Add az_tdx_vtpm verifier #47
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: attestation-service basic build and unit tests | |
on: [push, pull_request, create] | |
jobs: | |
basic_ci: | |
if: github.event_name == 'pull_request' || github.event_name == 'push' | |
name: Check | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
matrix: | |
rust: | |
- stable | |
steps: | |
- name: Code checkout | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 1 | |
- name: Install OPA command line tool | |
run: | | |
curl -L -o opa https://openpolicyagent.org/downloads/v0.42.2/opa_linux_amd64_static | |
chmod 755 ./opa && cp opa /usr/local/bin | |
- name: OPA policy.rego fmt and check | |
run: | | |
opa fmt -d ./attestation-service/src/policy_engine/opa/default_policy.rego | awk '{ print } END { if (NR!=0) { print "run `opa fmt -w <path_to_rego>` to fix this"; exit 1 } }' | |
opa check ./attestation-service/src/policy_engine/opa/default_policy.rego | |
- name: Install protoc | |
run: | | |
sudo apt-get update && sudo apt-get install -y protobuf-compiler libprotobuf-dev | |
- name: Install TPM build dependencies | |
run: | | |
sudo apt-get update | |
sudo apt-get install -y libtss2-dev | |
- name: Install TDX build dependencies | |
run: | | |
sudo curl -L https://download.01.org/intel-sgx/sgx_repo/ubuntu/intel-sgx-deb.key | sudo apt-key add - | |
sudo echo 'deb [arch=amd64] https://download.01.org/intel-sgx/sgx_repo/ubuntu focal main' | sudo tee /etc/apt/sources.list.d/intel-sgx.list | |
sudo apt-get update | |
sudo apt-get install -y libsgx-dcap-quote-verify-dev | |
- name: Install Rust toolchain (${{ matrix.rust }}) | |
uses: actions-rs/toolchain@v1 | |
with: | |
profile: minimal | |
toolchain: ${{ matrix.rust }} | |
override: true | |
components: rustfmt, clippy | |
- name: Build | |
run: | | |
make | |
- name: Run cargo test | |
uses: actions-rs/cargo@v1 | |
with: | |
command: test | |
- name: Run cargo fmt check | |
uses: actions-rs/cargo@v1 | |
with: | |
command: fmt | |
args: --all -- --check | |
- name: Run rust lint check | |
uses: actions-rs/cargo@v1 | |
with: | |
command: clippy | |
# We are getting error in generated code due to derive_partial_eq_without_eq check, so ignore it for now | |
args: -- -D warnings -A clippy::derive_partial_eq_without_eq |