name: Demo Test # Controls when the action will run. Triggers the workflow on push or pull request on: [push, pull_request] env: nap_time: 60 # Cancel previous running jobs on push or pull request concurrency: group: ${{ github.workflow }}-${{ github.ref || github.event.pull_request.number }} cancel-in-progress: true jobs: C_cpp_rust_golang_embedded_mode_support_test: runs-on: ubuntu-20.04 steps: - name: Remove unnecessary files run: | sudo rm -rf /usr/share/dotnet sudo rm -rf /opt/ghc sudo rm -rf "/usr/local/share/boost" sudo rm -rf "$AGENT_TOOLSDIRECTORY" - uses: actions/checkout@v1 with: submodules: true - uses: ./.github/workflows/composite_action/sim with: container-name: ${{ github.job }} build-envs: 'OCCLUM_RELEASE_BUILD=1' - name: C test run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/hello_c && make; occlum new occlum_instance; cd occlum_instance && rm -rf image; copy_bom -f ../hello.yaml --root image --include-dir /opt/occlum/etc/template; SGX_MODE=SIM occlum build; occlum run /bin/hello_world" - name: C with encrypted image test run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/hello_c && make; rm -rf occlum_instance && occlum new occlum_instance; occlum gen-image-key occlum_instance/image_key; cd occlum_instance && rm -rf image; copy_bom -f ../hello.yaml --root image --include-dir /opt/occlum/etc/template; SGX_MODE=SIM occlum build --image-key ./image_key --buildin-image-key; occlum run /bin/hello_world" - name: Clean C test run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos && rm -rf ./hello_c" - name: C++ test run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/hello_cc && make; occlum new occlum_instance; cd occlum_instance && rm -rf image; copy_bom -f ../hello.yaml --root image --include-dir /opt/occlum/etc/template; SGX_MODE=SIM occlum build; occlum run /bin/hello_world" - name: Clean C++ test run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos && rm -rf ./hello_cc" - name: Rust test run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/rust && SGX_MODE=SIM ./run_rust_demo_on_occlum.sh" - name: Clean Rust test run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos && rm -rf ./rust" - name: Embedded mode test run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/embedded_mode && SGX_MODE=SIM make; SGX_MODE=SIM make test" - name: Clean Embedded mode test run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos && rm -rf ./embedded_mode" - name: Run Golang v1.16.3 sqlite test run: docker exec ${{ github.job }} bash -c "cd /root/occlum/tools/toolchains/golang && ./build.sh go1.16.3_for_occlum && cd /root/occlum/demos/golang/go_sqlite/ && SGX_MODE=SIM ./run_go_sqlite_demo.sh" - name: Run Golang v1.18.4 sqlite test run: docker exec ${{ github.job }} bash -c "cd /root/occlum/tools/toolchains/golang && ./build.sh go1.18.4_for_occlum && cd /root/occlum/demos/golang/go_sqlite/ && SGX_MODE=SIM ./run_go_sqlite_demo.sh" - name: Go Server set up and run run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/golang/web_server && occlum-go mod init web_server && occlum-go get -u -v github.com/gin-gonic/gin; occlum-go build -o web_server ./web_server.go; SGX_MODE=SIM ./run_golang_on_occlum.sh" & - name: Set up Golang grpc pingpong test run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/golang/grpc_pingpong && ./prepare_ping_pong.sh" - name: Start Golang grpc pingpong server run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/golang/grpc_pingpong && SGX_MODE=SIM ./run_pong_on_occlum.sh" & - name: Run Golang grpc ping test run: | sleep ${{ env.nap_time }}; docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/golang/grpc_pingpong && SGX_MODE=SIM ./run_ping_on_occlum.sh" - name: Run Golang exec test run: | sleep ${{ env.nap_time }}; docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/golang/go_exec && SGX_MODE=SIM ./run_sub_exec_on_occlum.sh" # This is for the go web_server test - name: Curl test run: | sleep ${{ env.nap_time }}; docker exec ${{ github.job }} bash -c "curl http://127.0.0.1:8090/ping" - name: Clean Golang test run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos && rm -rf ./golang/grpc_pingpong && rm -rf ./golang/web_server" Java_support_test: runs-on: ubuntu-20.04 steps: - name: Remove unnecessary files run: | sudo rm -rf /usr/share/dotnet sudo rm -rf /opt/ghc sudo rm -rf "/usr/local/share/boost" sudo rm -rf "$AGENT_TOOLSDIRECTORY" - uses: actions/checkout@v1 with: submodules: true - uses: ./.github/workflows/composite_action/sim with: container-name: ${{ github.job }} build-envs: 'OCCLUM_RELEASE_BUILD=1' - name: Compile Java run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/java && occlum-javac ./hello_world/Main.java" - name: Run hello world run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/java && SGX_MODE=SIM ./run_java_on_occlum.sh hello" - name: Compile processBuilder demo run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/java && occlum-javac ./processBuilder/processBuilder.java" - name: Run processBuilder run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/java && SGX_MODE=SIM ./run_java_on_occlum.sh processBuilder" - name: Clean Java test run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos && rm -rf ./java" Fish_test: runs-on: ubuntu-20.04 steps: - name: Remove unnecessary files run: | sudo rm -rf /usr/share/dotnet sudo rm -rf /opt/ghc sudo rm -rf "/usr/local/share/boost" sudo rm -rf "$AGENT_TOOLSDIRECTORY" - uses: actions/checkout@v1 with: submodules: true - uses: ./.github/workflows/composite_action/sim with: container-name: ${{ github.job }} build-envs: 'OCCLUM_RELEASE_BUILD=1' - name: Build Fish dependencies run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/fish && ./download_and_build.sh" - name: Run Fish test run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/fish && SGX_MODE=SIM ./run_fish_test.sh" - name: Run Fish process rlimit test run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/fish && SGX_MODE=SIM ./run_per_process_config_test.sh" - name: Clean Fish test run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos && rm -rf ./fish" Bazel_test: runs-on: ubuntu-20.04 steps: - name: Remove unnecessary files run: | sudo rm -rf /usr/share/dotnet sudo rm -rf /opt/ghc sudo rm -rf "/usr/local/share/boost" sudo rm -rf "$AGENT_TOOLSDIRECTORY" - uses: actions/checkout@v1 with: submodules: true - uses: ./.github/workflows/composite_action/sim with: container-name: ${{ github.job }} build-envs: 'OCCLUM_RELEASE_BUILD=1' - name: Install bazel run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/hello_bazel && wget https://github.com/bazelbuild/bazel/releases/download/3.2.0/bazel-3.2.0-installer-linux-x86_64.sh; chmod +x bazel-3.2.0-installer-linux-x86_64.sh; ./bazel-3.2.0-installer-linux-x86_64.sh" - name: Build bazel dependencies run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/hello_bazel && ./build_bazel_sample.sh" - name: Test bazel run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/hello_bazel && occlum new occlum_instance; cd occlum_instance && rm -rf image && copy_bom -f ../bazel.yaml --root image --include-dir /opt/occlum/etc/template; SGX_MODE=SIM occlum build; occlum run /bin/hello-world" - name: Clean Bazel test run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos && rm -rf ./hello_bazel" Https_server_test: runs-on: ubuntu-20.04 steps: - name: Remove unnecessary files run: | sudo rm -rf /usr/share/dotnet sudo rm -rf /opt/ghc sudo rm -rf "/usr/local/share/boost" sudo rm -rf "$AGENT_TOOLSDIRECTORY" - uses: actions/checkout@v1 with: submodules: true - uses: ./.github/workflows/composite_action/sim with: container-name: ${{ github.job }} build-envs: 'OCCLUM_RELEASE_BUILD=1' - name: Build https server dependencies run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/https_server && ./download_and_build_mongoose.sh" - name: Run https server run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/https_server && SGX_MODE=SIM ./run_https_server_in_occlum.sh" & - name: Curl test run: | sleep ${{ env.nap_time }}; docker exec ${{ github.job }} bash -c "curl -k https://127.0.0.1:8443" - name: Clean Https test run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos && rm -rf ./https_server" Local_attestation_test: runs-on: ubuntu-20.04 steps: - name: Remove unnecessary files run: | sudo rm -rf /usr/share/dotnet sudo rm -rf /opt/ghc sudo rm -rf "/usr/local/share/boost" sudo rm -rf "$AGENT_TOOLSDIRECTORY" - uses: actions/checkout@v1 with: submodules: true - uses: ./.github/workflows/composite_action/sim with: container-name: ${{ github.job }} build-envs: 'OCCLUM_RELEASE_BUILD=1' - name: Build LA dependencies run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/local_attestation && ./download_src_and_build_deps.sh" - name: Run LA test run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/local_attestation && SGX_MODE=SIM make; SGX_MODE=SIM make test" - name: Clean local attestation test run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos && rm -rf ./local_attestation" Sqlite_test: runs-on: ubuntu-20.04 steps: - name: Remove unnecessary files run: | sudo rm -rf /usr/share/dotnet sudo rm -rf /opt/ghc sudo rm -rf "/usr/local/share/boost" sudo rm -rf "$AGENT_TOOLSDIRECTORY" - uses: actions/checkout@v1 with: submodules: true - uses: ./.github/workflows/composite_action/sim with: container-name: ${{ github.job }} build-envs: 'OCCLUM_RELEASE_BUILD=1' - name: Build sqlite dependencies run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/sqlite && ./download_and_build_sqlite.sh" - name: Run sqlite test run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/sqlite && SGX_MODE=SIM ./run_sqlite_on_occlum.sh" - name: Clean Sqlite test run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos && rm -rf ./sqlite" Xgboost_test: runs-on: ubuntu-20.04 steps: - name: Remove unnecessary files run: | sudo