-
Notifications
You must be signed in to change notification settings - Fork 8
65 lines (64 loc) · 2 KB
/
ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
name: Continuous Integration
on: [push, pull_request]
jobs:
formatting:
name: Check formatting
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Check formatting
run: cargo fmt --all -- --check
tests:
name: Perform tests
runs-on: ubuntu-latest
container: fedora:latest
defaults:
run:
working-directory: ./clevis-pin-tpm2
steps:
- uses: actions/checkout@v4
with:
path: clevis-pin-tpm2
- name: Check out the policy signtool
uses: actions/checkout@v4
with:
path: clevis-pin-tpm2-signtool
repository: puiterwijk/clevis-pin-tpm2-signtool
- name: Install dependencies
run: |
dnf install -y \
tpm2-tss-devel clevis \
swtpm swtpm-tools \
rust cargo clippy \
golang clang-devel \
git-core
- name: Remove clevis-pin-tpm2
run: |
rm -f /usr/bin/clevis-pin-tpm2 /usr/bin/clevis-*-tpm2plus
- name: Build
run: cargo build
- name: Start swtpm
run: |
mkdir /tmp/tpmdir
swtpm_setup --tpm2 \
--tpmstate /tmp/tpmdir \
--createek --decryption --create-ek-cert \
--create-platform-cert \
--pcr-banks sha1,sha256 \
--display
swtpm socket --tpm2 \
--tpmstate dir=/tmp/tpmdir \
--flags startup-clear \
--ctrl type=tcp,port=2322 \
--server type=tcp,port=2321 \
--daemon
- name: Run integration tests
run: |
TCTI=swtpm: SKIP_CLEVIS=true cargo test -- --nocapture
echo "### Shell integration tests" >&2
TCTI=swtpm: SKIP_CLEVIS=true ./tests/integration-test.sh
- name: Run policy tests
run: |
TCTI=swtpm: ./tests/test_policy
- name: Run clippy
run: cargo clippy -- -D warnings