From dbcff80c1b2952721d2ce5de2cb1e5b7230f6b7c Mon Sep 17 00:00:00 2001 From: Pawel Date: Mon, 22 Sep 2025 12:46:44 +0200 Subject: [PATCH 01/92] added sign and bdba drafts to the windows ci pipeline --- ci/build_test_OnCommitWin.groovy | 5 +++++ ci/loadWin.groovy | 28 +++++++++++++++++++++++++++ ci/windows_bdba.bat | 33 ++++++++++++++++++++++++++++++++ ci/windows_sign.bat | 4 ++++ 4 files changed, 70 insertions(+) create mode 100644 ci/windows_bdba.bat create mode 100644 ci/windows_sign.bat diff --git a/ci/build_test_OnCommitWin.groovy b/ci/build_test_OnCommitWin.groovy index 72f17872d4..258ca48576 100644 --- a/ci/build_test_OnCommitWin.groovy +++ b/ci/build_test_OnCommitWin.groovy @@ -5,6 +5,9 @@ pipeline { agent { label 'win_ovms' } + environment { + BDBA_KEY = credentials('BDBA_KEY') + } stages { stage ("Build and test windows") { steps { @@ -19,6 +22,8 @@ pipeline { windows.install_dependencies() windows.clean() windows.build() + windows.sign() + windows.bdba() windows.unit_test() windows.check_tests() def safeBranchName = env.BRANCH_NAME.replaceAll('/', '_') diff --git a/ci/loadWin.groovy b/ci/loadWin.groovy index 5608adbcfd..4ee49ceb0b 100644 --- a/ci/loadWin.groovy +++ b/ci/loadWin.groovy @@ -130,6 +130,34 @@ def build(){ } } +def sign(){ + if(env.OVMS_SIGN != "1"){ + println "Skipping code signing" + return + } + println "Starting code signing" + def status = bat(returnStatus: true, script: 'windows_sign.bat ' + get_short_bazel_path()) + if (status != 0) { + error "Error: Windows code signing failed ${status}. Check win_sign.log for details." + } else { + echo "Code signing successful." + } +} + +def bdba(){ + if(env.OVMS_BDBA_SCAN != "1"){ + println "Skipping BDBA scan" + return + } + println "Starting BDBA scan" + def status = bat(returnStatus: true, script: 'windows_bdba.bat ' + env.BDBA_KEY) + if (status != 0) { + error "Error: Windows BDBA scan failed ${status}. Check win_bdba.log for details." + } else { + echo "BDBA scan successful." + } +} + def unit_test(){ println "OVMS_PYTHON_ENABLED=${env.OVMS_PYTHON_ENABLED}" def pythonOption = env.OVMS_PYTHON_ENABLED == "1" ? "--with_python" : "--no_python" diff --git a/ci/windows_bdba.bat b/ci/windows_bdba.bat new file mode 100644 index 0000000000..0218452756 --- /dev/null +++ b/ci/windows_bdba.bat @@ -0,0 +1,33 @@ +@echo off +set "BDBA_KEY=%1" +REM +git clone https://github.com/intel-innersource/frameworks.ai.openvino.ci.infrastructure repo_ci_infra + +REM +cd repo_ci_infra + +REM +python -m venv venv + +REM +call venv\Scripts\activate + +REM +python -m pip install --upgrade pip + +REM +if exist requirements.txt ( + pip install -r requirements.txt +) + +REM +for /f "tokens=2 delims==." %%I in ('wmic os get localdatetime /value') do set datetime=%%I +set datestamp=%datetime:~0,8% +set timestamp=%datetime:~8,4% +set filename=ovms_%datestamp%_%timestamp%.zip + +REM +copy dist\windows\ovms.zip dist\windows\%filename% + +REM +python binary_scans\ovms_bdba.py --key %BDBA_KEY% --type windows --build_dir dist\windows --artifacts dist\windows\%filename% --report_name %filename% > bdba_windows.log 2>&1 \ No newline at end of file diff --git a/ci/windows_sign.bat b/ci/windows_sign.bat new file mode 100644 index 0000000000..f88319ee2d --- /dev/null +++ b/ci/windows_sign.bat @@ -0,0 +1,4 @@ +@echo off +REM +curl https://raw.githubusercontent.com/intel-innersource/frameworks.ai.openvino.model-server.bdba/refs/heads/main/windows_signing/check_signing.py?token=GHSAT0AAAAAADGTIRKXLRUCX2YYYKZY5PLI2GRGVLA -o check_signing.py + From 16451bcb8afda9a03a7ecb88ecd0961f51f878df Mon Sep 17 00:00:00 2001 From: Pawel Date: Tue, 23 Sep 2025 14:40:03 +0200 Subject: [PATCH 02/92] updating signing files --- ci/loadWin.groovy | 7 +++++++ ci/windows_sign.bat | 9 ++++++++- 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/ci/loadWin.groovy b/ci/loadWin.groovy index 4ee49ceb0b..02e22ead22 100644 --- a/ci/loadWin.groovy +++ b/ci/loadWin.groovy @@ -128,6 +128,13 @@ def build(){ } else { echo "Windows package created successfully." } + def unzipCmd = "tar -xf dist\\windows\\ovms.zip" + def status_unzip = bat(returnStatus: true, script: "${unzipCmd}") + if (status_unzip != 0) { + error "Error: Unzipping package failed: ${status_unzip}." + } else { + echo "Package unzipped successfully." + } } def sign(){ diff --git a/ci/windows_sign.bat b/ci/windows_sign.bat index f88319ee2d..b757ecaf4a 100644 --- a/ci/windows_sign.bat +++ b/ci/windows_sign.bat @@ -1,4 +1,11 @@ @echo off REM curl https://raw.githubusercontent.com/intel-innersource/frameworks.ai.openvino.model-server.bdba/refs/heads/main/windows_signing/check_signing.py?token=GHSAT0AAAAAADGTIRKXLRUCX2YYYKZY5PLI2GRGVLA -o check_signing.py - +REM +curl https://github.com/intel-innersource/applications.security.edss.docs.signfile-releases/releases/download/v4.0.180/signfile-win-x64-4.0.180.zip -o signfile-win-x64-4.0.180.zip +REM +tar -xf signfile-win-x64-4.0.180.zip +REM +set PATH=%PATH%;%CD%\signfile-win-x64-4.0.180 +REM +python check_signing.py --user %USERNAME% --path %OVMS_FILES% --auto --verbose --print_all \ No newline at end of file From 806d1614440312677c7be5a3159ac36337d975ef Mon Sep 17 00:00:00 2001 From: Pawel Date: Wed, 24 Sep 2025 08:49:25 +0200 Subject: [PATCH 03/92] excluded from sdl check new .bat files --- ci/lib_search.py | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/ci/lib_search.py b/ci/lib_search.py index 202ba24240..d8490f6dde 100644 --- a/ci/lib_search.py +++ b/ci/lib_search.py @@ -149,6 +149,8 @@ def check_dir(start_dir): "lib_custom_nodes_files", "spelling-whitelist.txt", "results.txt", + "windows_bdba.bat", + "windows_sign.bat", ] exclude_directories = ['/dist/', 'release_files/thirdparty-licenses', 'extras/chat_template_examples'] @@ -242,6 +244,8 @@ def check_func(start_dir): "internal_tests", 'cleanup_jenkins.bat', ".bazelversion", + "windows_bdba.bat", + "windows_sign.bat", ] exclude_directories = ['/dist/'] From ce76f48a69bf7b44282e2262609f49177cf32095 Mon Sep 17 00:00:00 2001 From: Pawel Date: Wed, 24 Sep 2025 11:01:45 +0200 Subject: [PATCH 04/92] refactoring to create separate pipe for SDL --- ci/build_test_OnCommitWin.groovy | 3 -- ci/build_test_release.groovy | 60 ++++++++++++++++++++++++++++++++ ci/loadWin.groovy | 13 +++++-- ci/windows_bdba.bat | 11 ++++-- ci/windows_sign.bat | 2 +- 5 files changed, 80 insertions(+), 9 deletions(-) create mode 100644 ci/build_test_release.groovy diff --git a/ci/build_test_OnCommitWin.groovy b/ci/build_test_OnCommitWin.groovy index 258ca48576..a59ef88793 100644 --- a/ci/build_test_OnCommitWin.groovy +++ b/ci/build_test_OnCommitWin.groovy @@ -5,9 +5,6 @@ pipeline { agent { label 'win_ovms' } - environment { - BDBA_KEY = credentials('BDBA_KEY') - } stages { stage ("Build and test windows") { steps { diff --git a/ci/build_test_release.groovy b/ci/build_test_release.groovy new file mode 100644 index 0000000000..4ea48671c5 --- /dev/null +++ b/ci/build_test_release.groovy @@ -0,0 +1,60 @@ +pipeline { + options { + timeout(time: 2, unit: 'HOURS') + } + agent { + label 'win_ovms' + } + environment { + BDBA_KEY = credentials('BDBA_KEY') + } + stages { + stage ("Build and test windows") { + steps { + script { + echo "JOB_BASE_NAME: ${env.JOB_BASE_NAME}" + echo "WORKSPACE: ${env.WORKSPACE}" + echo "OVMS_PYTHON_ENABLED: ${env.OVMS_PYTHON_ENABLED}" + def windows = load 'ci/loadWin.groovy' + if (windows != null) { + try { + windows.setup_bazel_remote_cache() + windows.install_dependencies() + windows.clean() + windows.build() + windows.unit_test() + windows.check_tests() + def safeBranchName = env.BRANCH_NAME.replaceAll('/', '_') + def python_presence = "" + if (env.OVMS_PYTHON_ENABLED == "1") { + python_presence = "with_python" + } else { + python_presence = "without_python" + } + bat(returnStatus:true, script: "ECHO F | xcopy /Y /E ${env.WORKSPACE}\\dist\\windows\\ovms.zip \\\\${env.OV_SHARE_05_IP}\\data\\cv_bench_cache\\OVMS_do_not_remove\\ovms-windows-${python_presence}-${safeBranchName}-latest.zip") + } finally { + windows.archive_build_artifacts() + windows.archive_test_artifacts() + } + } else { + error "Cannot load ci/loadWin.groovy file." + } + } + } + } + stage ("SDL actions"){ + def windows = load 'ci/loadWin.groovy' + if (windows != null) { + try { + windows.sign() + windows.bdba() + } finally { + windows.archive_bdba_reports() + windows.archive_sign_results() + } + } else { + error "Cannot load ci/loadWin.groovy file." + } +} + } +} diff --git a/ci/loadWin.groovy b/ci/loadWin.groovy index 02e22ead22..1a0a2ea079 100644 --- a/ci/loadWin.groovy +++ b/ci/loadWin.groovy @@ -143,7 +143,7 @@ def sign(){ return } println "Starting code signing" - def status = bat(returnStatus: true, script: 'windows_sign.bat ' + get_short_bazel_path()) + def status = bat(returnStatus: true, script: 'ci\\windows_sign.bat ' + env.OVMS_USER + ' ' + get_short_bazel_path()) if (status != 0) { error "Error: Windows code signing failed ${status}. Check win_sign.log for details." } else { @@ -157,7 +157,7 @@ def bdba(){ return } println "Starting BDBA scan" - def status = bat(returnStatus: true, script: 'windows_bdba.bat ' + env.BDBA_KEY) + def status = bat(returnStatus: true, script: 'ci\\windows_bdba.bat ' + env.BDBA_KEY + ' ' + get_short_bazel_path()) if (status != 0) { error "Error: Windows BDBA scan failed ${status}. Check win_bdba.log for details." } else { @@ -223,6 +223,15 @@ def archive_test_artifacts(){ archiveArtifacts allowEmptyArchive: true, artifacts: "win_test_log.zip" } +def archive_bdba_reports(){ + archiveArtifacts allowEmptyArchive: true, artifacts: "win_bdba.log" + archiveArtifacts allowEmptyArchive: true, artifacts: "ovms_windows_bdba_reports.zip" +} + +def archive_sign_results(){ + archiveArtifacts allowEmptyArchive: true, artifacts: "win_sign.log" +} + def setup_bazel_remote_cache(){ def bazel_remote_cache_url = env.OVMS_BAZEL_REMOTE_CACHE_URL def content = "build --remote_cache=\"${bazel_remote_cache_url}\"" diff --git a/ci/windows_bdba.bat b/ci/windows_bdba.bat index 0218452756..78ef7fd5ff 100644 --- a/ci/windows_bdba.bat +++ b/ci/windows_bdba.bat @@ -1,6 +1,7 @@ @echo off set "BDBA_KEY=%1" -REM +set "OVMS_PATH=%2" +REM git clone https://github.com/intel-innersource/frameworks.ai.openvino.ci.infrastructure repo_ci_infra REM @@ -27,7 +28,11 @@ set timestamp=%datetime:~8,4% set filename=ovms_%datestamp%_%timestamp%.zip REM -copy dist\windows\ovms.zip dist\windows\%filename% +copy %OVMS_PATH%\\ovms.zip %OVMS_PATH%\\%filename% REM -python binary_scans\ovms_bdba.py --key %BDBA_KEY% --type windows --build_dir dist\windows --artifacts dist\windows\%filename% --report_name %filename% > bdba_windows.log 2>&1 \ No newline at end of file +python binary_scans\ovms_bdba.py --key %BDBA_KEY% --type windows --build_dir %OVMS_PATH% --artifacts %OVMS_PATH%\%filename% --report_name %filename% 2>&1 | tee win_bdba.log +REM +deactivate +REM +tar -cvf %2\ovms_windows_bdba_reports.zip -C %2 ovms_windows_* \ No newline at end of file diff --git a/ci/windows_sign.bat b/ci/windows_sign.bat index b757ecaf4a..095cd8ce00 100644 --- a/ci/windows_sign.bat +++ b/ci/windows_sign.bat @@ -8,4 +8,4 @@ tar -xf signfile-win-x64-4.0.180.zip REM set PATH=%PATH%;%CD%\signfile-win-x64-4.0.180 REM -python check_signing.py --user %USERNAME% --path %OVMS_FILES% --auto --verbose --print_all \ No newline at end of file +python check_signing.py --user %USERNAME% --path %OVMS_FILES% --auto --verbose --print_all 2>&1 | tee win_sign.log \ No newline at end of file From e55f2ef2ac2a3ac4df5c97c26d2af02f2f59b6f0 Mon Sep 17 00:00:00 2001 From: Pawel Date: Wed, 24 Sep 2025 11:05:22 +0200 Subject: [PATCH 05/92] fixed stage structure --- ci/build_test_release.groovy | 26 +++++++++++++++----------- 1 file changed, 15 insertions(+), 11 deletions(-) diff --git a/ci/build_test_release.groovy b/ci/build_test_release.groovy index 4ea48671c5..5d9019f603 100644 --- a/ci/build_test_release.groovy +++ b/ci/build_test_release.groovy @@ -43,18 +43,22 @@ pipeline { } } stage ("SDL actions"){ - def windows = load 'ci/loadWin.groovy' - if (windows != null) { - try { - windows.sign() - windows.bdba() - } finally { - windows.archive_bdba_reports() - windows.archive_sign_results() + steps { + script { + def windows = load 'ci/loadWin.groovy' + if (windows != null) { + try { + windows.sign() + windows.bdba() + } finally { + windows.archive_bdba_reports() + windows.archive_sign_results() + } + } else { + error "Cannot load ci/loadWin.groovy file." + } } - } else { - error "Cannot load ci/loadWin.groovy file." } -} + } } } From 3d498419eca15bdc49d76de673d09b61816d9505 Mon Sep 17 00:00:00 2001 From: Pawel Date: Thu, 25 Sep 2025 10:17:37 +0200 Subject: [PATCH 06/92] moved git pulls to use user credentials --- ci/loadWin.groovy | 7 +++++++ ci/windows_bdba.bat | 3 --- ci/windows_sign.bat | 4 +--- 3 files changed, 8 insertions(+), 6 deletions(-) diff --git a/ci/loadWin.groovy b/ci/loadWin.groovy index 1a0a2ea079..b77eaedd79 100644 --- a/ci/loadWin.groovy +++ b/ci/loadWin.groovy @@ -143,6 +143,12 @@ def sign(){ return } println "Starting code signing" + def statusPull = bat(returnStatus: true, script: 'curl https://raw.githubusercontent.com/intel-innersource/frameworks.ai.openvino.model-server.bdba/refs/heads/main/windows_signing/check_signing.py -o check_signing.py') + if (statusPull != 0) { + error "Error: Downloading check_signing.py failed ${statusPull}. Check piepeline.log for details." + } else { + echo "check_signing.py downloaded successfully." + } def status = bat(returnStatus: true, script: 'ci\\windows_sign.bat ' + env.OVMS_USER + ' ' + get_short_bazel_path()) if (status != 0) { error "Error: Windows code signing failed ${status}. Check win_sign.log for details." @@ -157,6 +163,7 @@ def bdba(){ return } println "Starting BDBA scan" + def statusPull = bat(returnStatus: true, script: 'git clone https://github.com/intel-innersource/frameworks.ai.openvino.ci.infrastructure repo_ci_infra') def status = bat(returnStatus: true, script: 'ci\\windows_bdba.bat ' + env.BDBA_KEY + ' ' + get_short_bazel_path()) if (status != 0) { error "Error: Windows BDBA scan failed ${status}. Check win_bdba.log for details." diff --git a/ci/windows_bdba.bat b/ci/windows_bdba.bat index 78ef7fd5ff..17e406fd22 100644 --- a/ci/windows_bdba.bat +++ b/ci/windows_bdba.bat @@ -1,9 +1,6 @@ @echo off set "BDBA_KEY=%1" set "OVMS_PATH=%2" -REM -git clone https://github.com/intel-innersource/frameworks.ai.openvino.ci.infrastructure repo_ci_infra - REM cd repo_ci_infra diff --git a/ci/windows_sign.bat b/ci/windows_sign.bat index 095cd8ce00..4ecec9f195 100644 --- a/ci/windows_sign.bat +++ b/ci/windows_sign.bat @@ -1,11 +1,9 @@ @echo off REM -curl https://raw.githubusercontent.com/intel-innersource/frameworks.ai.openvino.model-server.bdba/refs/heads/main/windows_signing/check_signing.py?token=GHSAT0AAAAAADGTIRKXLRUCX2YYYKZY5PLI2GRGVLA -o check_signing.py -REM curl https://github.com/intel-innersource/applications.security.edss.docs.signfile-releases/releases/download/v4.0.180/signfile-win-x64-4.0.180.zip -o signfile-win-x64-4.0.180.zip REM tar -xf signfile-win-x64-4.0.180.zip REM set PATH=%PATH%;%CD%\signfile-win-x64-4.0.180 REM -python check_signing.py --user %USERNAME% --path %OVMS_FILES% --auto --verbose --print_all 2>&1 | tee win_sign.log \ No newline at end of file +python check_signing.py --user %OVMS_USER% --path %OVMS_FILES% --auto --verbose --print_all 2>&1 | tee win_sign.log \ No newline at end of file From 7d671bdd73c39e5866b5fa8418d217584c359d43 Mon Sep 17 00:00:00 2001 From: Pawel Date: Thu, 25 Sep 2025 11:25:20 +0200 Subject: [PATCH 07/92] changed links to testing fork and valid raw content --- ci/loadWin.groovy | 4 ++-- ci/windows_bdba.bat | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/ci/loadWin.groovy b/ci/loadWin.groovy index b77eaedd79..2160a3a786 100644 --- a/ci/loadWin.groovy +++ b/ci/loadWin.groovy @@ -143,7 +143,7 @@ def sign(){ return } println "Starting code signing" - def statusPull = bat(returnStatus: true, script: 'curl https://raw.githubusercontent.com/intel-innersource/frameworks.ai.openvino.model-server.bdba/refs/heads/main/windows_signing/check_signing.py -o check_signing.py') + def statusPull = bat(returnStatus: true, script: 'curl https://github.com/intel-innersource/frameworks.ai.openvino.model-server.bdba/raw/refs/heads/main/windows_signing/check_signing.py-o check_signing.py') if (statusPull != 0) { error "Error: Downloading check_signing.py failed ${statusPull}. Check piepeline.log for details." } else { @@ -163,7 +163,7 @@ def bdba(){ return } println "Starting BDBA scan" - def statusPull = bat(returnStatus: true, script: 'git clone https://github.com/intel-innersource/frameworks.ai.openvino.ci.infrastructure repo_ci_infra') + def statusPull = bat(returnStatus: true, script: 'git clone https://github.com/przepeck/frameworks.ai.openvino.ci.infrastructure repo_ci_infra') def status = bat(returnStatus: true, script: 'ci\\windows_bdba.bat ' + env.BDBA_KEY + ' ' + get_short_bazel_path()) if (status != 0) { error "Error: Windows BDBA scan failed ${status}. Check win_bdba.log for details." diff --git a/ci/windows_bdba.bat b/ci/windows_bdba.bat index 17e406fd22..a67221a294 100644 --- a/ci/windows_bdba.bat +++ b/ci/windows_bdba.bat @@ -28,7 +28,7 @@ REM copy %OVMS_PATH%\\ovms.zip %OVMS_PATH%\\%filename% REM -python binary_scans\ovms_bdba.py --key %BDBA_KEY% --type windows --build_dir %OVMS_PATH% --artifacts %OVMS_PATH%\%filename% --report_name %filename% 2>&1 | tee win_bdba.log +python binary_scans\ovms_bdba.py --key %BDBA_KEY% --type windows --build_dir %OVMS_PATH% --artifacts %OVMS_PATH%\%filename% --report_name %filename% 2>&1 | tee ..