rm -rf /usr/share/dotnet sudo rm -rf /opt/ghc sudo rm -rf "/usr/local/share/boost" sudo rm -rf "$AGENT_TOOLSDIRECTORY" - uses: actions/checkout@v1 with: submodules: true - uses: ./.github/workflows/composite_action/sim with: container-name: ${{ github.job }} build-envs: 'OCCLUM_RELEASE_BUILD=1' - name: Preinstall dependencies and build xgboost run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/xgboost && ./preinstall_deps.sh && ./download_and_build_xgboost.sh" - name: Run xgboost test run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/xgboost && SGX_MODE=SIM make test" - name: Run xgboost cluster test run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/xgboost && SGX_MODE=SIM make test-local-cluster" - name: Clean Xgboost test run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos && rm -rf ./xgboost" Tensorflow_lite_test: runs-on: ubuntu-20.04 steps: - name: Remove unnecessary files run: | sudo rm -rf /usr/share/dotnet sudo rm -rf /opt/ghc sudo rm -rf "/usr/local/share/boost" sudo rm -rf "$AGENT_TOOLSDIRECTORY" - uses: actions/checkout@v1 with: submodules: true - uses: ./.github/workflows/composite_action/sim with: container-name: ${{ github.job }} build-envs: 'OCCLUM_RELEASE_BUILD=1' - name: Build Tensorflow-lite dependencies run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/tensorflow_lite && ./download_and_build_tflite.sh" - name: Run Tensorflow-lite demo run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/tensorflow_lite && SGX_MODE=SIM ./run_tflite_in_occlum.sh demo" - name: Run Tensorflow-lite benchmark run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/tensorflow_lite && SGX_MODE=SIM ./run_tflite_in_occlum.sh benchmark" - name: Clean Tensorflow lite test run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos && rm -rf ./tensorflow_lite" Pytorch_test: runs-on: ubuntu-20.04 steps: - name: Remove unnecessary files run: | sudo rm -rf /usr/share/dotnet sudo rm -rf /opt/ghc sudo rm -rf "/usr/local/share/boost" sudo rm -rf "$AGENT_TOOLSDIRECTORY" - uses: actions/checkout@v1 with: submodules: true - uses: ./.github/workflows/composite_action/sim with: container-name: ${{ github.job }} build-envs: 'OCCLUM_RELEASE_BUILD=1' - name: Build python and pytorch run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/pytorch/standalone; ./install_python_with_conda.sh" - name: Run pytorch test run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/pytorch/standalone; SGX_MODE=SIM ./run_pytorch_on_occlum.sh" - name: Clean Pytorch test run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos && rm -rf ./pytorch/standalone" Distributed_Pytorch_test: runs-on: ubuntu-20.04 steps: - name: Remove unnecessary files run: | sudo rm -rf /usr/share/dotnet sudo rm -rf /opt/ghc sudo rm -rf "/usr/local/share/boost" sudo rm -rf "$AGENT_TOOLSDIRECTORY" - uses: actions/checkout@v1 with: submodules: true - uses: ./.github/workflows/composite_action/sim with: container-name: ${{ github.job }} build-envs: 'OCCLUM_RELEASE_BUILD=1' - name: Build python and pytorch run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/pytorch/distributed; ./install_python_with_conda.sh" - name: Build pytorch Occlum instance run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/pytorch/distributed; SGX_MODE=SIM ./build_pytorch_occlum_instance.sh" - name: Start pytorch Occlum instance node one run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/pytorch/distributed/occlum_instance; WORLD_SIZE=2 RANK=0 occlum run /bin/python3 mnist.py --epoch 3 --no-cuda --seed 42 --save-model > pytorch_1.log 2>&1 &" - name: Start pytorch Occlum instance node two run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/pytorch/distributed/occlum_instance_2; WORLD_SIZE=2 RANK=1 occlum run /bin/python3 mnist.py --epoch 3 --no-cuda --seed 42 --save-model" - name: Check error log if: ${{ always() }} run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/pytorch/distributed/occlum_instance; cat pytorch_1.log" - name: Clean distributed Pytorch test run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos && rm -rf ./pytorch/distributed" Tensorflow_test: runs-on: ubuntu-20.04 steps: - name: Remove unnecessary files run: | sudo rm -rf /usr/share/dotnet sudo rm -rf /opt/ghc sudo rm -rf "/usr/local/share/boost" sudo rm -rf "$AGENT_TOOLSDIRECTORY" - uses: actions/checkout@v1 with: submodules: true - uses: ./.github/workflows/composite_action/sim with: container-name: ${{ github.job }} build-envs: 'OCCLUM_RELEASE_BUILD=1' - name: Build python and tensorflow run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/tensorflow/tensorflow_training; ./install_python_with_conda.sh" - name: Run tensorflow test run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/tensorflow/tensorflow_training; SGX_MODE=SIM ./run_tensorflow_on_occlum.sh 2>&1 | tee /root/occlum/log" - name: Clean Tensorflow test run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos && rm -rf ./tensorflow/tensorflow_training" # Below tests needs test image to run faster Grpc_musl_test: runs-on: ubuntu-20.04 steps: - name: Remove unnecessary files run: | sudo rm -rf /usr/share/dotnet sudo rm -rf /opt/ghc sudo rm -rf "/usr/local/share/boost" sudo rm -rf "$AGENT_TOOLSDIRECTORY" - uses: actions/checkout@v1 with: submodules: true - name: Create container run: docker run -itd --name=${{ github.job }} -v $GITHUB_WORKSPACE:/root/occlum occlumbackup/occlum:latest-ubuntu20.04-grpc - uses: ./.github/workflows/composite_action/prebuild with: container-name: ${{ github.job }} - name: Build dependencies run: docker exec ${{ github.job }} bash -c "cd /root/occlum; make submodule" - name: Make install run: docker exec ${{ github.job }} bash -c "source /opt/intel/sgxsdk/environment; cd /root/occlum; OCCLUM_RELEASE_BUILD=y make install" - name: Prepare grpc sample project run: docker exec ${{ github.job }} bash -c "cd /root/demos/grpc/grpc_musl && ./prepare_client_server.sh" - name: Run grpc server run: docker exec ${{ github.job }} bash -c "cd /root/demos/grpc/grpc_musl && SGX_MODE=SIM ./run_server_on_occlum.sh" & - name: Run grpc client run: | sleep ${{ env.nap_time }}; docker exec ${{ github.job }} bash -c "cd /root/demos/grpc/grpc_musl && SGX_MODE=SIM ./run_client_on_occlum.sh" - name: Clean Grpc test run: docker exec ${{ github.job }} bash -c "cd /root/demos && rm -rf ./grpc/grpc_musl" Grpc_glibc_test: runs-on: ubuntu-20.04 steps: - name: Remove unnecessary files run: | sudo rm -rf /usr/share/dotnet sudo rm -rf /opt/ghc sudo rm -rf "/usr/local/share/boost" sudo rm -rf "$AGENT_TOOLSDIRECTORY" - uses: actions/checkout@v1 with: submodules: true - name: Create container run: docker run -itd --name=${{ github.job }} -v $GITHUB_WORKSPACE:/root/occlum occlumbackup/occlum:latest-ubuntu20.04-grpc - uses: ./.github/workflows/composite_action/prebuild with: container-name: ${{ github.job }} - name: Build dependencies run: docker exec ${{ github.job }} bash -c "cd /root/occlum; make submodule" - name: Make install run: docker exec ${{ github.job }} bash -c "source /opt/intel/sgxsdk/environment; cd /root/occlum; OCCLUM_RELEASE_BUILD=y make install" - name: Prepare grpc sample project run: docker exec ${{ github.job }} bash -c "cd /root/demos/grpc/grpc_glibc && ./prepare_client_server_glibc.sh" - name: Run grpc server run: docker exec ${{ github.job }} bash -c "cd /root/demos/grpc/grpc_glibc && SGX_MODE=SIM ./run_server_on_occlum_glibc.sh" & - name: Run grpc client run: | sleep ${{ env.nap_time }}; docker exec ${{ github.job }} bash -c "cd /root/demos/grpc/grpc_glibc && SGX_MODE=SIM ./run_client_on_occlum_glibc.sh" - name: Run grpc stress client run: docker exec ${{ github.job }} bash -c "cd /root/demos/grpc/grpc_glibc && ./run_stress_test.sh" - name: Clean Grpc test run: docker exec ${{ github.job }} bash -c "cd /root/demos && rm -rf ./grpc/grpc_glibc" Grpc_tls_test: runs-on: ubuntu-20.04 steps: - name: Remove unnecessary files run: | sudo rm -rf /usr/share/dotnet sudo rm -rf /opt/ghc sudo rm -rf "/usr/local/share/boost" sudo rm -rf "$AGENT_TOOLSDIRECTORY" - uses: actions/checkout@v1 with: submodules: true - uses: ./.github/workflows/composite_action/sim with: container-name: ${{ github.job }} build-envs: 'OCCLUM_RELEASE_BUILD=1' - name: Build openssl and grpc run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/grpc/grpc_tls; ./download_and_install_openssl.sh && ./download_and_install_grpc.sh" - name: Prepare grpc tls occlum instance run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/grpc/grpc_tls; SGX_MODE=SIM ./prepare_occlum_instance.sh" - name: Run grpc tls server run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/grpc/grpc_tls/occlum_server; occlum run /bin/greeter_secure_server" & - name: Run grpc tls client run: | sleep ${{ env.nap_time }}; docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/grpc/grpc_tls/occlum_client; occlum run /bin/greeter_secure_client" - name: Clean Grpc tls test run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos && rm -rf ./grpc/grpc_tls" Openvino_test: runs-on: ubuntu-20.04 steps: - name: Remove unnecessary files run: | sudo rm -rf /usr/share/dotnet sudo rm -rf /opt/ghc sudo rm -rf "/usr/local/share/boost" sudo rm -rf "$AGENT_TOOLSDIRECTORY" - uses: actions/checkout@v1 with: submodules: true - name: Create container run: docker run -itd --name=${{ github.job }} -v $GITHUB_WORKSPACE:/root/occlum occlumbackup/occlum:latest-ubuntu20.04-openvino - uses: ./.github/workflows/composite_action/prebuild with: container-name: ${{ github.job }} - name: Build dependencies run: docker exec ${{ github.job }} bash -c "cd /root/occlum; make submodule" - name: Make install run: docker exec ${{ github.job }} bash -c "source /opt/intel/sgxsdk/environment; cd /root/occlum; OCCLUM_RELEASE_BUILD=y make install" - name: Run Openvino benchmark run: docker exec ${{ github.job }} bash -c "cd /root/demos/openvino && cp -rf /root/occlum/demos/openvino/* . && SGX_MODE=SIM ./run_benchmark_on_occlum.sh" - name: Clean Openvino test run: docker exec ${{ github.job }} bash -c "cd /root/demos && rm -rf ./grpc/openvino" # Python test also needs its own image because in Alpine environment, modules are built locally and consumes a lot of time. Python_musl_support_test: runs-on: ubuntu-20.04 steps: - name: Remove unnecessary files run: | sudo rm -rf /usr/share/dotnet sudo rm -rf /opt/ghc sudo rm -rf "/usr/local/share/boost" sudo rm -rf "$AGENT_TOOLSDIRECTORY" - uses: actions/checkout@v1 with: submodules: true - name: Create container run: docker run -itd --name=${{ github.job }} -v $GITHUB_WORKSPACE:/root/occlum occlumbackup/occlum:latest-ubuntu20.04-python - uses: ./.github/workflows/composite_action/prebuild with: container-name: ${{ github.job }} - name: Build dependencies run: docker exec ${{ github.job }} bash -c "cd /root/occlum; make submodule" - name: Make install run: docker exec ${{ github.job }} bash -c "source /opt/intel/sgxsdk/environment; cd /root/occlum; OCCLUM_RELEASE_BUILD=1 make install" - name: Run python support test run: docker exec ${{ github.job }} bash -c "cd /root/demos/python/python_musl; SGX_MODE=SIM ./run_python_on_occlum.sh" - name: Check result run: docker exec ${{ github.job }} bash -c "cd /root/demos/python/python_musl/occlum_instance; cat smvlight.dat" - name: Clean Python musl test run: docker exec ${{ github.job }} bash -c "cd /root/demos && rm -rf ./python/python_musl" # Python glibc support test Python_glibc_support_test: runs-on: ubuntu-20.04 steps: - name: Remove unnecessary files run: | sudo rm -rf /usr/share/dotnet sudo rm -rf /opt/ghc sudo rm -rf "/usr/local/share/boost" sudo rm -rf "$AGENT_TOOLSDIRECTORY" - uses: actions/checkout@v1 with: submodules: true - uses: ./.github/workflows/composite_action/sim with: container-name: ${{ github.job }} build-envs: 'OCCLUM_RELEASE_BUILD=1' - name: download conda and build python run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/python/python_glibc; ./install_python_with_conda.sh" - name: Run python glibc support test run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/python/python_glibc; SGX_MODE=SIM ./run_python_on_occlum.sh" - name: Check result run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/python/python_glibc/occlum_instance; cat smvlight.dat" - name: Run python3.10 multiprocessing demo run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/python/python_glibc/python3.10-multiprocessing; ./install_python3.10.sh; SGX_MODE=SIM ./run_python3.10_on_occlum.sh" - name: Clean Python glibc test run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos && rm -rf ./python/python_glibc" # Redis test Redis_support_test: runs-on: ubuntu-20.04 steps: - name: Remove unnecessary files run: | sudo rm -rf /usr/share/dotnet sudo rm -rf /opt/ghc sudo rm -rf "/usr/local/share/boost" sudo rm -rf "$AGENT_TOOLSDIRECTORY" - uses: actions/checkout@v1 with: submodules: true - uses: ./.github/workflows/composite_action/sim with: container-name: ${{ github.job }} build-envs: 'OCCLUM_RELEASE_BUILD=1' - name: download and build redis run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/redis; ./download_and_build_redis.sh" - name: Run redis benchmark run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/redis; SGX_MODE=SIM ./benchmark.sh" - name: Restart the container run: | sleep ${{ env.nap_time }}; docker restart ${{ github.job }} - name: download and build redis with glibc run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/redis; ./download_and_build_redis_glibc.sh" - name: Run redis benchmark run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/redis; SGX_MODE=SIM ./benchmark_glibc.sh" - name: Clean Redis glibc test run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos && rm -rf ./redis" Flink_test: runs-on: ubuntu-20.04 steps: - name: Remove unnecessary files run: | sudo rm -rf /usr/share/dotnet sudo rm -rf /opt/ghc sudo rm -rf "/usr/local/share/boost" sudo rm -rf "$AGENT_TOOLSDIRECTORY" - uses: actions/checkout@v1 with: submodules: true - uses: ./.github/workflows/composite_action/sim with: container-name: ${{ github.job }} build-envs: 'OCCLUM_RELEASE_BUILD=1' - name: Preinstall dependencies and download flink run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/flink && ./preinstall_deps.sh && ./download_flink.sh" - name: Run jobmanager on host run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/flink && SGX_MODE=SIM ./run_flink_jobmanager_on_host.sh" - name: Run flink taskmanager run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/flink && SGX_MODE=SIM ./run_flink_on_occlum_glibc.sh tm > flink.log 2>&1 &" - name: Run flink task run: | sleep ${{ env.nap_time }}; docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/flink && SGX_MODE=SIM ./run_flink_on_occlum_glibc.sh task" - name: Check flink task manager's log if: ${{ always() }} run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/flink; cat occlum_instance_taskmanager/flink--taskmanager-0.log" - name: Check error log if: ${{ always() }} run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/flink; cat flink.log" - name: Clean Flink test run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos && rm -rf ./flink" Cluster_serving_test: runs-on: ubuntu-20.04 steps: - name: Remove unnecessary files run: | sudo rm -rf /usr/share/dotnet sudo rm -rf /opt/ghc sudo rm -rf "/usr/local/share/boost" sudo rm -rf "$AGENT_TOOLSDIRECTORY" - uses: actions/checkout@v1 with: submodules: true - uses: ./.github/workflows/composite_action/sim with: container-name: ${{ github.job }} build-envs: 'OCCLUM_RELEASE_BUILD=1' - name: Set up environment run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/cluster_serving; source ./environment.sh; ./install-dependencies.sh" - name: Run cluster serving test run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/cluster_serving; source ./environment.sh; SGX_MODE=SIM ./start-all.sh; ./push-image.sh" - name: Clean Cluster serving test run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos && rm -rf ./cluster_serving" Enclave_RA_TLS_test: runs-on: ubuntu-20.04 steps: - name: Remove unnecessary files run: | sudo rm -rf /usr/share/dotnet sudo rm -rf /opt/ghc sudo rm -rf "/usr/local/share/boost" sudo rm -rf "$AGENT_TOOLSDIRECTORY" - uses: actions/checkout@v1 with: submodules: true - uses: ./.github/workflows/composite_action/sim with: container-name: ${{ github.job }} build-envs: 'OCCLUM_RELEASE_BUILD=1' - name: Download and build Enclave TLS run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/enclave_tls && ./download_and_build_enclave_tls.sh" - name: Run the encalve tls server on Occlum run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/enclave_tls && SGX_MODE=SIM ./run_enclave_tls_server_in_occlum.sh" # Ignore the result here as simulation mode doesn't have RA capabilities - name: Run the encalve tls client run: | sleep ${{ env.nap_time }}; docker exec ${{ github.job }} bash -c "/usr/share/enclave-tls/samples/enclave-tls-client" || true - name: Clean RA Tls test run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos && rm -rf ./enclave_tls" Vault_test: runs-on: ubuntu-20.04 steps: - name: Remove unnecessary files run: | sudo rm -rf /usr/share/dotnet sudo rm -rf /opt/ghc sudo rm -rf "/usr/local/share/boost" sudo rm -rf "$AGENT_TOOLSDIRECTORY" - uses: actions/checkout@v1 with: submodules: true - uses: ./.github/workflows/composite_action/sim with: container-name: ${{ github.job }} build-envs: 'OCCLUM_RELEASE_BUILD=1' - name: Download and build HashiCorp Vault run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/golang/vault && ./prepare_vault.sh" - name: Run the Vault server on Occlum run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/golang/vault && SGX_MODE=SIM ./run_occlum_vault_server.sh > vault.log 2>&1 &" - name: Run the Vault client run: | sleep ${{ env.nap_time }}; docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/golang/vault && ./run_occlum_vault_test.sh" - name: Check error log if: ${{ always() }} run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/golang/vault; cat vault.log" - name: Clean Vault test run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos && rm -rf ./golang/vault" Sofaboot_test: runs-on: ubuntu-20.04 steps: - name: Remove unnecessary files run: | sudo rm -rf /usr/share/dotnet sudo rm -rf /opt/ghc sudo rm -rf "/usr/local/share/boost" sudo rm -rf "$AGENT_TOOLSDIRECTORY" - uses: actions/checkout@v1 with: submodules: true - uses: ./.github/workflows/composite_action/sim with: container-name: ${{ github.job }} build-envs: 'OCCLUM_RELEASE_BUILD=1' - name: Install Maven run: docker exec ${{ github.job }} bash -c "apt update && apt install -y maven" - name: Download and compile sofaboot web demos run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/sofaboot && ./download_compile_sofaboot.sh" - name: Run SOFABoot web demo run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/sofaboot && SGX_MODE=SIM ./run_sofaboot_on_occlum.sh > sofa.log 2>&1 &" - name: Check SOFABoot result run: | sleep ${{ env.nap_time }}; docker exec ${{ github.job }} bash -c "curl -s http://localhost:8080/actuator/readiness | grep -v DOWN" - name: Check error log if: ${{ always() }} run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/sofaboot; cat sofa.log" - name: Clean Sofaboot test run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos && rm -rf ./sofaboot" Netty_UT_test: runs-on: ubuntu-20.04 steps: - name: Remove unnecessary files run: | sudo rm -rf /usr/share/dotnet sudo rm -rf /opt/ghc sudo rm -rf "/usr/local/share/boost" sudo rm -rf "$AGENT_TOOLSDIRECTORY" - uses: actions/checkout@v1 with: submodules: true - uses: ./.github/workflows/composite_action/sim with: container-name: ${{ github.job }} build-envs: 'OCCLUM_RELEASE_BUILD=1' - name: