Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Sgx runner #1222

Merged
merged 87 commits into from
Apr 12, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
87 commits
Select commit Hold shift + click to select a range
c344f46
Added self hosted runner #386
mosonyi Mar 15, 2023
1e29cd8
Remove duplicated runs-on #386
mosonyi Mar 15, 2023
3c9c2ae
Add sgx_runner branch to test it #386
mosonyi Mar 15, 2023
2a1a587
Build with HW mode #386
mosonyi Mar 15, 2023
02841fb
gha: remove BUILD_CONTAINER_NAME env variable
OverOrion Mar 16, 2023
731e3d2
gha: run integration tests with real SGX inside docker
OverOrion Mar 16, 2023
fad37af
gha: revert to self-hosted runner
OverOrion Mar 16, 2023
4b757f2
fixup! gha: run integration tests with real SGX inside docker
OverOrion Mar 16, 2023
6ffb965
Added new integritee-dev docker image to build #386
mosonyi Mar 17, 2023
cc4aa8e
readded BUILD_CONTAINER_NAME env variable #386
mosonyi Mar 17, 2023
238ac30
Use the newer builder #386
mosonyi Mar 17, 2023
3f8c1ae
Add all devices
mosonyi Mar 20, 2023
29daea6
Delete naming of the running container
mosonyi Mar 20, 2023
e11d1d7
Add missing aesmd service
mosonyi Mar 20, 2023
65a199c
Untag image before tag it again
mosonyi Mar 21, 2023
74fd054
Untag image before tag it again (no fail on error)
mosonyi Mar 21, 2023
5c0b2f0
Delete only if exist
mosonyi Mar 21, 2023
5c171de
The tests are running in HW mode, devices are needed
mosonyi Mar 21, 2023
cdd42e1
Force stop running tests
mosonyi Mar 21, 2023
223b4d1
Fix teeracle failure
mosonyi Mar 21, 2023
b3e2875
Add some comments to the changes
mosonyi Mar 22, 2023
88ff927
Merge branch 'master' into sgx_runner
OverOrion Mar 28, 2023
7e35719
Merge branch 'master' into sgx_runner
mosonyi Mar 28, 2023
b9080f3
Delete stopped containers
mosonyi Mar 29, 2023
8e3b7e7
update sidechain block production rate to one second to see if it fix…
clangenb Mar 29, 2023
a3d2f2f
Try out uploading only relevant logs
mosonyi Mar 29, 2023
1bac47b
Merge branch 'master' into sgx_runner
OverOrion Mar 29, 2023
1b138a4
Allow to run on our test runners
mosonyi Mar 29, 2023
2abe1a8
Try to run tests in separate network
mosonyi Mar 30, 2023
ecfafbb
Fix wrong flavor_id variable usage
mosonyi Mar 30, 2023
8006b16
Fix naming usage
mosonyi Mar 30, 2023
5e9f62b
Fix naming usage #2
mosonyi Mar 30, 2023
7d3a0b1
Fix naming usage #3
mosonyi Mar 30, 2023
f96e1cc
Fix naming usage #4
mosonyi Mar 30, 2023
2b56719
Added docker login
mosonyi Mar 30, 2023
4f20cfb
Fix wrong name link
mosonyi Mar 30, 2023
53bebd2
Fix typo
mosonyi Mar 30, 2023
3be342a
Try stop instead of down
mosonyi Mar 31, 2023
72f5937
Change flavor
mosonyi Mar 31, 2023
51285af
test: Do not stop
mosonyi Mar 31, 2023
aa933b7
Added hostname
mosonyi Mar 31, 2023
ba68a3e
Consider to decrease the size of the name of the container as hostnam…
mosonyi Mar 31, 2023
3ffa62f
Trying to fix exit code containers
mosonyi Mar 31, 2023
63b8191
Cut last 10 strings form the sha, too long
mosonyi Mar 31, 2023
a09d119
Try docker compose with -p
mosonyi Mar 31, 2023
3c15139
Cut name at 64
mosonyi Mar 31, 2023
f6e484c
compose finetuning
mosonyi Apr 2, 2023
6c01bba
Revert back the docker files, just use different network and project
mosonyi Apr 2, 2023
fe38e11
Remove TAG overwrites
mosonyi Apr 2, 2023
ce17504
Version should be random
mosonyi Apr 2, 2023
05440b0
Fix setting up version
mosonyi Apr 2, 2023
6c9e8e9
Fix setting up version
mosonyi Apr 2, 2023
7d436a8
Fix version typo
mosonyi Apr 2, 2023
36fb3d1
Remove container_name to avoid conflict
mosonyi Apr 2, 2023
e50899c
Add hostname to be able to use healthcheck
mosonyi Apr 2, 2023
e075f7c
Change depends ons
mosonyi Apr 2, 2023
c7de601
Change back to envsubst
mosonyi Apr 2, 2023
d9cd213
Service name should be uniquer
mosonyi Apr 2, 2023
3874ca8
Add sgx mounts
mosonyi Apr 2, 2023
832591b
Try without removing orphans
mosonyi Apr 3, 2023
010f01c
Fix hostname typo
mosonyi Apr 3, 2023
c11faa4
Merge branch 'master' into sgx_runner
mosonyi Apr 3, 2023
e8ad5da
Optimize test running
mosonyi Apr 3, 2023
b2dfac6
Fix teeracle tests
mosonyi Apr 3, 2023
775f098
Fix typo in yml
mosonyi Apr 3, 2023
c136eb2
Remove sgx_runner branch
mosonyi Apr 3, 2023
824ef04
Continue running if stopping cannot be run
mosonyi Apr 3, 2023
834b019
Fix documentation
mosonyi Apr 3, 2023
22bb0a9
Run clippy on our own infra
mosonyi Apr 3, 2023
b7beded
Revert: Run clippy on our own infra
mosonyi Apr 3, 2023
1be4dc0
Remove wrong doc format
mosonyi Apr 3, 2023
fd3e792
Fix all requests
mosonyi Apr 4, 2023
2de8e02
Fix all requests (add missing files)
mosonyi Apr 4, 2023
47aea84
Fix env variable
mosonyi Apr 4, 2023
8ee541a
Try another with env variable
mosonyi Apr 4, 2023
83291cf
Matrix can't use variables
mosonyi Apr 4, 2023
1846b54
Using top level env
mosonyi Apr 4, 2023
aa98471
Matrix params should be hardcoded
mosonyi Apr 4, 2023
cfdd8e3
Merge branch 'master' into sgx_runner
mosonyi Apr 5, 2023
ce9ef2c
Make devices configurable
mosonyi Apr 5, 2023
c93dcc3
Fix LOG_DIR
mosonyi Apr 5, 2023
f1fdfaa
May fix the uploading logs issue
mosonyi Apr 11, 2023
9de7be4
Modify LOG_DIR target
mosonyi Apr 12, 2023
9e3e707
Fix deleting old docker images + log upload filter
mosonyi Apr 12, 2023
69b9329
Refine filter
mosonyi Apr 12, 2023
5e830c3
Tag integritee node as well to be able to collect logs from it
mosonyi Apr 12, 2023
e8f676b
Merge branch 'master' into sgx_runner
mosonyi Apr 12, 2023
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
123 changes: 107 additions & 16 deletions .github/workflows/build_and_test.yml
Original file line number Diff line number Diff line change
Expand Up @@ -21,31 +21,49 @@ env:
jobs:
cancel_previous_runs:
name: Cancel Previous Runs
runs-on: ubuntu-22.04
runs-on: ubuntu-latest
steps:
- uses: styfle/cancel-workflow-action@0.11.0
with:
access_token: ${{ secrets.GITHUB_TOKEN }}

