From d08d5d14e82dab2ba68468cddf17a9368557ab98 Mon Sep 17 00:00:00 2001 From: Yuxiang Cao Date: Wed, 13 Dec 2023 11:51:59 -0800 Subject: [PATCH] use github action --- .github/workflows/build.yml | 75 +++++++++++++++++++++++++++++++ .travis.yml => .travis.yml.unused | 0 bors.toml | 2 +- 3 files changed, 76 insertions(+), 1 deletion(-) create mode 100644 .github/workflows/build.yml rename .travis.yml => .travis.yml.unused (100%) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml new file mode 100644 index 00000000..d5dd27cb --- /dev/null +++ b/.github/workflows/build.yml @@ -0,0 +1,75 @@ +name: rust-sgx + +permissions: + contents: read + +on: + push: + paths-ignore: + - '*.md' + - 'LICENSE' + branches: + - staging + - trying + - master + pull_request: + paths-ignore: + - '*.md' + - 'LICENSE' + branches: + - master + - mz/async-usercalls + +env: + CARGO_TERM_COLOR: always + CARGO_NET_RETRY: 10 + CARGO_INCREMENTAL: 0 + RUST_BACKTRACE: 1 + CFLAGS_x86_64_fortanix_unknown_sgx: "-isystem/usr/include/x86_64-linux-gnu -mlvi-hardening -mllvm -x86-experimental-lvi-inline-asm-hardening" + CC_x86_64_fortanix_unknown_sgx: clang-11 +jobs: + build: + name: Build+test + runs-on: ubuntu-20.04 + steps: + - name: Checkout sources + uses: actions/checkout@v4 + with: + persist-credentials: false + + - name: Install dependencies + run: | + wget -qO - https://download.01.org/intel-sgx/sgx_repo/ubuntu/intel-sgx-deb.key | sudo apt-key add - + wget -qO - https://apt.llvm.org/llvm-snapshot.gpg.key | sudo apt-key add - + sudo add-apt-repository 'deb https://download.01.org/intel-sgx/sgx_repo/ubuntu focal main' + sudo add-apt-repository 'deb http://apt.llvm.org/focal/ llvm-toolchain-focal-11 main' + sudo apt-get update + sudo apt-get install faketime protobuf-compiler libsgx-dcap-ql-dev clang-11 musl-tools + + - name: Setup rust toolchain + run: | + rustup target add x86_64-fortanix-unknown-sgx x86_64-unknown-linux-musl + rustup toolchain add nightly + rustup target add x86_64-fortanix-unknown-sgx --toolchain nightly + - name: Run tests + run: | + cargo test --verbose --all --exclude sgxs-loaders --exclude async-usercalls && [ "$(echo $(nm -D target/debug/sgx-detect|grep __vdso_sgx_enter_enclave))" = "w __vdso_sgx_enter_enclave" ] + cargo +nightly test --verbose -p async-usercalls --target x86_64-fortanix-unknown-sgx --no-run + cargo +nightly test --verbose -p sgx-isa --features sgxstd --target x86_64-fortanix-unknown-sgx --no-run + cargo test --verbose -p sgxs-tools + cargo test --verbose -p dcap-ql --features link + cargo test --verbose -p dcap-ql --features verify + cargo +nightly build --verbose -p aesm-client --target=x86_64-fortanix-unknown-sgx + cargo +nightly build --verbose -p aesm-client --target=x86_64-fortanix-unknown-sgx --features sgx-isa/sgxstd + mkdir -p /tmp/muslinclude && ln -sf /usr/include/x86_64-linux-gnu/openssl /tmp/muslinclude/openssl && PKG_CONFIG_ALLOW_CROSS=1 CFLAGS=-I/tmp/muslinclude cargo build -p fortanix-sgx-tools --target x86_64-unknown-linux-musl + cargo +nightly test --manifest-path em-app/Cargo.toml --target=x86_64-fortanix-unknown-sgx --no-run + ci-success: + name: ci + if: always() + needs: + - build + runs-on: ubuntu-latest + steps: + - run: jq --exit-status 'all(.result == "success")' <<< '${{ toJson(needs) }}' + - name: Done + run: exit 0 \ No newline at end of file diff --git a/.travis.yml b/.travis.yml.unused similarity index 100% rename from .travis.yml rename to .travis.yml.unused diff --git a/bors.toml b/bors.toml index ca08e818..15f739b4 100644 --- a/bors.toml +++ b/bors.toml @@ -1,3 +1,3 @@ status = [ - "continuous-integration/travis-ci/push", + "ci", ]