Install OpenJDK 11 (Glibc) run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/netty_ut && ./preinstall_deps.sh" - name: Download and compile netty unit test demos run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/netty_ut && ./build.sh" - name: Run netty unit test demo run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/netty_ut && SGX_MODE=SIM ./run_netty_ut_jdk8.sh" - name: Clean Netty test run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos && rm -rf ./netty_ut" Bash_test: runs-on: ubuntu-20.04 steps: - name: Remove unnecessary files run: | sudo rm -rf /usr/share/dotnet sudo rm -rf /opt/ghc sudo rm -rf "/usr/local/share/boost" sudo rm -rf "$AGENT_TOOLSDIRECTORY" - uses: actions/checkout@v1 with: submodules: true - uses: ./.github/workflows/composite_action/sim with: container-name: ${{ github.job }} build-envs: 'OCCLUM_RELEASE_BUILD=1' - name: Run musl-libc Bash test run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/bash && SGX_MODE=SIM ./run_bash_demo.sh musl" - name: Run glibc Bash test run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/bash && SGX_MODE=SIM ./run_bash_demo.sh" - name: Clean Bash test run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos && rm -rf ./bash" Sysbench_test: runs-on: ubuntu-20.04 steps: - name: Remove unnecessary files run: | sudo rm -rf /usr/share/dotnet sudo rm -rf /opt/ghc sudo rm -rf "/usr/local/share/boost" sudo rm -rf "$AGENT_TOOLSDIRECTORY" - uses: actions/checkout@v1 with: submodules: true - uses: ./.github/workflows/composite_action/sim with: container-name: ${{ github.job }} build-envs: 'OCCLUM_RELEASE_BUILD=1' - name: Run sysbench download and build run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/benchmarks/sysbench && SGX_MODE=SIM ./dl_and_build.sh" - name: Run prepare sysbench occlum instance run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/benchmarks/sysbench && SGX_MODE=SIM ./prepare_sysbench.sh" - name: Run sysbench threads benchmark run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/benchmarks/sysbench/occlum_instance; occlum run /bin/sysbench threads --threads=200 --thread-yields=100 --thread-locks=4 --time=30 run" - name: Clean Sysbench test run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos && rm -rf ./benchmarks/sysbench" Gvisor_syscalls_test: runs-on: ubuntu-20.04 steps: - name: Remove unnecessary files run: | sudo rm -rf /usr/share/dotnet sudo rm -rf /opt/ghc sudo rm -rf "/usr/local/share/boost" sudo rm -rf "$AGENT_TOOLSDIRECTORY" - uses: actions/checkout@v1 with: submodules: true - name: Create container run: | docker pull occlumbackup/occlum:latest-ubuntu20.04-gvisor_test gvisor_test=$(docker run -itd -v $GITHUB_WORKSPACE:/root/occlum occlumbackup/occlum:latest-ubuntu20.04-gvisor_test); echo "gvisor_test=$gvisor_test" >> $GITHUB_ENV - uses: ./.github/workflows/composite_action/prebuild with: container-name: $gvisor_test - name: Build dependencies run: docker exec $gvisor_test bash -c "cd /root/occlum; make submodule" - name: Make install in debug mode run: docker exec $gvisor_test bash -c "source /opt/intel/sgxsdk/environment; cd /root/occlum; make install" - name: Clone gvisor code run: docker exec $gvisor_test bash -c "git clone https://github.com/occlum/gvisor.git" - name: Run gvisor syscall test run: docker exec $gvisor_test bash -c "cd /root/gvisor/occlum && SGX_MODE=SIM ./run_occlum_passed_tests.sh" Flask_tls_test: runs-on: ubuntu-20.04 steps: - name: Remove unnecessary files run: | sudo rm -rf /usr/share/dotnet sudo rm -rf /opt/ghc sudo rm -rf "/usr/local/share/boost" sudo rm -rf "$AGENT_TOOLSDIRECTORY" - uses: actions/checkout@v1 with: submodules: true - uses: ./.github/workflows/composite_action/sim with: container-name: ${{ github.job }} build-envs: 'OCCLUM_RELEASE_BUILD=1' - name: Download conda and build python run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/python/flask; ./install_python_with_conda.sh" - name: Generate sample cert/key run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/python/flask; ./gen-cert.sh" - name: Prepare and start Flask Occlum instance run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/python/flask; SGX_MODE=SIM ./build_occlum_instance.sh; ./run_flask_on_occlum.sh &" - name: Test PUT run: | sleep ${{ env.nap_time }}; docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/python/flask; curl --cacert flask.crt -X PUT https://localhost:4996/customer/1 -d "data=Tom"" - name: Test Get run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/python/flask; curl --cacert flask.crt -X GET https://localhost:4996/customer/1" - name: Clean Flask tls test run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos && rm -rf ./python/flask" Iperf2_test: runs-on: ubuntu-20.04 steps: - name: Remove unnecessary files run: | sudo rm -rf /usr/share/dotnet sudo rm -rf /opt/ghc sudo rm -rf "/usr/local/share/boost" sudo rm -rf "$AGENT_TOOLSDIRECTORY" - uses: actions/checkout@v1 