forked from confidential-containers/guest-components
-
Notifications
You must be signed in to change notification settings - Fork 0
89 lines (79 loc) · 2.73 KB
/
aa_cc_kbc.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
name: attestation-agent cc_kbc tests
on:
push:
branches:
- 'main'
paths:
- 'attestation-agent/kbc/cc_kbc/**'
- 'attestation-agent/kbs_protocol/**'
- 'attestation-agent/lib/**'
- '.github/workflows/aa_cc_kbc.yml'
pull_request:
paths:
- 'attestation-agent/kbc/cc_kbc/**'
- 'attestation-agent/kbs_protocol/**'
- 'attestation-agent/lib/**'
- '.github/workflows/aa_cc_kbc.yml'
create:
workflow_dispatch:
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
cancel-in-progress: true
jobs:
cc_kbc_ci:
if: github.event_name != 'push' || github.event.pull_request.merged == false
name: Check
defaults:
run:
working-directory: ./attestation-agent
runs-on: ubuntu-22.04
strategy:
fail-fast: false
matrix:
rust:
- stable
kbc:
- cc_kbc
- cc_kbc_tdx
- cc_kbc_sgx
- cc_kbc_az_snp_vtpm
- cc_kbc_snp
steps:
- name: Code checkout
uses: actions/checkout@v4
with:
fetch-depth: 1
- name: Install Rust toolchain (${{ matrix.rust }})
uses: actions-rs/toolchain@v1
with:
profile: minimal
toolchain: ${{ matrix.rust }}
override: true
components: rustfmt
- name: Install TDX dependencies
run: |
sudo curl -sL https://download.01.org/intel-sgx/sgx_repo/ubuntu/intel-sgx-deb.key | sudo gpg --dearmor --output /usr/share/keyrings/intel-sgx.gpg
sudo echo 'deb [arch=amd64 signed-by=/usr/share/keyrings/intel-sgx.gpg] https://download.01.org/intel-sgx/sgx_repo/ubuntu jammy main' | sudo tee /etc/apt/sources.list.d/intel-sgx.list
sudo apt-get update
sudo apt-get install -y --no-install-recommends libtdx-attest-dev
- name: Install TPM dependencies
run: |
sudo apt-get update
sudo apt-get install -y libtss2-dev
- name: Install protoc
run: |
sudo apt-get update && sudo apt-get install -y protobuf-compiler
- name: Build and install with ${{ matrix.kbc }} feature
run: |
make KBC=${{ matrix.kbc }} && make install
- name: Run rust lint check
uses: actions-rs/cargo@v1
with:
command: clippy
# We are getting error in generated code due to derive_partial_eq_without_eq check, so ignore it for now
args: -p kbc --all-targets --features cc_kbc,all-attesters,rust-crypto -- -D warnings -A clippy::derive_partial_eq_without_eq
- name: Run cargo test
uses: actions-rs/cargo@v1
with:
command: test
args: --features cc_kbc,all-attesters,rust-crypto -p kbc