diff --git a/.github/actions/azure_login/action.yml b/.github/actions/azure_login/action.yml index 1fe8829c6..a3adc9512 100644 --- a/.github/actions/azure_login/action.yml +++ b/.github/actions/azure_login/action.yml @@ -9,6 +9,7 @@ runs: steps: - name: Install az CLI run: | + echo "::group::Install build dependencies" sudo apt-get update sudo apt-get install ca-certificates curl apt-transport-https lsb-release gnupg -y curl -sL https://packages.microsoft.com/keys/microsoft.asc | @@ -20,6 +21,7 @@ runs: sudo apt-get update sudo apt-get install azure-cli -y az help + echo "::endgroup::" shell: bash # As described at: # https://github.com/Azure/login#configure-deployment-credentials diff --git a/.github/actions/build_bootstrapper/action.yml b/.github/actions/build_bootstrapper/action.yml index 116e250ff..1590b4445 100644 --- a/.github/actions/build_bootstrapper/action.yml +++ b/.github/actions/build_bootstrapper/action.yml @@ -15,12 +15,17 @@ runs: - name: Install Dependencies shell: bash - run: sudo apt-get update && sudo apt-get -y install cmake make + run: | + echo "::group::Install build dependencies" + sudo apt-get update && sudo apt-get -y install cmake make + echo "::endgroup::" - name: Build the bootstrapper shell: bash run: | + echo "::group::Build the bootstrapper" mkdir -p build && cd build cmake .. make bootstrapper mv -n bootstrapper "${{ inputs.outputPath }}" + echo "::endgroup::" diff --git a/.github/actions/build_cli/action.yml b/.github/actions/build_cli/action.yml index 7fcc6d6cc..c2eba509a 100644 --- a/.github/actions/build_cli/action.yml +++ b/.github/actions/build_cli/action.yml @@ -5,34 +5,36 @@ description: | when run on v* tag. inputs: targetOS: - description: 'Build CLI for this OS. [linux, darwin]' + description: "Build CLI for this OS. [linux, darwin]" required: true - default: 'linux' + default: "linux" targetArch: - description: 'Build CLI for this architecture. [amd64, arm64]' + description: "Build CLI for this architecture. [amd64, arm64]" required: true - default: 'amd64' + default: "amd64" cosignPublicKey: - description: 'Cosign public key' + description: "Cosign public key" required: false - default: '' + default: "" cosignPrivateKey: - description: 'Cosign private key' + description: "Cosign private key" required: false - default: '' + default: "" cosignPassword: - description: 'Password for Cosign private key' + description: "Password for Cosign private key" required: false - default: '' + default: "" runs: using: "composite" steps: - name: Install build dependencies run: | + echo "::group::Install build dependencies" sudo apt-get update sudo apt-get install \ build-essential cmake \ -y + echo "::endgroup::" shell: bash # https://github.blog/2022-04-12-git-security-vulnerability-announced/ diff --git a/.github/actions/build_debugd/action.yml b/.github/actions/build_debugd/action.yml index 812a80305..380a66343 100644 --- a/.github/actions/build_debugd/action.yml +++ b/.github/actions/build_debugd/action.yml @@ -3,12 +3,12 @@ description: Build the Constellation debugd binary inputs: outputPath: - description: 'Output path of the binary' - default: './debugd' + description: "Output path of the binary" + default: "./debugd" required: true runs: - using: 'composite' + using: "composite" steps: - name: Install Go uses: actions/setup-go@84cbf8094393cdc5fe1fe1671ff2647332956b1a @@ -17,11 +17,16 @@ runs: - name: Install Dependencies shell: bash - run: sudo apt-get update && sudo apt-get -y install cmake make - + run: | + echo "::group::Install build dependencies" + sudo apt-get update + sudo apt-get -y install cmake make + echo "::endgroup::" + - name: Build debugd shell: bash run: | + echo "::group::Build debugd" homedir="$(getent passwd $(id -u) | cut -d ":" -f 6)" mkdir -p build && cd build cmake .. @@ -31,3 +36,4 @@ runs: export GOMODCACHE=${homedir}/.cache/go-mod make debugd cdbg mv -n debugd "${{ inputs.outputPath }}" + echo "::endgroup::" diff --git a/.github/actions/build_disk_mapper/action.yml