vmImage: 'Ubuntu-16.04'

    container:
      image: trailofbits/osquery:ubuntu-18.04-toolchain-v8
      options: --privileged --init -v /var/run/docker.sock:/var/run/docker.sock

    timeoutInMinutes: 120

    variables:
      CCACHE_DIR: $(Pipeline.Workspace)/ccache
      # Debug packages require padded source prefixes (#5936).
      BUILD_DIR: $(Build.BinariesDirectory)/usr/src/debug/osquery/build

    steps:
    - checkout: self
      # See BUILD_DIR.
      path: s/usr/src/debug/osquery

    - script: mkdir -p $(BUILD_DIR)
      displayName: "Create build folder"

    - task: CacheBeta@2
      inputs:
        key: submodules | Linux | $(SubmoduleCacheVersion) | $(Build.SourceVersion)
        restoreKeys: submodules | Linux | $(SubmoduleCacheVersion)
        path: $(Build.SourcesDirectory)/.git/modules
      displayName: Submodule cache

    - task: CMake@1
      displayName: "Configure osquery"
      inputs:
        workingDirectory: $(BUILD_DIR)
        cmakeArgs:
          -DCMAKE_BUILD_TYPE=$(BUILD_TYPE)
          -DOSQUERY_TOOLCHAIN_SYSROOT=/usr/local/osquery-toolchain
          -DOSQUERY_BUILD_TESTS=ON
          -DOSQUERY_BUILD_ROOT_TESTS=ON
          $(EXTRA_CMAKE_ARGS)
          $(Build.SourcesDirectory)

    - script: |
        ./tools/formatting/format-test.sh --build $(BUILD_DIR)        
      displayName: "format_check.py test"
      workingDirectory: $(Build.SourcesDirectory)

    - task: CMake@1
      displayName: "Check code formatting"
      inputs:
        workingDirectory: $(BUILD_DIR)
        cmakeArgs: --build . --target format_check

    - task: CacheBeta@2
      inputs:
        key: ccache | Linux$(BUILD_TYPE)CMake | $(CacheVersion) | $(Build.SourceVersion)
        restoreKeys: ccache | Linux$(BUILD_TYPE)CMake | $(CacheVersion)
        path: $(CCACHE_DIR)
      displayName: ccache

    - task: CMake@1
      displayName: "Build osquery"
      inputs:
        workingDirectory: $(BUILD_DIR)
        cmakeArgs: --build . -j 3

    - task: CMake@1
      displayName: "Run cppcheck"
      inputs:
        workingDirectory: $(BUILD_DIR)
        cmakeArgs: --build . --target cppcheck

    - script: |
        ctest --build-nocmake -LE "root-required" -V        
      displayName: "Run tests with a normal user"
      workingDirectory: $(BUILD_DIR)

    - script: |
        sudo ctest --build-nocmake -L "root-required" -V        
      displayName: "Run tests which requires root"
      workingDirectory: $(BUILD_DIR)

    - script: |
        cmake -DPACKAGING_SYSTEM=DEB $(Build.SourcesDirectory)
        cmake --build . --target package -j 3        
      displayName: "Run DEB packaging"
      workingDirectory: $(BUILD_DIR)

    - script: |
        cmake -DPACKAGING_SYSTEM=RPM $(Build.SourcesDirectory)
        cmake --build . --target package -j 3        
      displayName: "Run RPM packaging"
      workingDirectory: $(BUILD_DIR)

    - script: |
        cmake -DPACKAGING_SYSTEM=TGZ $(Build.SourcesDirectory)
        cmake --build . --target package -j 3        
      displayName: "Run TGZ packaging"
      workingDirectory: $(BUILD_DIR)

    - script: |
        echo "##vso[task.setvariable variable=Status;isOutput=true]1"        
      name: JobResult

    - script: |
        rm -rf $(BUILD_DIR)        
      displayName: "Reclaim disk space"


  - job: Linux

    pool:
      vmImage: 'Ubuntu-16.04'

    condition: succeededOrFailed()

    dependsOn:
      - LinuxBuild

    variables:
      LinuxReleaseStatus: $[ dependencies.LinuxBuild.outputs['Release.JobResult.Status'] ]
      LinuxDebugStatus: $[ dependencies.LinuxBuild.outputs['Debug.JobResult.Status'] ]

    steps:
    - checkout: none

    - script: |
        if [ -z "$(LinuxReleaseStatus)" ] || [ -z "$(LinuxDebugStatus)" ]; then
          exit 1
        fi        
      displayName: "Detect Linux jobs build statuses"

