Add Github workflow to client-sdk-fidoiot (#251)

* Github workflow for client-sdk-fidoiot` * Add smoke test to client-sdk-fidoiot * Download pri-fidoiot artifacts from fido-device-onboard org Signed-off-by: B, Prashanth Natraj <[email protected]>
fido-device-onboard · Sep 18, 2023 · 70a8e4b · 70a8e4b
1 parent 88b4644
commit 70a8e4b
Show file tree

Hide file tree

Showing 2 changed files with 147 additions and 0 deletions.
diff --git a/.github/Dockerfile b/.github/Dockerfile
@@ -0,0 +1,71 @@
+FROM ubuntu:22.04
+
+ENV DEBIAN_FRONTEND=noninteractive
+
+RUN apt-get update -y && apt-get upgrade -y && apt-get install -y \
+  git \
+  build-essential \
+  cmake \
+  libxml2-dev \
+  uuid-dev \
+  libcurl4-openssl-dev \
+  openssl \
+  libssl-dev \
+  wget \
+  bsdmainutils \
+  unzip \
+  libglib2.0-dev \
+  xxd \
+  nghttp2 \
+  libnghttp2-dev \
+  ruby
+
+RUN mkdir build_dir
+
+# Build & Install Curl version 8.1.2
+WORKDIR /build_dir/
+RUN wget https://curl.se/download/curl-8.1.2.tar.gz -O - | tar -xz && cd curl-8.1.2 && \
+./configure --with-openssl --enable-versioned-symbols --with-nghttp2 && make && make install
+
+# Setup safestring
+WORKDIR /build_dir
+RUN git clone -b v1.2.0 --progress --verbose https://github.com/intel/safestringlib.git safestring
+ENV SAFESTRING_ROOT /build_dir/safestring
+WORKDIR ${SAFESTRING_ROOT}
+RUN mkdir obj && make
+
+# Setup tinycbor
+WORKDIR /build_dir
+RUN git clone -b v0.6.0 --progress --verbose https://github.com/intel/tinycbor.git tinycbor
+ENV TINYCBOR_ROOT /build_dir/tinycbor
+WORKDIR ${TINYCBOR_ROOT}
+RUN make
+
+# Setup metee
+WORKDIR /build_dir
+RUN git clone --progress --verbose https://github.com/intel/metee.git metee
+ENV METEE_ROOT /build_dir/metee
+WORKDIR ${METEE_ROOT}
+RUN cmake . && make && make install
+
+ENV OPENSSL3_ROOT /usr
+ENV CURL_ROOT /usr
+
+# Setup client-sdk-fidoiot.
+# clone client-sdk-fidoiot to the current Dockerfile directory
+WORKDIR /build_dir/
+RUN mkdir /cse-fdoout
+WORKDIR /build_dir/cse-fdoout/
+RUN mkdir /client-sdk 
+WORKDIR /build_dir/fdoout/client-sdk/
+COPY . .
+
+# Install tpm libraries
+RUN grep -rl '/opt/openssl' ./ | xargs sed -i 's/\/opt\/openssl/\/usr/g'
+RUN grep -rl '/opt/curl' ./ | xargs sed -i 's/\/opt\/curl/\/usr/g'
+RUN sed -i 's/lib64/lib\/x86_64-linux-gnu/' utils/install_tpm_libs.sh
+RUN sed -i 's/==/-eq/' utils/tpm_make_ready_ecdsa.sh
+RUN sh utils/install_tpm_libs.sh -i
+
+
+CMD ["bash", "build.sh"]
diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml
@@ -0,0 +1,76 @@
+name: client-sdk-fidoiot-build
+on:
+  workflow_dispatch:
+  push:
+    branches: [master, '*rel']
+  pull_request:
+    branches: [master, '*rel']
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - name: scm checkout
+        uses: actions/checkout@v3
+      - name: Build docker image
+        run: docker build -t client-sdk -f '.github/Dockerfile' .
+      - name: run Docker container
+        run: docker run -v $PWD:/build_dir/fdoout/client-sdk/ client-sdk:latest 
+      - name: tar client-sdk binaries
+        run: |
+          mkdir client-sdk-binaries && cd client-sdk-binaries
+          cp -r ../x86_ecdsa* ../tpm_ecdsa* ../cse_ecdsa* .
+          mkdir utils
+          cp ../utils/tpm_make_ready_ecdsa.sh ../utils/install_tpm_libs*.sh ../utils/keys_gen.sh utils/
+          cd .. && tar -cvzf client-sdk-binaries.tar.gz client-sdk-binaries
+      - name: checkout test-fidoiot
+        uses: actions/checkout@v3
+        with:
+          repository: fido-device-onboard/test-fidoiot
+          ref: master
+          path: test-fidoiot
+      - name: Download pri-fidoiot artifact
+        id: download-artifact
+        uses: dawidd6/action-download-artifact@v2
+        with:
+          name: demo.tar.gz
+          repo: fido-device-onboard/pri-fidoiot
+          workflow: main.yaml
+          path: test-fidoiot/binaries/pri-fidoiot/
+          search_artifacts: true
+      - name: Add host to /etc/hosts
+        run: |
+          sudo echo "127.0.0.1 host.docker.internal" | sudo tee -a /etc/hosts
+      - name: Smoke Test
+        run : |
+          mkdir -p test-fidoiot/binaries/client-sdk-fidoiot
+          tar -xvzf test-fidoiot/binaries/pri-fidoiot/demo.tar.gz
+          cp -r demo/* test-fidoiot/binaries/pri-fidoiot/
+          cp x86_ecdsa256_gcm_bin/linux-client test-fidoiot/binaries/client-sdk-fidoiot/
+          cp -r x86_ecdsa256_gcm_bin/data test-fidoiot/
+          bash utils/install_openssl_curl.sh -i -v 3.0.8
+          bash utils/keys_gen.sh test-fidoiot
+          cd test-fidoiot/binaries/pri-fidoiot/scripts
+          bash demo_ca.sh
+          bash web_csr_req.sh
+          bash user_csr_req.sh
+          bash keys_gen.sh
+          chmod -R 777 secrets/
+          cp -r service.env secrets/ ../aio/
+          cp -r secrets/ ../db/
+          sed -i '/<security-constraint>/,/<.security-constraint>/d' ../aio/WEB-INF/web.xml
+          sed -i '/^innodb/d' ../db/custom/config-file.cnf
+          cd ${{ github.workspace }}/test-fidoiot/data
+          sed -i 's/8039/8080/g' manufacturer_addr.bin
+          cd ${{ github.workspace }}/test-fidoiot
+          export TEST_DIR=`pwd`
+          mvn clean test -Dgroups=fdo_clientsdk_smoketest
+      - name: archive artifacts
+        uses: actions/upload-artifact@v3
+        with:
+          name: client-sdk-binaries.tar.gz
+          path: client-sdk-binaries.tar.gz
+          retention-days: 5
+        if: github.event_name != 'pull_request'
+
+
+