ci: fix ci tests

Signed-off-by: Xynnn007 <[email protected]>
confidential-containers · Nov 3, 2023 · 5b7b631 · 5b7b631
1 parent 953aa59
commit 5b7b631
Show file tree

Hide file tree

Showing 10 changed files with 92 additions and 68 deletions.
diff --git a/attestation-service/.github/dependabot.yml → .github/dependabot.yml b/attestation-service/.github/dependabot.yml → .github/dependabot.yml
@@ -9,15 +9,13 @@ updates:
       - dependency-type: direct
       - dependency-type: indirect
 
-  - package-ecosystem: "gomod"
-    directory: "/attestation-service/src/cgo" # Location of shim's go.mod
-    schedule:
-      interval: "daily"
-    open-pull-requests-limit: 1
-
   - package-ecosystem: "github-actions"
     directory: "/"
     schedule:
       interval: "weekly"
 
-
+  - package-ecosystem: "gomod"
+    directory: "/attestation-service/attestation-service/src/cgo" # Location of go.mod
+    schedule:
+      interval: "daily"
+    open-pull-requests-limit: 1
diff --git a/...ation-service/.github/workflows/basic.yml → .github/workflows/as-basic.yml b/...ation-service/.github/workflows/basic.yml → .github/workflows/as-basic.yml
@@ -1,5 +1,18 @@
 name: attestation-service basic build and unit tests
-on: [push, pull_request, create]
+on:
+  push:
+    branches:
+      - "main"
+    paths:
+      - 'attestation-service/**'
+      - '.github/workflows/as_basic.yml'
+      - 'Cargo.toml'
+  pull_request:
+    paths:
+      - 'attestation-service/**'
+      - '.github/workflows/as_basic.yml'
+      - 'Cargo.toml'
+  create:
 
 jobs:
   basic_ci:
@@ -24,8 +37,8 @@ jobs:
 
       - name: OPA policy.rego fmt and check
         run: |
-          opa fmt -d ./attestation-service/src/policy_engine/opa/default_policy.rego | awk '{ print } END { if (NR!=0) { print "run `opa fmt -w <path_to_rego>` to fix this"; exit 1 } }'
-          opa check ./attestation-service/src/policy_engine/opa/default_policy.rego
+          opa fmt -d ./attestation-service/attestation-service/src/policy_engine/opa/default_policy.rego | awk '{ print } END { if (NR!=0) { print "run `opa fmt -w <path_to_rego>` to fix this"; exit 1 } }'
+          opa check ./attestation-service/attestation-service/src/policy_engine/opa/default_policy.rego
 
       - name: Install protoc
         run: |
@@ -52,23 +65,24 @@ jobs:
           components: rustfmt, clippy
 
       - name: Build
+        working-directory: attestation-service
         run: |
           make
 
       - name: Run cargo test
         uses: actions-rs/cargo@v1
         with:
-          command: test
+          command: test -p attestation-service -p as-types -p grpc-as -p rvps -p rvps-client
 
       - name: Run cargo fmt check
         uses: actions-rs/cargo@v1
         with:
           command: fmt
-          args: --all -- --check
+          args: -p attestation-service -p as-types -p grpc-as -p rvps -p rvps-client --check
 
       - name: Run rust lint check
         uses: actions-rs/cargo@v1
         with:
           command: clippy
           # We are getting error in generated code due to derive_partial_eq_without_eq check, so ignore it for now
-          args: -- -D warnings -A clippy::derive_partial_eq_without_eq
+          args: -p attestation-service -p as-types -p grpc-as -p rvps -p rvps-client -- -D warnings -A clippy::derive_partial_eq_without_eq
diff --git a/.github/workflows/as-dockerbuild.yml b/.github/workflows/as-dockerbuild.yml
@@ -0,0 +1,35 @@
+name: AS & RVPS Container image build test
+on:
+  push:
+    branches:
+      - "main"
+    paths:
+      - 'attestation-service/**'
+      - '.github/workflows/as-dockerbuild.yml'
+      - 'Cargo.toml'
+  pull_request:
+    paths:
+      - 'attestation-service/**'
+      - '.github/workflows/as-dockerbuild.yml'
+      - 'Cargo.toml'
+  create:
+
+jobs:
+  basic_ci:
+    if: github.event_name == 'pull_request' || github.event_name == 'push'
+    name: Check
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+
+    steps:
+    - name: Code checkout
+      uses: actions/checkout@v4
+
+    - name: Build gRPC AS Container Image
+      run: |
+        DOCKER_BUILDKIT=1 docker build -t attestation-service:latest . -f attestation-service/Dockerfile.as
+
+    - name: Build RVPS Container Image
+      run: |
+        Docker_BUILDKIT=1 docker build -t rvps:latest . -f attestation-service/Dockerfile.rvps
diff --git a/kbs/.github/workflows/docker-build.yml → .github/workflows/kbs-docker-build.yml b/kbs/.github/workflows/docker-build.yml → .github/workflows/kbs-docker-build.yml
@@ -12,8 +12,8 @@ jobs:
     - name: Code checkout
       uses: actions/checkout@v4
 
