Introduce keylime TEE attestation service support #1957
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CoCo-AS e2e | |
| on: | |
| pull_request: | |
| branches: [ "main" ] | |
| permissions: | |
| contents: read | |
| # Self-hosted runners do not set -o pipefail otherwise | |
| defaults: | |
| run: | |
| shell: bash | |
| jobs: | |
| e2e-test: | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| include: | |
| # TODO: Add real HW-TEE test | |
| # See https://github.com/confidential-containers/trustee/issues/223 | |
| # - runner: self-hosted | |
| # generate_evidence: true | |
| # grpc_tee_enum: 3 | |
| # restful_tee_enum: tdx | |
| - runner: ubuntu-24.04 | |
| generate_evidence: false | |
| grpc_tee_enum: 2 | |
| restful_tee_enum: snp | |
| name: TEE=${{ matrix.restful_tee_enum }} Generate Evidence Dynamically=${{ matrix.generate_evidence }} | |
| runs-on: ${{ matrix.runner }} | |
| env: | |
| GRPC_TEE_ENUM: ${{ matrix.grpc_tee_enum }} | |
| RESTFUL_TEE_ENUM: ${{ matrix.restful_tee_enum }} | |
| steps: | |
| - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 | |
| with: | |
| persist-credentials: false | |
| - name: Install Rust toolchain | |
| uses: actions-rust-lang/setup-rust-toolchain@1780873c7b576612439a134613cc4cc74ce5538c # v1.15.2 | |
| with: | |
| components: rustfmt, clippy | |
| - uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0 | |
| with: | |
| go-version: stable | |
| - name: Set up rust build cache | |
| uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 | |
| continue-on-error: false | |
| with: | |
| path: | | |
| ~/.cargo/registry/index/ | |
| ~/.cargo/registry/cache/ | |
| target/ | |
| key: rust-${{ hashFiles('./Cargo.lock') }} | |
| - name: Install dependencies | |
| if: ${{ matrix.runner == 'ubuntu-24.04' }} | |
| working-directory: attestation-service/tests/e2e | |
| run: | | |
| make install-dependencies | |
| go install github.com/fullstorydev/grpcurl/cmd/grpcurl@latest | |
| - name: Run e2e test (gRPC) | |
| working-directory: attestation-service/tests/e2e | |
| run: make e2e-grpc-test | |
| - name: Run e2e test (RESTful) | |
| working-directory: attestation-service/tests/e2e | |
| run: make e2e-restful-test |