general/occlum
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[ci] Workaround git 'unsafe repository'

Browse Source
This commit is contained in:
zhubojun 2022-06-17 09:33:01 +08:00 committed by volcano
parent 8c926b7cd2
commit 7b5b335575
6 changed files with 72 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
.github/workflows/code_coverage.yaml vendored
View File

@ -19,19 +19,10 @@ jobs:
- name: Create container - name: Create container
run: docker run -itd --name=code_coverage -e OCCLUM_LOG_LEVEL=trace -v $GITHUB_WORKSPACE:/root/occlum occlum/occlum:${{ env.OCCLUM_VERSION }}-ubuntu20.04 run: docker run -itd --name=code_coverage -e OCCLUM_LOG_LEVEL=trace -v $GITHUB_WORKSPACE:/root/occlum occlum/occlum:${{ env.OCCLUM_VERSION }}-ubuntu20.04
- name: work around permission issue - uses: ./.github/workflows/composite_action/prebuild
run: | with:
docker exec code_coverage bash -c "git config --global --add safe.directory /root/occlum"; container-name: 'code_coverage'
docker exec code_coverage bash -c "git config --global --add safe.directory /root/occlum/deps/grpc-rust";
docker exec code_coverage bash -c "git config --global --add safe.directory /root/occlum/deps/itoa-sgx";
docker exec code_coverage bash -c "git config --global --add safe.directory /root/occlum/deps/resolv-conf";
docker exec code_coverage bash -c "git config --global --add safe.directory /root/occlum/deps/ringbuf";
docker exec code_coverage bash -c "git config --global --add safe.directory /root/occlum/deps/rust-sgx-sdk";
docker exec code_coverage bash -c "git config --global --add safe.directory /root/occlum/deps/sefs";
docker exec code_coverage bash -c "git config --global --add safe.directory /root/occlum/deps/serde-json-sgx";
docker exec code_coverage bash -c "git config --global --add safe.directory /root/occlum/deps/serde-sgx"
shell: bash
- name: Build dependencies - name: Build dependencies
run: docker exec code_coverage bash -c "cargo uninstall sccache || true; cd /root/occlum; make submodule" run: docker exec code_coverage bash -c "cargo uninstall sccache || true; cd /root/occlum; make submodule"

15
.github/workflows/composite_action/hw/action.yml vendored
View File

@ -60,18 +60,9 @@ runs:
docker exec ${{ env.CONTAINER_NAME }} bash -c "git config --global https.proxy socks5://localhost:5432" docker exec ${{ env.CONTAINER_NAME }} bash -c "git config --global https.proxy socks5://localhost:5432"
shell: bash shell: bash
- name: work around permission issue - uses: ./.github/workflows/composite_action/prebuild
run: | with:
docker exec ${{ env.CONTAINER_NAME }} bash -c "git config --global --add safe.directory /root/occlum"; container-name: ${{ env.CONTAINER_NAME }}
docker exec ${{ env.CONTAINER_NAME }} bash -c "git config --global --add safe.directory /root/occlum/deps/grpc-rust";
docker exec ${{ env.CONTAINER_NAME }} bash -c "git config --global --add safe.directory /root/occlum/deps/itoa-sgx";
docker exec ${{ env.CONTAINER_NAME }} bash -c "git config --global --add safe.directory /root/occlum/deps/resolv-conf";
docker exec ${{ env.CONTAINER_NAME }} bash -c "git config --global --add safe.directory /root/occlum/deps/ringbuf";
docker exec ${{ env.CONTAINER_NAME }} bash -c "git config --global --add safe.directory /root/occlum/deps/rust-sgx-sdk";
docker exec ${{ env.CONTAINER_NAME }} bash -c "git config --global --add safe.directory /root/occlum/deps/sefs";
docker exec ${{ env.CONTAINER_NAME }} bash -c "git config --global --add safe.directory /root/occlum/deps/serde-json-sgx";
docker exec ${{ env.CONTAINER_NAME }} bash -c "git config --global --add safe.directory /root/occlum/deps/serde-sgx"
shell: bash
- name: Build dependencies - name: Build dependencies
run: docker exec ${{ env.CONTAINER_NAME }} bash -c "cargo uninstall sccache || true; cd /root/occlum; make submodule" run: docker exec ${{ env.CONTAINER_NAME }} bash -c "cargo uninstall sccache || true; cd /root/occlum; make submodule"

22
.github/workflows/composite_action/prebuild/action.yml vendored Normal file
View File

