Basic integration test of oak containers attestation. #13118
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Continuous Integration | |
on: | |
push: | |
branches: [main] | |
pull_request: | |
branches: [main] | |
# See https://docs.github.com/en/actions/learn-github-actions/workflow-syntax-for-github-actions#example-using-concurrency-to-cancel-any-in-progress-job-or-run | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }} | |
cancel-in-progress: true | |
jobs: | |
xtask: | |
runs-on: ubuntu-20.04 | |
timeout-minutes: 120 | |
# We use the same job template, but parametrize the actual command to be passed to the xtask | |
# binary using the matrix strategy, so that we get the commands running in parallel. | |
strategy: | |
fail-fast: false | |
matrix: | |
# Do not add `run-ci` to these commands. We parse them for `xtask run-ci`. | |
cmd: | |
- check-format | |
- run-cargo-deny | |
- run-cargo-udeps | |
- run-bazel-tests | |
- run-cargo-fuzz -- -max_total_time=2 | |
- completion | |
- run-cargo-clippy | |
steps: | |
- name: Checkout branch | |
uses: actions/checkout@v3 | |
with: | |
fetch-depth: 2 | |
# See build.yaml. | |
- name: Free disk space | |
run: | | |
set -o errexit | |
set -o xtrace | |
df --human-readable | |
sudo apt-get remove --yes \ | |
'^dotnet-.*' '^llvm-.*' 'php.*' azure-cli \ | |
hhvm google-chrome-stable firefox powershell | |
df --human-readable | |
sudo apt-get autoremove --yes | |
df --human-readable | |
sudo apt clean | |
df --human-readable | |
docker rmi $(docker image ls --all --quiet) | |
df --human-readable | |
rm --recursive --force "${AGENT_TOOLSDIRECTORY}" | |
df --human-readable | |
- name: Docker pull | |
timeout-minutes: 10 | |
run: | | |
./scripts/docker_pull | |
df --human-readable | |
- name: Run command | |
env: | |
RUST_BACKTRACE: 1 | |
RUST_LOG: debug | |
# Do not run tests that require KVM on GitHub Actions, since nested virtualization is not supported. | |
OAK_KVM_TESTS: skip | |
run: | | |
./scripts/docker_run nix develop .#ci --command ./scripts/xtask ${{ matrix.cmd }} | |
df --human-readable | |
# Ensure that the previous steps did not modify our source-code and that | |
# relevant build artifacts are ignored by git. | |
- name: Git check diff | |
run: ./scripts/docker_run ./scripts/git_check_diff |