You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@teaclave.apache.org by di...@apache.org on 2020/11/15 07:58:46 UTC
[incubator-teaclave-sgx-sdk] branch master updated: ci: enable
github action for SDK test
This is an automated email from the ASF dual-hosted git repository.
dingyu pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-teaclave-sgx-sdk.git
The following commit(s) were added to refs/heads/master by this push:
new 0ed37d4 ci: enable github action for SDK test
new f1b7fc3 Merge pull request #288 from dingelish/master
0ed37d4 is described below
commit 0ed37d489f1107fbfbbc43d69c1148fbcd91ba0a
Author: Yu Ding <yu...@bytedance.com>
AuthorDate: Sat Nov 14 15:27:51 2020 -0800
ci: enable github action for SDK test
done:
- simulation tests
- sgx-world build and audit, xargo/cargo, release/debug
todo:
- add customized SGX runner to support hardware mode
- add ue-ra, mutual-ra on customized SGX runner
---
.github/workflows/Xargo.toml | 95 +++++++++++++++++
.github/workflows/mioclient.expect | 14 +++
.github/workflows/mioserver.expect | 14 +++
.github/workflows/patch.txt | 31 ++++++
.github/workflows/sgx-world.yml | 82 ++++++++++++++
.github/workflows/sim-example.yml | 211 +++++++++++++++++++++++++++++++++++++
.github/workflows/tlsclient.expect | 17 +++
.github/workflows/tlsserver.expect | 12 +++
8 files changed, 476 insertions(+)
diff --git a/.github/workflows/Xargo.toml b/.github/workflows/Xargo.toml
new file mode 100644
index 0000000..a8e60e4
--- /dev/null
+++ b/.github/workflows/Xargo.toml
@@ -0,0 +1,95 @@
+[dependencies]
+alloc = {}
+
+[dependencies.sgx_types]
+path = "../../sgx_types"
+stage = 1
+
+[dependencies.sgx_alloc]
+path = "../../sgx_alloc"
+stage = 1
+
+[dependencies.sgx_unwind]
+path = "../../sgx_unwind"
+stage = 1
+
+[dependencies.sgx_demangle]
+path = "../../sgx_demangle"
+stage = 1
+
+[dependencies.panic_abort]
+path = "../../sgx_panic_abort"
+stage = 1
+
+[dependencies.sgx_libc]
+path = "../../sgx_libc"
+stage = 2
+
+[dependencies.sgx_tkey_exchange]
+path = "../../sgx_tkey_exchange"
+stage = 2
+
+[dependencies.sgx_tse]
+path = "../../sgx_tse"
+stage = 2
+
+[dependencies.sgx_tcrypto]
+path = "../../sgx_tcrypto"
+stage = 2
+
+[dependencies.sgx_trts]
+path = "../../sgx_trts"
+stage = 3
+
+[dependencies.sgx_backtrace_sys]
+path = "../../sgx_backtrace_sys"
+stage = 3
+
+[dependencies.panic_unwind]
+path = "../../sgx_panic_unwind"
+stage = 3
+
+[dependencies.sgx_tdh]
+path = "../../sgx_tdh"
+stage = 4
+
+[dependencies.sgx_tseal]
+path = "../../sgx_tseal"
+stage = 4
+
+[dependencies.sgx_tprotected_fs]
+path = "../../sgx_tprotected_fs"
+stage = 4
+
+[dependencies.std]
+path = "../../xargo/sgx_tstd"
+stage = 5
+features = ["backtrace", "net", "thread", "untrusted_time"]
+
+[dependencies.sgx_no_tstd]
+path = "../../sgx_no_tstd"
+stage = 5
+
