diff --git a/.github/scripts/install_sgx_sdk.sh b/.github/scripts/install_sgx_sdk.sh new file mode 100644 index 00000000..d6429790 --- /dev/null +++ b/.github/scripts/install_sgx_sdk.sh @@ -0,0 +1,28 @@ +#!/bin/bash +set -eox pipefail + +if [ $# -eq 0 ]; then + echo "No arguments supplied" + exit 1 +fi +SDK_DIR_PREFIX=$1 + +DCAP_VERSION=1.21.100.3-jammy1 +# create tmp dir +TMP_DIR=$(mktemp -d) +echo "Created temp dir: $TMP_DIR" +cd $TMP_DIR +# clone the repo +git clone --recursive https://github.com/intel/SGXDataCenterAttestationPrimitives -b dcap_1.21_reproducible --depth 1 + +wget https://download.01.org/intel-sgx/sgx-dcap/1.21/linux/distro/ubuntu22.04-server/sgx_linux_x64_sdk_2.24.100.3.bin -O sgx_linux_x64_sdk.bin +chmod a+x sgx_linux_x64_sdk.bin +./sgx_linux_x64_sdk.bin --prefix=$SDK_DIR_PREFIX +rm -rf ./sgx_linux_x64_sdk.bin + +wget https://download.01.org/intel-sgx/sgx_repo/ubuntu/intel-sgx-deb.key +cat intel-sgx-deb.key | tee /etc/apt/keyrings/intel-sgx-keyring.asc > /dev/null +echo 'deb [signed-by=/etc/apt/keyrings/intel-sgx-keyring.asc arch=amd64] https://download.01.org/intel-sgx/sgx_repo/ubuntu jammy main' | tee /etc/apt/sources.list.d/intel-sgx.list + +apt-get update -y +apt-get install -y libsgx-dcap-ql=$DCAP_VERSION libsgx-dcap-ql-dev=$DCAP_VERSION diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 9de5243f..1a936f97 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -46,9 +46,7 @@ jobs: ./enclave cache-directories: | ~/.cargo/registry/src/**/librocksdb-sys-* - - run: curl -LO https://download.01.org/intel-sgx/sgx-linux/2.19/distro/ubuntu22.04-server/sgx_linux_x64_sdk_2.19.100.3.bin - - run: chmod +x ./sgx_linux_x64_sdk_2.19.100.3.bin - - run: echo -e 'no\n/opt' | ./sgx_linux_x64_sdk_2.19.100.3.bin - - run: source /opt/sgxsdk/environment && make -B - - run: source /opt/sgxsdk/environment && make test - - run: source /opt/sgxsdk/environment && make integration-test + - run: sudo bash .github/scripts/install_sgx_sdk.sh /opt/intel + - run: source /opt/intel/sgxsdk/environment && make -B + - run: source /opt/intel/sgxsdk/environment && make test + - run: source /opt/intel/sgxsdk/environment && make integration-test