CI: Add tpm cmd test case #87

Workflow file for this run

.github/workflows/integration.yml at bbff396

	name: vTPM Integration Test on TDX server
	on:
	push:
	paths-ignore:
	- "**.md"
	pull_request:
	paths-ignore:
	- "**.md"

	env:
	AS: nasm
	RUST_TOOLCHAIN: nightly-2023-08-28
	TOOLCHAIN_PROFILE: minimal

	jobs:
	integration:
	name: Run vTPM Integration Test with congfig-A TDVF
	runs-on: [self-hosted, vtpm]

	steps:
	- name: Checkout sources - vTpm
	uses: actions/checkout@v4

	- name: Initialize and update submodules
	run: git submodule update --init --recursive

	- name: Checkout sources - TDVF
	run: \|
	rm -rf ../vtpm-tdvf
	git clone --recursive --single-branch -b TDVF https://github.com/tianocore/edk2-staging ../vtpm-tdvf

	- name: Build vTPM td
	run: \|
	rm -rf ../run-vtpm-td
	mkdir ../run-vtpm-td
	git submodule update --init --recursive
	bash sh_script/pre-build.sh
	bash sh_script/build.sh
	cp target/x86_64-unknown-none/release/vtpmtd.bin ../run-vtpm-td

	- name: Build config-A TDVF
	run: \|
	pushd ../vtpm-tdvf
	make -C BaseTools
	source edksetup.sh
	rm -rf ../run-user-td
	mkdir ../run-user-td
	build -p OvmfPkg/OvmfPkgX64.dsc -t GCC5 -a X64 -D TPM2_ENABLE=TRUE -D VTPM_ENABLE=TRUE -b RELEASE
	cp Build/OvmfX64/RELEASE_GCC5/FV/OVMF.fd ../run-user-td/
	popd

	- name: Run test - Config A
	run: \|
	pushd sh_script
	python -m pytest -k "config_A"
	popd

	- name: Build Config-B TDVF without secure boot
	run: \|
	pushd ../vtpm-tdvf
	make -C BaseTools
	source edksetup.sh
	rm -rf ../run-user-td
	mkdir ../run-user-td
	build -p OvmfPkg/IntelTdx/IntelTdxX64.dsc -t GCC5 -a X64 -b RELEASE
	cp Build/IntelTdx/RELEASE_GCC5/FV/OVMF.fd ../run-user-td/
	popd

	- name: Run test - Config B + no secure boot
	run: \|
	pushd sh_script
	python -m pytest -k "config_B_no_sb"
	popd

	- name: Build Config-B TDVF with secure boot
	run: \|
	pushd ../vtpm-tdvf
	make -C BaseTools
	source edksetup.sh
	rm -rf ../run-user-td
	mkdir ../run-user-td
	build -p OvmfPkg/IntelTdx/IntelTdxX64.dsc -D SECURE_BOOT_ENABLE=TRUE -t GCC5 -a X64 -b RELEASE
	cp Build/IntelTdx/RELEASE_GCC5/FV/OVMF.fd ../run-user-td/
	popd

	- name: Enroll OVMF.fd
	run: \|
	SECURE_BOOT="/home/env/secure_boot"
	GUID=`cat ${SECURE_BOOT}/myGUID.txt`
	python sh_script/secure_boot/secure_boot.py -fd ../run-user-td/OVMF.fd -pk ${GUID} ${SECURE_BOOT}/PK.cer -kek ${GUID} ${SECURE_BOOT}/KEK.cer -db ${GUID} ${SECURE_BOOT}/DB.cer
	python sh_script/secure_boot/var_enroll.py --fd ../run-user-td/OVMF.sb.fd -op add -n FB_NO_REBOOT -g 605dab50-e046-4300-abb6-3dd810dd8b23 -a 0x7 -d sh_script/secure_boot/FB_NO_REBOOT.bin -o ../run-user-td/OVMF.fd

	- name: Run test - Config B + secure boot
	run: \|
	pushd sh_script
	python -m pytest -k "config_B_sb"
	popd

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CI: Add tpm cmd test case #87

Workflow file

CI: Add tpm cmd test case #87

Jobs

Run details

Workflow file for this run