-
Notifications
You must be signed in to change notification settings - Fork 98
73 lines (68 loc) · 2.96 KB
/
build.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
name: rust-sgx
permissions:
contents: read
on:
push:
paths-ignore:
- '*.md'
- 'LICENSE'
branches:
- staging
- trying
- master
pull_request:
paths-ignore:
- '*.md'
- 'LICENSE'
branches:
- master
- mz/async-usercalls
env:
CARGO_TERM_COLOR: always
CARGO_NET_RETRY: 10
CARGO_INCREMENTAL: 0
RUST_BACKTRACE: 1
CFLAGS_x86_64_fortanix_unknown_sgx: "-isystem/usr/include/x86_64-linux-gnu -mlvi-hardening -mllvm -x86-experimental-lvi-inline-asm-hardening"
CC_x86_64_fortanix_unknown_sgx: clang-11
jobs:
build:
name: Build+test
runs-on: ubuntu-20.04
steps:
- name: Checkout sources
uses: actions/checkout@v4
with:
persist-credentials: false
- name: Install dependencies
run: |
wget -qO - https://download.01.org/intel-sgx/sgx_repo/ubuntu/intel-sgx-deb.key | sudo apt-key add -
wget -qO - https://apt.llvm.org/llvm-snapshot.gpg.key | sudo apt-key add -
sudo add-apt-repository 'deb https://download.01.org/intel-sgx/sgx_repo/ubuntu focal main'
sudo add-apt-repository 'deb http://apt.llvm.org/focal/ llvm-toolchain-focal-11 main'
sudo apt-get update
sudo apt-get install faketime protobuf-compiler libsgx-dcap-ql-dev clang-11 musl-tools
- name: Setup rust toolchain
run: |
rustup target add x86_64-fortanix-unknown-sgx x86_64-unknown-linux-musl
rustup toolchain add nightly
rustup target add x86_64-fortanix-unknown-sgx --toolchain nightly
- run: cargo test --verbose --all --exclude sgxs-loaders --exclude async-usercalls && [ "$(echo $(nm -D target/debug/sgx-detect|grep __vdso_sgx_enter_enclave))" = "w __vdso_sgx_enter_enclave" ]
- run: cargo +nightly test --verbose -p async-usercalls --target x86_64-fortanix-unknown-sgx --no-run
- run: cargo +nightly test --verbose -p sgx-isa --features sgxstd --target x86_64-fortanix-unknown-sgx --no-run
- run: cargo test --verbose -p sgxs-tools
- run: cargo test --verbose -p dcap-ql --features link
- run: cargo test --verbose -p dcap-ql --features verify
- run: cargo +nightly build --verbose -p aesm-client --target=x86_64-fortanix-unknown-sgx
- run: cargo +nightly build --verbose -p aesm-client --target=x86_64-fortanix-unknown-sgx --features sgx-isa/sgxstd
- run: mkdir -p /tmp/muslinclude && ln -sf /usr/include/x86_64-linux-gnu/openssl /tmp/muslinclude/openssl && PKG_CONFIG_ALLOW_CROSS=1 CFLAGS=-I/tmp/muslinclude cargo build -p fortanix-sgx-tools --target x86_64-unknown-linux-musl
- run: cargo +nightly test --manifest-path em-app/Cargo.toml --target=x86_64-fortanix-unknown-sgx --no-run
ci-success:
name: ci
if: always()
needs:
- build
runs-on: ubuntu-latest
steps:
- run: jq --exit-status 'all(.result == "success")' <<< '${{ toJson(needs) }}'
- name: Done
run: exit 0