Skip to content

Include the patched version of aws-nitro-enclaves-cose in the repo and packit enhancements #2625

Include the patched version of aws-nitro-enclaves-cose in the repo and packit enhancements

Include the patched version of aws-nitro-enclaves-cose in the repo and packit enhancements #2625

Workflow file for this run

on:
push:
branches:
- main
pull_request:
name: Continuous integration
jobs:
docs:
name: Test docs building
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/jekyll-build-pages@main
with:
source: ./docs
verbose: true
containers:
name: Build containers
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Build containers
uses: ./.github/actions/build_containers
check-spelling:
name: Check spelling
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Check spelling
uses: codespell-project/actions-codespell@master
with:
builtin: clear,rare,usage,code,en-GB_to_en-US
check_filenames: true
check_hidden: true
ignore_words_file: .github/spellcheck-ignore
skip: "./docs/Gemfile.lock,./docs/_config.yml,./.github,./.git,./external"
fmt:
name: Rustfmt
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: dtolnay/rust-toolchain@stable
with:
toolchain: stable
- run: cargo fmt --all -- --check
gofmt:
name: Gofmt
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- run: if [ "$(gofmt -d -s -l . | tee /dev/stderr | wc -l)" -gt 0 ]; then exit 1; fi
clippy:
name: Clippy
runs-on: ubuntu-latest
container: fedora:latest
steps:
- uses: actions/checkout@v3
- name: Cache
uses: actions/cache@v4
with:
path: |
~/.cargo/bin/
~/.cargo/registry/index/
~/.cargo/registry/cache/
~/.cargo/git/db/
target/
key: ${{ runner.os }}-cargo-clippy-${{ hashFiles('**/Cargo.lock') }}
- name: Install deps
run: |
dnf install -y make gcc openssl openssl-devel findutils golang git tpm2-tss-devel clevis cryptsetup-devel clang-devel
- uses: dtolnay/rust-toolchain@stable
with:
toolchain: stable
components: clippy
- run: cargo clippy -- -D warnings -D clippy::panic -D clippy::todo
build_and_test:
runs-on: ubuntu-latest
container: fedora:latest
steps:
- name: Install deps
run: |
dnf install -y make gcc openssl openssl-devel findutils golang git tpm2-tss-devel swtpm swtpm-tools git clevis clevis-luks cryptsetup cryptsetup-devel clang-devel cracklib-dicts sqlite sqlite-devel libpq libpq-devel
- uses: actions/checkout@v3
with:
persist-credentials: false
- name: Fix git trust
run: git config --global --add safe.directory /__w/fido-device-onboard-rs/fido-device-onboard-rs
- name: Cache
uses: actions/cache@v4
with:
path: |
~/.cargo/bin/
~/.cargo/registry/index/
~/.cargo/registry/cache/
~/.cargo/git/db/
target/
key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
- uses: dtolnay/rust-toolchain@stable
with:
toolchain: stable
- name: Build
run: cargo build --workspace
- name: Run tests
env:
FDO_PRIVILEGED: true
PER_DEVICE_SERVICEINFO: false
SQLITE_MANUFACTURER_DATABASE_URL: ../ci-manufacturer-db.sqlite
SQLITE_OWNER_DATABASE_URL: ../ci-owner-db.sqlite
SQLITE_RENDEZVOUS_DATABASE_URL: ../ci-rendezvous-db.sqlite
run: |
# prep for database tests
cargo install --force diesel_cli --no-default-features --features sqlite
diesel migration run --migration-dir ./migrations/migrations_manufacturing_server_sqlite --database-url ./ci-manufacturer-db.sqlite
diesel migration run --migration-dir ./migrations/migrations_owner_onboarding_server_sqlite --database-url ./ci-owner-db.sqlite
diesel migration run --migration-dir ./migrations/migrations_rendezvous_server_sqlite --database-url ./ci-rendezvous-db.sqlite
# run tests
cargo test --workspace
# delete sqlite databases
rm -f ./ci-manufacturer-db.sqlite ./ci-owner-db.sqlite ./ci-rendezvous-db.sqlite
- name: Check aio
run: |
mkdir aio-dir/
./target/debug/fdo-admin-tool aio --directory aio-dir/ &
AIO_PID=$!
sleep 5
if [ -d /proc/$AIO_PID ]; then rm -rf aio-dir; else exit 1; fi
# This is primarily to ensure that changes to fdo_data.h are committed,
# which is critical for determining whether any stability changes were made
# during the PR review.
- name: Ensure building did not change any code
run: |
git diff --exit-code
postgres_test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Run test
run: test/fdo-postgres.sh
commitlint:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0
- uses: actions/setup-node@v3
with:
node-version: 'latest'
- name: Install commitlint dependencies
run: npm install commitlint
- uses: wagoid/commitlint-github-action@v5
env:
NODE_PATH: ${{ github.workspace }}/node_modules
with:
configFile: .github/commitlint.config.mjs
failOnWarnings: true
manpages:
name: Test man page generation
runs-on: ubuntu-latest
container: fedora:latest
steps:
- uses: actions/checkout@v3
- name: install deps
run: |
dnf install -y make python3-docutils
- name: generate man pages
run: make man
devcontainer_test:
name: Test Devcontainer Creation
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Install devcontainer CLI
run: npm install -g @vscode/dev-container-cli
- name: Build devcontainer
run: devcontainer build --image-name devcontainer-fdo-rs .
- name: Test building in devcontainer
run: docker run --rm -v `pwd`:/code:z --workdir /code --user root devcontainer-fdo-rs cargo build --workspace --verbose
- name: Test testing in devcontainer
run: |
docker run -d -v `pwd`:/code:z --workdir /code --user root -e SQLITE_MANUFACTURER_DATABASE_URL='../ci-manufacturer-db.sqlite' -e SQLITE_OWNER_DATABASE_URL='../ci-owner-db.sqlite' -e SQLITE_RENDEZVOUS_DATABASE_URL='../ci-rendezvous-db.sqlite' --name tests devcontainer-fdo-rs sleep infinity
docker exec --user root tests cargo build --lib --bins --workspace --verbose
docker exec --user root tests diesel migration run --migration-dir ./migrations/migrations_manufacturing_server_sqlite --database-url ./ci-manufacturer-db.sqlite
docker exec --user root tests diesel migration run --migration-dir ./migrations/migrations_owner_onboarding_server_sqlite --database-url ./ci-owner-db.sqlite
docker exec --user root tests diesel migration run --migration-dir ./migrations/migrations_rendezvous_server_sqlite --database-url ./ci-rendezvous-db.sqlite
docker exec --user root tests cargo test -- --ignored
docker stop tests
docker rm tests