91 lines
3.6 KiB
YAML
91 lines
3.6 KiB
YAML
name: Rune Test
|
|
|
|
# Controls when the action will run. Triggers the workflow on push.
|
|
on: [push]
|
|
|
|
env:
|
|
REPO: https://mirrors.openanolis.org/inclavare-containers
|
|
|
|
jobs:
|
|
# TODO: add rune circtl test on ubuntu image.
|
|
Rune_test:
|
|
runs-on: [self-hosted, SGX1-HW]
|
|
strategy:
|
|
matrix:
|
|
tag: [ubuntu18.04, centos8.2]
|
|
steps:
|
|
- name: Clean before running
|
|
run: |
|
|
sudo chown -R ${{ secrets.CI_ADMIN }} "${{ github.workspace }}"
|
|
|
|
- uses: actions/checkout@v1
|
|
with:
|
|
submodules: true
|
|
|
|
- name: Get version
|
|
run: echo "OCCLUM_VERSION=$(grep 'Version =' src/pal/include/occlum_version.h | awk '{print $4}')" >> $GITHUB_ENV;
|
|
echo "RUNE_VERSION=$(wget -q https://raw.githubusercontent.com/alibaba/inclavare-containers/master/VERSION && cat VERSION)" >> $GITHUB_ENV && rm -f VERSION
|
|
|
|
- name: Create container
|
|
run: |
|
|
rune_test=$(docker run -itd --privileged --rm --env CARGO_HTTP_MULTIPLEXING=false --net host --device /dev/isgx -v $GITHUB_WORKSPACE:/root/occlum inclavarecontainers/test:${{ matrix.tag }}-occlum-$OCCLUM_VERSION)
|
|
echo "rune_test=$rune_test" >> $GITHUB_ENV
|
|
|
|
- name: Change download source of crates.io
|
|
run: |
|
|
docker exec $rune_test bash -c "cat <<- EOF >/root/.cargo/config
|
|
[source.crates-io]
|
|
registry = \"https://github.com/rust-lang/crates.io-index\"
|
|
replace-with = 'ustc'
|
|
[source.ustc]
|
|
registry = \"git://mirrors.ustc.edu.cn/crates.io-index\"
|
|
EOF"
|
|
|
|
- name: Build Occlum dependencies
|
|
run: docker exec $rune_test bash -c "cargo uninstall sccache || true; cd /root/occlum; make submodule"
|
|
|
|
- name: Install Occlum
|
|
run: docker exec $rune_test bash -c "cd /root/occlum; OCCLUM_RELEASE_BUILD=1 make && make install"
|
|
|
|
- name: Install rune and shim-rune
|
|
run: |
|
|
if [ '${{ matrix.tag }}' = 'ubuntu18.04' ]; then
|
|
docker exec $rune_test bash -c "wget $REPO/deb-repo/pool/main/r/rune/rune_$RUNE_VERSION-1_amd64.deb; dpkg -i rune_$RUNE_VERSION-1_amd64.deb"
|
|
else
|
|
docker exec $rune_test bash -c "rpm -ivh $REPO/rpm-repo/rune-$RUNE_VERSION-1.el8.x86_64.rpm $REPO/rpm-repo/shim-rune-$RUNE_VERSION-1.el8.x86_64.rpm"
|
|
fi;
|
|
|
|
- name: Start docker daemon
|
|
run: |
|
|
if [ '${{ matrix.tag }}' = 'ubuntu18.04' ]; then
|
|
docker exec $rune_test bash -c "service docker start"
|
|
else
|
|
docker exec $rune_test bash -c "dockerd -b docker0 --storage-driver=vfs &"
|
|
fi;
|
|
|
|
- name: Build Occlum application image
|
|
run: docker exec $rune_test bash -c "occlum-gcc -o hello_world hello_world.c;
|
|
occlum new occlum_instance && cd occlum_instance;
|
|
cp ../hello_world image/bin/ && occlum build;
|
|
occlum package --debug occlum_instance.tar.gz;
|
|
docker build . -t occlum-app -f /root/Dockerfile-occlum"
|
|
|
|
- name: Run Occlum image
|
|
run: docker exec $rune_test bash -c "docker run -i --rm --runtime=rune -e ENCLAVE_TYPE=intelSgx -e ENCLAVE_RUNTIME_PATH=/opt/occlum/build/lib/libocclum-pal.so -e ENCLAVE_RUNTIME_ARGS=occlum_instance occlum-app"
|
|
|
|
- name: Run occlum-hello pod
|
|
if: ${{ contains(matrix.tag, 'centos8.2') }}
|
|
run: docker exec $rune_test bash -c "containerd" &
|
|
|
|
docker exec $rune_test bash -c "cd /root/samples && ./clean.sh;
|
|
crictl run --timeout 3s hello.yaml pod.yaml && ./show.sh"
|
|
|
|
- name: Run golang-web pod
|
|
if: ${{ contains(matrix.tag, 'centos8.2') }}
|
|
run: docker exec $rune_test bash -c "cd /root/samples && ./clean.sh;
|
|
crictl run --timeout 3s golang.yaml pod.yaml && ./show.sh"
|
|
|
|
- name: Clean the environment
|
|
if: ${{ always() }}
|
|
run: docker stop $rune_test
|