Skip to content

Bump aes from 0.8.2 to 0.8.3 #1142

Bump aes from 0.8.2 to 0.8.3

Bump aes from 0.8.2 to 0.8.3 #1142

Workflow file for this run

name: tmkms
on:
push:
branches: main
merge_group:
pull_request:
branches:
- main
env:
CARGO_TERM_COLOR: always
RUSTFLAGS: -Dwarnings
jobs:
rustfmt:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: dtolnay/rust-toolchain@stable
with:
components: rustfmt
- run: cargo fmt --all -- --check
clippy:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Install deps
run: sudo apt-get update && sudo apt-get install protobuf-compiler
- uses: dtolnay/rust-toolchain@master
with:
components: clippy
toolchain: nightly-2023-02-20
- run: cargo clippy --all -- -D warnings
audit:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: dtolnay/rust-toolchain@master
with:
toolchain: nightly-2023-02-20
- name: Install cargo audit
run: cargo install cargo-audit
# TODO: unmaintained dependencies -- need to be fixed in upstream
# RUSTSEC-2019-0036,RUSTSEC-2020-0036: failure crate used in upstream sgxs-* crates
# RUSTSEC-2020-0071: time crate used in upstream sgxs-* crates
# RUSTSEC-2021-0127: serde_cbor used in upstream nsm-* crates
# RUSTSEC-2020-0016,RUSTSEC-2021-0124: net2 used in mio from older tokio (used in sgx crates)
# RUSTSEC-2022-0041: old cross-beam used in the sgx runner crate
# RUSTSEC-2023-0005: old tokio used in the sgx runner crate (enclave-runner)
# RUSTSEC-2023-0045: old cross-beam used in the sgx runner crate
- run: >
cargo audit --deny warnings
--ignore RUSTSEC-2020-0071
--ignore RUSTSEC-2021-0124
--ignore RUSTSEC-2020-0036
--ignore RUSTSEC-2020-0016
--ignore RUSTSEC-2021-0127
--ignore RUSTSEC-2019-0036
--ignore RUSTSEC-2022-0041
--ignore RUSTSEC-2023-0005
--ignore RUSTSEC-2023-0045
build:
runs-on: ubuntu-latest
strategy:
matrix:
crate:
- tmkms-nitro-helper
- tmkms-light-sgx-runner
- tmkms-softsign
steps:
- uses: actions/checkout@v3
- name: Install deps
run: sudo apt-get update && sudo apt-get install protobuf-compiler
- uses: dtolnay/rust-toolchain@master
with:
targets: x86_64-unknown-linux-gnu
toolchain: nightly-2023-02-20
- run: cargo build --target x86_64-unknown-linux-gnu -p ${{ matrix.crate }} --release
- name: 'Tar files'
run: cd target/x86_64-unknown-linux-gnu/release/ && tar -cvf tmkms-softsign.tar tmkms-softsign
if: startsWith(matrix.crate, 'tmkms-softsign')
- uses: actions/upload-artifact@v2
if: startsWith(matrix.crate, 'tmkms-softsign')
with:
name: tmkms-softsign
path: target/x86_64-unknown-linux-gnu/release/tmkms-softsign.tar
build-sgx:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: dtolnay/rust-toolchain@master
with:
targets: x86_64-fortanix-unknown-sgx
toolchain: nightly-2023-02-20
- run: cargo build --target x86_64-fortanix-unknown-sgx -p tmkms-light-sgx-app --release
build-nitro:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Build tmkms-nitro-enclave with docker
uses: docker/build-push-action@v3
with:
context: .
push: false
platforms: linux/amd64,linux/arm64
file: Dockerfile.nitro
build-args: |
RUST_TOOLCHAIN=1.66.1
run-integration-tests:
runs-on: ubuntu-latest
needs: build
steps:
- uses: actions/checkout@v3
- uses: cachix/install-nix-action@v19
with:
# pin to nix-2.13 to workaround compability issue of 2.14,
# see: https://github.com/cachix/install-nix-action/issues/161
install_url: https://releases.nixos.org/nix/nix-2.13.3/install
- uses: cachix/cachix-action@v12
with:
name: crypto-com
skipPush: true
- uses: actions/download-artifact@v2
with:
name: tmkms-softsign
path: integration-test
- run: cd integration-test && tar -xvf tmkms-softsign.tar && chmod +x tmkms-softsign && nix develop --extra-experimental-features nix-command --extra-experimental-features flakes -c ./run.sh