general/occlum
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Enhance rune CI test

Browse Source 
1. Always run pods
2. Always clean the docker
3. Support parallel jobs
This commit is contained in:
Shirong Hao 2020-12-14 10:45:34 +08:00 committed by Zongmin.Gu
parent 1f1502c7d5
commit 7cb164c1e2
1 changed files with 40 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

72
.github/workflows/rune_test.yml vendored
View File

@ -24,12 +24,13 @@ jobs:
echo "RUNE_VERSION=$(wget -q https://raw.githubusercontent.com/alibaba/inclavare-containers/master/VERSION && cat VERSION)" >> $GITHUB_ENV && rm -f VERSION echo "RUNE_VERSION=$(wget -q https://raw.githubusercontent.com/alibaba/inclavare-containers/master/VERSION && cat VERSION)" >> $GITHUB_ENV && rm -f VERSION
- name: Create container - name: Create container
run: docker rm -f rune_docker_test_ubuntu || true; run: |
docker run -itd --privileged --rm --name=rune_docker_test_ubuntu --net host --device /dev/isgx -v $GITHUB_WORKSPACE:/root/occlum occlum/occlum:$OCCLUM_VERSION-ubuntu18.04 rune_ubuntu_test=$(docker run -itd --privileged --rm --net host --device /dev/isgx -v $GITHUB_WORKSPACE:/root/occlum occlum/occlum:$OCCLUM_VERSION-ubuntu18.04)
echo "rune_ubuntu_test=$rune_ubuntu_test" >> $GITHUB_ENV
- name: Change download source of crates.io - name: Change download source of crates.io
run: | run: |
docker exec rune_docker_test_ubuntu bash -c "cat <<- EOF >/root/.cargo/config docker exec $rune_ubuntu_test bash -c "cat <<- EOF >/root/.cargo/config
[source.crates-io] [source.crates-io]
registry = \"https://github.com/rust-lang/crates.io-index\" registry = \"https://github.com/rust-lang/crates.io-index\"
replace-with = 'ustc' replace-with = 'ustc'
@ -38,24 +39,24 @@ jobs:
EOF" EOF"
- name: Build Occlum dependencies - name: Build Occlum dependencies
run: docker exec rune_docker_test_ubuntu bash -c "cd /root/occlum; make submodule" run: docker exec $rune_ubuntu_test bash -c "cd /root/occlum; make submodule"
- name: Install Occlum - name: Install Occlum
run: docker exec rune_docker_test_ubuntu bash -c "cd /root/occlum; OCCLUM_RELEASE_BUILD=1 make && make install" run: docker exec $rune_ubuntu_test bash -c "cd /root/occlum; OCCLUM_RELEASE_BUILD=1 make && make install"
- name: Install rune - name: Install rune
run: docker exec rune_docker_test_ubuntu bash -c "wget $REPO/deb-repo/pool/main/r/rune/rune_$RUNE_VERSION-1_amd64.deb; run: docker exec $rune_ubuntu_test bash -c "wget $REPO/deb-repo/pool/main/r/rune/rune_$RUNE_VERSION-1_amd64.deb;
dpkg -i rune_$RUNE_VERSION-1_amd64.deb" dpkg -i rune_$RUNE_VERSION-1_amd64.deb"
- name: Install and configure docker - name: Install and configure docker
run: | run: |
docker exec rune_docker_test_ubuntu bash -c "apt-get update; docker exec $rune_ubuntu_test bash -c "apt-get update;
apt-get install -y apt-transport-https ca-certificates curl software-properties-common; apt-get install -y apt-transport-https ca-certificates curl software-properties-common;
curl -fsSL https://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg | apt-key add -; curl -fsSL https://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg | apt-key add -;
add-apt-repository 'deb [arch=amd64] https://mirrors.aliyun.com/docker-ce/linux/ubuntu bionic stable'; add-apt-repository 'deb [arch=amd64] https://mirrors.aliyun.com/docker-ce/linux/ubuntu bionic stable';
apt-get install -y docker-ce" apt-get install -y docker-ce"
docker exec rune_docker_test_ubuntu bash -c "mkdir /etc/docker; docker exec $rune_ubuntu_test bash -c "mkdir /etc/docker;
cat <<- EOF >/etc/docker/daemon.json cat <<- EOF >/etc/docker/daemon.json
{ {
\"runtimes\":{ \"runtimes\":{
@ -68,11 +69,11 @@ jobs:
} }
EOF" EOF"