build-test:
runs-on: ubuntu-22.04
runs-on: ${{ matrix.host }}
strategy:
fail-fast: false
matrix:
include:
- flavor_id: sidechain
mode: sidechain
host: integritee-builder-sgx
sgx_mode: HW
- flavor_id: offchain-worker
mode: offchain-worker
host: integritee-builder-sgx
sgx_mode: HW
- flavor_id: teeracle
mode: teeracle
host: integritee-builder-sgx
sgx_mode: HW
- flavor_id: sidechain-evm
mode: sidechain
additional_features: evm
host: integritee-builder-sgx
sgx_mode: HW

steps:
- uses: actions/checkout@v3

- name: Set env
run: |
if [[ ${{ matrix.sgx_mode }} == 'HW' ]]; then
echo "DOCKER_DEVICES=--device=/dev/sgx/enclave --device=/dev/sgx/provision" >> $GITHUB_ENV
echo "DOCKER_VOLUMES=--volume /var/run/aesmd:/var/run/aesmd" >> $GITHUB_ENV
else
echo "DOCKER_DEVICES=" >> $GITHUB_ENV
echo "DOCKER_VOLUMES=" >> $GITHUB_ENV
fi

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
with:
Expand All @@ -58,7 +76,7 @@ jobs:
run: >
docker build -t integritee-worker-${{ matrix.flavor_id }}-${{ github.sha }}
--target deployed-worker
--build-arg WORKER_MODE_ARG=${{ matrix.mode }} --build-arg ADDITIONAL_FEATURES_ARG=${{ matrix.additional_features }}
--build-arg WORKER_MODE_ARG=${{ matrix.mode }} --build-arg ADDITIONAL_FEATURES_ARG=${{ matrix.additional_features }} --build-arg SGX_MODE=${{ matrix.sgx_mode }}
-f build.Dockerfile .

