Challenge RA: impl attestation-oneshot-client #96
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Rust Check Suites | |
| on: | |
| push: | |
| branches: | |
| - "main" | |
| paths: | |
| - 'kbs/**' | |
| - 'attestation-service/**' | |
| - 'rvps/**' | |
| - 'deps/**' | |
| - '.github/workflows/rust-check.yml' | |
| - 'Cargo.toml' | |
| pull_request: | |
| paths: | |
| - 'kbs/**' | |
| - 'attestation-service/**' | |
| - 'rvps/**' | |
| - 'deps/**' | |
| - '.github/workflows/rust-check.yml' | |
| - 'Cargo.toml' | |
| create: | |
| env: | |
| CARGO_TERM_COLOR: always | |
| RUSTC_VERSION: 1.76.0 | |
| jobs: | |
| kbs-check: | |
| if: | | |
| github.event_name == 'pull_request' || | |
| github.event_name == 'push' || | |
| github.event_name == 'create' | |
| name: KBS Check | |
| strategy: | |
| fail-fast: false | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - name: Code checkout | |
| uses: actions/checkout@v5 | |
| - name: Install Rust toolchain (${{ env.RUSTC_VERSION }}) | |
| run: | | |
| rustup update --no-self-update ${{ env.RUSTC_VERSION }} | |
| rustup component add --toolchain ${{ env.RUSTC_VERSION }} rustfmt rustc clippy | |
| rustup target add x86_64-unknown-linux-gnu | |
| rustup default ${{ env.RUSTC_VERSION }} | |
| - name: Building dependencies installation | |
| run: | | |
| sudo apt-get update && sudo apt-get install -y protobuf-compiler libprotobuf-dev libtss2-dev libudev-dev | |
| - name: Install TPM dependencies | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y libtss2-dev | |
| - name: Install TDX dependencies | |
| run: | | |
| sudo curl -L https://download.01.org/intel-sgx/sgx_repo/ubuntu/intel-sgx-deb.key | sudo apt-key add - | |
| sudo echo 'deb [arch=amd64] https://download.01.org/intel-sgx/sgx_repo/ubuntu jammy main' | sudo tee /etc/apt/sources.list.d/intel-sgx.list | |
| sudo apt-get update | |
| sudo apt-get install -y libtdx-attest-dev libsgx-dcap-quote-verify-dev | |
| - name: KBS Build [Default] | |
| working-directory: kbs | |
| run: make TPM_PCA_PLUGIN=true | |
| - name: KBS Build [gRPC CoCo AS] | |
| working-directory: kbs | |
| run: make AS_FEATURE=coco-as-grpc ALIYUN=true | |
| - name: KBS Lint | |
| working-directory: kbs | |
| run: make lint | |
| - name: KBS Format | |
| working-directory: kbs | |
| run: make format | |
| - name: KBS Test | |
| working-directory: kbs | |
| run: make check | |
| as-check: | |
| if: | | |
| github.event_name == 'pull_request' || | |
| github.event_name == 'push' || | |
| github.event_name == 'create' | |
| name: CoCo-AS Check | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - name: Code checkout | |
| uses: actions/checkout@v5 | |
| with: | |
| fetch-depth: 1 | |
| - name: Install OPA command line tool | |
| uses: open-policy-agent/setup-opa@34a30e8a924d1b03ce2cf7abe97250bbb1f332b5 # v2.2.0 # v2 | |
| with: | |
| version: latest | |
| - name: OPA policy.rego check | |
| run: | | |
| opa check attestation-service/src/token/*.rego | |
| - name: Install protoc | |
| run: | | |
| sudo apt-get update && sudo apt-get install -y protobuf-compiler libprotobuf-dev | |
| - name: Install TPM build dependencies | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y libtss2-dev | |
| - name: Install TDX build dependencies | |
| run: | | |
| sudo curl -L https://download.01.org/intel-sgx/sgx_repo/ubuntu/intel-sgx-deb.key | sudo apt-key add - | |
| sudo echo 'deb [arch=amd64] https://download.01.org/intel-sgx/sgx_repo/ubuntu jammy main' | sudo tee /etc/apt/sources.list.d/intel-sgx.list | |
| sudo apt-get update | |
| sudo apt-get install -y libsgx-dcap-quote-verify-dev libsgx-dcap-default-qpl | |
| - name: Install Rust toolchain (${{ env.RUSTC_VERSION }}) | |
| run: | | |
| rustup update --no-self-update ${{ env.RUSTC_VERSION }} | |
| rustup component add --toolchain ${{ env.RUSTC_VERSION }} rustfmt rustc clippy | |
| rustup default ${{ env.RUSTC_VERSION }} | |
| - name: AS Build | |
| working-directory: attestation-service | |
| run: | | |
| make | |
| - name: Run cargo test | |
| run: | | |
| sudo -E PATH="$PATH" -s cargo test -p attestation-service -p verifier | |
| - name: Run cargo fmt check | |
| run: | | |
| sudo -E PATH="$PATH" -s cargo fmt -p attestation-service -p verifier --check | |
| - name: Run rust lint check | |
| run: | | |
| sudo -E PATH="$PATH" -s cargo clippy -p attestation-service -p verifier -- -D warnings -A clippy::derive_partial_eq_without_eq | |
| rvps-check: | |
| if: | | |
| github.event_name == 'pull_request' || | |
| github.event_name == 'push' || | |
| github.event_name == 'create' | |
| name: RVPS Check | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Code checkout | |
| uses: actions/checkout@v5 | |
| with: | |
| fetch-depth: 1 | |
| - name: Install Rust toolchain (${{ env.RUSTC_VERSION }}) | |
| run: | | |
| rustup update --no-self-update ${{ env.RUSTC_VERSION }} | |
| rustup component add --toolchain ${{ env.RUSTC_VERSION }} rustfmt rustc clippy | |
| rustup default ${{ env.RUSTC_VERSION }} | |
| - name: Install protoc | |
| run: | | |
| sudo apt-get update && sudo apt-get install -y protobuf-compiler libprotobuf-dev | |
| - name: RVPS Build | |
| working-directory: rvps | |
| run: | | |
| make build | |
| - name: RVPS Test | |
| working-directory: rvps | |
| run: | | |
| cargo test --all-features | |
| - name: RVPS Lint Check | |
| working-directory: rvps | |
| run: | | |
| cargo clippy --all-features -- -D warnings |