@ -0,0 +1,22 @@
name: 'Occlum composite action for pre-build'
description: 'Prepare environment before build Occlum'
inputs:
container-name:
description: 'Occlum container name'
required: true
runs:
using: "composite"
steps:
- name: work around permission issue
run: |
docker exec ${{ inputs.container-name }} bash -c "git config --global --add safe.directory /root/occlum";
docker exec ${{ inputs.container-name }} bash -c "git config --global --add safe.directory /root/occlum/deps/grpc-rust";
docker exec ${{ inputs.container-name }} bash -c "git config --global --add safe.directory /root/occlum/deps/itoa-sgx";
docker exec ${{ inputs.container-name }} bash -c "git config --global --add safe.directory /root/occlum/deps/resolv-conf";
docker exec ${{ inputs.container-name }} bash -c "git config --global --add safe.directory /root/occlum/deps/ringbuf";
docker exec ${{ inputs.container-name }} bash -c "git config --global --add safe.directory /root/occlum/deps/rust-sgx-sdk";
docker exec ${{ inputs.container-name }} bash -c "git config --global --add safe.directory /root/occlum/deps/sefs";
docker exec ${{ inputs.container-name }} bash -c "git config --global --add safe.directory /root/occlum/deps/serde-json-sgx";
docker exec ${{ inputs.container-name }} bash -c "git config --global --add safe.directory /root/occlum/deps/serde-sgx"
shell: bash

15
.github/workflows/composite_action/sim/action.yml vendored
View File

@ -28,18 +28,9 @@ runs:
run: docker run -itd --name=${{ inputs.container-name }} -v $GITHUB_WORKSPACE:/root/occlum occlum/occlum:${{ env.OCCLUM_VERSION }}-${{ inputs.os }} run: docker run -itd --name=${{ inputs.container-name }} -v $GITHUB_WORKSPACE:/root/occlum occlum/occlum:${{ env.OCCLUM_VERSION }}-${{ inputs.os }}
shell: bash shell: bash
- name: work around permission issue - uses: ./.github/workflows/composite_action/prebuild
run: | with:
docker exec ${{ inputs.container-name }} bash -c "git config --global --add safe.directory /root/occlum"; container-name: ${{ inputs.container-name }}
docker exec ${{ inputs.container-name }} bash -c "git config --global --add safe.directory /root/occlum/deps/grpc-rust";
docker exec ${{ inputs.container-name }} bash -c "git config --global --add safe.directory /root/occlum/deps/itoa-sgx";
docker exec ${{ inputs.container-name }} bash -c "git config --global --add safe.directory /root/occlum/deps/resolv-conf";
docker exec ${{ inputs.container-name }} bash -c "git config --global --add safe.directory /root/occlum/deps/ringbuf";
docker exec ${{ inputs.container-name }} bash -c "git config --global --add safe.directory /root/occlum/deps/rust-sgx-sdk";
docker exec ${{ inputs.container-name }} bash -c "git config --global --add safe.directory /root/occlum/deps/sefs";
docker exec ${{ inputs.container-name }} bash -c "git config --global --add safe.directory /root/occlum/deps/serde-json-sgx";
docker exec ${{ inputs.container-name }} bash -c "git config --global --add safe.directory /root/occlum/deps/serde-sgx"
shell: bash
- name: Build dependencies - name: Build dependencies
run: docker exec ${{ inputs.container-name }} bash -c "cd /root/occlum; make submodule" run: docker exec ${{ inputs.container-name }} bash -c "cd /root/occlum; make submodule"

