Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2025-02-23 16:30:11 -05:00
Code Issues Packages Projects Releases Wiki Activity

Add some comments that explain the jq filters

Browse Source
This commit is contained in:
miampf 2025-02-05 14:37:39 +01:00
parent a0b9963a3d
commit f3cf8bedc4
No known key found for this signature in database
GPG Key ID: EF039364B5B6886C
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.github/workflows/check-measurements-reproducibility.yml vendored
View File

@ -42,10 +42,14 @@ jobs:
attestationVariant="$(echo $dirname | cut -d_ -f2)"
echo "Comparing measurements of CSP $csp with attestation variant $attestationVariant"
# This jq filter selects the measurements for the correct CSP and attestation variant
# and then removes all `warnOnly: true` and `expected: 000...` measurements.
jq --arg attestation_variant "$attestationVariant" --arg csp "$csp" \
'.list.[] | select(.attestationVariant == $attestation_variant) | select((.csp | ascii_downcase) == $csp) | .measurements | walk(if (type=="object" and (.warnOnly or .expected == "0000000000000000000000000000000000000000000000000000000000000000")) then del(.) else . end) | del(..|nulls) | del(.[] .warnOnly)' \
measurements.json > their-measurements.json
sudo env "PATH=$PATH" "$buildPath/measured-boot/cmd/cmd_/cmd" "$directory/constellation" ./own-measurements.json
# Remove all `expected: 000...` measurements like above.
jq '.measurements | walk(if (type == "object" and .expected == "0000000000000000000000000000000000000000000000000000000000000000") then del(.) else . end) | del(..|nulls)' \
own-measurements.json | sponge ./own-measurements.json