Page MenuHomePhabricator

Open CI
Updated 8 Days AgoPublic

Trusted Firmware CI Infrastructure Project

Project Milestones & Status

MilestoneDeliverablesTarget CompletionStatus
M1Planning, Handover and Deployment
SOW and project plan
Hand over from OCE to Developer Services
1-Jun-20 Completed

Project Plan & SoW Reviewed. Meetings have been held and follow on meetings will occur as normal course of the project
M2FVP Support (TF-M ID3, TF-A ID26)
FVP models running CI jobs

Staging Scripts (TF-M ID7, TF-A ID7)
A staging version of the scripts created on the production instance

Job configuration
- Ability to build multiple configurations of TF-A (TF-A ID9)
- Provide a way to re-trigger the jobs manually (TF-A ID3)
- Ability to specify at run time that a CI job should keep all artefacts indefinitely. (TF-A ID22)

Static Analysis Integration (TF-M ID1, TF-A ID17, TF-A ID19)
Arm check scripts
Coverity Free online check
16-July-20 (new)
25-Jun-20 (orig)
In Progress

Milestone impacted by resources supporting TF-M issues
M3 & M4TF-A Tests
Create CI loop for TF-A Tests (TF-A ID2)
- Ability to build multiple configurations of TF-A Tests (TF-A ID12)
- CI results for TF-A and TF-TF must stay available for a minimum duration (eg. 1 week) (TF-A ID21)
- Run TF-TF tests "bare metal" on FVP (TF-A ID24)

Test Levels
- Provide facility for a job to pass the "level" of testing required, eg. minimal, full, etc., where different tests are executed depending on the level passed into (TF-M ID10, TF-A ID31)
23-Jul-20In Progress
M5Specify FVP Versions (TF-A ID13)
- Update FVP support to host multiple versions of models
- Allow jobs to specify which version of FVP models are used

Compilers accessed via volumes mounted in the docker containers
- Ability to integrate alternative compilers into builds (TF-M ID9, TF-A ID10) (2 man days)
- Ability to use different versions of a compiler for builds (TF-A ID11) (2 man days)
- Integrate one alternative compiler and have two versions of the standard Arm GCC compiler to demonstrate how the functionality works. Compilers should be secure, preventing users from accessing them directly, and should only be used for building TF CI jobs
M6, M7 & M8 Musca A/B1 Support (TF-M ID5)
Musca B1 board installed in Linaro Cambridge LAVA lab.
Musca B1 board support integrated into the CI loop.

Dashboard configured in SQUAD instance (TF-M ID2, TF-A ID32)
- Metrics and test results from LAVA jobs visible in the SQUAD dashboard

Deploy HTML Reports (TF-A ID23)
- Deliver ongoing Linaro internal work to produce HTML reports from SQUAD data

Boot Results passed to Gerrit (No ID)
- Use the LAVA notification service to pass boot results back to the review that triggered the job(s)

QEMU Support (TF-M ID4)
- Integrate the QEMU SSE-200 v8m machine into the CI loop.
21-Aug-20Blocked: Awaiting healthcheck binaries

Mosca A removed and S1 on hold for Phase 3 (per 7/2 Meeting).
M9Integrate PSA compliance tests (TF-M ID6)
- Provide a build option to run PSA API tests
- Ensures patches will not break PSA compliance
M10Modularise Build and Test Process
- Remove all configuration out of the scripts and into the YAML provided to control the job. (TF-M ID14)
- Allow the user to trigger a job with default, custom or release parameters. This gives limited permissions to the user to create jobs. (TF-M ID18)
M11Documentation and User Guide (TF-M ID8)
- How to use the complete CI loop
- How to integrate a new platform, including boards in a LAVA Federated lab
- How to deploy your own instance
Completed In Progress Blocked

How to submit LSS tickets to Linaro

  1. Go to!default.jspa
  1. Fill in the drop down boxes:
    • Project: LAB & System Software (LSS)
    • Issue Type: Ticket
    • Click Next
  1. Fill in the required details
    • Summary: You should fill in the "Summary" with a snappy title. I've started to prefix my titles with "TF CI: " to help identify them in the list of issues.
    • Components: "Systems (Bugzilla, Git, Gerrit, Jenkins)"
    • Client Stakeholder: "Trusted-Firmware"
  1. Fill in the issue Description
    • You will need to fill in the Description, even if you think the title is sufficient. Provide enough overview detail so the issue is clear to understand by management, but make sure you include all the technical details you need for the support engineer to reproduce and resolve your problem.
  1. Click the "Create" button at the bottom of the page
  1. Add Watchers
    • It's probably a good idea to add Bill Fletcher and Ryan Harkin to the Watchers on the ticket.

If you are unable to create a ticket or have issues, you may need Jira access setup. Please contact: Glen ( or Bill ( or Ryan (

Last Author
Last Edited
Thu, Jul 2, 4:22 PM

Event Timeline

bfletcher created this object.Jun 4 2020, 2:55 PM
gvalante edited the content of this document. (Show Details)Jun 4 2020, 5:02 PM
gvalante edited the content of this document. (Show Details)Jun 4 2020, 9:00 PM
gvalante edited the content of this document. (Show Details)Jun 10 2020, 2:25 PM
gvalante added a subscriber: gvalante.
Karl added a subscriber: Karl.Thu, Jun 11, 7:50 AM
gvalante edited the content of this document. (Show Details)Wed, Jun 17, 3:23 PM

Hi, for the static analysis checks, is it possible to update/increase the rules per platform? Also, is it possible to introduce more scanners for a platform?


Hi Varun,
Yes, both are possible, but if I understand you correctly, they are out of scope for the Phase 2 project.

Hi Ryan,

I agree that this wont be part of phase 2. I just wanted to know how this would scale up for more platforms and if there is any room for platforms to increase scanners and rules.

For Tegra platforms, at least, we use CERT and CCM scanners. We also enable more MISRA rules than TF-A. I'm glad that we will have the freedom to enable them with OpenCI at some point.


gvalante edited the content of this document. (Show Details)Fri, Jun 26, 8:05 PM
gvalante edited the content of this document. (Show Details)Mon, Jun 29, 8:34 PM
gvalante edited the content of this document. (Show Details)Wed, Jul 1, 3:58 PM
gvalante edited the content of this document. (Show Details)Wed, Jul 1, 4:09 PM
gvalante edited the content of this document. (Show Details)Thu, Jul 2, 4:22 PM