+[dependencies.sgx_rand]
+path = "../../sgx_rand"
+stage = 6
+
+[dependencies.sgx_serialize]
+path = "../../sgx_serialize"
+stage = 6
+
+[dependencies.sgx_tunittest]
+path = "../../sgx_tunittest"
+stage = 6
+
+[dependencies.sgx_backtrace]
+path = "../../sgx_backtrace"
+stage = 7
+
+[dependencies.sgx_cov]
+path = "../../sgx_cov"
+stage = 7
+
+[dependencies.sgx_signal]
+path = "../../sgx_signal"
+stage = 7
diff --git a/.github/workflows/mioclient.expect b/.github/workflows/mioclient.expect
new file mode 100755
index 0000000..ab74889
--- /dev/null
+++ b/.github/workflows/mioclient.expect
@@ -0,0 +1,14 @@
+#!/usr/bin/expect
+
+set timeout 60;
+
+spawn ./app
+
+expect {
+ "Hello world from server" {
+ exit 0;
+ }
+ timeout { exit 1; }
+}
+
+exit 0;
diff --git a/.github/workflows/mioserver.expect b/.github/workflows/mioserver.expect
new file mode 100755
index 0000000..e0abcc4
--- /dev/null
+++ b/.github/workflows/mioserver.expect
@@ -0,0 +1,14 @@
+#!/usr/bin/expect
+
+set timeout 60;
+
+spawn ./app
+
+expect {
+ "Returned to client successfully!" {
+ exit 0;
+ }
+ timeout { exit 1; }
+}
+
+exit 2;
diff --git a/.github/workflows/patch.txt b/.github/workflows/patch.txt
new file mode 100644
index 0000000..71b3847
--- /dev/null
+++ b/.github/workflows/patch.txt
@@ -0,0 +1,31 @@
+
+[patch.'https://github.com/apache/teaclave-sgx-sdk.git']
+sgx_align_struct_attribute = { path = "../../sgx_align_struct_attribute" }
+sgx_alloc = { path = "../../sgx_alloc" }
+sgx_backtrace = { path = "../../sgx_backtrace" }
+sgx_backtrace_sys = { path = "../../sgx_backtrace_sys" }
+sgx_build_helper = { path = "../../sgx_build_helper" }
+sgx_cov = { path = "../../sgx_cov" }
+sgx_crypto_helper = { path = "../../sgx_crypto_helper" }
+sgx_demangle = { path = "../../sgx_demangle" }
+sgx_libc = { path = "../../sgx_libc" }
+sgx_no_tstd = { path = "../../sgx_no_tstd" }
+sgx_rand = { path = "../../sgx_rand" }
+sgx_rand_derive = { path = "../../sgx_rand_derive" }
+sgx_serialize = { path = "../../sgx_serialize" }
+sgx_serialize_derive = { path = "../../sgx_serialize_derive" }
+sgx_serialize_derive_internals = { path = "../../sgx_serialize_derive_internals" }
+sgx_tcrypto = { path = "../../sgx_tcrypto" }
+sgx_tcrypto_helper = { path = "../../sgx_tcrypto_helper" }
+sgx_tdh = { path = "../../sgx_tdh" }
+sgx_tkey_exchange = { path = "../../sgx_tkey_exchange" }
+sgx_tprotected_fs = { path = "../../sgx_tprotected_fs" }
+sgx_trts = { path = "../../sgx_trts" }
+sgx_tse = { path = "../../sgx_tse" }
+sgx_tseal = { path = "../../sgx_tseal" }
+sgx_tstd = { path = "../../sgx_tstd" }
+sgx_tunittest = { path = "../../sgx_tunittest" }
+sgx_types = { path = "../../sgx_types" }
+sgx_ucrypto = { path = "../../sgx_ucrypto" }
+sgx_unwind = { path = "../../sgx_unwind" }
+sgx_urts = { path = "../../sgx_urts" }
