forked from crypto-com/thaler
-
Notifications
You must be signed in to change notification settings - Fork 0
/
.drone.yml
164 lines (144 loc) · 3.16 KB
/
.drone.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
---
kind: pipeline
name: rust
steps:
- name: Build and Test
image: cryptocom/chain:latest
commands:
- export RUST_BACKTRACE=1
- export RUSTFLAGS=-Ctarget-feature=+aes,+sse2,+sse4.1,+ssse3
- export LD_LIBRARY_PATH=$HOME/lib
- export LIBRARY_PATH=$HOME/lib
- export PATH=$HOME/.cargo/bin:$HOME/.local/bin:$PATH
- export PKG_CONFIG_PATH=$HOME/lib/pkgconfig
- cargo build
- cargo test
- echo "HOME FOLDER = " $HOME
---
kind: pipeline
type: exec
name: integration-tests
platform:
os: linux
arch: amd64
steps:
- name: Build and Test
environment:
SPID:
from_secret: dev_spid
IAS_API_KEY:
from_secret: dev_ias_key
commands:
- export NIX_REMOTE=daemon
- export DOCKER_COMPOSE_PREFIX="${DRONE_BRANCH}"
- export SGX_MODE=HW
- . /etc/profile.d/nix.sh
- nix-shell ci-scripts/drone.nix --run "./ci-scripts/run-integration-tests.sh"
- name: Teardown
commands:
- cd integration-tests
- docker-compose -p "${DRONE_BRANCH}" down || exit 0
when:
status:
- success
- failure
trigger:
branch:
- master
- staging
- trying
event:
- push
---
kind: pipeline
type: exec
name: sgx-cargo-1804-hw1
platform:
os: linux
arch: amd64
steps:
- name: Build and Test
commands:
- ls -l /dev/sgx
- ls -l /var/run/aesmd/aesm.socket
- docker run --name hw1-${DRONE_COMMIT_SHA} --rm -v $PWD:/chain --device /dev/sgx cryptocom/chain:latest /bin/bash /chain/ci-scripts/tx-validation-hw-test.sh
- name: Teardown
commands:
- docker stop hw1-${DRONE_COMMIT_SHA} || exit 0
when:
status:
- success
- failure
trigger:
branch:
- master
- staging
- trying
event:
- push
---
kind: pipeline
type: exec
name: sgx-cargo-1804-hw2
platform:
os: linux
arch: amd64
steps:
- name: Build and Test
environment:
SPID:
from_secret: dev_spid
IAS_API_KEY:
from_secret: dev_ias_key
commands:
- ls -l /dev/sgx
- ls -l /var/run/aesmd/aesm.socket
- docker run --name hw2-${DRONE_COMMIT_SHA} --rm --env SPID=$SPID --env IAS_API_KEY=$IAS_API_KEY -v $PWD:/chain --device /dev/sgx cryptocom/chain:latest /bin/bash /chain/ci-scripts/tx-query-hw-test.sh
- name: Teardown
commands:
- docker stop hw2-${DRONE_COMMIT_SHA} || exit 0
when:
status:
- success
- failure
trigger:
branch:
- master
- staging
- trying
event:
- push
# FIMXE: 1) no need for this to be exec pipeline (can run in docker -- unjailtx doesn't ever touch enclave)
# FIXME: 2) proper cleanup -- this thing took over 100gb of 1 day of running
# FIXME: 3) it runs `cargo build` inside docker compose service and happily continue even if the compilation fails, wtf
# ---
# kind: pipeline
# type: exec
# name: integration-tests-jail-unjail
# platform:
# os: linux
# arch: amd64
# steps:
# - name: integration-tests
# commands:
# - cd integration-tests/jail
# - ./run.sh
# - name: teardown
# commands:
# - cd integration-tests/jail
# - ./shutdown.sh
# when:
# status:
# - success
# - failure
# trigger:
# branch:
# - master
# - staging
# - trying
# event:
# - push
---
kind: signature
hmac: 0c58269524d8cee0b1ce9aa1cf614b35ef440a6bf42aa03b0ff4b932c706e2f6
...