- name: Build CLI client
Expand All @@ -73,7 +91,7 @@ jobs:
- run: docker images --all

- name: Test Enclave # cargo test is not supported in the enclave, see: https://github.com/apache/incubator-teaclave-sgx-sdk/issues/232
run: docker run --name ${{ env.BUILD_CONTAINER_NAME }} integritee-worker-${{ matrix.flavor_id }}-${{ github.sha }} test --all
run: docker run ${{ env.DOCKER_DEVICES }} ${{ env.DOCKER_VOLUMES }} integritee-worker-${{ matrix.flavor_id }}-${{ github.sha }} test --all

- name: Export worker image(s)
run: |
Expand All @@ -93,8 +111,8 @@ jobs:
path: integritee-cli-client-${{ matrix.flavor_id }}-${{ github.sha }}.tar.gz

clippy:
runs-on: ubuntu-22.04
container: "integritee/integritee-dev:0.1.13"
runs-on: ubuntu-latest
container: "integritee/integritee-dev:0.2.1"
steps:
- uses: actions/checkout@v3
- name: init rust
Expand Down Expand Up @@ -131,7 +149,7 @@ jobs:
uses: andymckay/cancel-action@0.3

fmt:
runs-on: ubuntu-22.04
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: init rust
Expand All @@ -152,7 +170,7 @@ jobs:
uses: andymckay/cancel-action@0.3

integration-tests:
runs-on: ubuntu-22.04
runs-on: ${{ matrix.host }}
if: ${{ always() }}
needs: build-test
env:
Expand All @@ -168,34 +186,63 @@ jobs:
- test: M6
flavor_id: sidechain
demo_name: demo-indirect-invocation
host: test-runner-sgx
sgx_mode: HW
- test: M8
flavor_id: sidechain
demo_name: demo-direct-call
host: test-runner-sgx
sgx_mode: HW
- test: Sidechain
flavor_id: sidechain
demo_name: demo-sidechain
host: test-runner-sgx
sgx_mode: HW
- test: M6
flavor_id: offchain-worker
demo_name: demo-indirect-invocation
host: test-runner-sgx
sgx_mode: HW
- test: Teeracle
flavor_id: teeracle
demo_name: demo-teeracle
host: test-runner-sgx
sgx_mode: HW
- test: Teeracle
flavor_id: teeracle
demo_name: demo-teeracle-generic
host: test-runner-sgx
sgx_mode: HW
- test: Benchmark
flavor_id: sidechain
demo_name: sidechain-benchmark
host: test-runner-sgx
sgx_mode: HW
- test: EVM
flavor_id: sidechain-evm
demo_name: demo-smart-contract
host: test-runner-sgx
sgx_mode: HW

steps:
- uses: actions/checkout@v3

- name: Set env
run: |
version=$RANDOM
echo "FLAVOR_ID=${{ matrix.flavor_id }}" >> $GITHUB_ENV
echo "PROJECT=${{ matrix.flavor_id }}-${{ matrix.demo_name }}" >> $GITHUB_ENV
echo "VERSION=dev.$version" >> $GITHUB_ENV
echo "WORKER_IMAGE_TAG=integritee-worker:dev.$version" >> $GITHUB_ENV
echo "INTEGRITEE_NODE=integritee-node-dev:1.0.33.$version" >> $GITHUB_ENV
echo "CLIENT_IMAGE_TAG=integritee-cli:dev.$version" >> $GITHUB_ENV
if [[ ${{ matrix.sgx_mode }} == 'HW' ]]; then
echo "SGX_PROVISION=/dev/sgx/provision" >> $GITHUB_ENV
echo "SGX_ENCLAVE=/dev/sgx/enclave" >> $GITHUB_ENV
echo "AESMD=/var/run/aesmd" >> $GITHUB_ENV
fi

echo "LOG_DIR=./logs-$version" >> $GITHUB_ENV

- name: Download Worker Image
uses: actions/download-artifact@v3
Expand All @@ -217,42 +264,86 @@ jobs:
docker image load --input integritee-cli-client-${{ matrix.flavor_id }}-${{ github.sha }}.tar.gz
docker images --all

##
# Before tagging, delete the old "stuck" ones to be sure that the newly created ones are the latest
# Without if the docker image rmi throws an error if the image doesn't exist.
##
mosonyi marked this conversation as resolved.
Show resolved Hide resolved
- name: Re-name Image Tags
run: |
if [[ "$(docker images -q ${{ env.WORKER_IMAGE_TAG }} 2> /dev/null)" == "" ]]; then
docker image rmi --force ${{ env.WORKER_IMAGE_TAG }} 2>/dev/null
fi
if [[ "$(docker images -q ${{ env.CLIENT_IMAGE_TAG }} 2> /dev/null)" == "" ]]; then
docker image rmi --force ${{ env.CLIENT_IMAGE_TAG }} 2>/dev/null
fi
OverOrion marked this conversation as resolved.
Show resolved Hide resolved
docker tag integritee-worker-${{ matrix.flavor_id }}-${{ github.sha }} ${{ env.WORKER_IMAGE_TAG }}
docker tag integritee-cli-client-${{ matrix.flavor_id }}-${{ github.sha }} ${{ env.CLIENT_IMAGE_TAG }}
docker tag integritee/integritee-node-dev:1.0.33 ${{ env.INTEGRITEE_NODE }}
docker images --all