diff --git a/.github/workflows/sgx-world.yml b/.github/workflows/sgx-world.yml
new file mode 100644
index 0000000..fea3dce
--- /dev/null
+++ b/.github/workflows/sgx-world.yml
@@ -0,0 +1,82 @@
+name: sgx-world build and audit
+
+on:
+ push:
+ branches: [ '**' ]
+ pull_request:
+ branches: [ '**' ]
+
+jobs:
+ build-world:
+ strategy:
+ matrix:
+ runs-on:
+ - ubuntu-18.04
+ image:
+ - "baiduxlab/sgx-rust:1604-1.1.3"
+ - "baiduxlab/sgx-rust:1804-1.1.3"
+ - "baiduxlab/sgx-rust:2004-1.1.3"
+ - "baiduxlab/sgx-rust:fedora31-1.1.3"
+ - "baiduxlab/sgx-rust:centos8-1.1.3"
+ build-command:
+ - "cp ../../.github/workflows/Xargo.toml . && RUST_TARGET_PATH=$(pwd) xargo build --target x86_64-unknown-linux-sgx"
+ - "cp ../../.github/workflows/Xargo.toml . && RUST_TARGET_PATH=$(pwd) xargo build --target x86_64-unknown-linux-sgx --release"
+ - "cat ../../.github/workflows/patch.txt >> ./Cargo.toml && cargo build"
+ - "cat ../../.github/workflows/patch.txt >> ./Cargo.toml && cargo build --release"
+ runs-on: ${{ matrix.runs-on }}
+ container:
+ image: ${{ matrix.image }}
+ steps:
+ - uses: actions/checkout@v1
+ with:
+ submodules: 'true'
+ - name: Set up Github Actions' $HOME
+ run: |
+ cp /root/.bashrc $HOME/.bashrc &&
+ ln -sf /root/.rustup ~/.rustup &&
+ ln -sf /root/.cargo ~/.cargo
+ - name: Rust toolchains
+ run: |
+ . ~/.cargo/env &&
+ rustc --version &&
+ rustup --version &&
+ cargo --version
+ shell: bash
+ - name: Run build
+ run: |
+ . ~/.cargo/env &&
+ . /opt/sgxsdk/environment &&
+ git clone https://github.com/dingelish/sgx-world &&
+ cd sgx-world/dumb-all &&
+ ${{ matrix.build-command }} &&
+ cd ../.. &&
+ rm -rf sgx-world
+ shell: bash
+ cargo-audit:
+ runs-on: ubuntu-18.04
+ container:
+ image: "baiduxlab/sgx-rust:1804-1.1.3"
+ steps:
+ - uses: actions/checkout@v1
+ with:
+ submodules: 'true'
+ - name: Set up Github Actions' $HOME
+ run: |
+ cp /root/.bashrc $HOME/.bashrc &&
+ ln -sf /root/.rustup ~/.rustup &&
+ ln -sf /root/.cargo ~/.cargo
+ - name: Rust toolchains
+ run: |
+ . ~/.cargo/env &&
+ rustc --version &&
+ rustup --version &&
+ cargo --version
+ shell: bash
+ - name: Run audit
+ run: |
+ . ~/.cargo/env &&
+ . /opt/sgxsdk/environment &&
+ cargo install cargo-audit &&
+ git clone https://github.com/dingelish/sgx-world &&
+ cd sgx-world/dumb-all &&
+ cargo audit --ignore RUSTSEC-2016-0005 --ignore RUSTSEC-2020-0023
diff --git a/.github/workflows/sim-example.yml b/.github/workflows/sim-example.yml
new file mode 100644
index 0000000..1b44f08
--- /dev/null
+++ b/.github/workflows/sim-example.yml
@@ -0,0 +1,211 @@
+name: run example (sim only) # TODO: add custom runner
+
+on:
+ push:
+ branches: [ '**' ]
+ pull_request:
+ branches: [ '**' ]
+
+jobs:
+ single-test:
+ strategy:
+ matrix:
+ runs-on:
+ - ubuntu-18.04
+ image:
+ - "baiduxlab/sgx-rust:1604-1.1.3"
+ - "baiduxlab/sgx-rust:1804-1.1.3"