\win_bdba.log REM deactivate REM From 619bb22502a06e4429a5d9b52634c7594c54bd2a Mon Sep 17 00:00:00 2001 From: Pawel Date: Thu, 25 Sep 2025 11:52:36 +0200 Subject: [PATCH 08/92] fit to new credentials --- ci/build_test_release.groovy | 1 + ci/loadWin.groovy | 4 ++-- ci/windows_sign.bat | 5 ++++- 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/ci/build_test_release.groovy b/ci/build_test_release.groovy index 5d9019f603..b5158bcad5 100644 --- a/ci/build_test_release.groovy +++ b/ci/build_test_release.groovy @@ -7,6 +7,7 @@ pipeline { } environment { BDBA_KEY = credentials('BDBA_KEY') + OVMS_PASS = credentials('PRERELEASE_SIGN') } stages { stage ("Build and test windows") { diff --git a/ci/loadWin.groovy b/ci/loadWin.groovy index 2160a3a786..71de7f5df4 100644 --- a/ci/loadWin.groovy +++ b/ci/loadWin.groovy @@ -143,13 +143,13 @@ def sign(){ return } println "Starting code signing" - def statusPull = bat(returnStatus: true, script: 'curl https://github.com/intel-innersource/frameworks.ai.openvino.model-server.bdba/raw/refs/heads/main/windows_signing/check_signing.py-o check_signing.py') + def statusPull = bat(returnStatus: true, script: 'curl https://github.com/intel-innersource/frameworks.ai.openvino.model-server.bdba/raw/refs/heads/main/windows_signing/check_signing.py -o check_signing.py') if (statusPull != 0) { error "Error: Downloading check_signing.py failed ${statusPull}. Check piepeline.log for details." } else { echo "check_signing.py downloaded successfully." } - def status = bat(returnStatus: true, script: 'ci\\windows_sign.bat ' + env.OVMS_USER + ' ' + get_short_bazel_path()) + def status = bat(returnStatus: true, script: 'ci\\windows_sign.bat ' + env.OVMS_USER + ' ' + env.OVMS_PASS + ' ' + get_short_bazel_path()) if (status != 0) { error "Error: Windows code signing failed ${status}. Check win_sign.log for details." } else { diff --git a/ci/windows_sign.bat b/ci/windows_sign.bat index 4ecec9f195..558763da7b 100644 --- a/ci/windows_sign.bat +++ b/ci/windows_sign.bat @@ -1,4 +1,7 @@ @echo off +set "OVMS_USER=%1" +set "OVMS_PASS=%2" +set "OVMS_FILES=%3" REM curl https://github.com/intel-innersource/applications.security.edss.docs.signfile-releases/releases/download/v4.0.180/signfile-win-x64-4.0.180.zip -o signfile-win-x64-4.0.180.zip REM @@ -6,4 +9,4 @@ tar -xf signfile-win-x64-4.0.180.zip REM set PATH=%PATH%;%CD%\signfile-win-x64-4.0.180 REM -python check_signing.py --user %OVMS_USER% --path %OVMS_FILES% --auto --verbose --print_all 2>&1 | tee win_sign.log \ No newline at end of file +python check_signing.py --user %OVMS_USER% --path %OVMS_FILES% --auto --verbose --print_all 2>&1 | tee ..\win_sign.log \ No newline at end of file From 876c2d18015794ca629453e91e9ab7afd89ae6b4 Mon Sep 17 00:00:00 2001 From: Pawel Date: Thu, 25 Sep 2025 12:36:10 +0200 Subject: [PATCH 09/92] changed curl to cloning repo to use credentials --- ci/loadWin.groovy | 2 +- ci/windows_sign.bat | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/ci/loadWin.groovy b/ci/loadWin.groovy index 71de7f5df4..9d228728f6 100644 --- a/ci/loadWin.groovy +++ b/ci/loadWin.groovy @@ -143,7 +143,7 @@ def sign(){ return } println "Starting code signing" - def statusPull = bat(returnStatus: true, script: 'curl https://github.com/intel-innersource/frameworks.ai.openvino.model-server.bdba/raw/refs/heads/main/windows_signing/check_signing.py -o check_signing.py') + def statusPull = bat(returnStatus: true, script: 'git clone https://github.com/intel-innersource/frameworks.ai.openvino.model-server.bdba repo_signing') if (statusPull != 0) { error "Error: Downloading check_signing.py failed ${statusPull}. Check piepeline.log for details." } else { diff --git a/ci/windows_sign.bat b/ci/windows_sign.bat index 558763da7b..18cf9b8ad3 100644 --- a/ci/windows_sign.bat +++ b/ci/windows_sign.bat @@ -9,4 +9,4 @@ tar -xf signfile-win-x64-4.0.180.zip REM set PATH=%PATH%;%CD%\signfile-win-x64-4.0.180 REM -python check_signing.py --user %OVMS_USER% --path %OVMS_FILES% --auto --verbose --print_all 2>&1 | tee ..\win_sign.log \ No newline at end of file +python repo_signing\windows_signing\check_signing.py --user %OVMS_USER% --path %OVMS_FILES% --auto --verbose --print_all 2>&1 | tee win_sign.log \ No newline at end of file From d2f39a25ad5659d49a45754e5b7ea5ac609450fd Mon Sep 17 00:00:00 2001 From: Pawel Date: Thu, 25 Sep 2025 14:57:32 +0200 Subject: [PATCH 10/92] added cleanup, using local signfile --- ci/build_test_release.groovy | 17 +++++++++++++++++ ci/loadWin.groovy | 16 ++++++++++++++++ ci/windows_sign.bat | 6 +----- 3 files changed, 34 insertions(+), 5 deletions(-) diff --git a/ci/build_test_release.groovy b/ci/build_test_release.groovy index b5158bcad5..597699b953 100644 --- a/ci/build_test_release.groovy +++ b/ci/build_test_release.groovy @@ -8,6 +8,7 @@ pipeline { environment { BDBA_KEY = credentials('BDBA_KEY') OVMS_PASS = credentials('PRERELEASE_SIGN') + NODE_NAME = 'Windows_SDL' } stages { stage ("Build and test windows") { @@ -61,5 +62,21 @@ pipeline { } } } + stage ("Cleanup"){ + steps { + script { + def windows = load 'ci/loadWin.groovy' + if (windows != null) { + try { + windows.sdl_cleanup() + } finally { + echo "Cleanup finished" + } + } else { + error "Cannot load ci/loadWin.groovy file." + } + } + } + } } } diff --git a/ci/loadWin.groovy b/ci/loadWin.groovy index 9d228728f6..f29e23d8ca 100644 --- a/ci/loadWin.groovy +++ b/ci/loadWin.groovy @@ -57,6 +57,22 @@ def cleanup_directories() { } } +def cleanup_sdl(){ + println "Cleaning SDL files" + def status = bat(returnStatus: true, script: "rmdir /s /q C:\\Jenkins\\workspace\\ovmsc\\windows\\${env.NODE_NAME}\\repo_signing") + if (status != 0) { + error "Error: Deleting directory repo_signing failed: ${status}. Check piepeline.log for details." + } else { + echo "Deleting directory repo_signing successful." + } + def status2 = bat(returnStatus: true, script: "rmdir /s /q C:\\Jenkins\\workspace\\ovmsc\\windows\\${env.NODE_NAME}\\repo_ci_infra") + if (status2 != 0) { + error "Error: Deleting directory repo_ci_infra failed: ${status2}. Check piepeline.log for details." + } else { + echo "Deleting directory repo_ci_infra successful." + } +} + def get_short_bazel_path() { if (env.JOB_BASE_NAME.contains("release")) return "rel" diff --git a/ci/windows_sign.bat b/ci/windows_sign.bat index 18cf9b8ad3..454de1884f 100644 --- a/ci/windows_sign.bat +++ b/ci/windows_sign.bat @@ -3,10 +3,6 @@ set "OVMS_USER=%1" set "OVMS_PASS=%2" set "OVMS_FILES=%3" REM -curl https://github.com/intel-innersource/applications.security.edss.docs.signfile-releases/releases/download/v4.0.180/signfile-win-x64-4.0.180.zip -o signfile-win-x64-4.0.180.zip -REM -tar -xf signfile-win-x64-4.0.180.zip -REM -set PATH=%PATH%;%CD%\signfile-win-x64-4.0.180 +set PATH=%PATH%;C:\Jenkins\workspace\ovmsc\signfile REM python repo_signing\windows_signing\check_signing.py --user %OVMS_USER% --path %OVMS_FILES% --auto --verbose --print_all 2>&1 | tee win_sign.log \ No newline at end of file From ba7123ec7fb679cf760bae304ff7900a543c2617 Mon Sep 17 00:00:00 2001 From: Pawel Date: Fri, 26 Sep 2025 08:10:42 +0200 Subject: [PATCH 11/92] minor fixes, adding python option to siginig script --- ci/build_test_release.groovy | 2 +- ci/loadWin.groovy | 2 +- ci/windows_sign.bat | 8 +++++++- 3 files changed, 9 insertions(+), 3 deletions(-) diff --git a/ci/build_test_release.groovy b/ci/build_test_release.groovy index 597699b953..08854fd6a8 100644 --- a/ci/build_test_release.groovy +++ b/ci/build_test_release.groovy @@ -68,7 +68,7 @@ pipeline { def windows = load 'ci/loadWin.groovy' if (windows != null) { try { - windows.sdl_cleanup() + windows.cleanup_sdl() } finally { echo "Cleanup finished" } diff --git a/ci/loadWin.groovy b/ci/loadWin.groovy index f29e23d8ca..6f0aebc301 100644 --- a/ci/loadWin.groovy +++ b/ci/loadWin.groovy @@ -165,7 +165,7 @@ def sign(){ } else { echo "check_signing.py downloaded successfully." } - def status = bat(returnStatus: true, script: 'ci\\windows_sign.bat ' + env.OVMS_USER + ' ' + env.OVMS_PASS + ' ' + get_short_bazel_path()) + def status = bat(returnStatus: true, script: 'ci\\windows_sign.bat ' + env.OVMS_USER + ' ' + env.OVMS_PASS + ' ' + get_short_bazel_path() + ' ' + env.OVMS_PYTHON_ENABLED) if (status != 0) { error "Error: Windows code signing failed ${status}. Check win_sign.log for details." } else { diff --git a/ci/windows_sign.bat b/ci/windows_sign.bat index 454de1884f..2ceca5fdc8 100644 --- a/ci/windows_sign.bat +++ b/ci/windows_sign.bat @@ -2,7 +2,13 @@ set "OVMS_USER=%1" set "OVMS_PASS=%2" set "OVMS_FILES=%3" +set "PYTHON=%4" REM set PATH=%PATH%;C:\Jenkins\workspace\ovmsc\signfile REM -python repo_signing\windows_signing\check_signing.py --user %OVMS_USER% --path %OVMS_FILES% --auto --verbose --print_all 2>&1 | tee win_sign.log \ No newline at end of file +if /I "%PYTHON%"=="1" ( + set "PYTHON_OPT=--python" +) else ( + set "PYTHON_OPT=" +) +python repo_signing\windows_signing\check_signing.py --user %OVMS_USER% --path %OVMS_FILES% %PYTHON_OPT% --auto --verbose --print_all 2>&1 | tee win_sign.log \ No newline at end of file From a2c3ab025902c3c4f2daa0822ad101205846639f Mon Sep 17 00:00:00 2001 From: Pawel Date: Fri, 26 Sep 2025 08:56:18 +0200 Subject: [PATCH 12/92] corrected paths --- ci/loadWin.groovy | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/ci/loadWin.groovy b/ci/loadWin.groovy index 6f0aebc301..03ec90a0fe 100644 --- a/ci/loadWin.groovy +++ b/ci/loadWin.groovy @@ -165,7 +165,9 @@ def sign(){ } else { echo "check_signing.py downloaded successfully." } - def status = bat(returnStatus: true, script: 'ci\\windows_sign.bat ' + env.OVMS_USER + ' ' + env.OVMS_PASS + ' ' + get_short_bazel_path() + ' ' + env.OVMS_PYTHON_ENABLED) + println "OVMS_USER=${env.OVMS_USER}" + + def status = bat(returnStatus: true, script: 'ci\\windows_sign.bat ' + env.OVMS_USER + ' ' + env.OVMS_PASS + ' dist\\windows\\ovms ' + env.OVMS_PYTHON_ENABLED) if (status != 0) { error "Error: Windows code signing failed ${status}. Check win_sign.log for details." } else { @@ -180,7 +182,7 @@ def bdba(){ } println "Starting BDBA scan" def statusPull = bat(returnStatus: true, script: 'git clone https://github.com/przepeck/frameworks.ai.openvino.ci.infrastructure repo_ci_infra') - def status = bat(returnStatus: true, script: 'ci\\windows_bdba.bat ' + env.BDBA_KEY + ' ' + get_short_bazel_path()) + def status = bat(returnStatus: true, script: 'ci\\windows_bdba.bat ' + env.BDBA_KEY + ' dist\\windows') if (status != 0) { error "Error: Windows BDBA scan failed ${status}. Check win_bdba.log for details." } else { From 6d4b189f5f3a78446175416d84c64083d634ca68 Mon Sep 17 00:00:00 2001 From: Pawel Date: Fri, 26 Sep 2025 09:21:55 +0200 Subject: [PATCH 13/92] added debug steps --- ci/windows_bdba.bat | 15 +++++---------- ci/windows_sign.bat | 8 ++++++-- 2 files changed, 11 insertions(+), 12 deletions(-) diff --git a/ci/windows_bdba.bat b/ci/windows_bdba.bat index a67221a294..9f2cb22f23 100644 --- a/ci/windows_bdba.bat +++ b/ci/windows_bdba.bat @@ -1,35 +1,30 @@ @echo off set "BDBA_KEY=%1" set "OVMS_PATH=%2" -REM cd repo_ci_infra -REM python -m venv venv -REM call venv\Scripts\activate -REM python -m pip install --upgrade pip -REM if exist requirements.txt ( pip install -r requirements.txt ) -REM for /f "tokens=2 delims==." %%I in ('wmic os get localdatetime /value') do set datetime=%%I set datestamp=%datetime:~0,8% set timestamp=%datetime:~8,4% set filename=ovms_%datestamp%_%timestamp%.zip -REM copy %OVMS_PATH%\\ovms.zip %OVMS_PATH%\\%filename% -REM +echo "BDBA_KEY=%BDBA_KEY%" +echo "OVMS_PATH=%OVMS_PATH%" + python binary_scans\ovms_bdba.py --key %BDBA_KEY% --type windows --build_dir %OVMS_PATH% --artifacts %OVMS_PATH%\%filename% --report_name %filename% 2>&1 | tee ..\win_bdba.log -REM + deactivate -REM + tar -cvf %2\ovms_windows_bdba_reports.zip -C %2 ovms_windows_* \ No newline at end of file diff --git a/ci/windows_sign.bat b/ci/windows_sign.bat index 2ceca5fdc8..c229663d89 100644 --- a/ci/windows_sign.bat +++ b/ci/windows_sign.bat @@ -3,12 +3,16 @@ set "OVMS_USER=%1" set "OVMS_PASS=%2" set "OVMS_FILES=%3" set "PYTHON=%4" -REM set PATH=%PATH%;C:\Jenkins\workspace\ovmsc\signfile -REM + if /I "%PYTHON%"=="1" ( set "PYTHON_OPT=--python" ) else ( set "PYTHON_OPT=" ) + +echo "OVMS_USER=%OVMS_USER%" +echo "OVMS_FILES=%OVMS_FILES%" +echo "PYTHON_OPT=%PYTHON_OPT%" + python repo_signing\windows_signing\check_signing.py --user %OVMS_USER% --path %OVMS_FILES% %PYTHON_OPT% --auto --verbose --print_all 2>&1 | tee win_sign.log \ No newline at end of file From 1f1b5c98d5fb66829f9f96df587182610c757136 Mon Sep 17 00:00:00 2001 From: Pawel Date: Fri, 26 Sep 2025 09:58:34 +0200 Subject: [PATCH 14/92] corrected parameters --- ci/windows_sign.bat | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/ci/windows_sign.bat b/ci/windows_sign.bat index c229663d89..4eef5c887d 100644 --- a/ci/windows_sign.bat +++ b/ci/windows_sign.bat @@ -11,8 +11,4 @@ if /I "%PYTHON%"=="1" ( set "PYTHON_OPT=" ) -echo "OVMS_USER=%OVMS_USER%" -echo "OVMS_FILES=%OVMS_FILES%" -echo "PYTHON_OPT=%PYTHON_OPT%" - -python repo_signing\windows_signing\check_signing.py --user %OVMS_USER% --path %OVMS_FILES% %PYTHON_OPT% --auto --verbose --print_all 2>&1 | tee win_sign.log \ No newline at end of file +python repo_signing\windows_signing\check_signing.py --user=%OVMS_USER% --path=%OVMS_FILES% %PYTHON_OPT% --auto --verbose --print_all 2>&1 | tee win_sign.log \ No newline at end of file From 7d954d70b3d964c91fd2264ba67d0a08c8c2c30d Mon Sep 17 00:00:00 2001 From: Pawel Date: Fri, 26 Sep 2025 09:59:53 +0200 Subject: [PATCH 15/92] commented build stage to speed up testing and debugging --- ci/build_test_release.groovy | 66 ++++++++++++++++++------------------ 1 file changed, 33 insertions(+), 33 deletions(-) diff --git a/ci/build_test_release.groovy b/ci/build_test_release.groovy index 08854fd6a8..d52c65c262 100644 --- a/ci/build_test_release.groovy +++ b/ci/build_test_release.groovy @@ -11,39 +11,39 @@ pipeline { NODE_NAME = 'Windows_SDL' } stages { - stage ("Build and test windows") { - steps { - script { - echo "JOB_BASE_NAME: ${env.JOB_BASE_NAME}" - echo "WORKSPACE: ${env.WORKSPACE}" - echo "OVMS_PYTHON_ENABLED: ${env.OVMS_PYTHON_ENABLED}" - def windows = load 'ci/loadWin.groovy' - if (windows != null) { - try { - windows.setup_bazel_remote_cache() - windows.install_dependencies() - windows.clean() - windows.build() - windows.unit_test() - windows.check_tests() - def safeBranchName = env.BRANCH_NAME.replaceAll('/', '_') - def python_presence = "" - if (env.OVMS_PYTHON_ENABLED == "1") { - python_presence = "with_python" - } else { - python_presence = "without_python" - } - bat(returnStatus:true, script: "ECHO F | xcopy /Y /E ${env.WORKSPACE}\\dist\\windows\\ovms.zip \\\\${env.OV_SHARE_05_IP}\\data\\cv_bench_cache\\OVMS_do_not_remove\\ovms-windows-${python_presence}-${safeBranchName}-latest.zip") - } finally { - windows.archive_build_artifacts() - windows.archive_test_artifacts() - } - } else { - error "Cannot load ci/loadWin.groovy file." - } - } - } - } + // stage ("Build and test windows") { + // steps { + // script { + // echo "JOB_BASE_NAME: ${env.JOB_BASE_NAME}" + // echo "WORKSPACE: ${env.WORKSPACE}" + // echo "OVMS_PYTHON_ENABLED: ${env.OVMS_PYTHON_ENABLED}" + // def windows = load 'ci/loadWin.groovy' + // if (windows != null) { + // try { + // windows.setup_bazel_remote_cache() + // windows.install_dependencies() + // windows.clean() + // windows.build() + // windows.unit_test() + // windows.check_tests() + // def safeBranchName = env.BRANCH_NAME.replaceAll('/', '_') + // def python_presence = "" + // if (env.OVMS_PYTHON_ENABLED == "1") { + // python_presence = "with_python" + // } else { + // python_presence = "without_python" + // } + // bat(returnStatus:true, script: "ECHO F | xcopy /Y /E ${env.WORKSPACE}\\dist\\windows\\ovms.zip \\\\${env.OV_SHARE_05_IP}\\data\\cv_bench_cache\\OVMS_do_not_remove\\ovms-windows-${python_presence}-${safeBranchName}-latest.zip") + // } finally { + // windows.archive_build_artifacts() + // windows.archive_test_artifacts() + // } + // } else { + // error "Cannot load ci/loadWin.groovy file." + // } + // } + // } + // } stage ("SDL actions"){ steps { script { From d298fd28fe7c7357450a04d9b62728eda0b677a7 Mon Sep 17 00:00:00 2001 From: Pawel Date: Fri, 26 Sep 2025 10:17:27 +0200 Subject: [PATCH 16/92] testing correct credentials --- ci/build_test_release.groovy | 4 ++-- ci/loadWin.groovy | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/ci/build_test_release.groovy b/ci/build_test_release.groovy index d52c65c262..ebda6bcff0 100644 --- a/ci/build_test_release.groovy +++ b/ci/build_test_release.groovy @@ -6,8 +6,8 @@ pipeline { label 'win_ovms' } environment { - BDBA_KEY = credentials('BDBA_KEY') - OVMS_PASS = credentials('PRERELEASE_SIGN') + BDBA_CREDS = credentials('BDBA_KEY') + OVMS_SIGN_CREDS = credentials('PRERELEASE_SIGN') NODE_NAME = 'Windows_SDL' } stages { diff --git a/ci/loadWin.groovy b/ci/loadWin.groovy index 03ec90a0fe..abbf93d92b 100644 --- a/ci/loadWin.groovy +++ b/ci/loadWin.groovy @@ -167,7 +167,7 @@ def sign(){ } println "OVMS_USER=${env.OVMS_USER}" - def status = bat(returnStatus: true, script: 'ci\\windows_sign.bat ' + env.OVMS_USER + ' ' + env.OVMS_PASS + ' dist\\windows\\ovms ' + env.OVMS_PYTHON_ENABLED) + def status = bat(returnStatus: true, script: 'ci\\windows_sign.bat ' + env.OVMS_USER + ' ' + env.OVMS_SIGN_CREDS_PSW + ' dist\\windows\\ovms ' + env.OVMS_PYTHON_ENABLED) if (status != 0) { error "Error: Windows code signing failed ${status}. Check win_sign.log for details." } else { @@ -182,7 +182,7 @@ def bdba(){ } println "Starting BDBA scan" def statusPull = bat(returnStatus: true, script: 'git clone https://github.com/przepeck/frameworks.ai.openvino.ci.infrastructure repo_ci_infra') - def status = bat(returnStatus: true, script: 'ci\\windows_bdba.bat ' + env.BDBA_KEY + ' dist\\windows') + def status = bat(returnStatus: true, script: 'ci\\windows_bdba.bat ' + env.BDBA_CREDS_PSW + ' dist\\windows') if (status != 0) { error "Error: Windows BDBA scan failed ${status}. Check win_bdba.log for details." } else { From 7349653c5470eb5fc406f5e0d29f66f153edcee3 Mon Sep 17 00:00:00 2001 From: Pawel Date: Fri, 26 Sep 2025 10:34:17 +0200 Subject: [PATCH 17/92] corrected path to bdba scans --- ci/windows_bdba.bat | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ci/windows_bdba.bat b/ci/windows_bdba.bat index 9f2cb22f23..de6ca817c3 100644 --- a/ci/windows_bdba.bat +++ b/ci/windows_bdba.bat @@ -23,7 +23,7 @@ copy %OVMS_PATH%\\ovms.zip %OVMS_PATH%\\%filename% echo "BDBA_KEY=%BDBA_KEY%" echo "OVMS_PATH=%OVMS_PATH%" -python binary_scans\ovms_bdba.py --key %BDBA_KEY% --type windows --build_dir %OVMS_PATH% --artifacts %OVMS_PATH%\%filename% --report_name %filename% 2>&1 | tee ..