Skip to content
KBS End-to-End test with Docker Compose and Sample Attester

kbs/config: use Intel PCS to fetch SGX/TDX quote verification collateral #144

Sign in to view logs

kbs/config: use Intel PCS to fetch SGX/TDX quote verification collateral

kbs/config: use Intel PCS to fetch SGX/TDX quote verification collateral #144

Workflow file for this run

.github/workflows/kbs-docker-e2e.yaml at 33a13bd
name: KBS End-to-End test with Docker Compose and Sample Attester
on:
pull_request:
branches:
- main
env:
TEST_SECRET_CONTENT: shhhhh
TEST_SECRET_PATH: test-org/test-repo/test-secret
jobs:
e2e-test:
runs-on: ubuntu-latest
steps:
- name: Checkout KBS
uses: actions/checkout@v4
- name: Install Rust (for client)
uses: actions-rs/toolchain@v1
with:
profile: minimal
toolchain: stable
- name: Build client
uses: actions-rs/cargo@v1
with:
command: build
args: --manifest-path kbs/tools/client/Cargo.toml --no-default-features --features sample_only --release
- name: Setup Keys
run: |
openssl genpkey -algorithm ed25519 > kbs/config/private.key
openssl pkey -in kbs/config/private.key -pubout -out kbs/config/public.pub
- name: Build KBS Cluster
run: docker compose build
- name: Start KBS cluster
run: docker compose up -d
- name: Set Resource
working-directory: target/release/
run: |
echo "$TEST_SECRET_CONTENT" > test-secret
./kbs-client --url http://127.0.0.1:8080 config --auth-private-key ../../kbs/config/private.key set-resource --path "$TEST_SECRET_PATH" --resource-file test-secret
- name: Get Resource (negative)
working-directory: target/release/
run: |
! ./kbs-client --url http://127.0.0.1:8080 get-resource --path "$TEST_SECRET_PATH"
- name: Update policy
working-directory: target/release/
run: ./kbs-client --url http://127.0.0.1:8080 config --auth-private-key ../../kbs/config/private.key set-resource-policy --policy-file "$policy_path"
env:
policy_path: ../../kbs/test/data/policy_2.rego
- name: Get Resource
working-directory: target/release/
run: ./kbs-client --url http://127.0.0.1:8080 get-resource --path "$TEST_SECRET_PATH"