Skip to content

verifier: Fetch VCEK cert from KDS instead of bailing #887

verifier: Fetch VCEK cert from KDS instead of bailing

verifier: Fetch VCEK cert from KDS instead of bailing #887

Workflow file for this run

name: CoCo-AS e2e
on:
pull_request:
branches: [ "main" ]
# Self-hosted runners do not set -o pipefail otherwise
defaults:
run:
shell: bash
jobs:
e2e-test:
strategy:
fail-fast: false
matrix:
include:
# TODO: Add real HW-TEE test
# See https://github.com/confidential-containers/trustee/issues/223
# - runner: self-hosted
# generate_evidence: true
# grpc_tee_enum: 3
# restful_tee_enum: tdx
- runner: ubuntu-22.04
generate_evidence: false
grpc_tee_enum: 2
restful_tee_enum: snp
name: TEE=${{ matrix.restful_tee_enum }} Generate Evidence Dynamically=${{ matrix.generate_evidence }}
runs-on: ${{ matrix.runner }}
env:
RUSTC_VERSION: 1.76.0
GRPC_TEE_ENUM: ${{ matrix.grpc_tee_enum }}
RESTFUL_TEE_ENUM: ${{ matrix.restful_tee_enum }}
steps:
- uses: actions/checkout@v4
- name: Install Rust toolchain (${{ env.RUSTC_VERSION }})
uses: actions-rust-lang/setup-rust-toolchain@v1
with:
toolchain: ${{ env.RUSTC_VERSION }}
components: rustfmt, clippy
- uses: actions/setup-go@v5
with:
go-version: stable
- name: Set up rust build cache
uses: actions/cache@v4
continue-on-error: false
with:
path: |
~/.cargo/registry/index/
~/.cargo/registry/cache/
target/
key: rust-${{ hashFiles('./Cargo.lock') }}
- name: Install dependencies
if: ${{ matrix.runner == 'ubuntu-22.04' }}
working-directory: attestation-service/tests/e2e
run: |
make install-dependencies
go install github.com/fullstorydev/grpcurl/cmd/grpcurl@latest
- name: Run e2e test (gRPC)
working-directory: attestation-service/tests/e2e
run: make e2e-grpc-test
- name: Run e2e test (RESTful)
working-directory: attestation-service/tests/e2e
run: make e2e-restful-test