\win_bdba.log +python binary_scans\ovms_bdba.py --key %BDBA_KEY% --type windows --build_dir %OVMS_PATH% --artifacts %filename% --report_name %filename% 2>&1 | tee ..\win_bdba.log deactivate From 62e754f05a15a9333a56001b09a66def98f5390e Mon Sep 17 00:00:00 2001 From: Pawel Date: Fri, 26 Sep 2025 10:48:15 +0200 Subject: [PATCH 18/92] corrected path to bdba scans --- ci/windows_bdba.bat | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ci/windows_bdba.bat b/ci/windows_bdba.bat index de6ca817c3..e784eeacce 100644 --- a/ci/windows_bdba.bat +++ b/ci/windows_bdba.bat @@ -18,7 +18,7 @@ set datestamp=%datetime:~0,8% set timestamp=%datetime:~8,4% set filename=ovms_%datestamp%_%timestamp%.zip -copy %OVMS_PATH%\\ovms.zip %OVMS_PATH%\\%filename% +copy ..\\%OVMS_PATH%\\ovms.zip ..\\%OVMS_PATH%\\%filename% echo "BDBA_KEY=%BDBA_KEY%" echo "OVMS_PATH=%OVMS_PATH%" From af61db8d9f493eb1c6b13e4871183219b8a1ca00 Mon Sep 17 00:00:00 2001 From: Pawel Date: Fri, 26 Sep 2025 10:56:04 +0200 Subject: [PATCH 19/92] corrected path to bdba scans v2 --- ci/windows_bdba.bat | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/ci/windows_bdba.bat b/ci/windows_bdba.bat index e784eeacce..9e6a998071 100644 --- a/ci/windows_bdba.bat +++ b/ci/windows_bdba.bat @@ -1,7 +1,6 @@ @echo off set "BDBA_KEY=%1" set "OVMS_PATH=%2" -cd repo_ci_infra python -m venv venv @@ -9,8 +8,8 @@ call venv\Scripts\activate python -m pip install --upgrade pip -if exist requirements.txt ( - pip install -r requirements.txt +if exist repo_ci_infra\requirements.txt ( + pip install -r repo_ci_infra\requirements.txt ) for /f "tokens=2 delims==." %%I in ('wmic os get localdatetime /value') do set datetime=%%I @@ -18,13 +17,13 @@ set datestamp=%datetime:~0,8% set timestamp=%datetime:~8,4% set filename=ovms_%datestamp%_%timestamp%.zip -copy ..\\%OVMS_PATH%\\ovms.zip ..\\%OVMS_PATH%\\%filename% +copy %OVMS_PATH%\\ovms.zip %OVMS_PATH%\\%filename% echo "BDBA_KEY=%BDBA_KEY%" echo "OVMS_PATH=%OVMS_PATH%" -python binary_scans\ovms_bdba.py --key %BDBA_KEY% --type windows --build_dir %OVMS_PATH% --artifacts %filename% --report_name %filename% 2>&1 | tee ..\win_bdba.log +python repo_ci_infra\binary_scans\ovms_bdba.py --key %BDBA_KEY% --type windows --build_dir %OVMS_PATH% --artifacts %filename% --report_name %filename% 2>&1 | tee win_bdba.log deactivate -tar -cvf %2\ovms_windows_bdba_reports.zip -C %2 ovms_windows_* \ No newline at end of file +tar -cvf %OVMS_PATH%\ovms_windows_bdba_reports.zip -C %OVMS_PATH% ovms_windows_* \ No newline at end of file From 8385fc4e3c7ae372336137598597d60b75c84153 Mon Sep 17 00:00:00 2001 From: Pawel Date: Fri, 26 Sep 2025 11:25:19 +0200 Subject: [PATCH 20/92] corrected path to bdba scans v3 --- ci/windows_bdba.bat | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/ci/windows_bdba.bat b/ci/windows_bdba.bat index 9e6a998071..729d7aeba7 100644 --- a/ci/windows_bdba.bat +++ b/ci/windows_bdba.bat @@ -1,6 +1,7 @@ @echo off set "BDBA_KEY=%1" -set "OVMS_PATH=%2" +set "OVMS_PATH=..\%2" +cd repo_ci_infra python -m venv venv @@ -8,8 +9,8 @@ call venv\Scripts\activate python -m pip install --upgrade pip -if exist repo_ci_infra\requirements.txt ( - pip install -r repo_ci_infra\requirements.txt +if exist requirements.txt ( + pip install -r requirements.txt ) for /f "tokens=2 delims==." %%I in ('wmic os get localdatetime /value') do set datetime=%%I @@ -22,7 +23,7 @@ copy %OVMS_PATH%\\ovms.zip %OVMS_PATH%\\%filename% echo "BDBA_KEY=%BDBA_KEY%" echo "OVMS_PATH=%OVMS_PATH%" -python repo_ci_infra\binary_scans\ovms_bdba.py --key %BDBA_KEY% --type windows --build_dir %OVMS_PATH% --artifacts %filename% --report_name %filename% 2>&1 | tee win_bdba.log +python binary_scans\ovms_bdba.py --key %BDBA_KEY% --type windows --build_dir %OVMS_PATH% --artifacts %filename% --report_name %filename% 2>&1 | tee ..\win_bdba.log deactivate From 70797550d42ccf1f7a88f1738a7c2cfaf24aad27 Mon Sep 17 00:00:00 2001 From: Pawel Date: Fri, 26 Sep 2025 12:27:48 +0200 Subject: [PATCH 21/92] changes in filenames and cleaning temporal files --- ci/windows_bdba.bat | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/ci/windows_bdba.bat b/ci/windows_bdba.bat index 729d7aeba7..86ec320f4a 100644 --- a/ci/windows_bdba.bat +++ b/ci/windows_bdba.bat @@ -16,7 +16,7 @@ if exist requirements.txt ( for /f "tokens=2 delims==." %%I in ('wmic os get localdatetime /value') do set datetime=%%I set datestamp=%datetime:~0,8% set timestamp=%datetime:~8,4% -set filename=ovms_%datestamp%_%timestamp%.zip +set filename=ovms_windows_%datestamp%_%timestamp%.zip copy %OVMS_PATH%\\ovms.zip %OVMS_PATH%\\%filename% @@ -27,4 +27,5 @@ python binary_scans\ovms_bdba.py --key %BDBA_KEY% --type windows --build_dir %OV deactivate -tar -cvf %OVMS_PATH%\ovms_windows_bdba_reports.zip -C %OVMS_PATH% ovms_windows_* \ No newline at end of file +tar -cvf %OVMS_PATH%\ovms_windows_bdba_reports.zip -C ovms_windows_* +rm -rf %OVMS_PATH%\\%filename% \ No newline at end of file From fe55f01c05d59a98b4d04ab3e26c869f298711ae Mon Sep 17 00:00:00 2001 From: Pawel Date: Fri, 26 Sep 2025 12:32:35 +0200 Subject: [PATCH 22/92] changes in filenames and cleaning temporal files v2 --- ci/windows_bdba.bat | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/ci/windows_bdba.bat b/ci/windows_bdba.bat index 86ec320f4a..07805bf901 100644 --- a/ci/windows_bdba.bat +++ b/ci/windows_bdba.bat @@ -16,16 +16,17 @@ if exist requirements.txt ( for /f "tokens=2 delims==." %%I in ('wmic os get localdatetime /value') do set datetime=%%I set datestamp=%datetime:~0,8% set timestamp=%datetime:~8,4% -set filename=ovms_windows_%datestamp%_%timestamp%.zip +set filename=ovms_windows_%datestamp%_%timestamp% +set zipname="%filename%.zip" copy %OVMS_PATH%\\ovms.zip %OVMS_PATH%\\%filename% echo "BDBA_KEY=%BDBA_KEY%" echo "OVMS_PATH=%OVMS_PATH%" -python binary_scans\ovms_bdba.py --key %BDBA_KEY% --type windows --build_dir %OVMS_PATH% --artifacts %filename% --report_name %filename% 2>&1 | tee ..\win_bdba.log +python binary_scans\ovms_bdba.py --key %BDBA_KEY% --type windows --build_dir %OVMS_PATH% --artifacts %zipname% --report_name %filename% 2>&1 | tee ..\win_bdba.log deactivate tar -cvf %OVMS_PATH%\ovms_windows_bdba_reports.zip -C ovms_windows_* -rm -rf %OVMS_PATH%\\%filename% \ No newline at end of file +rm -rf %OVMS_PATH%\\%zipname% \ No newline at end of file From 19ceae212de4f785576b7d14dc4c550ad7729ba0 Mon Sep 17 00:00:00 2001 From: Pawel Date: Fri, 26 Sep 2025 12:32:57 +0200 Subject: [PATCH 23/92] changes in filenames and cleaning temporal files v3 --- ci/windows_bdba.bat | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ci/windows_bdba.bat b/ci/windows_bdba.bat index 07805bf901..fc0d7fe8cd 100644 --- a/ci/windows_bdba.bat +++ b/ci/windows_bdba.bat @@ -19,7 +19,7 @@ set timestamp=%datetime:~8,4% set filename=ovms_windows_%datestamp%_%timestamp% set zipname="%filename%.zip" -copy %OVMS_PATH%\\ovms.zip %OVMS_PATH%\\%filename% +copy %OVMS_PATH%\\ovms.zip %OVMS_PATH%\\%zipname% echo "BDBA_KEY=%BDBA_KEY%" echo "OVMS_PATH=%OVMS_PATH%" From 0a91e06f8807cd073a48134e94102ab95fc59e8d Mon Sep 17 00:00:00 2001 From: Pawel Date: Fri, 26 Sep 2025 12:50:18 +0200 Subject: [PATCH 24/92] minor changes in errors and added signtool to PATH --- ci/build_test_OnCommitWin.groovy | 2 -- ci/windows_bdba.bat | 8 ++++++-- ci/windows_sign.bat | 7 +++++-- 3 files changed, 11 insertions(+), 6 deletions(-) diff --git a/ci/build_test_OnCommitWin.groovy b/ci/build_test_OnCommitWin.groovy index a59ef88793..72f17872d4 100644 --- a/ci/build_test_OnCommitWin.groovy +++ b/ci/build_test_OnCommitWin.groovy @@ -19,8 +19,6 @@ pipeline { windows.install_dependencies() windows.clean() windows.build() - windows.sign() - windows.bdba() windows.unit_test() windows.check_tests() def safeBranchName = env.BRANCH_NAME.replaceAll('/', '_') diff --git a/ci/windows_bdba.bat b/ci/windows_bdba.bat index fc0d7fe8cd..b09ac52044 100644 --- a/ci/windows_bdba.bat +++ b/ci/windows_bdba.bat @@ -11,6 +11,7 @@ python -m pip install --upgrade pip if exist requirements.txt ( pip install -r requirements.txt + if !errorlevel! neq 0 exit /b !errorlevel! ) for /f "tokens=2 delims==." %%I in ('wmic os get localdatetime /value') do set datetime=%%I @@ -20,13 +21,16 @@ set filename=ovms_windows_%datestamp%_%timestamp% set zipname="%filename%.zip" copy %OVMS_PATH%\\ovms.zip %OVMS_PATH%\\%zipname% +if !errorlevel! neq 0 exit /b !errorlevel! echo "BDBA_KEY=%BDBA_KEY%" echo "OVMS_PATH=%OVMS_PATH%" python binary_scans\ovms_bdba.py --key %BDBA_KEY% --type windows --build_dir %OVMS_PATH% --artifacts %zipname% --report_name %filename% 2>&1 | tee ..\win_bdba.log - +if !errorlevel! neq 0 exit /b !errorlevel! deactivate tar -cvf %OVMS_PATH%\ovms_windows_bdba_reports.zip -C ovms_windows_* -rm -rf %OVMS_PATH%\\%zipname% \ No newline at end of file +if !errorlevel! neq 0 exit /b !errorlevel! +rm -rf %OVMS_PATH%\\%zipname% +if !errorlevel! neq 0 exit /b !errorlevel! \ No newline at end of file diff --git a/ci/windows_sign.bat b/ci/windows_sign.bat index 4eef5c887d..112d77c58b 100644 --- a/ci/windows_sign.bat +++ b/ci/windows_sign.bat @@ -3,7 +3,7 @@ set "OVMS_USER=%1" set "OVMS_PASS=%2" set "OVMS_FILES=%3" set "PYTHON=%4" -set PATH=%PATH%;C:\Jenkins\workspace\ovmsc\signfile +set PATH=%PATH%;C:\Jenkins\workspace\ovmsc\signfile;C:\Program Files (x86)\Windows Kits\10\bin\10.0.22621.0\x64 if /I "%PYTHON%"=="1" ( set "PYTHON_OPT=--python" @@ -11,4 +11,7 @@ if /I "%PYTHON%"=="1" ( set "PYTHON_OPT=" ) -python repo_signing\windows_signing\check_signing.py --user=%OVMS_USER% --path=%OVMS_FILES% %PYTHON_OPT% --auto --verbose --print_all 2>&1 | tee win_sign.log \ No newline at end of file +python repo_signing\windows_signing\check_signing.py --user=%OVMS_USER% --path=%OVMS_FILES% %PYTHON_OPT% --auto --verbose --print_all 2>&1 | tee win_sign.log +for /f "tokens=2 delims=: " %%a in ('tail -n 3 win_sign.log ^| findstr /c:"code":') do ( + if not "%%a"=="200" exit /b 1 +) \ No newline at end of file From 7e5e2ba9a7a1922804bec9e630b0e5cfea1c5bb2 Mon Sep 17 00:00:00 2001 From: Pawel Date: Fri, 26 Sep 2025 12:53:39 +0200 Subject: [PATCH 25/92] corrected path for signing script --- ci/windows_sign.bat | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ci/windows_sign.bat b/ci/windows_sign.bat index 112d77c58b..63778f5970 100644 --- a/ci/windows_sign.bat +++ b/ci/windows_sign.bat @@ -1,7 +1,7 @@ @echo off set "OVMS_USER=%1" set "OVMS_PASS=%2" -set "OVMS_FILES=%3" +set "OVMS_FILES=..\..\%3" set "PYTHON=%4" set PATH=%PATH%;C:\Jenkins\workspace\ovmsc\signfile;C:\Program Files (x86)\Windows Kits\10\bin\10.0.22621.0\x64 From df30d1faf7cf4ad92d4bebd81f390524dd413ef8 Mon Sep 17 00:00:00 2001 From: Pawel Date: Fri, 26 Sep 2025 13:17:30 +0200 Subject: [PATCH 26/92] corrected path for signing script v2 --- ci/loadWin.groovy | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ci/loadWin.groovy b/ci/loadWin.groovy index abbf93d92b..550bf4f4f6 100644 --- a/ci/loadWin.groovy +++ b/ci/loadWin.groovy @@ -167,7 +167,7 @@ def sign(){ } println "OVMS_USER=${env.OVMS_USER}" - def status = bat(returnStatus: true, script: 'ci\\windows_sign.bat ' + env.OVMS_USER + ' ' + env.OVMS_SIGN_CREDS_PSW + ' dist\\windows\\ovms ' + env.OVMS_PYTHON_ENABLED) + def status = bat(returnStatus: true, script: 'ci\\windows_sign.bat ' + env.OVMS_USER + ' ' + env.OVMS_SIGN_CREDS_PSW + ' dist\\windows ' + env.OVMS_PYTHON_ENABLED) if (status != 0) { error "Error: Windows code signing failed ${status}. Check win_sign.log for details." } else { From 8af3f8362fbb4c28d046c610d7116070cdfae99c Mon Sep 17 00:00:00 2001 From: Pawel Date: Fri, 26 Sep 2025 13:42:04 +0200 Subject: [PATCH 27/92] fixed error raising after sdl actions --- ci/windows_bdba.bat | 4 +++- ci/windows_sign.bat | 9 +++++++-- 2 files changed, 10 insertions(+), 3 deletions(-) diff --git a/ci/windows_bdba.bat b/ci/windows_bdba.bat index b09ac52044..3fcd954568 100644 --- a/ci/windows_bdba.bat +++ b/ci/windows_bdba.bat @@ -27,7 +27,9 @@ echo "BDBA_KEY=%BDBA_KEY%" echo "OVMS_PATH=%OVMS_PATH%" python binary_scans\ovms_bdba.py --key %BDBA_KEY% --type windows --build_dir %OVMS_PATH% --artifacts %zipname% --report_name %filename% 2>&1 | tee ..\win_bdba.log -if !errorlevel! neq 0 exit /b !errorlevel! +for /f "tokens=2 delims=: " %%a in ('tail -n 3 win_sign.log ^| findstr /c:"code":') do ( + if not "%%a"=="200" exit /b 1 +) deactivate tar -cvf %OVMS_PATH%\ovms_windows_bdba_reports.zip -C ovms_windows_* diff --git a/ci/windows_sign.bat b/ci/windows_sign.bat index 63778f5970..486254bdb4 100644 --- a/ci/windows_sign.bat +++ b/ci/windows_sign.bat @@ -12,6 +12,11 @@ if /I "%PYTHON%"=="1" ( ) python repo_signing\windows_signing\check_signing.py --user=%OVMS_USER% --path=%OVMS_FILES% %PYTHON_OPT% --auto --verbose --print_all 2>&1 | tee win_sign.log -for /f "tokens=2 delims=: " %%a in ('tail -n 3 win_sign.log ^| findstr /c:"code":') do ( - if not "%%a"=="200" exit /b 1 +for /f "tokens=* delims=" %%a in ('type win_sign.log ^| tail -n 1') do ( + echo %%a | findstr /C:"[ OK ]" >nul + if not errorlevel 1 ( + exit /b 0 + ) else ( + exit /b 1 + ) ) \ No newline at end of file From 740f060864a7ae8692e629fced2c816ffc267737 Mon Sep 17 00:00:00 2001 From: Pawel Date: Fri, 26 Sep 2025 13:49:47 +0200 Subject: [PATCH 28/92] changed incorrect file in macro --- ci/windows_bdba.bat | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/ci/windows_bdba.bat b/ci/windows_bdba.bat index 3fcd954568..c517cbc5b8 100644 --- a/ci/windows_bdba.bat +++ b/ci/windows_bdba.bat @@ -27,9 +27,9 @@ echo "BDBA_KEY=%BDBA_KEY%" echo "OVMS_PATH=%OVMS_PATH%" python binary_scans\ovms_bdba.py --key %BDBA_KEY% --type windows --build_dir %OVMS_PATH% --artifacts %zipname% --report_name %filename% 2>&1 | tee ..\win_bdba.log -for /f "tokens=2 delims=: " %%a in ('tail -n 3 win_sign.log ^| findstr /c:"code":') do ( - if not "%%a"=="200" exit /b 1 -) +@REM for /f "tokens=2 delims=: " %%a in ('tail -n 3 win_sign.log ^| findstr /c:"code":') do ( +@REM if not "%%a"=="200" exit /b 1 +@REM ) deactivate tar -cvf %OVMS_PATH%\ovms_windows_bdba_reports.zip -C ovms_windows_* From 5b5e779d7806ff5281cf2f8e902d1ca280b86294 Mon Sep 17 00:00:00 2001 From: Pawel Date: Fri, 26 Sep 2025 13:57:14 +0200 Subject: [PATCH 29/92] removed redundant exit condition --- ci/windows_bdba.bat | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/ci/windows_bdba.bat b/ci/windows_bdba.bat index c517cbc5b8..16ae4c148e 100644 --- a/ci/windows_bdba.bat +++ b/ci/windows_bdba.bat @@ -11,7 +11,6 @@ python -m pip install --upgrade pip if exist requirements.txt ( pip install -r requirements.txt - if !errorlevel! neq 0 exit /b !errorlevel! ) for /f "tokens=2 delims==." %%I in ('wmic os get localdatetime /value') do set datetime=%%I @@ -27,9 +26,9 @@ echo "BDBA_KEY=%BDBA_KEY%" echo "OVMS_PATH=%OVMS_PATH%" python binary_scans\ovms_bdba.py --key %BDBA_KEY% --type windows --build_dir %OVMS_PATH% --artifacts %zipname% --report_name %filename% 2>&1 | tee ..\win_bdba.log -@REM for /f "tokens=2 delims=: " %%a in ('tail -n 3 win_sign.log ^| findstr /c:"code":') do ( -@REM if not "%%a"=="200" exit /b 1 -@REM ) +for /f "tokens=2 delims=: " %%a in ('tail -n 3 win_bdba.log ^| findstr /c:"code":') do ( + if not "%%a"=="200" exit /b 1 +) deactivate tar -cvf %OVMS_PATH%\ovms_windows_bdba_reports.zip -C ovms_windows_* From 543a682c653976d688eb84c50ecd9c67570da5e5 Mon Sep 17 00:00:00 2001 From: Pawel Date: Fri, 26 Sep 2025 14:00:41 +0200 Subject: [PATCH 30/92] removed redundant exit conditions v2 --- ci/windows_bdba.bat | 3 --- 1 file changed, 3 deletions(-) diff --git a/ci/windows_bdba.bat b/ci/windows_bdba.bat index 16ae4c148e..251b883bf7 100644 --- a/ci/windows_bdba.bat +++ b/ci/windows_bdba.bat @@ -20,7 +20,6 @@ set filename=ovms_windows_%datestamp%_%timestamp% set zipname="%filename%.zip" copy %OVMS_PATH%\\ovms.zip %OVMS_PATH%\\%zipname% -if !errorlevel! neq 0 exit /b !errorlevel! echo "BDBA_KEY=%BDBA_KEY%" echo "OVMS_PATH=%OVMS_PATH%" @@ -32,6 +31,4 @@ for /f "tokens=2 delims=: " %%a in ('tail -n 3 win_bdba.log ^| findstr /c:"code" deactivate tar -cvf %OVMS_PATH%\ovms_windows_bdba_reports.zip -C ovms_windows_* -if !errorlevel! neq 0 exit /b !errorlevel! rm -rf %OVMS_PATH%\\%zipname% -if !errorlevel! neq 0 exit /b !errorlevel! \ No newline at end of file From aefc7aba1624de341042f07ea02888cd3ea3000f Mon Sep 17 00:00:00 2001 From: Pawel Date: Fri, 26 Sep 2025 14:05:01 +0200 Subject: [PATCH 31/92] enabling build step --- ci/build_test_release.groovy | 66 ++++++++++++++++++------------------ 1 file changed, 33 insertions(+), 33 deletions(-) diff --git a/ci/build_test_release.groovy b/ci/build_test_release.groovy index ebda6bcff0..60abb405d1 100644 --- a/ci/build_test_release.groovy +++ b/ci/build_test_release.groovy @@ -11,39 +11,39 @@ pipeline { NODE_NAME = 'Windows_SDL' } stages { - // stage ("Build and test windows") { - // steps { - // script { - // echo "JOB_BASE_NAME: ${env.JOB_BASE_NAME}" - // echo "WORKSPACE: ${env.WORKSPACE}" - // echo "OVMS_PYTHON_ENABLED: ${env.OVMS_PYTHON_ENABLED}" - // def windows = load 'ci/loadWin.groovy' - // if (windows != null) { - // try { - // windows.setup_bazel_remote_cache() - // windows.install_dependencies() - // windows.clean() - // windows.build() - // windows.unit_test() - // windows.check_tests() - // def safeBranchName = env.BRANCH_NAME.replaceAll('/', '_') - // def python_presence = "" - // if (env.OVMS_PYTHON_ENABLED == "1") { - // python_presence = "with_python" - // } else { - // python_presence = "without_python" - // } - // bat(returnStatus:true, script: "ECHO F | xcopy /Y /E ${env.WORKSPACE}\\dist\\windows\\ovms.zip \\\\${env.OV_SHARE_05_IP}\\data\\cv_bench_cache\\OVMS_do_not_remove\\ovms-windows-${python_presence}-${safeBranchName}-latest.zip") - // } finally { - // windows.archive_build_artifacts() - // windows.archive_test_artifacts() - // } - // } else { - // error "Cannot load ci/loadWin.groovy file." - // } - // } - // } - // } + stage ("Build and test windows") { + steps { + script { + echo "JOB_BASE_NAME: ${env.JOB_BASE_NAME}" + echo "WORKSPACE: ${env.WORKSPACE}" + echo "OVMS_PYTHON_ENABLED: ${env.OVMS_PYTHON_ENABLED}" + def windows = load 'ci/loadWin.groovy' + if (windows != null) { + try { + windows.setup_bazel_remote_cache() + windows.install_dependencies() + windows.clean() + windows.build() + windows.unit_test() + windows.check_tests() + def safeBranchName = env.BRANCH_NAME.replaceAll('/', '_') + def python_presence = "" + if (env.OVMS_PYTHON_ENABLED == "1") { + python_presence = "with_python" + } else { + python_presence = "without_python" + } + bat(returnStatus:true, script: "ECHO F | xcopy /Y /E ${env.WORKSPACE}\\dist\\windows\\ovms.zip \\\\${env.OV_SHARE_05_IP}\\data\\cv_bench_cache\\OVMS_do_not_remove\\ovms-windows-${python_presence}-${safeBranchName}-latest.zip") + } finally { + windows.archive_build_artifacts() + windows.archive_test_artifacts() + } + } else { + error "Cannot load ci/loadWin.groovy file." + } + } + } + } stage ("SDL actions"){ steps { script { From 5ba84a900eb957bfd8e7bc49eef166dcd597e71a Mon Sep 17 00:00:00 2001 From: Pawel Date: Fri, 26 Sep 2025 14:30:01 +0200 Subject: [PATCH 32/92] corrected path to log --- ci/windows_bdba.bat | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ci/windows_bdba.bat b/ci/windows_bdba.bat index 251b883bf7..523a609ac2 100644 --- a/ci/windows_bdba.bat +++ b/ci/windows_bdba.bat @@ -25,7 +25,7 @@ echo "BDBA_KEY=%BDBA_KEY%" echo "OVMS_PATH=%OVMS_PATH%" python binary_scans\ovms_bdba.py --key %BDBA_KEY% --type windows --build_dir %OVMS_PATH% --artifacts %zipname% --report_name %filename% 2>&1 | tee ..