Added checks for AS and KBS policy setting #967
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CoCo-AS e2e | |
on: | |
pull_request: | |
branches: [ "main" ] | |
# Self-hosted runners do not set -o pipefail otherwise | |
defaults: | |
run: | |
shell: bash | |
jobs: | |
e2e-test: | |
strategy: | |
fail-fast: false | |
matrix: | |
include: | |
# TODO: Add real HW-TEE test | |
# See https://github.com/confidential-containers/trustee/issues/223 | |
# - runner: self-hosted | |
# generate_evidence: true | |
# grpc_tee_enum: 3 | |
# restful_tee_enum: tdx | |
- runner: ubuntu-22.04 | |
generate_evidence: false | |
grpc_tee_enum: 2 | |
restful_tee_enum: snp | |
name: TEE=${{ matrix.restful_tee_enum }} Generate Evidence Dynamically=${{ matrix.generate_evidence }} | |
runs-on: ${{ matrix.runner }} | |
env: | |
RUSTC_VERSION: 1.76.0 | |
GRPC_TEE_ENUM: ${{ matrix.grpc_tee_enum }} | |
RESTFUL_TEE_ENUM: ${{ matrix.restful_tee_enum }} | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Install Rust toolchain (${{ env.RUSTC_VERSION }}) | |
uses: actions-rust-lang/setup-rust-toolchain@v1 | |
with: | |
toolchain: ${{ env.RUSTC_VERSION }} | |
components: rustfmt, clippy | |
- uses: actions/setup-go@v5 | |
with: | |
go-version: stable | |
- name: Set up rust build cache | |
uses: actions/cache@v4 | |
continue-on-error: false | |
with: | |
path: | | |
~/.cargo/registry/index/ | |
~/.cargo/registry/cache/ | |
target/ | |
key: rust-${{ hashFiles('./Cargo.lock') }} | |
- name: Install dependencies | |
if: ${{ matrix.runner == 'ubuntu-22.04' }} | |
working-directory: attestation-service/tests/e2e | |
run: | | |
make install-dependencies | |
go install github.com/fullstorydev/grpcurl/cmd/grpcurl@latest | |
- name: Run e2e test (gRPC) | |
working-directory: attestation-service/tests/e2e | |
run: make e2e-grpc-test | |
- name: Run e2e test (RESTful) | |
working-directory: attestation-service/tests/e2e | |
run: make e2e-restful-test |