with: submodules: true - uses: ./.github/workflows/composite_action/sim with: container-name: ${{ github.job }} build-envs: 'OCCLUM_RELEASE_BUILD=1' - name: Build iperf2 run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/benchmarks/iperf2; SGX_MODE=SIM ./build.sh" - name: Start iperf2 server run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/benchmarks/iperf2/occlum_server; occlum run /bin/iperf -s -p 6888 &" - name: Start iperf2 client run: | sleep ${{ 5 }}; docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/benchmarks/iperf2/occlum_client; occlum run /bin/iperf -c 127.0.0.1 -p 6888 -P 16" - name: Clean Iperf2 test run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos && rm -rf ./benchmarks/iperf2" Linux_LTP_test: runs-on: ubuntu-20.04 steps: - name: Remove unnecessary files run: | sudo rm -rf /usr/share/dotnet sudo rm -rf /opt/ghc sudo rm -rf "/usr/local/share/boost" sudo rm -rf "$AGENT_TOOLSDIRECTORY" - uses: actions/checkout@v1 with: submodules: true - uses: ./.github/workflows/composite_action/sim with: container-name: ${{ github.job }} build-envs: 'OCCLUM_RELEASE_BUILD=1' - name: Download and build Linux LTP run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/linux-ltp && ./dl_and_build_ltp.sh" - name: Prepare occlum instance for LTP demo run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/linux-ltp && SGX_MODE=SIM ./prepare_ltp.sh" - name: Run the LTP demo run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/linux-ltp/ltp_instance; occlum run /opt/ltp/run-ltp.sh -f syscalls-occlum" - name: Clean LTP test run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos && rm -rf ./linux-ltp" FIO_test: runs-on: ubuntu-20.04 steps: - name: Remove unnecessary files run: | sudo rm -rf /usr/share/dotnet sudo rm -rf /opt/ghc sudo rm -rf "/usr/local/share/boost" sudo rm -rf "$AGENT_TOOLSDIRECTORY" - uses: actions/checkout@v1 with: submodules: true - uses: ./.github/workflows/composite_action/sim with: container-name: ${{ github.job }} build-envs: 'OCCLUM_RELEASE_BUILD=1' - name: Build fio dependencies run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/benchmarks/fio && ./download_and_build_fio.sh" - name: Run fio test run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/benchmarks/fio && SGX_MODE=SIM ./run_fio_on_occlum.sh fio-seq-read.fio" - name: Clean FIO test run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos && rm -rf ./benchmarks/fio" PaddlePaddle_test: runs-on: ubuntu-20.04 steps: - name: Remove unnecessary files run: | sudo rm -rf /usr/share/dotnet sudo rm -rf /opt/ghc sudo rm -rf "/usr/local/share/boost" sudo rm -rf "$AGENT_TOOLSDIRECTORY" - uses: actions/checkout@v1 with: submodules: true - uses: ./.github/workflows/composite_action/sim with: container-name: ${{ github.job }} build-envs: 'OCCLUM_RELEASE_BUILD=1' - name: Build python and paddlepaddle run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/paddlepaddle; ./install_python_with_conda.sh" - name: Run paddlepaddle test run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/paddlepaddle; SGX_MODE=SIM ./run_paddlepaddle_on_occlum.sh" - name: Clean PaddlePaddle test run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos && rm -rf ./paddlepaddle" RuntimeBoot_test: runs-on: ubuntu-20.04 steps: - name: Remove unnecessary files run: | sudo rm -rf /usr/share/dotnet sudo rm -rf /opt/ghc sudo rm -rf "/usr/local/share/boost" sudo rm -rf "$AGENT_TOOLSDIRECTORY" - uses: actions/checkout@v1 with: submodules: true - uses: ./.github/workflows/composite_action/sim with: container-name: ${{ github.job }} build-envs: 'OCCLUM_RELEASE_BUILD=1' - name: Download and prepare runtime boot instance run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/runtime_boot && SGX_MODE=SIM ./build_content.sh" - name: Run runtime boot instance run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/runtime_boot/boot_instance && occlum run /bin/occlum_bash_test.sh" - name: Clean RuntimeBoot test run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos && rm -rf ./runtime_boot" Swtpm_test: runs-on: ubuntu-20.04 steps: - name: Remove unnecessary files run: | sudo rm -rf /usr/share/dotnet sudo rm -rf /opt/ghc sudo rm -rf "/usr/local/share/boost" sudo rm -rf "$AGENT_TOOLSDIRECTORY" - uses: actions/checkout@v1 with: submodules: true - uses: ./.github/workflows/composite_action/sim with: container-name: ${{ github.job }} build-envs: 'OCCLUM_RELEASE_BUILD=1' - name: download and build swtpm run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/swtpm; ./install_swtpm.sh" - name: Run swtpm server run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/swtpm && SGX_MODE=SIM ./run_swtpm.sh" & - name: download tss and run a test run: | sleep ${{ env.nap_time }}; docker exec ${{ github.job }} bash -c "cd /root/occlum/demos/swtpm; ./run_client.sh" - name: Clean Swtpm test run: docker exec ${{ github.job }} bash -c "cd /root/occlum/demos && rm -rf ./swtpm"