forked from confidential-containers/guest-components
-
Notifications
You must be signed in to change notification settings - Fork 1
116 lines (103 loc) · 3.81 KB
/
aa_basic.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
name: attestation-agent basic build and unit tests
on:
push:
branches:
- "main"
paths:
- 'attestation-agent/**'
- '.github/workflows/aa_basic.yml'
- 'Cargo.toml'
- 'Cargo.lock'
pull_request:
paths:
- 'attestation-agent/**'
- '.github/workflows/aa_basic.yml'
- 'Cargo.toml'
- 'Cargo.lock'
create:
workflow_dispatch:
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
cancel-in-progress: true
jobs:
basic_ci:
if: github.event_name != 'push'
name: Check
defaults:
run:
working-directory: ./attestation-agent
strategy:
fail-fast: false
matrix:
rust:
- stable
instance:
- ubuntu-22.04
- s390x
include:
- instance: ubuntu-22.04
make_args: ""
cargo_test_opts: "--features openssl,rust-crypto,all-attesters,kbs,coco_as"
cargo_lint_opts: "--workspace"
- instance: s390x
make_args: "ATTESTER=se-attester TEE_PLATFORM=se"
cargo_test_opts: "--no-default-features --features openssl,passport,se-attester,kbs,coco_as"
cargo_lint_opts: "--no-default-features --features openssl,se-attester,kbs,coco_as -p attestation-agent -p attester -p coco_keyprovider -p kbc -p kbs_protocol -p crypto -p resource_uri"
runs-on: ${{ matrix.instance }}
steps:
- name: Code checkout
uses: actions/checkout@v4
with:
fetch-depth: 1
- name: Install Rust toolchain (${{ matrix.rust }})
uses: actions-rs/toolchain@v1
with:
profile: minimal
toolchain: ${{ matrix.rust }}
override: true
components: rustfmt, clippy
- name: Install protoc
run: |
sudo apt-get update && sudo apt-get install -y protobuf-compiler
- name: Install TDX dependencies
run: |
sudo curl -sL https://download.01.org/intel-sgx/sgx_repo/ubuntu/intel-sgx-deb.key | sudo gpg --dearmor --output /usr/share/keyrings/intel-sgx.gpg
sudo echo 'deb [arch=amd64 signed-by=/usr/share/keyrings/intel-sgx.gpg] https://download.01.org/intel-sgx/sgx_repo/ubuntu jammy main' | sudo tee /etc/apt/sources.list.d/intel-sgx.list
sudo apt-get update
sudo apt-get install -y --no-install-recommends libtdx-attest-dev
if: matrix.instance == 'ubuntu-22.04'
- name: Install TPM dependencies
run: |
sudo apt-get update
sudo apt-get install -y libtss2-dev
if: matrix.instance == 'ubuntu-22.04'
- name: Install dm-verity dependencies
run: |
sudo apt-get update
sudo apt-get install -y libdevmapper-dev
- name: Gnu build and install with ttrpc
run: |
mkdir -p ${HOME}/.local/bin
eval make ttrpc=true ${MAKE_ARGS} && make install PREFIX=${HOME}/.local
env:
MAKE_ARGS: ${{ matrix.make_args }}
- name: Musl build with all platform
run: |
make LIBC=musl ttrpc=true ATTESTER=none
if: matrix.instance == 'ubuntu-22.04'
- name: Run cargo test
uses: actions-rs/cargo@v1
with:
command: test
args: ${{ matrix.cargo_test_opts }} -p attestation-agent -p attester -p coco_keyprovider -p kbc -p kbs_protocol -p crypto -p resource_uri
- name: Run cargo fmt check
uses: actions-rs/cargo@v1
with:
command: fmt
args: --all -- --check
- name: Run rust lint check
uses: actions-rs/cargo@v1
with:
command: clippy
# We are getting error in generated code due to derive_partial_eq_without_eq check, so ignore it for now
args: ${{ matrix.cargo_lint_opts }} -- -D warnings -A clippy::derive-partial-eq-without-eq