attestation-agent basic build and unit tests #78
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: attestation-agent basic build and unit tests | |
on: | |
push: | |
branches: | |
- "main" | |
paths: | |
- 'attestation-agent/**' | |
- '.github/workflows/aa_basic.yml' | |
- 'Cargo.toml' | |
- 'Cargo.lock' | |
pull_request: | |
paths: | |
- 'attestation-agent/**' | |
- '.github/workflows/aa_basic.yml' | |
- 'Cargo.toml' | |
- 'Cargo.lock' | |
create: | |
workflow_dispatch: | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} | |
cancel-in-progress: true | |
jobs: | |
basic_ci: | |
name: Check | |
defaults: | |
run: | |
working-directory: ./attestation-agent | |
strategy: | |
fail-fast: false | |
matrix: | |
rust: | |
- stable | |
instance: | |
- ubuntu-22.04 | |
- s390x | |
include: | |
- instance: ubuntu-22.04 | |
make_args: "" | |
cargo_test_opts: "--features openssl,rust-crypto,all-attesters,kbs,coco_as" | |
cargo_lint_opts: "--workspace" | |
- instance: s390x | |
make_args: "ATTESTER=se-attester TEE_PLATFORM=se" | |
cargo_test_opts: "--no-default-features --features openssl,passport,se-attester,kbs,coco_as" | |
cargo_lint_opts: "--no-default-features --features openssl,se-attester,kbs,coco_as -p attestation-agent -p attester -p coco_keyprovider -p kbc -p kbs_protocol -p crypto -p resource_uri" | |
runs-on: ${{ matrix.instance }} | |
steps: | |
- name: Code checkout | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 1 | |
- name: Take a pre-action for self-hosted runner | |
run: | | |
if [ -f "${HOME}/script/pre_action.sh" ]; then | |
"${HOME}/script/pre_action.sh" cc-guest-components | |
fi | |
- name: Install Rust toolchain (${{ matrix.rust }}) | |
uses: actions-rs/toolchain@v1 | |
with: | |
profile: minimal | |
toolchain: ${{ matrix.rust }} | |
override: true | |
components: rustfmt, clippy | |
- name: Install protoc | |
run: | | |
sudo apt-get update && sudo apt-get install -y protobuf-compiler | |
- name: Install TDX dependencies | |
run: | | |
sudo curl -sL https://download.01.org/intel-sgx/sgx_repo/ubuntu/intel-sgx-deb.key | sudo gpg --dearmor --output /usr/share/keyrings/intel-sgx.gpg | |
sudo echo 'deb [arch=amd64 signed-by=/usr/share/keyrings/intel-sgx.gpg] https://download.01.org/intel-sgx/sgx_repo/ubuntu jammy main' | sudo tee /etc/apt/sources.list.d/intel-sgx.list | |
sudo apt-get update | |
sudo apt-get install -y --no-install-recommends libtdx-attest-dev | |
if: matrix.instance == 'ubuntu-22.04' | |
- name: Install TPM dependencies | |
run: | | |
sudo apt-get update | |
sudo apt-get install -y libtss2-dev | |
if: matrix.instance == 'ubuntu-22.04' | |
- name: Install dm-verity dependencies | |
run: | | |
sudo apt-get update | |
sudo apt-get install -y libdevmapper-dev | |
- name: Gnu build and install with ttrpc | |
run: | | |
mkdir -p ${HOME}/.local/bin | |
eval make ttrpc=true ${MAKE_ARGS} && make install PREFIX=${HOME}/.local | |
env: | |
MAKE_ARGS: ${{ matrix.make_args }} | |
- name: Musl build with all platform | |
run: | | |
make LIBC=musl ttrpc=true ATTESTER=none | |
if: matrix.instance == 'ubuntu-22.04' | |
- name: Run cargo test | |
uses: actions-rs/cargo@v1 | |
with: | |
command: test | |
args: ${{ matrix.cargo_test_opts }} -p attestation-agent -p attester -p coco_keyprovider -p kbc -p kbs_protocol -p crypto -p resource_uri | |
- name: Run cargo fmt check | |
uses: actions-rs/cargo@v1 | |
with: | |
command: fmt | |
args: --all -- --check | |
- name: Run rust lint check | |
uses: actions-rs/cargo@v1 | |
with: | |
command: clippy | |
# We are getting error in generated code due to derive_partial_eq_without_eq check, so ignore it for now | |
args: ${{ matrix.cargo_lint_opts }} -- -D warnings -A clippy::derive-partial-eq-without-eq | |
- name: Take a post-action for self-hosted runner | |
if: always() | |
run: | | |
if [ -f ${HOME}/script/post_action.sh ]; then | |
${HOME}/script/post_action.sh cc-guest-components | |
fi |