+ - "baiduxlab/sgx-rust:2004-1.1.3"
+ - "baiduxlab/sgx-rust:fedora31-1.1.3"
+ - "baiduxlab/sgx-rust:centos8-1.1.3"
+ single-sample:
+ - "backtrace"
+ - "crypto"
+ - "file"
+ - "hello-regex"
+ - "hello-rust"
+ - "hello-rust-vscode-debug"
+ - "helloworld"
+ - "http_req"
+ - "kvdb-memdb"
+ - "localattestation"
+ - "logger"
+ - "machine-learning"
+ - "prost-protobuf"
+ - "protobuf"
+ - "sealeddata"
+ - "secretsharing"
+ - "serialize"
+ - "sgx-cov"
+ - "switchless"
+ - "tcmalloc"
+ - "thread"
+ - "wasmi"
+ - "zlib-lazy-static-sample"
+ #- "unit-test" TODO: fix or conditionalize UD catcher
+ runs-on: ${{ matrix.runs-on }}
+ container:
+ image: ${{ matrix.image }}
+ steps:
+ - uses: actions/checkout@v1
+ with:
+ submodules: 'true'
+ - name: Set up Github Actions' $HOME
+ run: |
+ cp /root/.bashrc $HOME/.bashrc &&
+ ln -sf /root/.rustup ~/.rustup &&
+ ln -sf /root/.cargo ~/.cargo
+ - name: Rust toolchains
+ run: |
+ . ~/.cargo/env &&
+ rustc --version &&
+ rustup --version &&
+ cargo --version
+ shell: bash
+ - name: Run tests
+ run: |
+ . ~/.cargo/env &&
+ . /opt/sgxsdk/environment &&
+ export SGX_SDK_RUST=`git worktree list | head | cut -d ' ' -f 1` &&
+ cd samplecode/${{ matrix.single-sample }} &&
+ if [ "${{ matrix.single-sample }}" == "protobuf" ]; then cargo install protobuf-codegen --vers=2.8.1; fi
+ SGX_MODE=SW make &&
+ cd bin &&
+ ./app
+ shell: bash
+ tls-test:
+ strategy:
+ matrix:
+ runs-on:
+ - ubuntu-18.04
+ image:
+ - "baiduxlab/sgx-rust:1604-1.1.3"
+ - "baiduxlab/sgx-rust:1804-1.1.3"
+ - "baiduxlab/sgx-rust:2004-1.1.3"
+ - "baiduxlab/sgx-rust:fedora31-1.1.3"
+ - "baiduxlab/sgx-rust:centos8-1.1.3"
+ runs-on: ${{ matrix.runs-on }}
+ container:
+ image: ${{ matrix.image }}
+ steps:
+ - uses: actions/checkout@v1
+ with:
+ submodules: 'true'
+ - name: Set up Github Actions' $HOME
+ run: |
+ cp /root/.bashrc $HOME/.bashrc &&
+ ln -sf /root/.rustup ~/.rustup &&
+ ln -sf /root/.cargo ~/.cargo &&
+ yum install -y which expect || true
+ - name: Rust toolchains
+ run: |
+ . ~/.cargo/env &&
+ rustc --version &&
+ rustup --version &&
+ cargo --version
+ shell: bash
+ - name: Run tls sample
+ run: |
+ . ~/.cargo/env &&
+ . /opt/sgxsdk/environment &&
+ export SGX_MODE=SW
+ SAVEIFS=$IFS
+ CIDIR=$(pwd)/.github/workflows
+ IFS=$(echo -en "\n\b")
+ compiles=('make' 'XARGO_SGX=1 make')
+ cd samplecode/tls
+ for client in ${compiles[@]}
+ do
+ for server in ${compiles[@]}
+ do
+ cd tlsclient && eval ${client} && \
+ cd ../tlsserver && eval ${server} && \
+ cd bin
+ echo "Starting server"
+ $CIDIR/tlsserver.expect &
+ pid=$!
+ sleep 1
+ cd ../../tlsclient/bin
+ echo "Starting client"
+ $CIDIR/tlsclient.expect
+ cliret=$?
+ wait $pid
+ svrret=$?
+ if [ ! $cliret -eq 0 ] | [ ! $svrret -eq 0 ]; then
+ echo "TLS test fail"
+ exit 1
+ fi
+ echo "Testing passed"
+ cd ../..