\win_bdba.log -for /f "tokens=2 delims=: " %%a in ('tail -n 3 win_bdba.log ^| findstr /c:"code":') do ( +for /f "tokens=2 delims=: " %%a in ('tail -n 3 ..\win_bdba.log ^| findstr /c:"code":') do ( if not "%%a"=="200" exit /b 1 ) deactivate From 2db4779455337e4727a9390b42cc785b1f195860 Mon Sep 17 00:00:00 2001 From: Pawel Date: Mon, 29 Sep 2025 10:50:22 +0200 Subject: [PATCH 33/92] changed location --- ci/windows_sign.bat | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/ci/windows_sign.bat b/ci/windows_sign.bat index 486254bdb4..d00f6631e1 100644 --- a/ci/windows_sign.bat +++ b/ci/windows_sign.bat @@ -5,14 +5,16 @@ set "OVMS_FILES=..\..\%3" set "PYTHON=%4" set PATH=%PATH%;C:\Jenkins\workspace\ovmsc\signfile;C:\Program Files (x86)\Windows Kits\10\bin\10.0.22621.0\x64 +cd repo_signing\windows_signing + if /I "%PYTHON%"=="1" ( set "PYTHON_OPT=--python" ) else ( set "PYTHON_OPT=" ) -python repo_signing\windows_signing\check_signing.py --user=%OVMS_USER% --path=%OVMS_FILES% %PYTHON_OPT% --auto --verbose --print_all 2>&1 | tee win_sign.log -for /f "tokens=* delims=" %%a in ('type win_sign.log ^| tail -n 1') do ( +python check_signing.py --user=%OVMS_USER% --path=%OVMS_FILES% %PYTHON_OPT% --auto --verbose --print_all 2>&1 | tee ..\..\win_sign.log +for /f "tokens=* delims=" %%a in ('type ..\..\win_sign.log ^| tail -n 1') do ( echo %%a | findstr /C:"[ OK ]" >nul if not errorlevel 1 ( exit /b 0 From a46a54f15b81f79e5a98ff851dbbbecb483de876 Mon Sep 17 00:00:00 2001 From: Pawel Date: Mon, 29 Sep 2025 10:51:40 +0200 Subject: [PATCH 34/92] commented stages for debug reasons --- ci/build_test_release.groovy | 98 ++++++++++++++++++------------------ 1 file changed, 49 insertions(+), 49 deletions(-) diff --git a/ci/build_test_release.groovy b/ci/build_test_release.groovy index 60abb405d1..3ad32d2654 100644 --- a/ci/build_test_release.groovy +++ b/ci/build_test_release.groovy @@ -11,39 +11,39 @@ pipeline { NODE_NAME = 'Windows_SDL' } stages { - stage ("Build and test windows") { - steps { - script { - echo "JOB_BASE_NAME: ${env.JOB_BASE_NAME}" - echo "WORKSPACE: ${env.WORKSPACE}" - echo "OVMS_PYTHON_ENABLED: ${env.OVMS_PYTHON_ENABLED}" - def windows = load 'ci/loadWin.groovy' - if (windows != null) { - try { - windows.setup_bazel_remote_cache() - windows.install_dependencies() - windows.clean() - windows.build() - windows.unit_test() - windows.check_tests() - def safeBranchName = env.BRANCH_NAME.replaceAll('/', '_') - def python_presence = "" - if (env.OVMS_PYTHON_ENABLED == "1") { - python_presence = "with_python" - } else { - python_presence = "without_python" - } - bat(returnStatus:true, script: "ECHO F | xcopy /Y /E ${env.WORKSPACE}\\dist\\windows\\ovms.zip \\\\${env.OV_SHARE_05_IP}\\data\\cv_bench_cache\\OVMS_do_not_remove\\ovms-windows-${python_presence}-${safeBranchName}-latest.zip") - } finally { - windows.archive_build_artifacts() - windows.archive_test_artifacts() - } - } else { - error "Cannot load ci/loadWin.groovy file." - } - } - } - } + // stage ("Build and test windows") { + // steps { + // script { + // echo "JOB_BASE_NAME: ${env.JOB_BASE_NAME}" + // echo "WORKSPACE: ${env.WORKSPACE}" + // echo "OVMS_PYTHON_ENABLED: ${env.OVMS_PYTHON_ENABLED}" + // def windows = load 'ci/loadWin.groovy' + // if (windows != null) { + // try { + // windows.setup_bazel_remote_cache() + // windows.install_dependencies() + // windows.clean() + // windows.build() + // windows.unit_test() + // windows.check_tests() + // def safeBranchName = env.BRANCH_NAME.replaceAll('/', '_') + // def python_presence = "" + // if (env.OVMS_PYTHON_ENABLED == "1") { + // python_presence = "with_python" + // } else { + // python_presence = "without_python" + // } + // bat(returnStatus:true, script: "ECHO F | xcopy /Y /E ${env.WORKSPACE}\\dist\\windows\\ovms.zip \\\\${env.OV_SHARE_05_IP}\\data\\cv_bench_cache\\OVMS_do_not_remove\\ovms-windows-${python_presence}-${safeBranchName}-latest.zip") + // } finally { + // windows.archive_build_artifacts() + // windows.archive_test_artifacts() + // } + // } else { + // error "Cannot load ci/loadWin.groovy file." + // } + // } + // } + // } stage ("SDL actions"){ steps { script { @@ -62,21 +62,21 @@ pipeline { } } } - stage ("Cleanup"){ - steps { - script { - def windows = load 'ci/loadWin.groovy' - if (windows != null) { - try { - windows.cleanup_sdl() - } finally { - echo "Cleanup finished" - } - } else { - error "Cannot load ci/loadWin.groovy file." - } - } - } - } + // stage ("Cleanup"){ + // steps { + // script { + // def windows = load 'ci/loadWin.groovy' + // if (windows != null) { + // try { + // windows.cleanup_sdl() + // } finally { + // echo "Cleanup finished" + // } + // } else { + // error "Cannot load ci/loadWin.groovy file." + // } + // } + // } + // } } } From 8f33e3fd6f3aba46a74a77294f1c61f97e9499e9 Mon Sep 17 00:00:00 2001 From: Pawel Date: Mon, 29 Sep 2025 11:02:10 +0200 Subject: [PATCH 35/92] checking if OVMS_PASS is correct --- ci/windows_sign.bat | 2 ++ 1 file changed, 2 insertions(+) diff --git a/ci/windows_sign.bat b/ci/windows_sign.bat index d00f6631e1..9404470ad6 100644 --- a/ci/windows_sign.bat +++ b/ci/windows_sign.bat @@ -13,6 +13,8 @@ if /I "%PYTHON%"=="1" ( set "PYTHON_OPT=" ) +echo %OVMS_PASS% >> "temp.txt" + python check_signing.py --user=%OVMS_USER% --path=%OVMS_FILES% %PYTHON_OPT% --auto --verbose --print_all 2>&1 | tee ..\..\win_sign.log for /f "tokens=* delims=" %%a in ('type ..\..\win_sign.log ^| tail -n 1') do ( echo %%a | findstr /C:"[ OK ]" >nul From e6dc3d7960b1ecc0653c42dc4d0a7916a586eddb Mon Sep 17 00:00:00 2001 From: Pawel Date: Mon, 29 Sep 2025 11:30:47 +0200 Subject: [PATCH 36/92] enbale using special chars in password --- ci/windows_sign.bat | 1 + 1 file changed, 1 insertion(+) diff --git a/ci/windows_sign.bat b/ci/windows_sign.bat index 9404470ad6..d67c4cde09 100644 --- a/ci/windows_sign.bat +++ b/ci/windows_sign.bat @@ -1,4 +1,5 @@ @echo off +setlocal EnableExtensions EnableDelayedExpansion set "OVMS_USER=%1" set "OVMS_PASS=%2" set "OVMS_FILES=..\..\%3" From 41387af71203add1df7159ef841b86c262f469d3 Mon Sep 17 00:00:00 2001 From: Pawel Date: Mon, 29 Sep 2025 11:40:10 +0200 Subject: [PATCH 37/92] enbale using special chars in password v2 --- ci/windows_sign.bat | 1 + 1 file changed, 1 insertion(+) diff --git a/ci/windows_sign.bat b/ci/windows_sign.bat index d67c4cde09..4855429e3e 100644 --- a/ci/windows_sign.bat +++ b/ci/windows_sign.bat @@ -2,6 +2,7 @@ setlocal EnableExtensions EnableDelayedExpansion set "OVMS_USER=%1" set "OVMS_PASS=%2" +set "OVMS_PASS=%OVMS_PASS:^=^^%" set "OVMS_FILES=..\..\%3" set "PYTHON=%4" set PATH=%PATH%;C:\Jenkins\workspace\ovmsc\signfile;C:\Program Files (x86)\Windows Kits\10\bin\10.0.22621.0\x64 From d21bf9f86f0d0201e893c2300de40fe804619549 Mon Sep 17 00:00:00 2001 From: Pawel Date: Mon, 29 Sep 2025 12:30:47 +0200 Subject: [PATCH 38/92] enbale using special chars in password v3 --- ci/loadWin.groovy | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ci/loadWin.groovy b/ci/loadWin.groovy index 550bf4f4f6..e566ae77a6 100644 --- a/ci/loadWin.groovy +++ b/ci/loadWin.groovy @@ -182,7 +182,7 @@ def bdba(){ } println "Starting BDBA scan" def statusPull = bat(returnStatus: true, script: 'git clone https://github.com/przepeck/frameworks.ai.openvino.ci.infrastructure repo_ci_infra') - def status = bat(returnStatus: true, script: 'ci\\windows_bdba.bat ' + env.BDBA_CREDS_PSW + ' dist\\windows') + def status = bat(returnStatus: true, script: 'ci\\windows_bdba.bat \"' + env.BDBA_CREDS_PSW + '\" dist\\windows') if (status != 0) { error "Error: Windows BDBA scan failed ${status}. Check win_bdba.log for details." } else { From ff904e1c2b13592595836bbffff60822c7d2af33 Mon Sep 17 00:00:00 2001 From: Pawel Date: Mon, 29 Sep 2025 13:41:12 +0200 Subject: [PATCH 39/92] enbale using special chars in password v4 --- ci/loadWin.groovy | 3 ++- ci/windows_sign.bat | 1 - 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/ci/loadWin.groovy b/ci/loadWin.groovy index e566ae77a6..6fc2096a18 100644 --- a/ci/loadWin.groovy +++ b/ci/loadWin.groovy @@ -182,7 +182,8 @@ def bdba(){ } println "Starting BDBA scan" def statusPull = bat(returnStatus: true, script: 'git clone https://github.com/przepeck/frameworks.ai.openvino.ci.infrastructure repo_ci_infra') - def status = bat(returnStatus: true, script: 'ci\\windows_bdba.bat \"' + env.BDBA_CREDS_PSW + '\" dist\\windows') + def passwordParsed = env.BDBA_CREDS_PSW.replaceAll(/\^/, '^^') + def status = bat(returnStatus: true, script: 'ci\\windows_bdba.bat ' + passwordParsed + ' dist\\windows') if (status != 0) { error "Error: Windows BDBA scan failed ${status}. Check win_bdba.log for details." } else { diff --git a/ci/windows_sign.bat b/ci/windows_sign.bat index 4855429e3e..d67c4cde09 100644 --- a/ci/windows_sign.bat +++ b/ci/windows_sign.bat @@ -2,7 +2,6 @@ setlocal EnableExtensions EnableDelayedExpansion set "OVMS_USER=%1" set "OVMS_PASS=%2" -set "OVMS_PASS=%OVMS_PASS:^=^^%" set "OVMS_FILES=..\..\%3" set "PYTHON=%4" set PATH=%PATH%;C:\Jenkins\workspace\ovmsc\signfile;C:\Program Files (x86)\Windows Kits\10\bin\10.0.22621.0\x64 From cc7b574b27a484ed3d888c7bf77a339d85d55149 Mon Sep 17 00:00:00 2001 From: Pawel Date: Mon, 29 Sep 2025 13:51:31 +0200 Subject: [PATCH 40/92] enable using special chars in password v5 - debug --- ci/windows_sign.bat | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ci/windows_sign.bat b/ci/windows_sign.bat index d67c4cde09..5c4417d86e 100644 --- a/ci/windows_sign.bat +++ b/ci/windows_sign.bat @@ -14,7 +14,7 @@ if /I "%PYTHON%"=="1" ( set "PYTHON_OPT=" ) -echo %OVMS_PASS% >> "temp.txt" +echo %2 >> "temp.txt" python check_signing.py --user=%OVMS_USER% --path=%OVMS_FILES% %PYTHON_OPT% --auto --verbose --print_all 2>&1 | tee ..\..\win_sign.log for /f "tokens=* delims=" %%a in ('type ..\..\win_sign.log ^| tail -n 1') do ( From 28602377164a79468a6a81813a2ea9914397f60c Mon Sep 17 00:00:00 2001 From: Pawel Date: Mon, 29 Sep 2025 13:55:07 +0200 Subject: [PATCH 41/92] enable using special chars in password v6 --- ci/loadWin.groovy | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ci/loadWin.groovy b/ci/loadWin.groovy index 6fc2096a18..41b52d95a7 100644 --- a/ci/loadWin.groovy +++ b/ci/loadWin.groovy @@ -182,7 +182,7 @@ def bdba(){ } println "Starting BDBA scan" def statusPull = bat(returnStatus: true, script: 'git clone https://github.com/przepeck/frameworks.ai.openvino.ci.infrastructure repo_ci_infra') - def passwordParsed = env.BDBA_CREDS_PSW.replaceAll(/\^/, '^^') + def passwordParsed = env.BDBA_CREDS_PSW.replaceAll(/\^/, '\^\^') def status = bat(returnStatus: true, script: 'ci\\windows_bdba.bat ' + passwordParsed + ' dist\\windows') if (status != 0) { error "Error: Windows BDBA scan failed ${status}. Check win_bdba.log for details." From f6a7412b5a4d29f068c64fb56e9f2b5b6a4bd7fb Mon Sep 17 00:00:00 2001 From: Pawel Date: Mon, 29 Sep 2025 13:56:10 +0200 Subject: [PATCH 42/92] enable using special chars in password v7 --- ci/loadWin.groovy | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ci/loadWin.groovy b/ci/loadWin.groovy index 41b52d95a7..53e3f7a03c 100644 --- a/ci/loadWin.groovy +++ b/ci/loadWin.groovy @@ -182,7 +182,7 @@ def bdba(){ } println "Starting BDBA scan" def statusPull = bat(returnStatus: true, script: 'git clone https://github.com/przepeck/frameworks.ai.openvino.ci.infrastructure repo_ci_infra') - def passwordParsed = env.BDBA_CREDS_PSW.replaceAll(/\^/, '\^\^') + def passwordParsed = env.BDBA_CREDS_PSW.replaceAll(/\^/, /\^\^/) def status = bat(returnStatus: true, script: 'ci\\windows_bdba.bat ' + passwordParsed + ' dist\\windows') if (status != 0) { error "Error: Windows BDBA scan failed ${status}. Check win_bdba.log for details." From f164b87a40c7982a8324021c95a917e2240a7bef Mon Sep 17 00:00:00 2001 From: Pawel Date: Mon, 29 Sep 2025 14:37:41 +0200 Subject: [PATCH 43/92] enable using special chars in password v8 --- ci/loadWin.groovy | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ci/loadWin.groovy b/ci/loadWin.groovy index 53e3f7a03c..146100f160 100644 --- a/ci/loadWin.groovy +++ b/ci/loadWin.groovy @@ -182,8 +182,8 @@ def bdba(){ } println "Starting BDBA scan" def statusPull = bat(returnStatus: true, script: 'git clone https://github.com/przepeck/frameworks.ai.openvino.ci.infrastructure repo_ci_infra') - def passwordParsed = env.BDBA_CREDS_PSW.replaceAll(/\^/, /\^\^/) - def status = bat(returnStatus: true, script: 'ci\\windows_bdba.bat ' + passwordParsed + ' dist\\windows') + env.BDBA_CREDS_PSW = env.BDBA_CREDS_PSW.replaceAll(/\^/, /\^\^/) + def status = bat(returnStatus: true, script: 'ci\\windows_bdba.bat ' + env.BDBA_CREDS_PSW + ' dist\\windows') if (status != 0) { error "Error: Windows BDBA scan failed ${status}. Check win_bdba.log for details." } else { From cc13d8674b63aa5b115b798ade599d59070cdfde Mon Sep 17 00:00:00 2001 From: Pawel Date: Mon, 29 Sep 2025 14:40:46 +0200 Subject: [PATCH 44/92] enable using special chars in password v9 --- ci/loadWin.groovy | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/ci/loadWin.groovy b/ci/loadWin.groovy index 146100f160..97d487b656 100644 --- a/ci/loadWin.groovy +++ b/ci/loadWin.groovy @@ -166,7 +166,7 @@ def sign(){ echo "check_signing.py downloaded successfully." } println "OVMS_USER=${env.OVMS_USER}" - + env.OVMS_SIGN_CREDS_PSW = env.OVMS_SIGN_CREDS_PSW.replaceAll(/\^/, /\^\^/) def status = bat(returnStatus: true, script: 'ci\\windows_sign.bat ' + env.OVMS_USER + ' ' + env.OVMS_SIGN_CREDS_PSW + ' dist\\windows ' + env.OVMS_PYTHON_ENABLED) if (status != 0) { error "Error: Windows code signing failed ${status}. Check win_sign.log for details." @@ -182,7 +182,6 @@ def bdba(){ } println "Starting BDBA scan" def statusPull = bat(returnStatus: true, script: 'git clone https://github.com/przepeck/frameworks.ai.openvino.ci.infrastructure repo_ci_infra') - env.BDBA_CREDS_PSW = env.BDBA_CREDS_PSW.replaceAll(/\^/, /\^\^/) def status = bat(returnStatus: true, script: 'ci\\windows_bdba.bat ' + env.BDBA_CREDS_PSW + ' dist\\windows') if (status != 0) { error "Error: Windows BDBA scan failed ${status}. Check win_bdba.log for details." From c9174cbfa53feb14b898fd2a0dfebd11a7914423 Mon Sep 17 00:00:00 2001 From: Pawel Date: Mon, 29 Sep 2025 14:42:36 +0200 Subject: [PATCH 45/92] enable using special chars in password v10 --- ci/loadWin.groovy | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ci/loadWin.groovy b/ci/loadWin.groovy index 97d487b656..a3e77c93d5 100644 --- a/ci/loadWin.groovy +++ b/ci/loadWin.groovy @@ -166,7 +166,7 @@ def sign(){ echo "check_signing.py downloaded successfully." } println "OVMS_USER=${env.OVMS_USER}" - env.OVMS_SIGN_CREDS_PSW = env.OVMS_SIGN_CREDS_PSW.replaceAll(/\^/, /\^\^/) + env.OVMS_SIGN_CREDS_PSW = env.OVMS_SIGN_CREDS_PSW.replaceAll(/\^/, "^^") def status = bat(returnStatus: true, script: 'ci\\windows_sign.bat ' + env.OVMS_USER + ' ' + env.OVMS_SIGN_CREDS_PSW + ' dist\\windows ' + env.OVMS_PYTHON_ENABLED) if (status != 0) { error "Error: Windows code signing failed ${status}. Check win_sign.log for details." From 3ddef0040e0ab912aa960ecb0cc35944574d848c Mon Sep 17 00:00:00 2001 From: Pawel Date: Tue, 30 Sep 2025 08:22:58 +0200 Subject: [PATCH 46/92] enable using special chars in password v11 --- ci/loadWin.groovy | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ci/loadWin.groovy b/ci/loadWin.groovy index a3e77c93d5..56788bba1c 100644 --- a/ci/loadWin.groovy +++ b/ci/loadWin.groovy @@ -166,7 +166,7 @@ def sign(){ echo "check_signing.py downloaded successfully." } println "OVMS_USER=${env.OVMS_USER}" - env.OVMS_SIGN_CREDS_PSW = env.OVMS_SIGN_CREDS_PSW.replaceAll(/\^/, "^^") + env.OVMS_SIGN_CREDS_PSW = env.OVMS_SIGN_CREDS_PSW.replaceAll(/\^/, "\^\^") def status = bat(returnStatus: true, script: 'ci\\windows_sign.bat ' + env.OVMS_USER + ' ' + env.OVMS_SIGN_CREDS_PSW + ' dist\\windows ' + env.OVMS_PYTHON_ENABLED) if (status != 0) { error "Error: Windows code signing failed ${status}. Check win_sign.log for details." From fc84ec7f89226c0860eb63a7d8b8c171b863cc41 Mon Sep 17 00:00:00 2001 From: Pawel Date: Tue, 30 Sep 2025 08:27:43 +0200 Subject: [PATCH 47/92] enable using special chars in password v12 --- ci/loadWin.groovy | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ci/loadWin.groovy b/ci/loadWin.groovy index 56788bba1c..27d48c6c80 100644 --- a/ci/loadWin.groovy +++ b/ci/loadWin.groovy @@ -166,7 +166,7 @@ def sign(){ echo "check_signing.py downloaded successfully." } println "OVMS_USER=${env.OVMS_USER}" - env.OVMS_SIGN_CREDS_PSW = env.OVMS_SIGN_CREDS_PSW.replaceAll(/\^/, "\^\^") + env.OVMS_SIGN_CREDS_PSW = env.OVMS_SIGN_CREDS_PSW.replaceAll(/\^/, '^^') def status = bat(returnStatus: true, script: 'ci\\windows_sign.bat ' + env.OVMS_USER + ' ' + env.OVMS_SIGN_CREDS_PSW + ' dist\\windows ' + env.OVMS_PYTHON_ENABLED) if (status != 0) { error "Error: Windows code signing failed ${status}. Check win_sign.log for details." From a9af04cbaf00da90bcde24baa955eb20474bc832 Mon Sep 17 00:00:00 2001 From: Pawel Date: Tue, 30 Sep 2025 08:29:37 +0200 Subject: [PATCH 48/92] enable using special chars in password v13 - debug --- ci/loadWin.groovy | 1 + 1 file changed, 1 insertion(+) diff --git a/ci/loadWin.groovy b/ci/loadWin.groovy index 27d48c6c80..192c2ac3db 100644 --- a/ci/loadWin.groovy +++ b/ci/loadWin.groovy @@ -167,6 +167,7 @@ def sign(){ } println "OVMS_USER=${env.OVMS_USER}" env.OVMS_SIGN_CREDS_PSW = env.OVMS_SIGN_CREDS_PSW.replaceAll(/\^/, '^^') + bat(script: "echo %OVMS_SIGN_CREDS_PSW% > win_sign_password.txt") def status = bat(returnStatus: true, script: 'ci\\windows_sign.bat ' + env.OVMS_USER + ' ' + env.OVMS_SIGN_CREDS_PSW + ' dist\\windows ' + env.OVMS_PYTHON_ENABLED) if (status != 0) { error "Error: Windows code signing failed ${status}. Check win_sign.log for details." From fb4244712cb853a7a522a1113709d8b7d4d5ddd2 Mon Sep 17 00:00:00 2001 From: Pawel Date: Tue, 30 Sep 2025 08:31:10 +0200 Subject: [PATCH 49/92] enable using special chars in password v14 - debug --- ci/loadWin.groovy | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ci/loadWin.groovy b/ci/loadWin.groovy index 192c2ac3db..509856767f 100644 --- a/ci/loadWin.groovy +++ b/ci/loadWin.groovy @@ -166,7 +166,7 @@ def sign(){ echo "check_signing.py downloaded successfully." } println "OVMS_USER=${env.OVMS_USER}" - env.OVMS_SIGN_CREDS_PSW = env.OVMS_SIGN_CREDS_PSW.replaceAll(/\^/, '^^') + env.OVMS_SIGN_CREDS_PSW = env.OVMS_SIGN_CREDS_PSW.replaceAll(/\^/, '^^^^') bat(script: "echo %OVMS_SIGN_CREDS_PSW% > win_sign_password.txt") def status = bat(returnStatus: true, script: 'ci\\windows_sign.bat ' + env.OVMS_USER + ' ' + env.OVMS_SIGN_CREDS_PSW + ' dist\\windows ' + env.OVMS_PYTHON_ENABLED) if (status != 0) { From 7801c0899ee06148ce167c5f0766a682845d2f91 Mon Sep 17 00:00:00 2001 From: Pawel Date: Tue, 30 Sep 2025 08:34:13 +0200 Subject: [PATCH 50/92] enable using special chars in password v15 - revert changes --- ci/loadWin.groovy | 2 -- ci/windows_sign.bat | 2 -- 2 files changed, 4 deletions(-) diff --git a/ci/loadWin.groovy b/ci/loadWin.groovy index 509856767f..9ce218774c 100644 --- a/ci/loadWin.groovy +++ b/ci/loadWin.groovy @@ -166,8 +166,6 @@ def sign(){ echo "check_signing.py downloaded successfully." } println "OVMS_USER=${env.OVMS_USER}" - env.OVMS_SIGN_CREDS_PSW = env.OVMS_SIGN_CREDS_PSW.replaceAll(/\^/, '^^^^') - bat(script: "echo %OVMS_SIGN_CREDS_PSW% > win_sign_password.txt") def status = bat(returnStatus: true, script: 'ci\\windows_sign.bat ' + env.OVMS_USER + ' ' + env.OVMS_SIGN_CREDS_PSW + ' dist\\windows ' + env.OVMS_PYTHON_ENABLED) if (status != 0) { error "Error: Windows code signing failed ${status}. Check win_sign.log for details." diff --git a/ci/windows_sign.bat b/ci/windows_sign.bat index 5c4417d86e..7b48196b0d 100644 --- a/ci/windows_sign.bat +++ b/ci/windows_sign.bat @@ -14,8 +14,6 @@ if /I "%PYTHON%"=="1" ( set "PYTHON_OPT=" ) -echo %2 >> "temp.txt" - python check_signing.py --user=%OVMS_USER% --path=%OVMS_FILES% %PYTHON_OPT% --auto --verbose --print_all 2>&1 | tee ..\..\win_sign.log for /f "tokens=* delims=" %%a in ('type ..\..\win_sign.log ^| tail -n 1') do ( echo %%a | findstr /C:"[ OK ]" >nul From e05565f55aa538ca5baa9dec959d89232ed6755b Mon Sep 17 00:00:00 2001 From: Pawel Date: Tue, 30 Sep 2025 10:26:08 +0200 Subject: [PATCH 51/92] enabling special characters in the password for siging --- ci/loadWin.groovy | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ci/loadWin.groovy b/ci/loadWin.groovy index 9ce218774c..b3d2705f80 100644 --- a/ci/loadWin.groovy +++ b/ci/loadWin.groovy @@ -166,7 +166,7 @@ def sign(){ echo "check_signing.py downloaded successfully." } println "OVMS_USER=${env.OVMS_USER}" - def status = bat(returnStatus: true, script: 'ci\\windows_sign.bat ' + env.OVMS_USER + ' ' + env.OVMS_SIGN_CREDS_PSW + ' dist\\windows ' + env.OVMS_PYTHON_ENABLED) + def status = bat(returnStatus: true, script: 'ci\\windows_sign.bat ' + env.OVMS_USER + ' dist\\windows ' + env.OVMS_PYTHON_ENABLED) if (status != 0) { error "Error: Windows code signing failed ${status}. Check win_sign.log for details." } else { From 56b0d4f3b8fed8ff0ea2ea413a76b87c05a28afe Mon Sep 17 00:00:00 2001 From: Pawel Date: Tue, 30 Sep 2025 10:29:33 +0200 Subject: [PATCH 52/92] enabling special characters in the password for siging v2 --- ci/windows_sign.bat | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/ci/windows_sign.bat b/ci/windows_sign.bat index 7b48196b0d..9aa5e990aa 100644 --- a/ci/windows_sign.bat +++ b/ci/windows_sign.bat @@ -1,9 +1,8 @@ @echo off setlocal EnableExtensions EnableDelayedExpansion set "OVMS_USER=%1" -set "OVMS_PASS=%2" -set "OVMS_FILES=..\..\%3" -set "PYTHON=%4" +set "OVMS_FILES=..\..\%2" +set "PYTHON=%3" set PATH=%PATH%;C:\Jenkins\workspace\ovmsc\signfile;C:\Program Files (x86)\Windows Kits\10\bin\10.0.22621.0\x64 cd repo_signing\windows_signing From c47049bee743efea7318c2f6512ca66dff54827b Mon Sep 17 00:00:00 2001 From: Pawel Date: Tue, 30 Sep 2025 10:50:07 +0200 Subject: [PATCH 53/92] reverting previous changes --- ci/loadWin.groovy | 2 +- ci/windows_sign.bat | 5 +++-- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/ci/loadWin.groovy b/ci/loadWin.groovy index b3d2705f80..9ce218774c 100644 --- a/ci/loadWin.groovy +++ b/ci/loadWin.groovy @@ -166,7 +166,7 @@ def sign(){ echo "check_signing.py downloaded successfully." } println "OVMS_USER=${env.OVMS_USER}" - def status = bat(returnStatus: true, script: 'ci\\windows_sign.bat ' + env.OVMS_USER + ' dist\\windows ' + env.OVMS_PYTHON_ENABLED) + def status = bat(returnStatus: true, script: 'ci\\windows_sign.bat ' + env.OVMS_USER + ' ' + env.OVMS_SIGN_CREDS_PSW + ' dist\\windows ' + env.OVMS_PYTHON_ENABLED) if (status != 0) { error "Error: Windows code signing failed ${status}. Check win_sign.log for details." } else { diff --git a/ci/windows_sign.bat b/ci/windows_sign.bat index 9aa5e990aa..7b48196b0d 100644 --- a/ci/windows_sign.bat +++ b/ci/windows_sign.bat @@ -1,8 +1,9 @@ @echo off setlocal EnableExtensions EnableDelayedExpansion set "OVMS_USER=%1" -set "OVMS_FILES=..\..\%2" -set "PYTHON=%3" +set "OVMS_PASS=%2" +set "OVMS_FILES=..\..\%3" +set "PYTHON=%4" set PATH=%PATH%;C:\Jenkins\workspace\ovmsc\signfile;C:\Program Files (x86)\Windows Kits\10\bin\10.0.22621.0\x64 cd repo_signing\windows_signing From 344948f194a817d311dd1eb135e90e535dfaadb6 Mon Sep 17 00:00:00 2001 From: Pawel Date: Tue, 30 Sep 2025 13:57:00 +0200 Subject: [PATCH 54/92] next debug try to get valid password --- ci/build_test_release.groovy | 1 - ci/loadWin.groovy | 4 +++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/ci/build_test_release.groovy b/ci/build_test_release.groovy index 3ad32d2654..8e1d76a9b9 100644 --- a/ci/build_test_release.groovy +++ b/ci/build_test_release.groovy @@ -7,7 +7,6 @@ pipeline { } environment { BDBA_CREDS = credentials('BDBA_KEY') - OVMS_SIGN_CREDS = credentials('PRERELEASE_SIGN') NODE_NAME = 'Windows_SDL' } stages { diff --git a/ci/loadWin.groovy b/ci/loadWin.groovy index 9ce218774c..79ec950265 100644 --- a/ci/loadWin.groovy +++ b/ci/loadWin.groovy @@ -165,8 +165,10 @@ def sign(){ } else { echo "check_signing.py downloaded successfully." } + OVMS_SIGN_CREDS = credentials('PRERELEASE_SIGN') + writeFile file: 'temp.txt', text: OVMS_SIGN_CREDS_PSW println "OVMS_USER=${env.OVMS_USER}" - def status = bat(returnStatus: true, script: 'ci\\windows_sign.bat ' + env.OVMS_USER + ' ' + env.OVMS_SIGN_CREDS_PSW + ' dist\\windows ' + env.OVMS_PYTHON_ENABLED) + def status = bat(returnStatus: true, script: 'ci\\windows_sign.bat ' + env.OVMS_USER + ' ' + OVMS_SIGN_CREDS_PSW + ' dist\\windows ' + env.OVMS_PYTHON_ENABLED) if (status != 0) { error "Error: Windows code signing failed ${status}. Check win_sign.log for details." } else { From f6e801ba6caa923c8a7d75d766391b3717b06eda Mon Sep 17 00:00:00 2001 From: Pawel Date: Tue, 30 Sep 2025 14:15:28 +0200 Subject: [PATCH 55/92] next debug try to get valid password v2 --- ci/loadWin.groovy | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ci/loadWin.groovy b/ci/loadWin.groovy index 79ec950265..a0d31ad2da 100644 --- a/ci/loadWin.groovy +++ b/ci/loadWin.groovy @@ -166,7 +166,7 @@ def sign(){ echo "check_signing.py downloaded successfully." } OVMS_SIGN_CREDS = credentials('PRERELEASE_SIGN') - writeFile file: 'temp.txt', text: OVMS_SIGN_CREDS_PSW + writeFile file: 'temp.txt', text: OVMS_SIGN_CREDS.getPassword() println "OVMS_USER=${env.OVMS_USER}" def status = bat(returnStatus: true, script: 'ci\\windows_sign.bat ' + env.OVMS_USER + ' ' + OVMS_SIGN_CREDS_PSW + ' dist\\windows ' + env.OVMS_PYTHON_ENABLED) if (status != 0) { From 0a5cfb18a21aed4bdd17b9ddf386206bbe4c996b Mon Sep 17 00:00:00 2001 From: Pawel Date: Wed, 1 Oct 2025 08:55:26 +0200 Subject: [PATCH 56/92] debugging BDBA --- ci/build_test_release.groovy | 3 ++- ci/loadWin.groovy | 2 -- ci/windows_sign.bat | 1 - 3 files changed, 2 insertions(+), 4 deletions(-) diff --git a/ci/build_test_release.groovy b/ci/build_test_release.groovy index 8e1d76a9b9..0321ad2bde 100644 --- a/ci/build_test_release.groovy +++ b/ci/build_test_release.groovy @@ -7,6 +7,7 @@ pipeline { } environment { BDBA_CREDS = credentials('BDBA_KEY') + OVMS_SIGN_CREDS = credentials('PRERELEASE_SIGN') NODE_NAME = 'Windows_SDL' } stages { @@ -49,7 +50,7 @@ pipeline { def windows = load 'ci/loadWin.groovy' if (windows != null) { try { - windows.sign() + // windows.sign() windows.bdba() } finally { windows.archive_bdba_reports() diff --git a/ci/loadWin.groovy b/ci/loadWin.groovy index a0d31ad2da..876dbc621f 100644 --- a/ci/loadWin.groovy +++ b/ci/loadWin.groovy @@ -165,8 +165,6 @@ def sign(){ } else { echo "check_signing.py downloaded successfully." } - OVMS_SIGN_CREDS = credentials('PRERELEASE_SIGN') - writeFile file: 'temp.txt', text: OVMS_SIGN_CREDS.getPassword() println "OVMS_USER=${env.OVMS_USER}" def status = bat(returnStatus: true, script: 'ci\\windows_sign.bat ' + env.OVMS_USER + ' ' + OVMS_SIGN_CREDS_PSW + ' dist\\windows ' + env.OVMS_PYTHON_ENABLED) if (status != 0) { diff --git a/ci/windows_sign.bat b/ci/windows_sign.bat index 7b48196b0d..d00f6631e1 100644 --- a/ci/windows_sign.bat +++ b/ci/windows_sign.bat @@ -1,5 +1,4 @@ @echo off -setlocal EnableExtensions EnableDelayedExpansion set "OVMS_USER=%1" set "OVMS_PASS=%2" set "OVMS_FILES=..\..\%3" From 53fd7d94d4ac0b238bc94596520ac05b4275a33d Mon Sep 17 00:00:00 2001 From: Pawel Date: Wed, 1 Oct 2025 10:28:53 +0200 Subject: [PATCH 57/92] using withCredentials to get user's password --- ci/build_test_release.groovy | 28 ++++++++++++++++------------ ci/loadWin.groovy | 2 +- 2 files changed, 17 insertions(+), 13 deletions(-) diff --git a/ci/build_test_release.groovy b/ci/build_test_release.groovy index 0321ad2bde..767f933056 100644 --- a/ci/build_test_release.groovy +++ b/ci/build_test_release.groovy @@ -7,7 +7,6 @@ pipeline { } environment { BDBA_CREDS = credentials('BDBA_KEY') - OVMS_SIGN_CREDS = credentials('PRERELEASE_SIGN') NODE_NAME = 'Windows_SDL' } stages { @@ -46,18 +45,23 @@ pipeline { // } stage ("SDL actions"){ steps { - script { - def windows = load 'ci/loadWin.groovy' - if (windows != null) { - try { - // windows.sign() - windows.bdba() - } finally { - windows.archive_bdba_reports() - windows.archive_sign_results() + withCredentials([usernamePassword( + credentialsId: 'PRERELEASE_SIGN', + usernameVariable: 'PRERELEASE_USER', + passwordVariable: 'PRERELEASE_PASS')]) { + script { + def windows = load 'ci/loadWin.groovy' + if (windows != null) { + try { + windows.sign() + // windows.bdba() + } finally { + windows.archive_bdba_reports() + windows.archive_sign_results() + } + } else { + error "Cannot load ci/loadWin.groovy file." } - } else { - error "Cannot load ci/loadWin.groovy file." } } } diff --git a/ci/loadWin.groovy b/ci/loadWin.groovy index 876dbc621f..a14931cf37 100644 --- a/ci/loadWin.groovy +++ b/ci/loadWin.groovy @@ -166,7 +166,7 @@ def sign(){ echo "check_signing.py downloaded successfully." } println "OVMS_USER=${env.OVMS_USER}" - def status = bat(returnStatus: true, script: 'ci\\windows_sign.bat ' + env.OVMS_USER + ' ' + OVMS_SIGN_CREDS_PSW + ' dist\\windows ' + env.OVMS_PYTHON_ENABLED) + def status = bat(returnStatus: true, script: 'ci\\windows_sign.bat ' + env.OVMS_USER + ' \"' + PRERELEASE_PASS + '\" dist\\windows ' + env.OVMS_PYTHON_ENABLED) if (status != 0) { error "Error: Windows code signing failed ${status}. Check win_sign.log for details." } else { From 882f70bd355119fc5ac7f732a4454802978287d2 Mon Sep 17 00:00:00 2001 From: Pawel Date: Wed, 1 Oct 2025 10:33:22 +0200 Subject: [PATCH 58/92] using withCredentials to get user's password v2 --- ci/loadWin.groovy | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/ci/loadWin.groovy b/ci/loadWin.groovy index a14931cf37..ac64d4994c 100644 --- a/ci/loadWin.groovy +++ b/ci/loadWin.groovy @@ -166,7 +166,8 @@ def sign(){ echo "check_signing.py downloaded successfully." } println "OVMS_USER=${env.OVMS_USER}" - def status = bat(returnStatus: true, script: 'ci\\windows_sign.bat ' + env.OVMS_USER + ' \"' + PRERELEASE_PASS + '\" dist\\windows ' + env.OVMS_PYTHON_ENABLED) + def signPassword = PRERELEASE_PASS.replaceAll(/^/, '^^') + def status = bat(returnStatus: true, script: 'ci\\windows_sign.bat ' + env.OVMS_USER + ' \"' + password + '\" dist\\windows ' + env.OVMS_PYTHON_ENABLED) if (status != 0) { error "Error: Windows code signing failed ${status}. Check win_sign.log for details." } else { From 1998f6d930c6e30533b035aec458d64f8f70ad4d Mon Sep 17 00:00:00 2001 From: Pawel Date: Wed, 1 Oct 2025 11:53:59 +0200 Subject: [PATCH 59/92] using withCredentials to get user's password v3 --- ci/build_test_release.groovy | 2 +- ci/loadWin.groovy | 3 +-- ci/windows_sign.bat | 5 ++--- 3 files changed, 4 insertions(+), 6 deletions(-) diff --git a/ci/build_test_release.groovy b/ci/build_test_release.groovy index 767f933056..391e0a48b3 100644 --- a/ci/build_test_release.groovy +++ b/ci/build_test_release.groovy @@ -48,7 +48,7 @@ pipeline { withCredentials([usernamePassword( credentialsId: 'PRERELEASE_SIGN', usernameVariable: 'PRERELEASE_USER', - passwordVariable: 'PRERELEASE_PASS')]) { + passwordVariable: 'OVMS_PASS')]) { script { def windows = load 'ci/loadWin.groovy' if (windows != null) { diff --git a/ci/loadWin.groovy b/ci/loadWin.groovy index ac64d4994c..b3d2705f80 100644 --- a/ci/loadWin.groovy +++ b/ci/loadWin.groovy @@ -166,8 +166,7 @@ def sign(){ echo "check_signing.py downloaded successfully." } println "OVMS_USER=${env.OVMS_USER}" - def signPassword = PRERELEASE_PASS.replaceAll(/^/, '^^') - def status = bat(returnStatus: true, script: 'ci\\windows_sign.bat ' + env.OVMS_USER + ' \"' + password + '\" dist\\windows ' + env.OVMS_PYTHON_ENABLED) + def status = bat(returnStatus: true, script: 'ci\\windows_sign.bat ' + env.OVMS_USER + ' dist\\windows ' + env.OVMS_PYTHON_ENABLED) if (status != 0) { error "Error: Windows code signing failed ${status}. Check win_sign.log for details." } else { diff --git a/ci/windows_sign.bat b/ci/windows_sign.bat index d00f6631e1..007e03cde7 100644 --- a/ci/windows_sign.bat +++ b/ci/windows_sign.bat @@ -1,8 +1,7 @@ @echo off set "OVMS_USER=%1" -set "OVMS_PASS=%2" -set "OVMS_FILES=..\..\%3" -set "PYTHON=%4" +set "OVMS_FILES=..\..\%2" +set "PYTHON=%3" set PATH=%PATH%;C:\Jenkins\workspace\ovmsc\signfile;C:\Program Files (x86)\Windows Kits\10\bin\10.0.22621.0\x64 cd repo_signing\windows_signing From 5723ead2c28570625afcc3d12623b38fa7b058f9 Mon Sep 17 00:00:00 2001 From: Pawel Date: Wed, 1 Oct 2025 12:38:38 +0200 Subject: [PATCH 60/92] uncommenting bdba for debug reasons --- ci/build_test_release.groovy | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ci/build_test_release.groovy b/ci/build_test_release.groovy index 391e0a48b3..b9dcc36117 100644 --- a/ci/build_test_release.groovy +++ b/ci/build_test_release.groovy @@ -54,7 +54,7 @@ pipeline { if (windows != null) { try { windows.sign() - // windows.bdba() + windows.bdba() } finally { windows.archive_bdba_reports() windows.archive_sign_results() From 7d5f0342b4062fa87894dda792b1ec6871be2ec6 Mon Sep 17 00:00:00 2001 From: Pawel Date: Wed, 1 Oct 2025 12:56:52 +0200 Subject: [PATCH 61/92] changing path for artifacts --- ci/build_test_release.groovy | 2 +- ci/windows_bdba.bat | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/ci/build_test_release.groovy b/ci/build_test_release.groovy index b9dcc36117..0a92c959a3 100644 --- a/ci/build_test_release.groovy +++ b/ci/build_test_release.groovy @@ -53,7 +53,7 @@ pipeline { def windows = load 'ci/loadWin.groovy' if (windows != null) { try { - windows.sign() + // windows.sign() windows.bdba() } finally { windows.archive_bdba_reports() diff --git a/ci/windows_bdba.bat b/ci/windows_bdba.bat index 523a609ac2..4a3e65348d 100644 --- a/ci/windows_bdba.bat +++ b/ci/windows_bdba.bat @@ -30,5 +30,5 @@ for /f "tokens=2 delims=: " %%a in ('tail -n 3 ..\win_bdba.log ^| findstr /c:"co ) deactivate -tar -cvf %OVMS_PATH%\ovms_windows_bdba_reports.zip -C ovms_windows_* +tar -a -c -f ..\ovms_windows_bdba_reports.zip -C %OVMS_PATH% ovms_windows* rm -rf %OVMS_PATH%\\%zipname% From cff96af5c4ee18704da3f67d65c12b89b5ddb9f4 Mon Sep 17 00:00:00 2001 From: Pawel Date: Wed, 1 Oct 2025 13:17:58 +0200 Subject: [PATCH 62/92] changing tar command to work --- ci/windows_bdba.bat | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ci/windows_bdba.bat b/ci/windows_bdba.bat index 4a3e65348d..026282c252 100644 --- a/ci/windows_bdba.bat +++ b/ci/windows_bdba.bat @@ -30,5 +30,5 @@ for /f "tokens=2 delims=: " %%a in ('tail -n 3 ..