Modify Makefile for Azure, refactor code in main.rs #1427
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| on: | |
| push: | |
| paths-ignore: | |
| - "**.md" | |
| pull_request: | |
| paths-ignore: | |
| - "**.md" | |
| workflow_dispatch: | |
| name: Integration Test on TDX Server | |
| env: | |
| AS: nasm | |
| RUST_TOOLCHAIN: 1.83.0 | |
| TOOLCHAIN_PROFILE: minimal | |
| permissions: | |
| contents: read | |
| jobs: | |
| virtio_vsock: | |
| name: Run TDX Integration Test (virtio-vsock) | |
| runs-on: [self-hosted, tdx] | |
| timeout-minutes: 60 | |
| steps: | |
| # Install first since it's needed to build NASM | |
| # - name: Install LLVM and Clang | |
| # uses: KyleMayes/install-llvm-action@v1 | |
| # with: | |
| # version: "10.0" | |
| # directory: ${{ runner.temp }}/llvm | |
| # - name: Install NASM | |
| # uses: ilammy/setup-nasm@v1 | |
| # - name: Install tools for sgx lib | |
| # run: sudo dnf group install 'Development Tools' | sudo dnf --enablerepo=powertools install ocaml ocaml-ocamlbuild wget rpm-build pkgcon | |
| - name: Clean test repository | |
| run: | | |
| sudo rm -rf sh_script/test/ | |
| - name: Checkout sources | |
| uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 | |
| with: | |
| submodules: recursive | |
| - name: Preparation Work | |
| run: bash sh_script/preparation.sh | |
| - name: Build Migration TD binary (policy v1 + TLS + Release) | |
| run: cargo image --policy config/policy_pre_production_fmspc.json --root-ca config/Intel_SGX_Provisioning_Certification_RootCA_preproduction.cer | |
| - name: Run Tests | |
| run: | | |
| pushd sh_script/test | |
| sudo pytest -k "pre_migration" --servtd_hash $(cargo hash --image $GITHUB_WORKSPACE/target/release/migtd.bin) | |
| popd | |
| - name: Clean Up | |
| run: cargo clean | |
| - name: Build Migration TD binary (policy v2 + TLS + Release) | |
| run: cargo image --policy-v2 --policy config/templates/policy_v2_signed.json --policy-issuer-chain config/templates/policy_issuer_chain.pem --root-ca config/Intel_SGX_Provisioning_Certification_RootCA_preproduction.cer | |
| - name: Run Tests | |
| run: | | |
| pushd sh_script/test | |
| sudo pytest -k "pre_migration" | |
| popd | |
| - name: Set Spdm Config | |
| run: echo "SPDM_CONFIG=../../../config/spdm_config_policy_v2.json" >> "$GITHUB_ENV" | |
| - name: Clean Up | |
| run: cargo clean | |
| - name: Build Migration TD binary (policy v2 + SPDM + Release) | |
| run: cargo image --features spdm_attestation --policy-v2 --policy config/templates/policy_v2_signed.json --policy-issuer-chain config/templates/policy_issuer_chain.pem | |
| - name: Run Tests - Test pre-binding | |
| run: | | |
| pushd sh_script/test | |
| sudo pytest -k "pre_migration" | |
| popd | |
| virtio_serial: | |
| name: Run TDX Integration Test (virtio-serial) | |
| runs-on: [self-hosted, tdx] | |
| steps: | |
| - name: Clean test repository | |
| run: | | |
| sudo rm -rf sh_script/test/ | |
| - name: Checkout sources | |
| uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 | |
| with: | |
| submodules: recursive | |
| - name: Preparation Work | |
| run: bash sh_script/preparation.sh | |
| - name: Build Migration TD binary (policy v1 + TLS + Release) | |
| run: cargo image --no-default-features --features stack-guard,virtio-serial --policy config/policy_pre_production_fmspc.json --root-ca config/Intel_SGX_Provisioning_Certification_RootCA_preproduction.cer | |
| - name: Run Tests | |
| run: | | |
| pushd sh_script/test | |
| sudo pytest -k "pre_migration" --device_type serial --servtd_hash $(cargo hash --image $GITHUB_WORKSPACE/target/release/migtd.bin) | |
| popd | |
| - name: Build all test binaries | |
| run: bash sh_script/build_final.sh -t test -c -a on -d serial | |
| - name: Run Tests | |
| run: | | |
| pushd sh_script/test | |
| sudo pytest -k "function" --device_type serial | |
| popd | |
| - name: Clean Up | |
| run: cargo clean | |
| - name: Build Migration TD binary (policy v1 + TLS + Debug) | |
| run: cargo image --no-default-features --features stack-guard,virtio-serial --policy config/policy_pre_production_fmspc.json --root-ca config/Intel_SGX_Provisioning_Certification_RootCA_preproduction.cer --debug | |