- name: Integration Test ${{ matrix.test }}-${{ matrix.flavor_id }}
##
# Stop any stucked/running compose projects
##
- name: Stop docker containers
OverOrion marked this conversation as resolved.
Show resolved Hide resolved
if: always()
continue-on-error: true
run: |
cd docker
docker compose -f docker-compose.yml -f ${{ matrix.demo_name }}.yml up ${{ matrix.demo_name }} --no-build --exit-code-from ${{ matrix.demo_name }}
docker compose -f <(envsubst < docker-compose.yml) -f <(envsubst < ${{ matrix.demo_name }}.yml) -p ${PROJECT} stop

- name: Stop docker containers
- name: Login to Docker Hub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKER_HUB_USERNAME }}
password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}

- name: Integration Test ${{ matrix.test }}-${{ matrix.flavor_id }}
run: |
cd docker
docker compose -f docker-compose.yml -f ${{ matrix.demo_name }}.yml stop
docker compose -f <(envsubst < docker-compose.yml) -f <(envsubst < ${{ matrix.demo_name }}.yml) -p ${PROJECT} up ${{ matrix.demo_name }} --no-build --exit-code-from ${{ matrix.demo_name }} --remove-orphans


- name: Collect Docker Logs
continue-on-error: true
if: always()
uses: jwalton/gh-docker-logs@v2
with:
#images: '${{ env.WORKER_IMAGE_TAG }},${{ env.CLIENT_IMAGE_TAG }}'
images: '${{ env.WORKER_IMAGE_TAG }},${{ env.CLIENT_IMAGE_TAG }},${{ env.INTEGRITEE_NODE }}'
tail: all
dest: ./${{ env.LOG_DIR }}
dest: ${{ env.LOG_DIR }}

- name: Upload logs
if: always()
uses: actions/upload-artifact@v3
with:
name: logs-${{ matrix.test }}-${{ matrix.flavor_id }}
path: ./${{ env.LOG_DIR }}
path: ${{ env.LOG_DIR }}

- name: Stop docker containers
if: always()
continue-on-error: true
run: |
cd docker
docker compose -f <(envsubst < docker-compose.yml) -f <(envsubst < ${{ matrix.demo_name }}.yml) -p ${PROJECT} stop

- name: Delete images
run: |
if [[ "$(docker images -q ${{ env.WORKER_IMAGE_TAG }} 2> /dev/null)" != "" ]]; then
docker image rmi --force ${{ env.WORKER_IMAGE_TAG }} 2>/dev/null
fi
if [[ "$(docker images -q ${{ env.CLIENT_IMAGE_TAG }} 2> /dev/null)" != "" ]]; then
docker image rmi --force ${{ env.CLIENT_IMAGE_TAG }} 2>/dev/null
fi
if [[ "$(docker images -q ${{ env.INTEGRITEE_NODE }} 2> /dev/null)" != "" ]]; then
docker image rmi --force ${{ env.INTEGRITEE_NODE }} 2>/dev/null
fi
docker images --all


release:
runs-on: ubuntu-latest
name: Draft Release
if: startsWith(github.ref, 'refs/tags/')
runs-on: ubuntu-22.04
needs: [build-test, integration-tests]
outputs:
release_url: ${{ steps.create-release.outputs.html_url }}
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/delete-release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ on:
jobs:
purge-image:
name: Delete image from ghcr.io
runs-on: ubuntu-22.04
runs-on: ubuntu-latest
strategy:
matrix:
binary: ["integritee-client", "integritee-demo-validateer"]
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/label-checker.yml
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ on:

jobs:
check_for_matching_labels:
runs-on: ubuntu-22.04
runs-on: ubuntu-latest
if: github.base_ref == 'master' && github.event.pull_request.draft == false
steps:
- name: Label check
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/publish-docker-release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ on:
jobs:
main:
name: Push Integritee Services to Dockerhub
runs-on: ubuntu-22.04
runs-on: ubuntu-latest
strategy:
matrix:
binary: ["integritee-demo-validateer", "integritee-client"]
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/publish-draft-release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ on:

jobs:
publish-draft-release:
runs-on: ubuntu-22.04
runs-on: ubuntu-latest
steps:
- name: Checkout sources
uses: actions/checkout@v3
Expand Down
Loading