# LINUX

# MACOS

  - job: macOSBuild
    displayName: "macOS"

    strategy:
      matrix:
        Release:
          BUILD_TYPE: Release
          EXTRA_CMAKE_ARGS:
        Debug:
          BUILD_TYPE: Debug
          EXTRA_CMAKE_ARGS: -DOSQUERY_NO_DEBUG_SYMBOLS=ON

    pool:
      vmImage: macos-10.14

    timeoutInMinutes: 120

    variables:
      CCACHE_DIR: $(Pipeline.Workspace)/ccache

    steps:
    - script: |
        cmake --version
        brew upgrade
        brew install ccache flex bison
        pip3 install setuptools pexpect==3.3 psutil timeout_decorator six thrift==0.11.0 osquery
        sudo xcode-select -s /Applications/Xcode_10.3.app/Contents/Developer        
      displayName: "Install Homebrew and prerequisites"
      timeoutInMinutes: 20

    - script: mkdir $(Build.BinariesDirectory)/build
      displayName: "Create build folder"

    - task: CacheBeta@2
      inputs:
        key: submodules | macOS | $(SubmoduleCacheVersion) | $(Build.SourceVersion)
        restoreKeys: submodules | macOS | $(SubmoduleCacheVersion)
        path: $(Build.SourcesDirectory)/.git/modules
      displayName: Submodule cache

    - task: CMake@1
      displayName: "Configure osquery"
      inputs:
        workingDirectory: $(Build.BinariesDirectory)/build
        cmakeArgs: -DCMAKE_OSX_DEPLOYMENT_TARGET=10.11 -DCMAKE_BUILD_TYPE=$(BUILD_TYPE) -DOSQUERY_BUILD_TESTS=ON $(EXTRA_CMAKE_ARGS) $(Build.SourcesDirectory)

    - task: CacheBeta@2
      inputs:
        key: ccache | macOS$(BUILD_TYPE)CMake | $(CacheVersion) | $(Build.SourceVersion)
        restoreKeys: ccache | macOS$(BUILD_TYPE)CMake | $(CacheVersion)
        path: $(CCACHE_DIR)
      displayName: ccache

    - task: CMake@1
      displayName: "Build osquery"
      inputs:
        workingDirectory: $(Build.BinariesDirectory)/build
        cmakeArgs: --build . -j 3

    - script: |
        ctest --build-nocmake -V        
      displayName: "Run tests"
      workingDirectory: $(Build.BinariesDirectory)/build

    - task: CMake@1
      displayName: "Run productbuild packaging"
      inputs:
        workingDirectory: $(Build.BinariesDirectory)/build
        cmakeArgs: --build . --target package -j 3

    - script: |
        cmake -DPACKAGING_SYSTEM=TGZ $(Build.SourcesDirectory)
        cmake --build . --target package -j 3        
      displayName: "Run TGZ packaging"
      workingDirectory: $(Build.BinariesDirectory)/build

    - script: |
        echo "##vso[task.setvariable variable=Status;isOutput=true]1"        
      name: JobResult

    - script: |
        rm -rf $(Build.BinariesDirectory)/build        
      displayName: "Reclaim disk space"


  - job: macOS

    pool:
      vmImage: 'Ubuntu-16.04'

    condition: succeededOrFailed()

    dependsOn:
      - macOSBuild

    variables:
      macOSReleaseStatus: $[ dependencies.macOSBuild.outputs['Release.JobResult.Status'] ]
      macOSDebugStatus: $[ dependencies.macOSBuild.outputs['Debug.JobResult.Status'] ]

    steps:
    - checkout: none

    - script: |
        if [ -z "$(macOSReleaseStatus)" ] || [ -z "$(macOSDebugStatus)" ]; then
          exit 1
        fi        
      displayName: "Detect macOS jobs build statuses"

# MACOS

# WINDOWS

  - job: WindowsBuild
    displayName: "Windows Release"

    pool:
      vmImage: windows-2019

    timeoutInMinutes: 120

    variables:
      SCCACHE_DIR: $(Pipeline.Workspace)\sccache
      SCCACHE_CACHE_SIZE: "5G"
      AZP_CACHING_CONTENT_FORMAT: Files

    steps:
    - powershell: |
        git config --global core.autocrlf false
        git config --global core.symlinks true        

    - checkout: self

    - powershell: |
        cmake --version
        $python3_path = ((Get-Item C:\hostedtoolcache\windows\Python\3*\x64) | Sort-Object -Descending)[0].FullName
        & $python3_path\python -m pip install setuptools psutil timeout_decorator thrift==0.11.0 osquery pywin32        
      displayName: Install tests prerequisites