20
.github/workflows/demo_test.yml vendored
View File

@ -315,6 +315,10 @@ jobs:
- name: Create container - name: Create container
run: docker run -itd --name=${{ github.job }} -v $GITHUB_WORKSPACE:/root/occlum occlumbackup/occlum:latest-ubuntu20.04-grpc run: docker run -itd --name=${{ github.job }} -v $GITHUB_WORKSPACE:/root/occlum occlumbackup/occlum:latest-ubuntu20.04-grpc
- uses: ./.github/workflows/composite_action/prebuild
with:
container-name: ${{ github.job }}
- name: Build dependencies - name: Build dependencies
run: docker exec ${{ github.job }} bash -c "cd /root/occlum; make submodule" run: docker exec ${{ github.job }} bash -c "cd /root/occlum; make submodule"
@ -343,6 +347,10 @@ jobs:
- name: Create container - name: Create container
run: docker run -itd --name=${{ github.job }} -v $GITHUB_WORKSPACE:/root/occlum occlumbackup/occlum:latest-ubuntu20.04-grpc run: docker run -itd --name=${{ github.job }} -v $GITHUB_WORKSPACE:/root/occlum occlumbackup/occlum:latest-ubuntu20.04-grpc
- uses: ./.github/workflows/composite_action/prebuild
with:
container-name: ${{ github.job }}
- name: Build dependencies - name: Build dependencies
run: docker exec ${{ github.job }} bash -c "cd /root/occlum; make submodule" run: docker exec ${{ github.job }} bash -c "cd /root/occlum; make submodule"
@ -405,6 +413,10 @@ jobs:
- name: Create container - name: Create container
run: docker run -itd --name=${{ github.job }} -v $GITHUB_WORKSPACE:/root/occlum occlumbackup/occlum:latest-ubuntu20.04-openvino run: docker run -itd --name=${{ github.job }} -v $GITHUB_WORKSPACE:/root/occlum occlumbackup/occlum:latest-ubuntu20.04-openvino
- uses: ./.github/workflows/composite_action/prebuild
with:
container-name: ${{ github.job }}
- name: Build dependencies - name: Build dependencies
run: docker exec ${{ github.job }} bash -c "cd /root/occlum; make submodule" run: docker exec ${{ github.job }} bash -c "cd /root/occlum; make submodule"
@ -425,6 +437,10 @@ jobs:
- name: Create container - name: Create container
run: docker run -itd --name=${{ github.job }} -v $GITHUB_WORKSPACE:/root/occlum occlumbackup/occlum:latest-ubuntu20.04-python run: docker run -itd --name=${{ github.job }} -v $GITHUB_WORKSPACE:/root/occlum occlumbackup/occlum:latest-ubuntu20.04-python
- uses: ./.github/workflows/composite_action/prebuild
with:
container-name: ${{ github.job }}
- name: Build dependencies - name: Build dependencies
run: docker exec ${{ github.job }} bash -c "cd /root/occlum; make submodule" run: docker exec ${{ github.job }} bash -c "cd /root/occlum; make submodule"
@ -664,6 +680,10 @@ jobs:
gvisor_test=$(docker run -itd -v $GITHUB_WORKSPACE:/root/occlum occlumbackup/occlum:latest-ubuntu20.04-gvisor_test); gvisor_test=$(docker run -itd -v $GITHUB_WORKSPACE:/root/occlum occlumbackup/occlum:latest-ubuntu20.04-gvisor_test);
echo "gvisor_test=$gvisor_test" >> $GITHUB_ENV echo "gvisor_test=$gvisor_test" >> $GITHUB_ENV
- uses: ./.github/workflows/composite_action/prebuild
with:
container-name: $gvisor_test
- name: Build dependencies - name: Build dependencies
run: docker exec $gvisor_test bash -c "cd /root/occlum; make submodule" run: docker exec $gvisor_test bash -c "cd /root/occlum; make submodule"

20
.github/workflows/hw_mode_test.yml vendored
View File

@ -419,6 +419,10 @@ jobs:
fi; fi;
echo "python_musl_support_test=$python_musl_support_test" >> $GITHUB_ENV echo "python_musl_support_test=$python_musl_support_test" >> $GITHUB_ENV
- uses: ./.github/workflows/composite_action/prebuild
with:
container-name: $python_musl_support_test
- name: Configure dependency source - name: Configure dependency source
run: | run: |
docker exec $python_musl_support_test bash -c "cat <<- EOF >/root/.cargo/config docker exec $python_musl_support_test bash -c "cat <<- EOF >/root/.cargo/config
@ -484,6 +488,10 @@ jobs:
fi; fi;
echo "openvino_test=$openvino_test" >> $GITHUB_ENV echo "openvino_test=$openvino_test" >> $GITHUB_ENV
- uses: ./.github/workflows/composite_action/prebuild
with:
container-name: $openvino_test
- name: Configure dependency source - name: Configure dependency source
run: | run: |
docker exec $openvino_test bash -c "cat <<- EOF >/root/.cargo/config docker exec $openvino_test bash -c "cat <<- EOF >/root/.cargo/config
@ -546,6 +554,10 @@ jobs:
fi; fi;
echo "grpc_test=$grpc_test" >> $GITHUB_ENV echo "grpc_test=$grpc_test" >> $GITHUB_ENV
- uses: ./.github/workflows/composite_action/prebuild
with:
container-name: $grpc_test
- name: Change download source of crates.io - name: Change download source of crates.io
run: | run: |
docker exec $grpc_test bash -c "cat <<- EOF >/root/.cargo/config docker exec $grpc_test bash -c "cat <<- EOF >/root/.cargo/config
@ -630,6 +642,10 @@ jobs:
fi; fi;
echo "gvisor_test=$gvisor_test" >> $GITHUB_ENV echo "gvisor_test=$gvisor_test" >> $GITHUB_ENV
- uses: ./.github/workflows/composite_action/prebuild
with:
container-name: $gvisor_test
- name: Change download source of crates.io - name: Change download source of crates.io
run: | run: |
docker exec $gvisor_test bash -c "cat <<- EOF >/root/.cargo/config docker exec $gvisor_test bash -c "cat <<- EOF >/root/.cargo/config
@ -772,6 +788,10 @@ jobs:
fi; fi;
echo "tf_serving_test=$tf_serving_test" >> $GITHUB_ENV echo "tf_serving_test=$tf_serving_test" >> $GITHUB_ENV
- uses: ./.github/workflows/composite_action/prebuild
with:
container-name: $tf_serving_test
- name: Change download source of crates.io - name: Change download source of crates.io
run: | run: |
docker exec $tf_serving_test bash -c "cat <<- EOF >/root/.cargo/config docker exec $tf_serving_test bash -c "cat <<- EOF >/root/.cargo/config