feature: slim docker images #192
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "SGX Hardware Mode Tests" | |
| # This workflow runs the set of tests in SGX Hardware mode. We run them on a | |
| # latest-generation IceLake VM on Azure, and we run them every time we change | |
| # something in the enclave sub-tree | |
| on: | |
| push: | |
| branches: [main] | |
| pull_request: | |
| branches: [main] | |
| types: [opened, synchronize, reopened, ready_for_review] | |
| defaults: | |
| run: | |
| shell: bash | |
| # Cancel previous running actions for the same PR | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: ${{ github.ref != 'refs/heads/main' }} | |
| jobs: | |
| sgx-changed: | |
| if: github.event.pull_request.draft == false | |
| runs-on: ubuntu-latest | |
| outputs: | |
| has-sgx-changed: ${{ (steps.filter.outputs.sgx-changed == 'true') }} | |
| steps: | |
| - name: "Checkout code" | |
| uses: actions/checkout@v4 | |
| # Check if any of the submodules have been modified | |
| - uses: dorny/paths-filter@v3 | |
| id: filter | |
| with: | |
| filters: | | |
| sgx-changed: | |
| - './src/enclave/**' | |
| sgx-hw: | |
| needs: sgx-changed | |
| if: ${{ needs.sgx-changed.outputs.has-sgx-changed == 'true' }} | |
| runs-on: self-hosted | |
| timeout-minutes: 60 | |
| env: | |
| FAASM_VERSION: 0.33.0 | |
| FAASMCTL_BIN: /home/faasm/.local/bin/faasmctl | |
| FAASMCTL_VERSION: 0.51.0 | |
| VM_CODE_DIR: /home/faasm/git/faasm/faasm | |
| VM_BASE_NAME: gha-sgx-hw-vm | |
| steps: | |
| - name: "Check out the experiment-base code" | |
| uses: actions/checkout@v4 | |
| with: | |
| repository: faasm/experiment-base | |
| - name: "Create a unique VM name" | |
| run: echo "VM_NAME=${VM_BASE_NAME}-${{ github.job }}-${{ github.run_id }}-${{ github.run_attempt }}" >> $GITHUB_ENV | |
| - name: "Create and provision an SGX-enabled IceLake VM" | |
| run: | | |
| ./bin/inv_wrapper.sh vm.create --sgx --region eastus2 --name ${{ env.VM_NAME }} | |
| ./bin/inv_wrapper.sh vm.inventory --prefix ${{ env.VM_NAME }} | |
| ./bin/inv_wrapper.sh vm.setup --sgx | |
| - name: "Fetch the branch code if necessary" | |
| run: | | |
| ./bin/inv_wrapper.sh vm.run-command \ | |
| --name ${{ env.VM_NAME }} \ | |
| --path ${{ env.VM_CODE_DIR }} \ | |
| --cmd "git config remote.origin.fetch '+refs/heads/*:refs/remotes/origin/*'" | |
| ./bin/inv_wrapper.sh vm.run-command \ | |
| --name ${{ env.VM_NAME }} \ | |
| --path ${{ env.VM_CODE_DIR }} \ | |
| --cmd "git fetch origin ${{ github.ref }}:ci-branch && git checkout -f ci-branch" | |
| ./bin/inv_wrapper.sh vm.run-command \ | |
| --name ${{ env.VM_NAME }} \ | |
| --path ${{ env.VM_CODE_DIR }} \ | |
| --cmd "git submodule update --init -f" | |
| ./bin/inv_wrapper.sh vm.run-command \ | |