docker exec rune_docker_test_ubuntu bash -c "service docker start" docker exec $rune_ubuntu_test bash -c "service docker start"
- name: Build Occlum application image - name: Build Occlum application image
run: | run: |
docker exec rune_docker_test_ubuntu bash -c "cat <<- EOF >/root/hello_world.c docker exec $rune_ubuntu_test bash -c "cat <<- EOF >/root/hello_world.c
"#include\<stdio.h\>" "#include\<stdio.h\>"
int main () int main ()
{ {
@ -81,12 +82,12 @@ jobs:
} }
EOF" EOF"
docker exec rune_docker_test_ubuntu bash -c "occlum-gcc -o hello_world hello_world.c; docker exec $rune_ubuntu_test bash -c "occlum-gcc -o hello_world hello_world.c;
occlum new occlum_instance && cd occlum_instance; occlum new occlum_instance && cd occlum_instance;
cp ../hello_world image/bin/ && occlum build; cp ../hello_world image/bin/ && occlum build;
occlum package occlum_instance.tar.gz" occlum package occlum_instance.tar.gz"
docker exec rune_docker_test_ubuntu bash -c "cat <<- EOF >/root/occlum_instance/Dockerfile docker exec $rune_ubuntu_test bash -c "cat <<- EOF >/root/occlum_instance/Dockerfile
FROM centos:8.1.1911 FROM centos:8.1.1911
RUN mkdir -p /run/rune RUN mkdir -p /run/rune
WORKDIR /run/rune WORKDIR /run/rune
@ -94,14 +95,15 @@ jobs:
ENTRYPOINT [\"/bin/hello_world\"] ENTRYPOINT [\"/bin/hello_world\"]
EOF" EOF"
docker exec rune_docker_test_ubuntu bash -c "cd /root/occlum_instance; docker exec $rune_ubuntu_test bash -c "cd /root/occlum_instance;
docker build . -t occlum-app" docker build . -t occlum-app"
- name: Run Occlum image - name: Run Occlum image
run: docker exec rune_docker_test_ubuntu bash -c "docker run -i --rm --runtime=rune -e ENCLAVE_TYPE=intelSgx -e ENCLAVE_RUNTIME_PATH=/opt/occlum/build/lib/libocclum-pal.so -e ENCLAVE_RUNTIME_ARGS=occlum_instance occlum-app" run: docker exec $rune_ubuntu_test bash -c "docker run -i --rm --runtime=rune -e ENCLAVE_TYPE=intelSgx -e ENCLAVE_RUNTIME_PATH=/opt/occlum/build/lib/libocclum-pal.so -e ENCLAVE_RUNTIME_ARGS=occlum_instance occlum-app"
- name: Kill the container - name: Clean the environment
run: docker stop rune_docker_test_ubuntu if: ${{ always() }}
run: docker stop $rune_ubuntu_test
Rune_with_docker_and_crictl_centos_test: Rune_with_docker_and_crictl_centos_test:
runs-on: [self-hosted, SGX1-HW] runs-on: [self-hosted, SGX1-HW]
@ -115,12 +117,13 @@ jobs:
submodules: true submodules: true
- name: Create container - name: Create container
run: docker rm -f rune-crictl-centos || true; run: |
docker run -itd --privileged --rm --name=rune-crictl-centos --net host --device /dev/isgx -v $GITHUB_WORKSPACE:/root/occlum crictl-occlum:centos8.1 rune_crictl_centos=$(docker run -itd --privileged --rm --net host --device /dev/isgx -v $GITHUB_WORKSPACE:/root/occlum crictl-occlum:centos8.1)
echo "rune_crictl_centos=$rune_crictl_centos" >> $GITHUB_ENV
- name: Change download source of crates.io - name: Change download source of crates.io
run: | run: |
docker exec rune-crictl-centos bash -c "cat <<- EOF >/root/.cargo/config docker exec $rune_crictl_centos bash -c "cat <<- EOF >/root/.cargo/config
[source.crates-io] [source.crates-io]
registry = \"https://github.com/rust-lang/crates.io-index\" registry = \"https://github.com/rust-lang/crates.io-index\"
replace-with = 'ustc' replace-with = 'ustc'
@ -129,22 +132,22 @@ jobs:
EOF" EOF"
- name: Build Occlum dependencies - name: Build Occlum dependencies
run: docker exec rune-crictl-centos bash -c "cd /root/occlum; make submodule" run: docker exec $rune_crictl_centos bash -c "cd /root/occlum; make submodule"
- name: Install Occlum - name: Install Occlum
run: docker exec rune-crictl-centos bash -c "cd /root/occlum; run: docker exec $rune_crictl_centos bash -c "cd /root/occlum;
OCCLUM_RELEASE_BUILD=1 make && make install" OCCLUM_RELEASE_BUILD=1 make && make install"
