Skip to content

Commit

Permalink
migrate to github action
Browse files Browse the repository at this point in the history
  • Loading branch information
Taowyoo committed Dec 22, 2023
1 parent c9028cf commit 2812396
Show file tree
Hide file tree
Showing 3 changed files with 99 additions and 66 deletions.
98 changes: 98 additions & 0 deletions .github/workflows/build.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,98 @@
name: CI

on:
push:
paths-ignore:
- '*.md'
- 'LICENSE'
branches:
- staging
- trying
- master
pull_request:
paths-ignore:
- '*.md'
- 'LICENSE'
branches:
- master
merge_group:

env:
RUST_BACKTRACE: 1
CARGO_TERM_COLOR: always
CARGO_INCREMENTAL: 0
CARGO_NET_RETRY: 10

jobs:
test:
name: Build+Test
runs-on: ubuntu-20.04

steps:
- uses: actions/checkout@v4

- name: Install additional dependencies
run: |
sudo apt-key adv --fetch-keys 'https://download.01.org/intel-sgx/sgx_repo/ubuntu/intel-sgx-deb.key'
sudo add-apt-repository 'deb https://download.01.org/intel-sgx/sgx_repo/ubuntu focal main'
sudo apt-key adv --fetch-keys 'https://apt.llvm.org/llvm-snapshot.gpg.key'
sudo add-apt-repository 'deb http://apt.llvm.org/focal/ llvm-toolchain-focal-11 main'
sudo apt-get update -y
sudo apt-get install -y faketime protobuf-compiler libsgx-dcap-ql-dev clang-11 musl-tools
- name: Setup Rust toolchain
run: |
rustup target add x86_64-fortanix-unknown-sgx x86_64-unknown-linux-musl
rustup toolchain add nightly
rustup target add x86_64-fortanix-unknown-sgx --toolchain nightly
rustup update
- name: Cargo test --all --exclude sgxs-loaders
run: cargo test --verbose --locked --all --exclude sgxs-loaders && [ "$(echo $(nm -D target/debug/sgx-detect|grep __vdso_sgx_enter_enclave))" = "w __vdso_sgx_enter_enclave"

- name: Cargo test -p dcap-ql --features link
run: cargo test --verbose --locked -p dcap-ql --features link

- name: Cargo test -p dcap-ql --features verify
run: cargo test --verbose --locked -p dcap-ql --features verify

- name: Cargo test -p ias --features mbedtls
run: cargo test --verbose --locked -p ias --features mbedtls

- name: Cargo test -p ias --features client,mbedtls
run: cargo test --verbose --locked -p ias --features client,mbedtls

# uses backtrace, which still requires nightly on SGX
- name: Nightly build -p aesm-client --target=x86_64-fortanix-unknown-sgx
run: cargo +nightly build --verbose --locked -p aesm-client --target=x86_64-fortanix-unknown-sgx

# uses sgxstd feature
- name: Nightly build -p aesm-client --target=x86_64-fortanix-unknown-sgx --features sgx-isa/sgxstd
run: cargo +nightly build --verbose --locked -p aesm-client --target=x86_64-fortanix-unknown-sgx --features sgx-isa/sgxstd

- name: Nightly test -p sgx-isa --features sgxstd --target x86_64-fortanix-unknown-sgx --no-run
run: cargo +nightly test --verbose --locked -p sgx-isa --features sgxstd --target x86_64-fortanix-unknown-sgx --no-run

# Unfortunately running `faketime '2021-09-10 11:00:00 GMT' cargo test -p nitro-attestation-verify` causes a segmentation
# fault while compiling. We only execute `faketime` during the tests
#- run: cargo test --locked -p nitro-attestation-verify --no-run && faketime '2021-09-08 11:00:00 GMT' cargo test --locked -p nitro-attestation-verify --lib

- name: Cargo test nitro-attestation-verify with faketime
run: cargo test --locked -p nitro-attestation-verify --no-run && faketime '2021-09-10 11:00:00 GMT' cargo test --locked -p nitro-attestation-verify --lib

- name: Build fortanix-sgx-tools for x86_64-unknown-linux-musl
# NOTE: Skipping linking with the glibc version of OpenSSL to produce a musl based binary. It is unlikely that this would produce a working binary anyway.
run: |
mkdir -p /tmp/muslinclude
ln -sf /usr/include/x86_64-linux-gnu/openssl /tmp/muslinclude/openssl
PKG_CONFIG_ALLOW_CROSS=1 CFLAGS=-I/tmp/muslinclude CARGO_TARGET_X86_64_UNKNOWN_LINUX_MUSL_LINKER=true cargo build --locked -p fortanix-sgx-tools --target x86_64-unknown-linux-musl
- name: Build em-app, get-certificate, harmonize for x86_64-unknown-linux-musl
run: cargo build --verbose --locked -p em-app -p get-certificate -p harmonize --target=x86_64-unknown-linux-musl

- name: Build em-app, get-certificate, harmonize for x86_64-fortanix-unknown-sgx
run: cargo build --verbose --locked -p em-app -p get-certificate -p harmonize --target=x86_64-fortanix-unknown-sgx

- name: Generate API docs
run: ./doc/generate-api-docs.sh

65 changes: 0 additions & 65 deletions .travis.yml

This file was deleted.

2 changes: 1 addition & 1 deletion bors.toml
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
status = [
"continuous-integration/travis-ci/push",
"test",
]

0 comments on commit 2812396

Please sign in to comment.