KBS: refactor code structure #513
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: KBS e2e (Docker Compose and Sample TEE) | |
on: | |
pull_request: | |
branches: | |
- main | |
env: | |
TEST_SECRET_CONTENT: shhhhh | |
TEST_SECRET_PATH: test-org/test-repo/test-secret | |
jobs: | |
e2e-test: | |
runs-on: ubuntu-latest | |
env: | |
RUSTC_VERSION: 1.76.0 | |
steps: | |
- name: Checkout KBS | |
uses: actions/checkout@v4 | |
- name: Install Rust ${{ env.RUSTC_VERSION }} (for client) | |
run: | | |
rustup update --no-self-update ${{ env.RUSTC_VERSION }} | |
rustup component add --toolchain ${{ env.RUSTC_VERSION }} rustc | |
rustup default ${{ env.RUSTC_VERSION }} | |
- name: Build client | |
run: | | |
cargo build --manifest-path kbs/client/Cargo.toml --no-default-features --features sample_only --release | |
- name: Setup Keys | |
run: | | |
openssl genpkey -algorithm ed25519 > kbs/config/private.key | |
openssl pkey -in kbs/config/private.key -pubout -out kbs/config/public.pub | |
- name: Build KBS Cluster | |
run: docker compose build | |
- name: Start KBS cluster | |
run: docker compose up -d | |
- name: Set Resource | |
working-directory: target/release/ | |
run: | | |
echo "$TEST_SECRET_CONTENT" > test-secret | |
./kbs-client --url http://127.0.0.1:8080 config --auth-private-key ../../kbs/config/private.key set-resource --path "$TEST_SECRET_PATH" --resource-file test-secret | |
- name: Get Resource (negative) | |
working-directory: target/release/ | |
run: | | |
! ./kbs-client --url http://127.0.0.1:8080 get-resource --path "$TEST_SECRET_PATH" | |
- name: Update policy | |
working-directory: target/release/ | |
run: ./kbs-client --url http://127.0.0.1:8080 config --auth-private-key ../../kbs/config/private.key set-resource-policy --policy-file "$policy_path" | |
env: | |
policy_path: ../../kbs/test/data/policy_2.rego | |
- name: Get Resource | |
working-directory: target/release/ | |
run: ./kbs-client --url http://127.0.0.1:8080 get-resource --path "$TEST_SECRET_PATH" |