- name: Get version - name: Get version
run: echo "RUNE_VERSION=$(wget -q https://raw.githubusercontent.com/alibaba/inclavare-containers/master/VERSION && cat VERSION)" >> $GITHUB_ENV && rm -f VERSION run: echo "RUNE_VERSION=$(wget -q https://raw.githubusercontent.com/alibaba/inclavare-containers/master/VERSION && cat VERSION)" >> $GITHUB_ENV && rm -f VERSION
- name: Install rune and shim-rune package - name: Install rune and shim-rune package
run: docker exec rune-crictl-centos bash -c "rpm -ivh $REPO/rpm-repo/rune-$RUNE_VERSION-1.el8.x86_64.rpm $REPO/rpm-repo/shim-rune-$RUNE_VERSION-1.el8.x86_64.rpm" run: docker exec $rune_crictl_centos bash -c "rpm -ivh $REPO/rpm-repo/rune-$RUNE_VERSION-1.el8.x86_64.rpm $REPO/rpm-repo/shim-rune-$RUNE_VERSION-1.el8.x86_64.rpm"
- name: Build Occlum application image - name: Build Occlum application image
run: docker exec rune-crictl-centos bash -c "dockerd -b docker0 --storage-driver=vfs &" run: docker exec $rune_crictl_centos bash -c "dockerd -b docker0 --storage-driver=vfs &"
docker exec rune-crictl-centos bash -c "occlum-gcc -o hello_world hello_world.c; docker exec $rune_crictl_centos bash -c "occlum-gcc -o hello_world hello_world.c;
occlum new occlum_instance && cd occlum_instance; occlum new occlum_instance && cd occlum_instance;
cp ../hello_world image/bin/ && occlum build; cp ../hello_world image/bin/ && occlum build;
occlum package occlum_instance.tar.gz; occlum package occlum_instance.tar.gz;
@ -152,25 +155,30 @@ jobs:
docker build . -t occlum-app" docker build . -t occlum-app"
- name: Run Occlum application image - name: Run Occlum application image
run: docker exec rune-crictl-centos bash -c "docker run -i --rm --runtime=rune -e ENCLAVE_TYPE=intelSgx -e ENCLAVE_RUNTIME_PATH=/opt/occlum/build/lib/libocclum-pal.so -e ENCLAVE_RUNTIME_ARGS=occlum_instance occlum-app" run: docker exec $rune_crictl_centos bash -c "docker run -i --rm --runtime=rune -e ENCLAVE_TYPE=intelSgx -e ENCLAVE_RUNTIME_PATH=/opt/occlum/build/lib/libocclum-pal.so -e ENCLAVE_RUNTIME_ARGS=occlum_instance occlum-app"
- name: Run occlum-hello pod - name: Run occlum-hello pod
run: docker exec rune-crictl-centos bash -c "containerd" & if: ${{ always() }}
run: docker exec $rune_crictl_centos bash -c "containerd" &
docker exec rune-crictl-centos bash -c "cd /root/samples && ./clean.sh; docker exec $rune_crictl_centos bash -c "cd /root/samples && ./clean.sh;
crictl run --timeout 3s hello.yaml pod.yaml && ./show.sh" crictl run --timeout 3s hello.yaml pod.yaml && ./show.sh"
- name: Run dragonwell-web pod - name: Run dragonwell-web pod
run: docker exec rune-crictl-centos bash -c "cd /root/samples && ./clean.sh; if: ${{ always() }}
run: docker exec $rune_crictl_centos bash -c "cd /root/samples && ./clean.sh;
crictl run --timeout 3s dragonwell.yaml pod.yaml && ./show.sh" crictl run --timeout 3s dragonwell.yaml pod.yaml && ./show.sh"
- name: Run openjdk-web pod - name: Run openjdk-web pod
run: docker exec rune-crictl-centos bash -c "cd /root/samples && ./clean.sh; if: ${{ always() }}
run: docker exec $rune_crictl_centos bash -c "cd /root/samples && ./clean.sh;
crictl run --timeout 3s jdk.yaml pod.yaml && ./show.sh" crictl run --timeout 3s jdk.yaml pod.yaml && ./show.sh"
- name: Run golang-web pod - name: Run golang-web pod
run: docker exec rune-crictl-centos bash -c "cd /root/samples && ./clean.sh; if: ${{ always() }}
run: docker exec $rune_crictl_centos bash -c "cd /root/samples && ./clean.sh;
crictl run --timeout 3s golang.yaml pod.yaml && ./show.sh" crictl run --timeout 3s golang.yaml pod.yaml && ./show.sh"
- name: Kill the container - name: Clean the environment
run: docker stop rune-crictl-centos if: ${{ always() }}
run: docker stop $rune_crictl_centos