| --name ${{ env.VM_NAME }} \ | |
| --path ${{ env.VM_CODE_DIR }}/clients/python \ | |
| --cmd "git submodule update --init -f third-party/cpp" | |
| - name: "Install faasmctl" | |
| run: | | |
| ./bin/inv_wrapper.sh vm.run-command \ | |
| --name ${{ env.VM_NAME }} \ | |
| --path ${{ env.VM_CODE_DIR }} \ | |
| --cmd "pip3 install faasmctl==${{ env.FAASMCTL_VERSION }}" | |
| - name: "Start the docker compose cluster" | |
| run: | | |
| ./bin/inv_wrapper.sh vm.run-command \ | |
| --name ${{ env.VM_NAME }} \ | |
| --path ${{ env.VM_CODE_DIR }} \ | |
| --cmd "${{ env.FAASMCTL_BIN }} deploy.compose --workers=0 --mount-source ." \ | |
| --env "FAASM_INI_FILE=${{ env.VM_CODE_DIR }}/faasm.ini" \ | |
| --env "FAASM_WASM_VM=sgx" | |
| - name: "Cross-compile CPP functions" | |
| run: | | |
| ./bin/inv_wrapper.sh vm.run-command \ | |
| --name ${{ env.VM_NAME }} \ | |
| --path ${{ env.VM_CODE_DIR }} \ | |
| --cmd "${{ env.FAASMCTL_BIN }} cli.cpp --cmd \"./bin/inv_wrapper.sh func.local --clean libfake\"" \ | |
| --env "FAASM_INI_FILE=${{ env.VM_CODE_DIR }}/faasm.ini" | |
| - name: "Build Faasm targets" | |
| run: | | |
| ./bin/inv_wrapper.sh vm.run-command \ | |
| --name ${{ env.VM_NAME }} \ | |
| --path ${{ env.VM_CODE_DIR }} \ | |
| --cmd "${{ env.FAASMCTL_BIN }} cli.faasm --cmd \"./bin/inv_wrapper.sh dev.tools --build Debug --sgx Hardware\"" \ | |
| --env "FAASM_INI_FILE=${{ env.VM_CODE_DIR }}/faasm.ini" | |
| - name: "Run codegen" | |
| run: | | |
| ./bin/inv_wrapper.sh vm.run-command \ | |
| --name ${{ env.VM_NAME }} \ | |
| --path ${{ env.VM_CODE_DIR }} \ | |
| --cmd "${{ env.FAASMCTL_BIN }} cli.faasm --cmd \"./bin/inv_wrapper.sh codegen.tests\"" \ | |
| --env "FAASM_INI_FILE=${{ env.VM_CODE_DIR }}/faasm.ini" | |
| - name: "Print kernel version" | |
| run: | | |
| ./bin/inv_wrapper.sh vm.run-command \ | |
| --name ${{ env.VM_NAME }} \ | |
| --path ${{ env.VM_CODE_DIR }} \ | |
| --cmd "uname -r" \ | |
| - name: "Run hello function" | |
| run: | | |
| ./bin/inv_wrapper.sh vm.run-command \ | |
| --name ${{ env.VM_NAME }} \ | |
| --path ${{ env.VM_CODE_DIR }} \ | |
| --cmd "${{ env.FAASMCTL_BIN }} cli.faasm --cmd \"./bin/inv_wrapper.sh run demo hello\"" \ | |
| --env "FAASM_INI_FILE=${{ env.VM_CODE_DIR }}/faasm.ini" \ | |
| --env "FAASM_WASM_VM=sgx" | |
| - name: "Run tests" | |
| run: | | |
| ./bin/inv_wrapper.sh vm.run-command \ | |
| --name ${{ env.VM_NAME }} \ | |
| --path ${{ env.VM_CODE_DIR }} \ | |
| --cmd "${{ env.FAASMCTL_BIN }} cli.faasm --cmd \"./bin/inv_wrapper.sh tests --debug\"" \ | |
| --env "FAASM_INI_FILE=${{ env.VM_CODE_DIR }}/faasm.ini" | |
| - name: "Delete VM" | |
| if: always() | |
| run: ./bin/inv_wrapper.sh vm.delete --name ${{ env.VM_NAME }} | |
| continue-on-error: true |