b/.github/actions/build_disk_mapper/action.yml index 746bcd663..ce79ec57a 100644 --- a/.github/actions/build_disk_mapper/action.yml +++ b/.github/actions/build_disk_mapper/action.yml @@ -15,12 +15,17 @@ runs: - name: Install Dependencies shell: bash - run: sudo apt-get update && sudo apt-get -y install cmake make + run: | + echo "::group::Install build dependencies" + sudo apt-get update && sudo apt-get -y install cmake make + echo "::endgroup::" - name: Build the disk-mapper shell: bash run: | + echo "::group::Build the disk-mapper" mkdir -p build && cd build cmake .. make disk-mapper mv -n disk-mapper "${{ inputs.outputPath }}" + echo "::endgroup::" diff --git a/.github/actions/constellation_create/action.yml b/.github/actions/constellation_create/action.yml index 7618c3fb3..8ad93fd19 100644 --- a/.github/actions/constellation_create/action.yml +++ b/.github/actions/constellation_create/action.yml @@ -45,10 +45,12 @@ runs: shell: bash - name: Install yq jq run: | + echo "::group::Install dependencies" sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys CC86BB64 sudo add-apt-repository ppa:rmescandon/yq sudo apt update sudo apt install yq jq -y + echo "::endgroup::" shell: bash - name: Constellation config generate @@ -130,7 +132,9 @@ runs: - name: Cdbg deploy run: | + echo "::group::cdbg deploy" cdbg deploy --bootstrapper $GITHUB_WORKSPACE/build/bootstrapper + echo "::endgroup::" shell: bash if: ${{ inputs.isDebugImage == 'true' }} diff --git a/.github/actions/constellation_measure/action.yml b/.github/actions/constellation_measure/action.yml index b849e814c..d474028f0 100644 --- a/.github/actions/constellation_measure/action.yml +++ b/.github/actions/constellation_measure/action.yml @@ -7,35 +7,35 @@ inputs: description: "Either 'gcp' or 'azure'." required: true cosignPublicKey: - description: 'Cosign public key' + description: "Cosign public key" required: false - default: '' + default: "" cosignPrivateKey: - description: 'Cosign private key' + description: "Cosign private key" required: false - default: '' + default: "" cosignPassword: - description: 'Password for Cosign private key' + description: "Password for Cosign private key" required: false - default: '' + default: "" awsAccessKeyID: - description: 'AWS access key ID to upload measurements' + description: "AWS access key ID to upload measurements" required: false - default: '' + default: "" awsSecretAccessKey: - description: 'AWS secret access key to upload measurements' + description: "AWS secret access key to upload measurements" required: false - default: '' + default: "" awsDefaultRegion: - description: 'AWS region of S3 bucket to upload measurements' + description: "AWS region of S3 bucket to upload measurements" required: false - default: '' + default: "" awsBucketName: - description: 'S3 bucket name to upload measurements to' + description: "S3 bucket name to upload measurements to" required: false - default: '' + default: "" runs: - using: 'composite' + using: "composite" steps: - name: Build hack/pcr-reader run: | @@ -97,7 +97,10 @@ runs: if: ${{ inputs.cosignPublicKey != '' && inputs.cosignPrivateKey != '' && inputs.cosignPassword != '' }} - name: Install AWS CLI - run: sudo apt-get update && sudo apt-get -y install awscli + run: | + echo "::group::Install AWS CLI" + sudo apt-get update && sudo apt-get -y install awscli + echo "::endgroup::" shell: bash if: ${{ inputs.awsAccessKeyID != '' && inputs.awsSecretAccessKey != '' && inputs.awsDefaultRegion != '' && inputs.awsBucketName != '' }} - name: Upload to S3 diff --git a/.github/actions/install_operator_sdk/action.yml b/.github/actions/install_operator_sdk/action.yml index beb6b54a3..fd198616c 100644 --- a/.github/actions/install_operator_sdk/action.yml +++ b/.github/actions/install_operator_sdk/action.yml @@ -12,8 +12,10 @@ runs: - name: Install curl gpg shell: bash run: | + echo "::group::Install dependencies" sudo apt update sudo apt install curl gpg -y + echo "::endgroup::" - name: Install operator-sdk shell: bash