| - name: Run Tests | |
| run: | | |
| pushd sh_script/test | |
| sudo pytest -k "pre_migration" --device_type serial --servtd_hash $(cargo hash --image $GITHUB_WORKSPACE/target/debug/migtd.bin) --target debug | |
| popd | |
| - name: Clean Up | |
| run: cargo clean | |
| - name: Build Migration TD binary (policy v2 + TLS + Release) | |
| run: cargo image --no-default-features --features stack-guard,virtio-serial --policy-v2 --policy config/templates/policy_v2_signed.json --policy-issuer-chain config/templates/policy_issuer_chain.pem --root-ca config/Intel_SGX_Provisioning_Certification_RootCA_preproduction.cer | |
| - name: Run Tests | |
| run: | | |
| pushd sh_script/test | |
| sudo pytest -k "pre_migration" --device_type serial --servtd_hash $(cargo hash --image $GITHUB_WORKSPACE/target/release/migtd.bin --policy-v2) | |
| popd | |
| - name: Clean Up | |
| run: cargo clean | |
| - name: Build Migration TD binary (policy v2 + TLS + Debug) | |
| run: cargo image --no-default-features --features stack-guard,virtio-serial --policy-v2 --policy config/templates/policy_v2_signed.json --policy-issuer-chain config/templates/policy_issuer_chain.pem --root-ca config/Intel_SGX_Provisioning_Certification_RootCA_preproduction.cer --debug | |
| - name: Run Tests | |
| run: | | |
| pushd sh_script/test | |
| sudo pytest -k "pre_migration" --device_type serial --servtd_hash $(cargo hash --image $GITHUB_WORKSPACE/target/debug/migtd.bin --policy-v2) --target debug | |
| popd | |
| - name: Set Spdm Config | |
| run: echo "SPDM_CONFIG=../../../config/spdm_config.json" >> "$GITHUB_ENV" | |
| - name: Clean Up | |
| run: cargo clean | |
| - name: Build Migration TD binary (policy v1 + SPDM + Release) | |
| run: cargo image --no-default-features --features stack-guard,virtio-serial,spdm_attestation --policy config/policy_pre_production_fmspc.json --root-ca config/Intel_SGX_Provisioning_Certification_RootCA_preproduction.cer | |
| - name: Run Tests | |
| run: | | |
| pushd sh_script/test | |
| sudo pytest -k "pre_migration" --device_type serial --servtd_hash $(cargo hash --image $GITHUB_WORKSPACE/target/release/migtd.bin) | |
| popd | |
| - name: Run SPDM Attestation Tests | |
| run: | | |
| pushd sh_script/test | |
| sudo pytest -k "function" --device_type serial | |
| popd | |
| - name: Build Migration TD binary (policy v1 + SPDM + Debug) | |
| run: cargo image --debug --no-default-features --features stack-guard,virtio-serial,spdm_attestation --policy config/policy_pre_production_fmspc.json --root-ca config/Intel_SGX_Provisioning_Certification_RootCA_preproduction.cer | |
| - name: Run Tests | |
| run: | | |
| pushd sh_script/test | |
| sudo pytest -k "pre_migration" --device_type serial --servtd_hash $(cargo hash --image $GITHUB_WORKSPACE/target/debug/migtd.bin) --target debug | |
| popd | |
| - name: Set Spdm Config | |
| run: echo "SPDM_CONFIG=../../../config/spdm_config.json" >> "$GITHUB_ENV" | |
| - name: Clean Up | |
| run: cargo clean | |
| - name: Build Migration TD binary (policy v2 + SPDM + Release) | |
| run: cargo image --no-default-features --features stack-guard,virtio-serial,spdm_attestation --policy-v2 --policy config/templates/policy_v2_signed.json --policy-issuer-chain config/templates/policy_issuer_chain.pem | |
| - name: Run Tests | |
| run: | | |
| pushd sh_script/test | |
| sudo pytest -k "pre_migration" --device_type serial --servtd_hash $(cargo hash --image $GITHUB_WORKSPACE/target/release/migtd.bin --policy-v2) | |
| popd | |
| - name: Clean Up | |
| run: cargo clean | |
| - name: Build Migration TD binary (policy v2 + SPDM + Debug) | |
| run: cargo image --no-default-features --features stack-guard,virtio-serial,spdm_attestation --policy-v2 --policy config/templates/policy_v2_signed.json --policy-issuer-chain config/templates/policy_issuer_chain.pem --debug | |
| - name: Run Tests | |
| run: | | |
| pushd sh_script/test | |
| sudo pytest -k "pre_migration" --device_type serial --servtd_hash $(cargo hash --image $GITHUB_WORKSPACE/target/debug/migtd.bin --policy-v2) --target debug | |
| popd |