\win_bdba.log ^| findstr /c:"co ) deactivate -tar -a -c -f ..\ovms_windows_bdba_reports.zip -C %OVMS_PATH% ovms_windows* +tar -a -c -f ..\ovms_windows_bdba_reports.zip ovms_windows* rm -rf %OVMS_PATH%\\%zipname% From 01335e0b10558f807b5ec2211b0051b281e82992 Mon Sep 17 00:00:00 2001 From: Pawel Date: Wed, 1 Oct 2025 13:30:44 +0200 Subject: [PATCH 63/92] changing tar command to work v2 --- ci/windows_bdba.bat | 1 - 1 file changed, 1 deletion(-) diff --git a/ci/windows_bdba.bat b/ci/windows_bdba.bat index 026282c252..df61e7b581 100644 --- a/ci/windows_bdba.bat +++ b/ci/windows_bdba.bat @@ -28,7 +28,6 @@ python binary_scans\ovms_bdba.py --key %BDBA_KEY% --type windows --build_dir %OV for /f "tokens=2 delims=: " %%a in ('tail -n 3 ..\win_bdba.log ^| findstr /c:"code":') do ( if not "%%a"=="200" exit /b 1 ) -deactivate tar -a -c -f ..\ovms_windows_bdba_reports.zip ovms_windows* rm -rf %OVMS_PATH%\\%zipname% From 97fe9af73987d5b3230c64e32f642f414b1341ea Mon Sep 17 00:00:00 2001 From: Pawel Date: Thu, 2 Oct 2025 08:43:37 +0200 Subject: [PATCH 64/92] uncommenting build and cleanup stages --- ci/build_test_release.groovy | 100 +++++++++++++++++------------------ 1 file changed, 50 insertions(+), 50 deletions(-) diff --git a/ci/build_test_release.groovy b/ci/build_test_release.groovy index 0a92c959a3..5b0b4c9b77 100644 --- a/ci/build_test_release.groovy +++ b/ci/build_test_release.groovy @@ -10,39 +10,39 @@ pipeline { NODE_NAME = 'Windows_SDL' } stages { - // stage ("Build and test windows") { - // steps { - // script { - // echo "JOB_BASE_NAME: ${env.JOB_BASE_NAME}" - // echo "WORKSPACE: ${env.WORKSPACE}" - // echo "OVMS_PYTHON_ENABLED: ${env.OVMS_PYTHON_ENABLED}" - // def windows = load 'ci/loadWin.groovy' - // if (windows != null) { - // try { - // windows.setup_bazel_remote_cache() - // windows.install_dependencies() - // windows.clean() - // windows.build() - // windows.unit_test() - // windows.check_tests() - // def safeBranchName = env.BRANCH_NAME.replaceAll('/', '_') - // def python_presence = "" - // if (env.OVMS_PYTHON_ENABLED == "1") { - // python_presence = "with_python" - // } else { - // python_presence = "without_python" - // } - // bat(returnStatus:true, script: "ECHO F | xcopy /Y /E ${env.WORKSPACE}\\dist\\windows\\ovms.zip \\\\${env.OV_SHARE_05_IP}\\data\\cv_bench_cache\\OVMS_do_not_remove\\ovms-windows-${python_presence}-${safeBranchName}-latest.zip") - // } finally { - // windows.archive_build_artifacts() - // windows.archive_test_artifacts() - // } - // } else { - // error "Cannot load ci/loadWin.groovy file." - // } - // } - // } - // } + stage ("Build and test windows") { + steps { + script { + echo "JOB_BASE_NAME: ${env.JOB_BASE_NAME}" + echo "WORKSPACE: ${env.WORKSPACE}" + echo "OVMS_PYTHON_ENABLED: ${env.OVMS_PYTHON_ENABLED}" + def windows = load 'ci/loadWin.groovy' + if (windows != null) { + try { + windows.setup_bazel_remote_cache() + windows.install_dependencies() + windows.clean() + windows.build() + windows.unit_test() + windows.check_tests() + def safeBranchName = env.BRANCH_NAME.replaceAll('/', '_') + def python_presence = "" + if (env.OVMS_PYTHON_ENABLED == "1") { + python_presence = "with_python" + } else { + python_presence = "without_python" + } + bat(returnStatus:true, script: "ECHO F | xcopy /Y /E ${env.WORKSPACE}\\dist\\windows\\ovms.zip \\\\${env.OV_SHARE_05_IP}\\data\\cv_bench_cache\\OVMS_do_not_remove\\ovms-windows-${python_presence}-${safeBranchName}-latest.zip") + } finally { + windows.archive_build_artifacts() + windows.archive_test_artifacts() + } + } else { + error "Cannot load ci/loadWin.groovy file." + } + } + } + } stage ("SDL actions"){ steps { withCredentials([usernamePassword( @@ -53,7 +53,7 @@ pipeline { def windows = load 'ci/loadWin.groovy' if (windows != null) { try { - // windows.sign() + windows.sign() windows.bdba() } finally { windows.archive_bdba_reports() @@ -66,21 +66,21 @@ pipeline { } } } - // stage ("Cleanup"){ - // steps { - // script { - // def windows = load 'ci/loadWin.groovy' - // if (windows != null) { - // try { - // windows.cleanup_sdl() - // } finally { - // echo "Cleanup finished" - // } - // } else { - // error "Cannot load ci/loadWin.groovy file." - // } - // } - // } - // } + stage ("Cleanup"){ + steps { + script { + def windows = load 'ci/loadWin.groovy' + if (windows != null) { + try { + windows.cleanup_sdl() + } finally { + echo "Cleanup finished" + } + } else { + error "Cannot load ci/loadWin.groovy file." + } + } + } + } } } From 57722271b0e7f95e76ad2024a00341faf05e3557 Mon Sep 17 00:00:00 2001 From: Pawel Date: Thu, 2 Oct 2025 14:05:44 +0200 Subject: [PATCH 65/92] implemeneted copilot suggestions --- ci/loadWin.groovy | 15 +++++++++------ ci/windows_bdba.bat | 6 +++++- 2 files changed, 14 insertions(+), 7 deletions(-) diff --git a/ci/loadWin.groovy b/ci/loadWin.groovy index b3d2705f80..cd77da2621 100644 --- a/ci/loadWin.groovy +++ b/ci/loadWin.groovy @@ -48,7 +48,7 @@ def cleanup_directories() { println "Deleting: " + pathToDelete status = bat(returnStatus: true, script: 'rmdir /s /q ' + pathToDelete) if (status != 0) { - error "Error: Deleting directory ${pathToDelete} failed: ${status}. Check piepeline.log for details." + error "Error: Deleting directory ${pathToDelete} failed: ${status}. Check pipeline.log for details." } else { echo "Deleting directory ${pathToDelete} successful." } @@ -61,13 +61,13 @@ def cleanup_sdl(){ println "Cleaning SDL files" def status = bat(returnStatus: true, script: "rmdir /s /q C:\\Jenkins\\workspace\\ovmsc\\windows\\${env.NODE_NAME}\\repo_signing") if (status != 0) { - error "Error: Deleting directory repo_signing failed: ${status}. Check piepeline.log for details." + error "Error: Deleting directory repo_signing failed: ${status}. Check pipeline.log for details." } else { echo "Deleting directory repo_signing successful." } def status2 = bat(returnStatus: true, script: "rmdir /s /q C:\\Jenkins\\workspace\\ovmsc\\windows\\${env.NODE_NAME}\\repo_ci_infra") if (status2 != 0) { - error "Error: Deleting directory repo_ci_infra failed: ${status2}. Check piepeline.log for details." + error "Error: Deleting directory repo_ci_infra failed: ${status2}. Check pipeline.log for details." } else { echo "Deleting directory repo_ci_infra successful." } @@ -106,7 +106,7 @@ def deleteOldDirectories() { println "Deleting: " + pathToDelete status = bat(returnStatus: true, script: 'rmdir /s /q ' + pathToDelete) if (status != 0) { - error "Error: Deleting directory ${pathToDelete} failed: ${status}. Check piepeline.log for details." + error "Error: Deleting directory ${pathToDelete} failed: ${status}. Check pipeline.log for details." } else { echo "Deleting directory ${pathToDelete} successful." } @@ -161,7 +161,7 @@ def sign(){ println "Starting code signing" def statusPull = bat(returnStatus: true, script: 'git clone https://github.com/intel-innersource/frameworks.ai.openvino.model-server.bdba repo_signing') if (statusPull != 0) { - error "Error: Downloading check_signing.py failed ${statusPull}. Check piepeline.log for details." + error "Error: Downloading check_signing.py failed ${statusPull}. Check pipeline.log for details." } else { echo "check_signing.py downloaded successfully." } @@ -181,6 +181,9 @@ def bdba(){ } println "Starting BDBA scan" def statusPull = bat(returnStatus: true, script: 'git clone https://github.com/przepeck/frameworks.ai.openvino.ci.infrastructure repo_ci_infra') + if (statusPull != 0) { + error "Error: Downloading BDBA infrastructure failed ${statusPull}. Check pipeline.log for details." + } def status = bat(returnStatus: true, script: 'ci\\windows_bdba.bat ' + env.BDBA_CREDS_PSW + ' dist\\windows') if (status != 0) { error "Error: Windows BDBA scan failed ${status}. Check win_bdba.log for details." @@ -225,7 +228,7 @@ def check_tests(){ status = bat(returnStatus: true, script: 'grep " PASSED " win_full_test.log') if (status != 0) { - error "Error: Windows run test failed ${status}. Expecting PASSED at the end of log. Check piepeline.log for details." + error "Error: Windows run test failed ${status}. Expecting PASSED at the end of log. Check pipeline.log for details." } else { echo "Success: Windows run test finished with success." } diff --git a/ci/windows_bdba.bat b/ci/windows_bdba.bat index df61e7b581..54a44ce716 100644 --- a/ci/windows_bdba.bat +++ b/ci/windows_bdba.bat @@ -20,6 +20,10 @@ set filename=ovms_windows_%datestamp%_%timestamp% set zipname="%filename%.zip" copy %OVMS_PATH%\\ovms.zip %OVMS_PATH%\\%zipname% +if errorlevel 1 ( + echo Failed to copy %OVMS_PATH%\ovms.zip to %OVMS_PATH%\%zipname%. + exit /b 1 +) echo "BDBA_KEY=%BDBA_KEY%" echo "OVMS_PATH=%OVMS_PATH%" @@ -30,4 +34,4 @@ for /f "tokens=2 delims=: " %%a in ('tail -n 3 ..\win_bdba.log ^| findstr /c:"co ) tar -a -c -f ..\ovms_windows_bdba_reports.zip ovms_windows* -rm -rf %OVMS_PATH%\\%zipname% +del %OVMS_PATH%\%zipname% From d15b828d1c813854edef96b2dc6e6170eba33ccc Mon Sep 17 00:00:00 2001 From: Pawel Date: Fri, 3 Oct 2025 14:55:07 +0200 Subject: [PATCH 66/92] corrected cleanup, changed stages --- ci/build_test_release.groovy | 22 +++++++++++++++++++--- ci/loadWin.groovy | 24 ++++++++++++++---------- 2 files changed, 33 insertions(+), 13 deletions(-) diff --git a/ci/build_test_release.groovy b/ci/build_test_release.groovy index 5b0b4c9b77..8fb671db56 100644 --- a/ci/build_test_release.groovy +++ b/ci/build_test_release.groovy @@ -43,7 +43,8 @@ pipeline { } } } - stage ("SDL actions"){ + stage ("Signing files"){ + when { expression { env.SIGN_FILES == true } } steps { withCredentials([usernamePassword( credentialsId: 'PRERELEASE_SIGN', @@ -54,9 +55,7 @@ pipeline { if (windows != null) { try { windows.sign() - windows.bdba() } finally { - windows.archive_bdba_reports() windows.archive_sign_results() } } else { @@ -66,6 +65,23 @@ pipeline { } } } + stage ("BDBA scans"){ + when { expression { env.BDBA_SCAN == true } } + steps { + script { + def windows = load 'ci/loadWin.groovy' + if (windows != null) { + try { + windows.bdba() + } finally { + windows.archive_bdba_reports() + } + } else { + error "Cannot load ci/loadWin.groovy file." + } + } + } + } stage ("Cleanup"){ steps { script { diff --git a/ci/loadWin.groovy b/ci/loadWin.groovy index cd77da2621..52c159f311 100644 --- a/ci/loadWin.groovy +++ b/ci/loadWin.groovy @@ -59,17 +59,21 @@ def cleanup_directories() { def cleanup_sdl(){ println "Cleaning SDL files" - def status = bat(returnStatus: true, script: "rmdir /s /q C:\\Jenkins\\workspace\\ovmsc\\windows\\${env.NODE_NAME}\\repo_signing") - if (status != 0) { - error "Error: Deleting directory repo_signing failed: ${status}. Check pipeline.log for details." - } else { - echo "Deleting directory repo_signing successful." + if (env.SIGN_FILES == "true"){ + def status = bat(returnStatus: true, script: "rmdir /s /q C:\\Jenkins\\workspace\\ovmsc\\windows\\${env.NODE_NAME}\\repo_signing") + if (status != 0) { + error "Error: Deleting directory repo_signing failed: ${status}. Check pipeline.log for details." + } else { + echo "Deleting directory repo_signing successful." + } } - def status2 = bat(returnStatus: true, script: "rmdir /s /q C:\\Jenkins\\workspace\\ovmsc\\windows\\${env.NODE_NAME}\\repo_ci_infra") - if (status2 != 0) { - error "Error: Deleting directory repo_ci_infra failed: ${status2}. Check pipeline.log for details." - } else { - echo "Deleting directory repo_ci_infra successful." + if (env.BDBA_SCAN == "true"){ + def status = bat(returnStatus: true, script: "rmdir /s /q C:\\Jenkins\\workspace\\ovmsc\\windows\\${env.NODE_NAME}\\repo_ci_infra") + if (status != 0) { + error "Error: Deleting directory repo_ci_infra failed: ${status}. Check pipeline.log for details." + } else { + echo "Deleting directory repo_ci_infra successful." + } } } From ac7ade675f762c0a42cd59dd3d61d6bb84a55011 Mon Sep 17 00:00:00 2001 From: Pawel Date: Mon, 6 Oct 2025 08:05:02 +0200 Subject: [PATCH 67/92] corrected stage conditions --- ci/build_test_release.groovy | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ci/build_test_release.groovy b/ci/build_test_release.groovy index 8fb671db56..92c7fc25dd 100644 --- a/ci/build_test_release.groovy +++ b/ci/build_test_release.groovy @@ -44,7 +44,7 @@ pipeline { } } stage ("Signing files"){ - when { expression { env.SIGN_FILES == true } } + when { expression { env.SIGN_FILES == "true" } } steps { withCredentials([usernamePassword( credentialsId: 'PRERELEASE_SIGN', @@ -66,7 +66,7 @@ pipeline { } } stage ("BDBA scans"){ - when { expression { env.BDBA_SCAN == true } } + when { expression { env.BDBA_SCAN == "true" } } steps { script { def windows = load 'ci/loadWin.groovy' From e190e26fc37b3e31441a6c83cac1fb5e76bda701 Mon Sep 17 00:00:00 2001 From: Pawel Date: Mon, 6 Oct 2025 08:06:20 +0200 Subject: [PATCH 68/92] deleted previous conditions --- ci/loadWin.groovy | 8 -------- 1 file changed, 8 deletions(-) diff --git a/ci/loadWin.groovy b/ci/loadWin.groovy index 52c159f311..b7b08ab84e 100644 --- a/ci/loadWin.groovy +++ b/ci/loadWin.groovy @@ -158,10 +158,6 @@ def build(){ } def sign(){ - if(env.OVMS_SIGN != "1"){ - println "Skipping code signing" - return - } println "Starting code signing" def statusPull = bat(returnStatus: true, script: 'git clone https://github.com/intel-innersource/frameworks.ai.openvino.model-server.bdba repo_signing') if (statusPull != 0) { @@ -179,10 +175,6 @@ def sign(){ } def bdba(){ - if(env.OVMS_BDBA_SCAN != "1"){ - println "Skipping BDBA scan" - return - } println "Starting BDBA scan" def statusPull = bat(returnStatus: true, script: 'git clone https://github.com/przepeck/frameworks.ai.openvino.ci.infrastructure repo_ci_infra') if (statusPull != 0) { From 1e44c09081a23d44fd20e7c6e9bb97cf2dfa9467 Mon Sep 17 00:00:00 2001 From: Pawel Date: Mon, 6 Oct 2025 08:10:21 +0200 Subject: [PATCH 69/92] changed repositories to be parametrized --- ci/loadWin.groovy | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ci/loadWin.groovy b/ci/loadWin.groovy index b7b08ab84e..0a53b89328 100644 --- a/ci/loadWin.groovy +++ b/ci/loadWin.groovy @@ -159,7 +159,7 @@ def build(){ def sign(){ println "Starting code signing" - def statusPull = bat(returnStatus: true, script: 'git clone https://github.com/intel-innersource/frameworks.ai.openvino.model-server.bdba repo_signing') + def statusPull = bat(returnStatus: true, script: 'git clone ' + env.SIGN_REPO + ' repo_signing') if (statusPull != 0) { error "Error: Downloading check_signing.py failed ${statusPull}. Check pipeline.log for details." } else { @@ -176,7 +176,7 @@ def sign(){ def bdba(){ println "Starting BDBA scan" - def statusPull = bat(returnStatus: true, script: 'git clone https://github.com/przepeck/frameworks.ai.openvino.ci.infrastructure repo_ci_infra') + def statusPull = bat(returnStatus: true, script: 'git clone ' + env.BDBA_REPO + ' repo_ci_infra') if (statusPull != 0) { error "Error: Downloading BDBA infrastructure failed ${statusPull}. Check pipeline.log for details." } From 91f39b1eb4f88bdef03de1177035cbca9c862e40 Mon Sep 17 00:00:00 2001 From: Pawel Date: Mon, 6 Oct 2025 08:12:39 +0200 Subject: [PATCH 70/92] changed error checking in bdba execution --- ci/windows_bdba.bat | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/ci/windows_bdba.bat b/ci/windows_bdba.bat index 54a44ce716..d27c3d79ad 100644 --- a/ci/windows_bdba.bat +++ b/ci/windows_bdba.bat @@ -29,9 +29,7 @@ echo "BDBA_KEY=%BDBA_KEY%" echo "OVMS_PATH=%OVMS_PATH%" python binary_scans\ovms_bdba.py --key %BDBA_KEY% --type windows --build_dir %OVMS_PATH% --artifacts %zipname% --report_name %filename% 2>&1 | tee ..\win_bdba.log -for /f "tokens=2 delims=: " %%a in ('tail -n 3 ..\win_bdba.log ^| findstr /c:"code":') do ( - if not "%%a"=="200" exit /b 1 -) +if errorlevel 1 exit /b %errorlevel% tar -a -c -f ..\ovms_windows_bdba_reports.zip ovms_windows* del %OVMS_PATH%\%zipname% From c5251c658a85278207e71967cd899ea6f15b07eb Mon Sep 17 00:00:00 2001 From: Pawel Date: Tue, 7 Oct 2025 08:42:17 +0200 Subject: [PATCH 71/92] setting unstable message after finding vulnerabilities --- ci/build_test_release.groovy | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/ci/build_test_release.groovy b/ci/build_test_release.groovy index 92c7fc25dd..ab05ba523b 100644 --- a/ci/build_test_release.groovy +++ b/ci/build_test_release.groovy @@ -34,8 +34,8 @@ pipeline { } bat(returnStatus:true, script: "ECHO F | xcopy /Y /E ${env.WORKSPACE}\\dist\\windows\\ovms.zip \\\\${env.OV_SHARE_05_IP}\\data\\cv_bench_cache\\OVMS_do_not_remove\\ovms-windows-${python_presence}-${safeBranchName}-latest.zip") } finally { - windows.archive_build_artifacts() - windows.archive_test_artifacts() + windows.archive_build_artifacts() + windows.archive_test_artifacts() } } else { error "Cannot load ci/loadWin.groovy file." @@ -73,6 +73,12 @@ pipeline { if (windows != null) { try { windows.bdba() + // Check win_bdba.log for vulnerabilities + def logFile = "${env.WORKSPACE}\\win_bdba.log" + def lastLine = bat(script: "powershell -Command \"Get-Content -Path '${logFile}' | Select-Object -Last 1\"", returnStdout: true).trim() + if (!lastLine.contains("Found 0 vulnerabilities")) { + unstable(message: lastLine) + } } finally { windows.archive_bdba_reports() } From 297857d5b13d1fa4ca7b995b8bef43602fc35b82 Mon Sep 17 00:00:00 2001 From: Pawel Date: Tue, 7 Oct 2025 09:05:01 +0200 Subject: [PATCH 72/92] removed comment --- ci/build_test_release.groovy | 1 - 1 file changed, 1 deletion(-) diff --git a/ci/build_test_release.groovy b/ci/build_test_release.groovy index ab05ba523b..f0bc023f4c 100644 --- a/ci/build_test_release.groovy +++ b/ci/build_test_release.groovy @@ -73,7 +73,6 @@ pipeline { if (windows != null) { try { windows.bdba() - // Check win_bdba.log for vulnerabilities def logFile = "${env.WORKSPACE}\\win_bdba.log" def lastLine = bat(script: "powershell -Command \"Get-Content -Path '${logFile}' | Select-Object -Last 1\"", returnStdout: true).trim() if (!lastLine.contains("Found 0 vulnerabilities")) { From 20a05076cf9091722565b5816d5934a6adeaac44 Mon Sep 17 00:00:00 2001 From: Pawel Date: Wed, 8 Oct 2025 14:17:13 +0200 Subject: [PATCH 73/92] change bdba repo to use external config --- ci/loadWin.groovy | 2 +- ci/windows_bdba.bat | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/ci/loadWin.groovy b/ci/loadWin.groovy index 0a53b89328..a29892536d 100644 --- a/ci/loadWin.groovy +++ b/ci/loadWin.groovy @@ -180,7 +180,7 @@ def bdba(){ if (statusPull != 0) { error "Error: Downloading BDBA infrastructure failed ${statusPull}. Check pipeline.log for details." } - def status = bat(returnStatus: true, script: 'ci\\windows_bdba.bat ' + env.BDBA_CREDS_PSW + ' dist\\windows') + def status = bat(returnStatus: true, script: 'ci\\windows_bdba.bat ' + env.BDBA_CREDS_PSW + ' dist\\windows repo_signing\\ovms-package') if (status != 0) { error "Error: Windows BDBA scan failed ${status}. Check win_bdba.log for details." } else { diff --git a/ci/windows_bdba.bat b/ci/windows_bdba.bat index d27c3d79ad..b3bd784b5c 100644 --- a/ci/windows_bdba.bat +++ b/ci/windows_bdba.bat @@ -1,6 +1,7 @@ @echo off set "BDBA_KEY=%1" set "OVMS_PATH=..