+ done
+ done
+ IFS=$SAVEIFS
+ shell: bash
+ mio-test:
+ strategy:
+ matrix:
+ runs-on:
+ - ubuntu-18.04
+ image:
+ - "baiduxlab/sgx-rust:1604-1.1.3"
+ - "baiduxlab/sgx-rust:1804-1.1.3"
+ - "baiduxlab/sgx-rust:2004-1.1.3"
+ - "baiduxlab/sgx-rust:fedora31-1.1.3"
+ - "baiduxlab/sgx-rust:centos8-1.1.3"
+ runs-on: ${{ matrix.runs-on }}
+ container:
+ image: ${{ matrix.image }}
+ steps:
+ - uses: actions/checkout@v1
+ with:
+ submodules: 'true'
+ - name: Set up Github Actions' $HOME
+ run: |
+ cp /root/.bashrc $HOME/.bashrc &&
+ ln -sf /root/.rustup ~/.rustup &&
+ ln -sf /root/.cargo ~/.cargo &&
+ yum install -y which expect || true
+ - name: Rust toolchains
+ run: |
+ . ~/.cargo/env &&
+ rustc --version &&
+ rustup --version &&
+ cargo --version
+ shell: bash
+ - name: Run tls sample
+ run: |
+ . ~/.cargo/env &&
+ . /opt/sgxsdk/environment &&
+ export SGX_MODE=SW
+ SAVEIFS=$IFS
+ CIDIR=$(pwd)/.github/workflows
+ IFS=$(echo -en "\n\b")
+ compiles=('make' 'XARGO_SGX=1 make')
+ cd samplecode/mio
+ for client in ${compiles[@]}
+ do
+ for server in ${compiles[@]}
+ do
+ cd client && eval ${client} && \
+ cd ../server && eval ${server} && \
+ cd bin
+ echo "Starting server"
+ $CIDIR/mioserver.expect &
+ pid=$!
+ sleep 1
+ cd ../../client/bin
+ echo "Starting client"
+ $CIDIR/mioclient.expect
+ cliret=$?
+ wait $pid
+ svrret=$?
+ if [ ! $cliret -eq 0 ] | [ ! $svrret -eq 0 ]; then
+ echo "mio test fail"
+ exit 1
+ fi
+ echo "Testing passed"
+ cd ../..
+ done
+ done
+ IFS=$SAVEIFS
+ shell: bash
diff --git a/.github/workflows/tlsclient.expect b/.github/workflows/tlsclient.expect
new file mode 100755
index 0000000..2924388
--- /dev/null
+++ b/.github/workflows/tlsclient.expect
@@ -0,0 +1,17 @@
+#!/usr/bin/expect
+
+set timeout 10;
+
+spawn ./app 2>&1
+
+expect {
+ "Accept-Encoding: identity" {
+ expect {
+ "\\\[+\\\] Test tlsclient in enclave, done!" { exit 0; }
+ timeout { exit 1; }
+ }
+ }
+ timeout { exit 1; }
+}
+
+exit 0;
diff --git a/.github/workflows/tlsserver.expect b/.github/workflows/tlsserver.expect
new file mode 100755
index 0000000..696a183
--- /dev/null
+++ b/.github/workflows/tlsserver.expect
@@ -0,0 +1,12 @@
+#!/usr/bin/expect
+
+set timeout 10;
+
+spawn ./app 2>&1
+
+expect {
+ "plaintext read 81 \\\[71, 69, 84, 32, 47, 32, 72, 84, 84, 80, 47, 49, 46, 49, 13, 10, 72, 111, 115, 116, 58, 32, 108, 111, 99, 97, 108, 104, 111, 115, 116, 13, 10, 67, 111, 110, 110, 101, 99, 116, 105, 111, 110, 58, 32, 99, 108, 111, 115, 101, 13, 10, 65, 99, 99, 101, 112, 116, 45, 69, 110, 99, 111, 100, 105, 110, 103, 58, 32, 105, 100, 101, 110, 116, 105, 116, 121, 13, 10, 13, 10\\\]" { exit 0; }
+ timeout { exit 1; }
+}
+
+exit 2;
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@teaclave.apache.org
For additional commands, e-mail: commits-help@teaclave.apache.org