    - powershell: |
        mkdir $(Build.BinariesDirectory)\build        
      displayName: "Create build folder"

    - powershell: |
        tools\ci\scripts\install_openssl_formula_dependencies.ps1        
      displayName: "Installing: Strawberry Perl"
      workingDirectory: $(Build.SourcesDirectory)

    - task: CacheBeta@2
      inputs:
        key: submodules | Windows | $(SubmoduleCacheVersion) | $(Build.SourceVersion)
        restoreKeys: submodules | Windows | $(SubmoduleCacheVersion)
        path: $(Build.SourcesDirectory)/.git/modules
      displayName: Submodule cache

    - powershell: |
        (New-Object System.Net.WebClient).DownloadFile(`
        "https://github.com/osquery/sccache/releases/download/0.0.1-osquery/sccache-0.0.1-windows.7z",`
        "$env:TEMP\sccache.7z")

        mkdir "C:\Program Files\sccache"
        7z x -o"C:\Program Files\sccache" -y "$env:TEMP\sccache.7z"
        Write-Host "##vso[task.prependpath]C:\Program Files\sccache"        
      displayName: "Install sccache"

    - powershell: |
        (New-Object System.Net.WebClient).DownloadFile(`
        "https://github.com/ninja-build/ninja/releases/download/v1.10.0/ninja-win.zip",`
        "$env:TEMP\ninja-win.zip")

        mkdir "C:\Program Files\Ninja"
        7z x -o"C:\Program Files\Ninja" -y "$env:TEMP\ninja-win.zip"
        Write-Host "##vso[task.prependpath]C:\Program Files\Ninja"        
      displayName: "Install Ninja"

    - script: |
        call "C:\Program Files (x86)\Microsoft Visual Studio\2019\Enterprise\VC\Auxiliary\Build\vcvars64.bat"
        cmake -G Ninja ^
        -DCMAKE_C_COMPILER=cl.exe ^
        -DCMAKE_CXX_COMPILER=cl.exe ^
        -DCMAKE_BUILD_TYPE=Release ^
        -DOSQUERY_BUILD_TESTS=ON ^
        -DCMAKE_C_COMPILER_LAUNCHER="sccache.exe" ^
        -DCMAKE_CXX_COMPILER_LAUNCHER="sccache.exe" ^
        $(Build.SourcesDirectory)        
      displayName: "Configure osquery"
      workingDirectory: $(Build.BinariesDirectory)\build

    - task: CacheBeta@2
      inputs:
        key: sccache | Windows | $(CacheVersion) | $(Build.SourceVersion)
        restoreKeys: sccache | Windows | $(CacheVersion)
        path: $(SCCACHE_DIR)
      displayName: sccache

    - script: |
        call "C:\Program Files (x86)\Microsoft Visual Studio\2019\Enterprise\VC\Auxiliary\Build\vcvars64.bat"
        cmake --build . -j 3
        if %errorlevel% neq 0 exit /b %errorlevel%
        sccache.exe --stop-server        
      displayName: "Build osquery"
      workingDirectory: $(Build.BinariesDirectory)\build

    - powershell: |
        ctest --build-nocmake -C Release -V        
      displayName: "Run tests"
      workingDirectory: $(Build.BinariesDirectory)/build

    - task: CMake@1
      displayName: "Run WIX packaging"
      inputs:
        workingDirectory: $(Build.BinariesDirectory)/build
        cmakeArgs: --build . --target package --config Release -j 3

    - powershell: |
        # .artifactignore has to be copied in the cached folder, otherwise the CacheBeta task won't see it
        cp $(Build.SourcesDirectory)\.artifactignore $(Build.SourcesDirectory)\.git\modules

        echo "##vso[task.setvariable variable=Status;isOutput=true]1"        
      name: JobResult

    - powershell: |
        rm -r -Force $(Build.BinariesDirectory)/build        
      displayName: "Reclaim disk space"

  - job: Windows

    pool:
      vmImage: 'Ubuntu-16.04'

    condition: succeededOrFailed()

    dependsOn:
      - WindowsBuild

    variables:
      WindowsReleaseStatus: $[ dependencies.WindowsBuild.outputs['JobResult.Status'] ]

    steps:
    - checkout: none

    - script: |
        if [ -z "$(WindowsReleaseStatus)" ]; then
          exit 1
        fi        
      displayName: "Detect Windows build status"
# WINDOWS