-
Notifications
You must be signed in to change notification settings - Fork 0
101 lines (84 loc) · 2.91 KB
/
build-solution.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
name: Build Solution
on:
workflow_call:
secrets:
AWS_ACCESS_KEY_ID:
required: true
AWS_SECRET_ACCESS_KEY:
required: true
EC2_PRIVATE_SSH_KEY:
required: true
FORTANIX_API_KEY:
required: true
OVERLAYFS_UNIT_TEST_API_KEY:
required: true
PAT:
required: true
on:
pull_request_review:
types: [ submitted, edited ]
env:
CARGO_TERM_COLOR: always
jobs:
build:
runs-on: ubuntu-20.04
if: github.event_name == 'pull_request' && github.event.review.state == 'approved'
steps:
- name: Pull main repository
uses: actions/checkout@v3
with:
repository: fortanix/salmiac
- name: Pull submodules
uses: actions/checkout@v3
with:
repository: fortanix/app-test-infra-test
token: ${{ secrets.PAT }}
path: tools/app-test-infra
- name: Configure AWS credentials
run: |
aws configure set aws_access_key_id ${{ secrets.AWS_ACCESS_KEY_ID }}
aws configure set aws_secret_access_key ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws configure set region us-west-1
- name: Login into ECR
uses: aws-actions/[email protected]
- name: Install Rust toolchain
uses: dtolnay/rust-toolchain@master
with:
targets: x86_64-unknown-linux-musl
toolchain: nightly
- name: Setup SSH
run: |
mkdir -p ~/.ssh
echo "${{ secrets.EC2_PRIVATE_SSH_KEY }}" > ~/.ssh/id_rsa
chmod 600 ~/.ssh/id_rsa
ssh-keyscan github.com >> ~/.ssh/known_hosts
- name: Install build dependencies
run: |
sudo apt-get update
sudo apt-get install -y libpcap-dev amazon-ecr-credential-helper
- name: Install docker-credential-ecr-login
run: |
# Download the latest release of docker-credential-ecr-login
aws s3 cp s3://fortanix-internal-artifact-repository/other-packages/docker-credential-ecr-login .
# Make it executable
chmod +x docker-credential-ecr-login
# Move it to a directory in the PATH
sudo mv docker-credential-ecr-login /usr/local/bin/
- name: Build Rust code
run: |
./build-converter.sh
- name: Run Rust unit tests
env:
FORTANIX_API_KEY: ${{ secrets.FORTANIX_API_KEY }}
OVERLAYFS_UNIT_TEST_API_KEY: ${{ secrets.OVERLAYFS_UNIT_TEST_API_KEY }}
run: |
./unit-test-solution.sh
- name: Build application tests container
run: |
./build-app-tests-container.sh
- name: Run application tests container
env:
FORTANIX_API_KEY: ${{ secrets.FORTANIX_API_KEY }}
OVERLAYFS_UNIT_TEST_API_KEY: ${{ secrets.OVERLAYFS_UNIT_TEST_API_KEY }}
run: |
./run-application-tests.sh ${{ env.TESTS_CONTAINER_ECR }} ${{ env.FORTANIX_API_KEY }}