\%2" +set "CONFIG_PATH=..\%3" cd repo_ci_infra python -m venv venv @@ -28,7 +29,7 @@ if errorlevel 1 ( echo "BDBA_KEY=%BDBA_KEY%" echo "OVMS_PATH=%OVMS_PATH%" -python binary_scans\ovms_bdba.py --key %BDBA_KEY% --type windows --build_dir %OVMS_PATH% --artifacts %zipname% --report_name %filename% 2>&1 | tee ..\win_bdba.log +python binary_scans\ovms_bdba.py --key %BDBA_KEY% --config_dir=%CONFIG_PATH% --type windows --build_dir %OVMS_PATH% --artifacts %zipname% --report_name %filename% 2>&1 | tee ..\win_bdba.log if errorlevel 1 exit /b %errorlevel% tar -a -c -f ..\ovms_windows_bdba_reports.zip ovms_windows* From e231fa5e41f79e9c538d106364c8f14412245fde Mon Sep 17 00:00:00 2001 From: Pawel Date: Wed, 8 Oct 2025 14:23:08 +0200 Subject: [PATCH 74/92] changed repo cloning to be independent from windows_signing --- ci/build_test_release.groovy | 4 ++++ ci/loadWin.groovy | 8 ++++++-- ci/windows_sign.bat | 2 +- 3 files changed, 11 insertions(+), 3 deletions(-) diff --git a/ci/build_test_release.groovy b/ci/build_test_release.groovy index f0bc023f4c..604cf40418 100644 --- a/ci/build_test_release.groovy +++ b/ci/build_test_release.groovy @@ -54,6 +54,7 @@ pipeline { def windows = load 'ci/loadWin.groovy' if (windows != null) { try { + windows.clone_sdl_repo() windows.sign() } finally { windows.archive_sign_results() @@ -72,6 +73,9 @@ pipeline { def windows = load 'ci/loadWin.groovy' if (windows != null) { try { + if(!fileExists('sdl_repo')){ + windows.clone_sdl_repo() + } windows.bdba() def logFile = "${env.WORKSPACE}\\win_bdba.log" def lastLine = bat(script: "powershell -Command \"Get-Content -Path '${logFile}' | Select-Object -Last 1\"", returnStdout: true).trim() diff --git a/ci/loadWin.groovy b/ci/loadWin.groovy index a29892536d..0dfb5e5672 100644 --- a/ci/loadWin.groovy +++ b/ci/loadWin.groovy @@ -157,7 +157,8 @@ def build(){ } } -def sign(){ +def clone_sdl_repo() +{ println "Starting code signing" def statusPull = bat(returnStatus: true, script: 'git clone ' + env.SIGN_REPO + ' repo_signing') if (statusPull != 0) { @@ -165,6 +166,9 @@ def sign(){ } else { echo "check_signing.py downloaded successfully." } +} + +def sign(){ println "OVMS_USER=${env.OVMS_USER}" def status = bat(returnStatus: true, script: 'ci\\windows_sign.bat ' + env.OVMS_USER + ' dist\\windows ' + env.OVMS_PYTHON_ENABLED) if (status != 0) { @@ -180,7 +184,7 @@ def bdba(){ if (statusPull != 0) { error "Error: Downloading BDBA infrastructure failed ${statusPull}. Check pipeline.log for details." } - def status = bat(returnStatus: true, script: 'ci\\windows_bdba.bat ' + env.BDBA_CREDS_PSW + ' dist\\windows repo_signing\\ovms-package') + def status = bat(returnStatus: true, script: 'ci\\windows_bdba.bat ' + env.BDBA_CREDS_PSW + ' dist\\windows sdl_repo\\ovms-package') if (status != 0) { error "Error: Windows BDBA scan failed ${status}. Check win_bdba.log for details." } else { diff --git a/ci/windows_sign.bat b/ci/windows_sign.bat index 007e03cde7..ac79649f66 100644 --- a/ci/windows_sign.bat +++ b/ci/windows_sign.bat @@ -4,7 +4,7 @@ set "OVMS_FILES=..\..\%2" set "PYTHON=%3" set PATH=%PATH%;C:\Jenkins\workspace\ovmsc\signfile;C:\Program Files (x86)\Windows Kits\10\bin\10.0.22621.0\x64 -cd repo_signing\windows_signing +cd sdl_repo\windows_signing if /I "%PYTHON%"=="1" ( set "PYTHON_OPT=--python" From 5e037b9c0e09a1bba0de0d6f47557f21ea678020 Mon Sep 17 00:00:00 2001 From: Pawel Date: Wed, 8 Oct 2025 16:26:07 +0200 Subject: [PATCH 75/92] commenting build stage for debug reasons --- ci/build_test_release.groovy | 66 ++++++++++++++++++------------------ 1 file changed, 33 insertions(+), 33 deletions(-) diff --git a/ci/build_test_release.groovy b/ci/build_test_release.groovy index 604cf40418..80583e998c 100644 --- a/ci/build_test_release.groovy +++ b/ci/build_test_release.groovy @@ -10,39 +10,39 @@ pipeline { NODE_NAME = 'Windows_SDL' } stages { - stage ("Build and test windows") { - steps { - script { - echo "JOB_BASE_NAME: ${env.JOB_BASE_NAME}" - echo "WORKSPACE: ${env.WORKSPACE}" - echo "OVMS_PYTHON_ENABLED: ${env.OVMS_PYTHON_ENABLED}" - def windows = load 'ci/loadWin.groovy' - if (windows != null) { - try { - windows.setup_bazel_remote_cache() - windows.install_dependencies() - windows.clean() - windows.build() - windows.unit_test() - windows.check_tests() - def safeBranchName = env.BRANCH_NAME.replaceAll('/', '_') - def python_presence = "" - if (env.OVMS_PYTHON_ENABLED == "1") { - python_presence = "with_python" - } else { - python_presence = "without_python" - } - bat(returnStatus:true, script: "ECHO F | xcopy /Y /E ${env.WORKSPACE}\\dist\\windows\\ovms.zip \\\\${env.OV_SHARE_05_IP}\\data\\cv_bench_cache\\OVMS_do_not_remove\\ovms-windows-${python_presence}-${safeBranchName}-latest.zip") - } finally { - windows.archive_build_artifacts() - windows.archive_test_artifacts() - } - } else { - error "Cannot load ci/loadWin.groovy file." - } - } - } - } + // stage ("Build and test windows") { + // steps { + // script { + // echo "JOB_BASE_NAME: ${env.JOB_BASE_NAME}" + // echo "WORKSPACE: ${env.WORKSPACE}" + // echo "OVMS_PYTHON_ENABLED: ${env.OVMS_PYTHON_ENABLED}" + // def windows = load 'ci/loadWin.groovy' + // if (windows != null) { + // try { + // windows.setup_bazel_remote_cache() + // windows.install_dependencies() + // windows.clean() + // windows.build() + // windows.unit_test() + // windows.check_tests() + // def safeBranchName = env.BRANCH_NAME.replaceAll('/', '_') + // def python_presence = "" + // if (env.OVMS_PYTHON_ENABLED == "1") { + // python_presence = "with_python" + // } else { + // python_presence = "without_python" + // } + // bat(returnStatus:true, script: "ECHO F | xcopy /Y /E ${env.WORKSPACE}\\dist\\windows\\ovms.zip \\\\${env.OV_SHARE_05_IP}\\data\\cv_bench_cache\\OVMS_do_not_remove\\ovms-windows-${python_presence}-${safeBranchName}-latest.zip") + // } finally { + // windows.archive_build_artifacts() + // windows.archive_test_artifacts() + // } + // } else { + // error "Cannot load ci/loadWin.groovy file." + // } + // } + // } + // } stage ("Signing files"){ when { expression { env.SIGN_FILES == "true" } } steps { From d1fa07d2434d718b60df9a6ac26e998d09a5d509 Mon Sep 17 00:00:00 2001 From: Pawel Date: Wed, 8 Oct 2025 16:28:45 +0200 Subject: [PATCH 76/92] changed repo's name --- ci/loadWin.groovy | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ci/loadWin.groovy b/ci/loadWin.groovy index 0dfb5e5672..9077b454fd 100644 --- a/ci/loadWin.groovy +++ b/ci/loadWin.groovy @@ -160,7 +160,7 @@ def build(){ def clone_sdl_repo() { println "Starting code signing" - def statusPull = bat(returnStatus: true, script: 'git clone ' + env.SIGN_REPO + ' repo_signing') + def statusPull = bat(returnStatus: true, script: 'git clone ' + env.SIGN_REPO + ' sdl_repo') if (statusPull != 0) { error "Error: Downloading check_signing.py failed ${statusPull}. Check pipeline.log for details." } else { From f9e312de9634a20c83915089c905f825913f73d7 Mon Sep 17 00:00:00 2001 From: Pawel Date: Wed, 8 Oct 2025 16:34:13 +0200 Subject: [PATCH 77/92] uncommenting build and test stage --- ci/build_test_release.groovy | 66 ++++++++++++++++++------------------ 1 file changed, 33 insertions(+), 33 deletions(-) diff --git a/ci/build_test_release.groovy b/ci/build_test_release.groovy index 80583e998c..604cf40418 100644 --- a/ci/build_test_release.groovy +++ b/ci/build_test_release.groovy @@ -10,39 +10,39 @@ pipeline { NODE_NAME = 'Windows_SDL' } stages { - // stage ("Build and test windows") { - // steps { - // script { - // echo "JOB_BASE_NAME: ${env.JOB_BASE_NAME}" - // echo "WORKSPACE: ${env.WORKSPACE}" - // echo "OVMS_PYTHON_ENABLED: ${env.OVMS_PYTHON_ENABLED}" - // def windows = load 'ci/loadWin.groovy' - // if (windows != null) { - // try { - // windows.setup_bazel_remote_cache() - // windows.install_dependencies() - // windows.clean() - // windows.build() - // windows.unit_test() - // windows.check_tests() - // def safeBranchName = env.BRANCH_NAME.replaceAll('/', '_') - // def python_presence = "" - // if (env.OVMS_PYTHON_ENABLED == "1") { - // python_presence = "with_python" - // } else { - // python_presence = "without_python" - // } - // bat(returnStatus:true, script: "ECHO F | xcopy /Y /E ${env.WORKSPACE}\\dist\\windows\\ovms.zip \\\\${env.OV_SHARE_05_IP}\\data\\cv_bench_cache\\OVMS_do_not_remove\\ovms-windows-${python_presence}-${safeBranchName}-latest.zip") - // } finally { - // windows.archive_build_artifacts() - // windows.archive_test_artifacts() - // } - // } else { - // error "Cannot load ci/loadWin.groovy file." - // } - // } - // } - // } + stage ("Build and test windows") { + steps { + script { + echo "JOB_BASE_NAME: ${env.JOB_BASE_NAME}" + echo "WORKSPACE: ${env.WORKSPACE}" + echo "OVMS_PYTHON_ENABLED: ${env.OVMS_PYTHON_ENABLED}" + def windows = load 'ci/loadWin.groovy' + if (windows != null) { + try { + windows.setup_bazel_remote_cache() + windows.install_dependencies() + windows.clean() + windows.build() + windows.unit_test() + windows.check_tests() + def safeBranchName = env.BRANCH_NAME.replaceAll('/', '_') + def python_presence = "" + if (env.OVMS_PYTHON_ENABLED == "1") { + python_presence = "with_python" + } else { + python_presence = "without_python" + } + bat(returnStatus:true, script: "ECHO F | xcopy /Y /E ${env.WORKSPACE}\\dist\\windows\\ovms.zip \\\\${env.OV_SHARE_05_IP}\\data\\cv_bench_cache\\OVMS_do_not_remove\\ovms-windows-${python_presence}-${safeBranchName}-latest.zip") + } finally { + windows.archive_build_artifacts() + windows.archive_test_artifacts() + } + } else { + error "Cannot load ci/loadWin.groovy file." + } + } + } + } stage ("Signing files"){ when { expression { env.SIGN_FILES == "true" } } steps { From afc88f4764b57573515afd52ca0383db107307aa Mon Sep 17 00:00:00 2001 From: Pawel Date: Mon, 13 Oct 2025 09:58:04 +0200 Subject: [PATCH 78/92] changed cleaning script --- ci/loadWin.groovy | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/ci/loadWin.groovy b/ci/loadWin.groovy index 8a9f6abe2f..bdb214a0a0 100644 --- a/ci/loadWin.groovy +++ b/ci/loadWin.groovy @@ -59,15 +59,15 @@ def cleanup_directories() { def cleanup_sdl(){ println "Cleaning SDL files" - if (env.SIGN_FILES == "true"){ - def status = bat(returnStatus: true, script: "rmdir /s /q C:\\Jenkins\\workspace\\ovmsc\\windows\\${env.NODE_NAME}\\repo_signing") + if (fileExists('sdl_repo')){ + def status = bat(returnStatus: true, script: "rmdir /s /q C:\\Jenkins\\workspace\\ovmsc\\windows\\${env.NODE_NAME}\\sdl_repo") if (status != 0) { - error "Error: Deleting directory repo_signing failed: ${status}. Check pipeline.log for details." + error "Error: Deleting directory sdl_repo failed: ${status}. Check pipeline.log for details." } else { - echo "Deleting directory repo_signing successful." + echo "Deleting directory sdl_repo successful." } } - if (env.BDBA_SCAN == "true"){ + if (fileExists('repo_ci_infra')){ def status = bat(returnStatus: true, script: "rmdir /s /q C:\\Jenkins\\workspace\\ovmsc\\windows\\${env.NODE_NAME}\\repo_ci_infra") if (status != 0) { error "Error: Deleting directory repo_ci_infra failed: ${status}. Check pipeline.log for details." From 78dd6495a80cd8a1426f495b3c80f04c5ffa8c69 Mon Sep 17 00:00:00 2001 From: Pawel Date: Mon, 13 Oct 2025 10:25:34 +0200 Subject: [PATCH 79/92] adding pulling for repos instead of cloning, adding RELEASE TYPE --- ci/build_test_release.groovy | 20 +++++++++++-- ci/loadWin.groovy | 55 ++++++++++++++++++++++++++++-------- 2 files changed, 61 insertions(+), 14 deletions(-) diff --git a/ci/build_test_release.groovy b/ci/build_test_release.groovy index 604cf40418..0c515ce3e7 100644 --- a/ci/build_test_release.groovy +++ b/ci/build_test_release.groovy @@ -46,11 +46,26 @@ pipeline { stage ("Signing files"){ when { expression { env.SIGN_FILES == "true" } } steps { - withCredentials([usernamePassword( + withCredentials([ + usernamePassword( credentialsId: 'PRERELEASE_SIGN', usernameVariable: 'PRERELEASE_USER', - passwordVariable: 'OVMS_PASS')]) { + passwordVariable: 'PRERELEASE_PASS'), + usernamePassword( + credentialsId: 'RELEASE_SIGN', + usernameVariable: 'RELEASE_USER', + passwordVariable: 'RELEASE_PASS'), + ]) { script { + if (env.RELEASE_TYPE == "RELEASE") { + env.SIGNING_USER = env.RELEASE_USER + env.OVMS_PASS = env.RELEASE_PASS + } else if (env.RELEASE_TYPE == "PRE-RELEASE") { + env.SIGNING_USER = env.PRERELEASE_USER + env.OVMS_PASS = env.PRERELEASE_PASS + } else { + error "Unknown RELEASE_TYPE: ${env.RELEASE_TYPE}" + } def windows = load 'ci/loadWin.groovy' if (windows != null) { try { @@ -76,6 +91,7 @@ pipeline { if(!fileExists('sdl_repo')){ windows.clone_sdl_repo() } + windows.clone_bdba_repo() windows.bdba() def logFile = "${env.WORKSPACE}\\win_bdba.log" def lastLine = bat(script: "powershell -Command \"Get-Content -Path '${logFile}' | Select-Object -Last 1\"", returnStdout: true).trim() diff --git a/ci/loadWin.groovy b/ci/loadWin.groovy index bdb214a0a0..28be891b0c 100644 --- a/ci/loadWin.groovy +++ b/ci/loadWin.groovy @@ -159,18 +159,53 @@ def build(){ def clone_sdl_repo() { - println "Starting code signing" - def statusPull = bat(returnStatus: true, script: 'git clone ' + env.SIGN_REPO + ' sdl_repo') - if (statusPull != 0) { - error "Error: Downloading check_signing.py failed ${statusPull}. Check pipeline.log for details." - } else { - echo "check_signing.py downloaded successfully." + if(!fileExists('sdl_repo')){ + println "Starting code signing" + def statusPull = bat(returnStatus: true, script: 'git clone ' + env.SIGN_REPO + ' sdl_repo') + if (statusPull != 0) { + error "Error: Downloading sdl_repo failed ${statusPull}. Check pipeline.log for details." + } else { + echo "sdl_repo downloaded successfully." + } + }else{ + println "Pulling latest changes in sdl_repo" + dir('sdl_repo') { + def statusPull = bat(returnStatus: true, script: 'git fetch && git reset --hard origin/main') + if (statusPull != 0) { + error "Error: Pulling latest changes in sdl_repo failed ${statusPull}. Check pipeline.log for details." + } else { + echo "sdl_repo updated successfully." + } + } + } +} + +def clone_bdba_repo() +{ + if(!fileExists('repo_ci_infra')){ + println "Starting BDBA infrastructure download" + def statusPull = bat(returnStatus: true, script: 'git clone ' + env.BDBA_REPO + ' repo_ci_infra') + if (statusPull != 0) { + error "Error: Downloading BDBA infrastructure failed ${statusPull}. Check pipeline.log for details." + } else { + echo "BDBA infrastructure downloaded successfully." + } + }else{ + println "Pulling latest changes in BDBA infrastructure" + dir('repo_ci_infra') { + def statusPull = bat(returnStatus: true, script: 'git fetch && git reset --hard origin/main') + if (statusPull != 0) { + error "Error: Pulling latest changes in BDBA infrastructure failed ${statusPull}. Check pipeline.log for details." + } else { + echo "BDBA infrastructure updated successfully." + } + } } } def sign(){ - println "OVMS_USER=${env.OVMS_USER}" - def status = bat(returnStatus: true, script: 'ci\\windows_sign.bat ' + env.OVMS_USER + ' dist\\windows ' + env.OVMS_PYTHON_ENABLED) + println "SIGNING_USER=${env.SIGNING_USER}" + def status = bat(returnStatus: true, script: 'ci\\windows_sign.bat ' + env.SIGNING_USER + ' dist\\windows ' + env.OVMS_PYTHON_ENABLED) if (status != 0) { error "Error: Windows code signing failed ${status}. Check win_sign.log for details." } else { @@ -180,10 +215,6 @@ def sign(){ def bdba(){ println "Starting BDBA scan" - def statusPull = bat(returnStatus: true, script: 'git clone ' + env.BDBA_REPO + ' repo_ci_infra') - if (statusPull != 0) { - error "Error: Downloading BDBA infrastructure failed ${statusPull}. Check pipeline.log for details." - } def status = bat(returnStatus: true, script: 'ci\\windows_bdba.bat ' + env.BDBA_CREDS_PSW + ' dist\\windows sdl_repo\\ovms-package') if (status != 0) { error "Error: Windows BDBA scan failed ${status}. Check win_bdba.log for details." From 78408c7653da71e4dceedc718f656c592830b5c3 Mon Sep 17 00:00:00 2001 From: Pawel Date: Mon, 13 Oct 2025 13:13:42 +0200 Subject: [PATCH 80/92] archiving signed ovms package --- ci/loadWin.groovy | 2 ++ ci/windows_sign.bat | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/ci/loadWin.groovy b/ci/loadWin.groovy index 28be891b0c..83d30f4aa0 100644 --- a/ci/loadWin.groovy +++ b/ci/loadWin.groovy @@ -287,7 +287,9 @@ def archive_bdba_reports(){ } def archive_sign_results(){ + def python_suffix = env.OVMS_PYTHON_ENABLED == "0" ? "off" : "on" archiveArtifacts allowEmptyArchive: true, artifacts: "win_sign.log" + archiveArtifacts allowEmptyArchive: true, artifacts: "dist\\windows\\ovms_windows_python_${python_suffix}.zip" } def setup_bazel_remote_cache(){ diff --git a/ci/windows_sign.bat b/ci/windows_sign.bat index ac79649f66..a27df87e6a 100644 --- a/ci/windows_sign.bat +++ b/ci/windows_sign.bat @@ -12,7 +12,7 @@ if /I "%PYTHON%"=="1" ( set "PYTHON_OPT=" ) -python check_signing.py --user=%OVMS_USER% --path=%OVMS_FILES% %PYTHON_OPT% --auto --verbose --print_all 2>&1 | tee ..