Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2025-02-23 16:30:11 -05:00
Code Issues Packages Projects Releases Wiki Activity

Actually only compare measurements

Browse Source
This commit is contained in:
miampf 2025-01-30 14:41:04 +01:00
parent 04ea3c76e1
commit 3549a1558e
No known key found for this signature in database
GPG Key ID: EF039364B5B6886C
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.github/workflows/check-measurements-reproducibility.yml vendored
View File

@ -20,6 +20,7 @@ jobs:
systemdUkify systemdUkify
jq jq
jd-diff-patch jd-diff-patch
moreutils
- name: Build images and produce measurements - name: Build images and produce measurements
run: | run: |
set -euo pipefail set -euo pipefail
@ -41,7 +42,8 @@ jobs:
attestationVariant="$(echo $dirname | cut -d_ -f2)" attestationVariant="$(echo $dirname | cut -d_ -f2)"
echo "Comparing measurements of CSP $csp with attestation variant $attestationVariant" echo "Comparing measurements of CSP $csp with attestation variant $attestationVariant"
jq --arg attestation_variant "$attestationVariant" --arg csp "$csp" '.list.[] | select(.attestationVariant == $attestation_variant) | select((.csp | ascii_downcase) == $csp)' measurements.json > their-measurements.json jq --arg attestation_variant "$attestationVariant" --arg csp "$csp" '.list.[] | select(.attestationVariant == $attestation_variant) | select((.csp | ascii_downcase) == $csp) | .measurements' measurements.json > their-measurements.json
sudo env "PATH=$PATH" "$buildPath/measured-boot/cmd/cmd_/cmd" "$directory/constellation" ./own-measurements.json sudo env "PATH=$PATH" "$buildPath/measured-boot/cmd/cmd_/cmd" "$directory/constellation" ./own-measurements.json
jq '.measurements' own-measurements.json | sponge ./own-measurements.json
jd ./their-measurements.json ./own-measurements.json jd ./their-measurements.json ./own-measurements.json
done done