2023-05-23 05:56:18 -04:00
|
|
|
name: AWS SNP Launch Measurement
|
|
|
|
|
|
|
|
on:
|
|
|
|
schedule:
|
|
|
|
# Run daily at 22:00.
|
|
|
|
- cron: '0 22 * * *'
|
|
|
|
workflow_dispatch:
|
|
|
|
|
|
|
|
jobs:
|
|
|
|
run:
|
|
|
|
runs-on: ubuntu-22.04
|
|
|
|
steps:
|
2023-07-06 04:44:32 -04:00
|
|
|
- name: Checkout repository
|
2024-06-19 09:19:41 -04:00
|
|
|
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
|
2023-07-06 04:44:32 -04:00
|
|
|
with:
|
|
|
|
ref: ${{ github.head_ref }}
|
2023-08-01 04:13:10 -04:00
|
|
|
path: constellation
|
|
|
|
|
2023-05-23 05:56:18 -04:00
|
|
|
- name: Install necessary tools
|
|
|
|
run: |
|
|
|
|
sudo apt-get update
|
|
|
|
sudo apt-get install -y python3 python3-pip
|
2023-08-01 04:13:10 -04:00
|
|
|
sudo python3 -m pip install --user --require-hashes -r constellation/.github/workflows/aws-snp-launchmeasurements-requirements.txt
|
2023-05-23 05:56:18 -04:00
|
|
|
|
|
|
|
- name: Install Nix
|
2024-05-15 02:59:07 -04:00
|
|
|
uses: cachix/install-nix-action@8887e596b4ee1134dae06b98d573bd674693f47c # v26
|
2023-05-23 05:56:18 -04:00
|
|
|
|
|
|
|
- name: Download Firmware release
|
|
|
|
id: download-firmware
|
2024-05-08 08:33:35 -04:00
|
|
|
uses: robinraju/release-downloader@c39a3b234af58f0cf85888573d361fb6fa281534 # v1.10
|
2023-05-23 05:56:18 -04:00
|
|
|
with:
|
|
|
|
repository: aws/uefi
|
|
|
|
latest: true
|
|
|
|
zipBall: true
|
|
|
|
|
|
|
|
- name: Build UEFI firmware
|
|
|
|
id: build-uefi
|
|
|
|
shell: bash
|
|
|
|
run: |
|
|
|
|
# Unzip into a extra dir so that we can find "default.nix" and make sure we end up in the right directory.
|
|
|
|
mkdir aws-uefi
|
|
|
|
zipLocation=$(find . -name "uefi-*.zip")
|
|
|
|
unzip -d aws-uefi "$zipLocation"
|
|
|
|
buildfilePath="$(find aws-uefi -name 'default.nix')"
|
|
|
|
pushd "$(dirname "$buildfilePath")" || exit 1
|
|
|
|
|
|
|
|
nix-build --pure
|
|
|
|
|
|
|
|
ovmfPath=$(realpath result/ovmf_img.fd)
|
|
|
|
echo "ovmfPath=${ovmfPath}" | tee -a "$GITHUB_OUTPUT"
|
2023-08-01 04:13:10 -04:00
|
|
|
popd || exit 1
|
2023-05-23 05:56:18 -04:00
|
|
|
|
2024-06-19 09:19:41 -04:00
|
|
|
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
|
2023-05-23 05:56:18 -04:00
|
|
|
with:
|
2023-09-06 08:02:53 -04:00
|
|
|
repository: virtee/sev-snp-measure-go.git
|
|
|
|
ref: e42b6f8991ed5a671d5d1e02a6b61f6373f9f8d8
|
2023-07-27 07:29:43 -04:00
|
|
|
path: sev-snp-measure-go
|
|
|
|
|
2023-05-23 05:56:18 -04:00
|
|
|
|
2023-07-27 07:29:43 -04:00
|
|
|
- name: Generate API objects
|
2023-05-23 05:56:18 -04:00
|
|
|
shell: bash
|
|
|
|
run: |
|
2023-07-27 07:29:43 -04:00
|
|
|
pushd sev-snp-measure-go/sevsnpmeasure || exit 1
|
|
|
|
go build .
|
2023-05-23 05:56:18 -04:00
|
|
|
|
2023-07-27 07:29:43 -04:00
|
|
|
./sevsnpmeasure parse-metadata ${{ steps.build-uefi.outputs.ovmfPath }} -o metadata.json
|
2023-05-23 05:56:18 -04:00
|
|
|
|
2023-07-27 07:29:43 -04:00
|
|
|
jq < metadata.json
|
2023-08-01 04:13:10 -04:00
|
|
|
|
|
|
|
popd || exit 1
|