From 4d9c6b8787511d5d0ee70eb72dfd65d9f9333a54 Mon Sep 17 00:00:00 2001
From: Ariel Mendelzon <amendelzon@users.noreply.github.com>
Date: Wed, 2 Oct 2024 06:23:16 +1300
Subject: [PATCH] SGX integration tests

- Added integration tests for SGX simulator to the testing workflow
- Bumped integration tests version to 5.3.0.plus
---
 .github/workflows/run-tests.yml | 57 +++++++++++++++++++++++++++++++--
 1 file changed, 54 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/run-tests.yml b/.github/workflows/run-tests.yml
index e9067073..70737d2d 100644
--- a/.github/workflows/run-tests.yml
+++ b/.github/workflows/run-tests.yml
@@ -41,8 +41,8 @@ jobs:
       - name: Ledger Signer's unit tests
         run: firmware/src/ledger/signer/test/run-all.sh
 
-  run-integration-tests:
-    name: Integration tests
+  run-integration-tests-tcpsigner:
+    name: Integration tests for TCPSigner
     runs-on: ubuntu-20.04
 
     steps:
@@ -63,7 +63,7 @@ jobs:
         uses: actions/checkout@v3
         with:
           repository: rootstock/hsm-integration-test
-          ref: 5.1.0.plus
+          ref: 5.3.0.plus
           path: hsm-integration-test
           ssh-key: ${{ secrets.HSM_INTEGRATION_TEST_SSH_KEY }}
 
@@ -78,3 +78,54 @@ jobs:
       - name: Run HSM integration tests
         working-directory: hsm-integration-test
         run: sh smoke-test.sh
+
+  run-integration-tests-sgx:
+    name: Integration tests for SGX simulator
+    runs-on: ubuntu-20.04
+
+    steps:
+      - name: Checkout rsk-powhsm repo
+        uses: actions/checkout@v3
+        with:
+          path: rsk-powhsm
+
+      - name: Build required software
+        working-directory: rsk-powhsm
+        run: |
+          docker/mware/build
+          docker/packer/build
+          docker/sgx/build
+          middleware/build/manager_sgx
+          docker/sgx/do-notty /hsm2/firmware/src/sgx "make generate-private-key"
+          firmware/build/build-sgx-sim \
+              0xe108960a242ad7bd45c21aff9c7ed9c516789e9cffacdd895502727d8f460d2c \
+              0x6E regtest
+
+      - name: Checkout hsm-integration-test repo
+        uses: actions/checkout@v3
+        with:
+          repository: rootstock/hsm-integration-test
+          ref: 5.3.0.plus
+          path: hsm-integration-test
+          ssh-key: ${{ secrets.HSM_INTEGRATION_TEST_SSH_KEY }}
+
+      - name: Copy required files
+        run: |
+          mkdir hsm-integration-test/docker/manager/manager_sgx
+          tar -xzf rsk-powhsm/middleware/bin/manager_sgx.tgz \
+              -C hsm-integration-test/docker/manager/manager_sgx
+          cp rsk-powhsm/firmware/src/sgx/bin/hsmsgx \
+              hsm-integration-test/docker/sgx
+          cp rsk-powhsm/firmware/src/sgx/bin/hsmsgx_enclave.signed \
+              hsm-integration-test/docker/sgx
+          echo abcd1234 > hsm-integration-test/docker/manager/pin.txt
+          echo -n abcd1234 > hsm-integration-test/docker/sgx/kvstore-password.dat
+          echo -en "\x03" > hsm-integration-test/docker/sgx/kvstore-retries.dat
+          echo -en "\x03" > hsm-integration-test/docker/sgx/kvstore-retries.dat
+          dd if=/dev/urandom bs=1 count=32 \
+              of=hsm-integration-test/docker/sgx/kvstore-seed.dat
+          echo "SGX_SIM=yes" >> "$GITHUB_ENV"
+
+      - name: Run HSM integration tests
+        working-directory: hsm-integration-test
+        run: sh smoke-test.sh