\..\win_sign.log +python check_signing.py --user=%OVMS_USER% --path=%OVMS_FILES% %PYTHON_OPT% --auto --zip --verbose --print_all 2>&1 | tee ..\..\win_sign.log for /f "tokens=* delims=" %%a in ('type ..\..\win_sign.log ^| tail -n 1') do ( echo %%a | findstr /C:"[ OK ]" >nul if not errorlevel 1 ( From 6af3e5560c50388f2001bc15e26d64dd301bcd62 Mon Sep 17 00:00:00 2001 From: Pawel Date: Mon, 13 Oct 2025 14:24:51 +0200 Subject: [PATCH 81/92] adding downloading files from package --- ci/build_test_release.groovy | 19 +++++++++++++++++++ ci/loadWin.groovy | 34 ++++++++++++++++++++++++++++++++++ ci/windows_bdba.bat | 2 +- 3 files changed, 54 insertions(+), 1 deletion(-) diff --git a/ci/build_test_release.groovy b/ci/build_test_release.groovy index 0c515ce3e7..c793993949 100644 --- a/ci/build_test_release.groovy +++ b/ci/build_test_release.groovy @@ -10,6 +10,7 @@ pipeline { NODE_NAME = 'Windows_SDL' } stages { + when { expression { env.PACKAGE_URL == "" } } stage ("Build and test windows") { steps { script { @@ -43,6 +44,24 @@ pipeline { } } } + stage ("Pull files"){ + when { expression { env.PACKAGE_URL != "" } } + steps{ + script { + def windows = load 'ci/loadWin.groovy' + if (windows != null) { + try { + windows.clone_sdl_repo() + windows.pull_files() + } finally { + echo "Pull files finished" + } + } else { + error "Cannot load ci/loadWin.groovy file." + } + } + } + } stage ("Signing files"){ when { expression { env.SIGN_FILES == "true" } } steps { diff --git a/ci/loadWin.groovy b/ci/loadWin.groovy index 83d30f4aa0..455fe15271 100644 --- a/ci/loadWin.groovy +++ b/ci/loadWin.groovy @@ -223,6 +223,40 @@ def bdba(){ } } +def download_package(){ + println "Downloading package from URL: ${env.PACKAGE_URL}" + if(!fileExists('dist\\windows')){ + def status = bat(returnStatus: true, script: 'mkdir dist\\windows') + if (status != 0) { + error "Error: Creating dist\\windows directory failed ${status}. Check pipeline.log for details." + } else { + echo "Directory dist\\windows created successfully." + } + } + dir('dist\\windows') { + if(fileExists('ovms.zip')){ + def status_del = bat(returnStatus: true, script: 'del /f ovms.zip') + if (status_del != 0) { + error "Error: Deleting existing ovms.zip failed ${status_del}. Check pipeline.log for details." + } else { + echo "Existing ovms.zip deleted successfully." + } + } + def status = bat(returnStatus: true, script: 'curl -L -o ovms.zip ' + env.PACKAGE_URL) + if (status != 0) { + error "Error: Downloading package failed ${status}. Check pipeline.log for details." + } else { + echo "Package downloaded successfully." + } + def status_unzip = bat(returnStatus: true, script: 'tar -xf ovms.zip') + if (status_unzip != 0) { + error "Error: Unzipping package failed: ${status_unzip}." + } else { + echo "Package unzipped successfully." + } + } +} + def unit_test(){ println "OVMS_PYTHON_ENABLED=${env.OVMS_PYTHON_ENABLED}" def pythonOption = env.OVMS_PYTHON_ENABLED == "0" ? "--no_python" : "--with_python" diff --git a/ci/windows_bdba.bat b/ci/windows_bdba.bat index b3bd784b5c..37ead33971 100644 --- a/ci/windows_bdba.bat +++ b/ci/windows_bdba.bat @@ -33,4 +33,4 @@ python binary_scans\ovms_bdba.py --key %BDBA_KEY% --config_dir=%CONFIG_PATH% --t if errorlevel 1 exit /b %errorlevel% tar -a -c -f ..\ovms_windows_bdba_reports.zip ovms_windows* -del %OVMS_PATH%\%zipname% +del "%OVMS_PATH%\%zipname%" From cdbad9d8fc8a493996225ec62c71894f3a60276e Mon Sep 17 00:00:00 2001 From: Pawel Date: Mon, 13 Oct 2025 14:32:56 +0200 Subject: [PATCH 82/92] fixed condition location --- ci/build_test_release.groovy | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ci/build_test_release.groovy b/ci/build_test_release.groovy index c793993949..b750dee269 100644 --- a/ci/build_test_release.groovy +++ b/ci/build_test_release.groovy @@ -10,8 +10,8 @@ pipeline { NODE_NAME = 'Windows_SDL' } stages { - when { expression { env.PACKAGE_URL == "" } } stage ("Build and test windows") { + when { expression { env.PACKAGE_URL == "" } } steps { script { echo "JOB_BASE_NAME: ${env.JOB_BASE_NAME}" From c03e1cc656566b5e0f24c1842b3f15681516ec6f Mon Sep 17 00:00:00 2001 From: Pawel Date: Mon, 13 Oct 2025 14:36:05 +0200 Subject: [PATCH 83/92] fixed pull files stage --- ci/build_test_release.groovy | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/ci/build_test_release.groovy b/ci/build_test_release.groovy index b750dee269..f441a038e5 100644 --- a/ci/build_test_release.groovy +++ b/ci/build_test_release.groovy @@ -51,8 +51,7 @@ pipeline { def windows = load 'ci/loadWin.groovy' if (windows != null) { try { - windows.clone_sdl_repo() - windows.pull_files() + windows.download_package() } finally { echo "Pull files finished" } From 07f8a0358d0c4914d8801e6ff294a104d9e48f72 Mon Sep 17 00:00:00 2001 From: Pawel Date: Mon, 13 Oct 2025 14:41:08 +0200 Subject: [PATCH 84/92] fixed curl --- ci/loadWin.groovy | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ci/loadWin.groovy b/ci/loadWin.groovy index 455fe15271..f92b6ef237 100644 --- a/ci/loadWin.groovy +++ b/ci/loadWin.groovy @@ -242,7 +242,7 @@ def download_package(){ echo "Existing ovms.zip deleted successfully." } } - def status = bat(returnStatus: true, script: 'curl -L -o ovms.zip ' + env.PACKAGE_URL) + def status = bat(returnStatus: true, script: 'curl -L -k -o ovms.zip ' + env.PACKAGE_URL) if (status != 0) { error "Error: Downloading package failed ${status}. Check pipeline.log for details." } else { From e7783f702573758382c10a523ddeca0477d5a247 Mon Sep 17 00:00:00 2001 From: Pawel Date: Mon, 13 Oct 2025 15:23:42 +0200 Subject: [PATCH 85/92] coping signed files to archive it --- ci/build_test_release.groovy | 1 + ci/windows_sign.bat | 3 +++ 2 files changed, 4 insertions(+) diff --git a/ci/build_test_release.groovy b/ci/build_test_release.groovy index f441a038e5..badf99c6a1 100644 --- a/ci/build_test_release.groovy +++ b/ci/build_test_release.groovy @@ -64,6 +64,7 @@ pipeline { stage ("Signing files"){ when { expression { env.SIGN_FILES == "true" } } steps { + echo "OVMS_PYTHON_ENABLED: ${env.OVMS_PYTHON_ENABLED}" withCredentials([ usernamePassword( credentialsId: 'PRERELEASE_SIGN', diff --git a/ci/windows_sign.bat b/ci/windows_sign.bat index a27df87e6a..5869e1c57d 100644 --- a/ci/windows_sign.bat +++ b/ci/windows_sign.bat @@ -13,6 +13,9 @@ if /I "%PYTHON%"=="1" ( ) python check_signing.py --user=%OVMS_USER% --path=%OVMS_FILES% %PYTHON_OPT% --auto --zip --verbose --print_all 2>&1 | tee ..\..\win_sign.log +for %%f in (ovms_windows_python_*) do ( + copy "%%f" "%OVMS_FILES%" +) for /f "tokens=* delims=" %%a in ('type ..\..\win_sign.log ^| tail -n 1') do ( echo %%a | findstr /C:"[ OK ]" >nul if not errorlevel 1 ( From b605471138009b7aa4356cf255b0b9e7316b1d1c Mon Sep 17 00:00:00 2001 From: Pawel Date: Mon, 13 Oct 2025 15:35:33 +0200 Subject: [PATCH 86/92] fixed zipping --- ci/windows_sign.bat | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/ci/windows_sign.bat b/ci/windows_sign.bat index 5869e1c57d..e71441891f 100644 --- a/ci/windows_sign.bat +++ b/ci/windows_sign.bat @@ -12,7 +12,9 @@ if /I "%PYTHON%"=="1" ( set "PYTHON_OPT=" ) -python check_signing.py --user=%OVMS_USER% --path=%OVMS_FILES% %PYTHON_OPT% --auto --zip --verbose --print_all 2>&1 | tee ..\..\win_sign.log +python check_signing.py --user=%OVMS_USER% --path=%OVMS_FILES% %PYTHON_OPT% --auto --verbose --print_all 2>&1 | tee ..\..\win_sign.log +python check_signing.py --zip --path=%OVMS_FILES% %PYTHON_OPT% --auto + for %%f in (ovms_windows_python_*) do ( copy "%%f" "%OVMS_FILES%" ) From c2bfe559e5ce69eb26eaa4469b20557aa8b271f1 Mon Sep 17 00:00:00 2001 From: Pawel Date: Tue, 14 Oct 2025 10:42:48 +0200 Subject: [PATCH 87/92] removing ovms directory if exists to enable bdba scans version overriding --- ci/loadWin.groovy | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/ci/loadWin.groovy b/ci/loadWin.groovy index f92b6ef237..3641a3d982 100644 --- a/ci/loadWin.groovy +++ b/ci/loadWin.groovy @@ -130,6 +130,14 @@ def install_dependencies() { def clean() { def output1 = bat(returnStdout: true, script: 'windows_clean_build.bat ' + get_short_bazel_path() + ' ' + env.OVMS_CLEAN_EXPUNGE) + if(fileExists('dist\\windows\\ovms')){ + def status_del = bat(returnStatus: true, script: 'rmdir /s /q ovms') + if (status_del != 0) { + error "Error: Deleting existing ovms directory failed ${status_del}. Check pipeline.log for details." + } else { + echo "Existing ovms directory deleted successfully." + } + } } def build(){ @@ -242,6 +250,14 @@ def download_package(){ echo "Existing ovms.zip deleted successfully." } } + if(fileExists('ovms')){ + def status_del = bat(returnStatus: true, script: 'rmdir /s /q ovms') + if (status_del != 0) { + error "Error: Deleting existing ovms directory failed ${status_del}. Check pipeline.log for details." + } else { + echo "Existing ovms directory deleted successfully." + } + } def status = bat(returnStatus: true, script: 'curl -L -k -o ovms.zip ' + env.PACKAGE_URL) if (status != 0) { error "Error: Downloading package failed ${status}. Check pipeline.log for details." From 66ac7ad79689862089a665f09b510652a6b826e2 Mon Sep 17 00:00:00 2001 From: Pawel Date: Tue, 14 Oct 2025 11:05:42 +0200 Subject: [PATCH 88/92] changed order of the stages to enable bdba scans version override --- ci/build_test_release.groovy | 50 +++++++++++++++++------------------- 1 file changed, 24 insertions(+), 26 deletions(-) diff --git a/ci/build_test_release.groovy b/ci/build_test_release.groovy index badf99c6a1..e98b757486 100644 --- a/ci/build_test_release.groovy +++ b/ci/build_test_release.groovy @@ -60,6 +60,30 @@ pipeline { } } } + } + stage ("BDBA scans"){ + when { expression { env.BDBA_SCAN == "true" } } + steps { + script { + def windows = load 'ci/loadWin.groovy' + if (windows != null) { + try { + windows.clone_sdl_repo() + windows.clone_bdba_repo() + windows.bdba() + def logFile = "${env.WORKSPACE}\\win_bdba.log" + def lastLine = bat(script: "powershell -Command \"Get-Content -Path '${logFile}' | Select-Object -Last 1\"", returnStdout: true).trim() + if (!lastLine.contains("Found 0 vulnerabilities")) { + unstable(message: lastLine) + } + } finally { + windows.archive_bdba_reports() + } + } else { + error "Cannot load ci/loadWin.groovy file." + } + } + } } stage ("Signing files"){ when { expression { env.SIGN_FILES == "true" } } @@ -100,32 +124,6 @@ pipeline { } } } - stage ("BDBA scans"){ - when { expression { env.BDBA_SCAN == "true" } } - steps { - script { - def windows = load 'ci/loadWin.groovy' - if (windows != null) { - try { - if(!fileExists('sdl_repo')){ - windows.clone_sdl_repo() - } - windows.clone_bdba_repo() - windows.bdba() - def logFile = "${env.WORKSPACE}\\win_bdba.log" - def lastLine = bat(script: "powershell -Command \"Get-Content -Path '${logFile}' | Select-Object -Last 1\"", returnStdout: true).trim() - if (!lastLine.contains("Found 0 vulnerabilities")) { - unstable(message: lastLine) - } - } finally { - windows.archive_bdba_reports() - } - } else { - error "Cannot load ci/loadWin.groovy file." - } - } - } - } stage ("Cleanup"){ steps { script { From 16be5b0705089d84b92bd4258f08a3d5c27e506d Mon Sep 17 00:00:00 2001 From: Pawel Date: Fri, 17 Oct 2025 09:05:38 +0200 Subject: [PATCH 89/92] review suggestions v1 --- ci/build_test_release.groovy | 17 ----------------- ci/loadWin.groovy | 20 -------------------- 2 files changed, 37 deletions(-) diff --git a/ci/build_test_release.groovy b/ci/build_test_release.groovy index e98b757486..4f586c7143 100644 --- a/ci/build_test_release.groovy +++ b/ci/build_test_release.groovy @@ -7,7 +7,6 @@ pipeline { } environment { BDBA_CREDS = credentials('BDBA_KEY') - NODE_NAME = 'Windows_SDL' } stages { stage ("Build and test windows") { @@ -124,21 +123,5 @@ pipeline { } } } - stage ("Cleanup"){ - steps { - script { - def windows = load 'ci/loadWin.groovy' - if (windows != null) { - try { - windows.cleanup_sdl() - } finally { - echo "Cleanup finished" - } - } else { - error "Cannot load ci/loadWin.groovy file." - } - } - } - } } } diff --git a/ci/loadWin.groovy b/ci/loadWin.groovy index 3641a3d982..8738427ec8 100644 --- a/ci/loadWin.groovy +++ b/ci/loadWin.groovy @@ -57,26 +57,6 @@ def cleanup_directories() { } } -def cleanup_sdl(){ - println "Cleaning SDL files" - if (fileExists('sdl_repo')){ - def status = bat(returnStatus: true, script: "rmdir /s /q C:\\Jenkins\\workspace\\ovmsc\\windows\\${env.NODE_NAME}\\sdl_repo") - if (status != 0) { - error "Error: Deleting directory sdl_repo failed: ${status}. Check pipeline.log for details." - } else { - echo "Deleting directory sdl_repo successful." - } - } - if (fileExists('repo_ci_infra')){ - def status = bat(returnStatus: true, script: "rmdir /s /q C:\\Jenkins\\workspace\\ovmsc\\windows\\${env.NODE_NAME}\\repo_ci_infra") - if (status != 0) { - error "Error: Deleting directory repo_ci_infra failed: ${status}. Check pipeline.log for details." - } else { - echo "Deleting directory repo_ci_infra successful." - } - } -} - def get_short_bazel_path() { if (env.JOB_BASE_NAME.contains("release")) return "rel" From cc2276683c63acb0fab1f51aca36796c7492da9e Mon Sep 17 00:00:00 2001 From: Pawel Date: Fri, 17 Oct 2025 09:13:52 +0200 Subject: [PATCH 90/92] review suggestions v2 - adding parameter for branches for external repositories --- ci/loadWin.groovy | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/ci/loadWin.groovy b/ci/loadWin.groovy index 8738427ec8..b2fd66d01f 100644 --- a/ci/loadWin.groovy +++ b/ci/loadWin.groovy @@ -149,7 +149,7 @@ def clone_sdl_repo() { if(!fileExists('sdl_repo')){ println "Starting code signing" - def statusPull = bat(returnStatus: true, script: 'git clone ' + env.SIGN_REPO + ' sdl_repo') + def statusPull = bat(returnStatus: true, script: 'git clone -b ' + env.SDL_REPO_BRANCH + ' ' + env.SIGN_REPO + ' sdl_repo') if (statusPull != 0) { error "Error: Downloading sdl_repo failed ${statusPull}. Check pipeline.log for details." } else { @@ -158,7 +158,7 @@ def clone_sdl_repo() }else{ println "Pulling latest changes in sdl_repo" dir('sdl_repo') { - def statusPull = bat(returnStatus: true, script: 'git fetch && git reset --hard origin/main') + def statusPull = bat(returnStatus: true, script: 'git fetch && git reset --hard origin/'+env.SDL_REPO_BRANCH) if (statusPull != 0) { error "Error: Pulling latest changes in sdl_repo failed ${statusPull}. Check pipeline.log for details." } else { @@ -172,7 +172,7 @@ def clone_bdba_repo() { if(!fileExists('repo_ci_infra')){ println "Starting BDBA infrastructure download" - def statusPull = bat(returnStatus: true, script: 'git clone ' + env.BDBA_REPO + ' repo_ci_infra') + def statusPull = bat(returnStatus: true, script: 'git clone -b ' + env.BDBA_REPO_BRANCH + ' ' + env.BDBA_REPO + ' repo_ci_infra') if (statusPull != 0) { error "Error: Downloading BDBA infrastructure failed ${statusPull}. Check pipeline.log for details." } else { @@ -181,7 +181,7 @@ def clone_bdba_repo() }else{ println "Pulling latest changes in BDBA infrastructure" dir('repo_ci_infra') { - def statusPull = bat(returnStatus: true, script: 'git fetch && git reset --hard origin/main') + def statusPull = bat(returnStatus: true, script: 'git fetch && git reset --hard origin/'+env.BDBA_REPO_BRANCH) if (statusPull != 0) { error "Error: Pulling latest changes in BDBA infrastructure failed ${statusPull}. Check pipeline.log for details." } else { From 181be563e0742f00cf04a70e06cebcf61bde0037 Mon Sep 17 00:00:00 2001 From: Pawel Date: Fri, 17 Oct 2025 09:36:36 +0200 Subject: [PATCH 91/92] corrected variable name --- ci/loadWin.groovy | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ci/loadWin.groovy b/ci/loadWin.groovy index b2fd66d01f..6539004f96 100644 --- a/ci/loadWin.groovy +++ b/ci/loadWin.groovy @@ -149,7 +149,7 @@ def clone_sdl_repo() { if(!fileExists('sdl_repo')){ println "Starting code signing" - def statusPull = bat(returnStatus: true, script: 'git clone -b ' + env.SDL_REPO_BRANCH + ' ' + env.SIGN_REPO + ' sdl_repo') + def statusPull = bat(returnStatus: true, script: 'git clone -b ' + env.SIGN_REPO_BRANCH + ' ' + env.SIGN_REPO + ' sdl_repo') if (statusPull != 0) { error "Error: Downloading sdl_repo failed ${statusPull}. Check pipeline.log for details." } else { @@ -158,7 +158,7 @@ def clone_sdl_repo() }else{ println "Pulling latest changes in sdl_repo" dir('sdl_repo') { - def statusPull = bat(returnStatus: true, script: 'git fetch && git reset --hard origin/'+env.SDL_REPO_BRANCH) + def statusPull = bat(returnStatus: true, script: 'git fetch && git reset --hard origin/'+env.SIGN_REPO_BRANCH) if (statusPull != 0) { error "Error: Pulling latest changes in sdl_repo failed ${statusPull}. Check pipeline.log for details." } else { From 83b19866e828feb4a19c9bdbf2addea3210a1121 Mon Sep 17 00:00:00 2001 From: Pawel Date: Fri, 17 Oct 2025 14:53:47 +0200 Subject: [PATCH 92/92] adding archiving sha256 file --- ci/build_test_release.groovy | 2 +- ci/loadWin.groovy | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/ci/build_test_release.groovy b/ci/build_test_release.groovy index 4f586c7143..dc479ecdc5 100644 --- a/ci/build_test_release.groovy +++ b/ci/build_test_release.groovy @@ -60,7 +60,7 @@ pipeline { } } } - stage ("BDBA scans"){ + stage ("BDBA scans"){ when { expression { env.BDBA_SCAN == "true" } } steps { script { diff --git a/ci/loadWin.groovy b/ci/loadWin.groovy index 6539004f96..29b93e1df0 100644 --- a/ci/loadWin.groovy +++ b/ci/loadWin.groovy @@ -320,6 +320,7 @@ def archive_sign_results(){ def python_suffix = env.OVMS_PYTHON_ENABLED == "0" ? "off" : "on" archiveArtifacts allowEmptyArchive: true, artifacts: "win_sign.log" archiveArtifacts allowEmptyArchive: true, artifacts: "dist\\windows\\ovms_windows_python_${python_suffix}.zip" + archiveArtifacts allowEmptyArchive: true, artifacts: "dist\\windows\\ovms_windows_python_${python_suffix}.zip.sha256" } def setup_bazel_remote_cache(){