-    - name: Build Container Image
+    - name: Build KBS Container Image
       run: |
-        DOCKER_BUILDKIT=1 docker build -t kbs:coco-as . -f docker/Dockerfile; \
-        DOCKER_BUILDKIT=1 docker build -t kbs:coco-as-openssl --build-arg KBS_FEATURES=coco-as-builtin,openssl,resource,opa . -f docker/Dockerfile; \
-        DOCKER_BUILDKIT=1 docker build -t kbs:coco-as-grpc . -f docker/Dockerfile.coco-as-grpc
+        DOCKER_BUILDKIT=1 docker build -t kbs:coco-as . -f kbs/docker/Dockerfile; \
+        DOCKER_BUILDKIT=1 docker build -t kbs:coco-as-openssl --build-arg KBS_FEATURES=coco-as-builtin,openssl,resource,opa . -f kbs/docker/Dockerfile; \
+        DOCKER_BUILDKIT=1 docker build -t kbs:coco-as-grpc . -f kbs/docker/Dockerfile.coco-as-grpc
diff --git a/kbs/.github/workflows/e2e.yaml → .github/workflows/kbs-e2e.yaml b/kbs/.github/workflows/e2e.yaml → .github/workflows/kbs-e2e.yaml
@@ -1,4 +1,4 @@
-name: e2e
+name: KBS e2e
 
 on:
   pull_request:
@@ -42,17 +42,17 @@ jobs:
         key: rust-${{ hashFiles('./Cargo.lock') }}
 
     - name: Install dependencies
-      working-directory: test
+      working-directory: kbs/test
       run: sudo make install-dependencies
 
     - name: Build bins
-      working-directory: test
+      working-directory: kbs/test
       run: make bins
 
     - name: Set cc_kbc sample attester env
       if: matrix.tee == 'sample'
       run: echo "AA_SAMPLE_ATTESTER_TEST=1" >> "$GITHUB_ENV"
 
     - name: Run e2e test
-      working-directory: test
+      working-directory: kbs/test
       run: sudo -E make e2e-test
diff --git a/kbs/.github/workflows/release.yaml → .github/workflows/kbs-release.yaml b/kbs/.github/workflows/release.yaml → .github/workflows/kbs-release.yaml
@@ -1,4 +1,4 @@
-name: Cut Release
+name: Cut KBS Release
 
 on:
   release:
@@ -23,7 +23,7 @@ jobs:
         uses: docker/build-push-action@v4
         with:
           context: .
-          file: ./docker/Dockerfile
+          file: ./kbs/docker/Dockerfile
           platforms: linux/amd64
           push: true
           tags: ghcr.io/confidential-containers/key-broker-service:built-in-as-${{ github.ref_name }}
@@ -32,7 +32,7 @@ jobs:
         uses: docker/build-push-action@v4
         with:
           context: .
-          file: ./docker/Dockerfile.coco-as-grpc
+          file: ./kbs/docker/Dockerfile.coco-as-grpc
           platforms: linux/amd64
           push: true
           tags: ghcr.io/confidential-containers/key-broker-service:${{ github.ref_name }}, ghcr.io/confidential-containers/key-broker-service:latest
diff --git a/kbs/.github/workflows/rust.yml → .github/workflows/kbs-rust.yml b/kbs/.github/workflows/rust.yml → .github/workflows/kbs-rust.yml
@@ -1,10 +1,18 @@
-name: rust tests
+name: kbs rust tests
 
 on:
   push:
-    branches: [ "main" ]
+    branches:
+      - "main"
+    paths:
+      - 'kbs/**'
+      - '.github/workflows/kbs-rust.yml'
+      - 'Cargo.toml'
   pull_request:
-    branches: [ "main" ]
+    paths:
+      - 'kbs/**'
+      - '.github/workflows/kbs-rust.yml'
+      - 'Cargo.toml'
 
 env:
   CARGO_TERM_COLOR: always
@@ -53,22 +61,29 @@ jobs:
         sudo apt-get install -y libtdx-attest-dev libsgx-dcap-quote-verify-dev
 
     - name: KBS Build [Default]
+      working-directory: kbs
       run: make
 
     - name: KBS Build [Built-in CoCo AS, OpenSSL]
+      working-directory: kbs
       run: make HTTPS_CRYPTO=openssl
 
     - name: KBS Build [gRPC CoCo AS, RustTLS]
+      working-directory: kbs
       run: make COCO_AS_INTEGRATE_TYPE=grpc
 
     - name: build KBS with amber AS mode
+      working-directory: kbs
       run: make AS_TYPE=amber-as
 
     - name: Lint
+      working-directory: kbs
       run: make lint
 
     - name: Format
+      working-directory: kbs
       run: make format
 
     - name: Test
+      working-directory: kbs
       run: make check
diff --git a/...ion-service/.github/workflows/release.yml → .github/workflows/release.yml b/...ion-service/.github/workflows/release.yml → .github/workflows/release.yml
@@ -1,4 +1,4 @@
-name: Cut Release
+name: Cut Attestation Service Release
 
 on:
   release:
@@ -23,7 +23,7 @@ jobs:
         uses: docker/build-push-action@v4
         with:
           context: .
-          file: ./Dockerfile.as
+          file: ./attestation-service/Dockerfile.as
           platforms: linux/amd64
           push: true
           tags: ghcr.io/confidential-containers/attestation-service:latest, ghcr.io/confidential-containers/attestation-service:${{ github.ref_name }}
@@ -32,7 +32,7 @@ jobs:
         uses: docker/build-push-action@v4
         with:
           context: .
-          file: ./Dockerfile.rvps
+          file: ./attestation-service/Dockerfile.rvps
           platforms: linux/amd64
           push: true
           tags: ghcr.io/confidential-containers/reference-value-provider-service:latest, ghcr.io/confidential-containers/reference-value-provider-service:${{ github.ref_name }}
diff --git a/attestation-service/.github/workflows/dockerbuild.yml b/attestation-service/.github/workflows/dockerbuild.yml
diff --git a/kbs/.github/dependabot.yml b/kbs/.github/dependabot.yml