ci: payload build

We now have three enclave-cc payload builds: - sample-kbc in SIM sgx modee - eaa-kbc in HW sgx mode - cc-kbc (occlum) in HW sgx mode Signed-off-by: Xynnn007 <xynnn@linux.alibaba.com>
confidential-containers · May 10, 2023 · 0a49b68 · 0a49b68
1 parent 82d0a6e
commit 0a49b68
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 9 deletions.
diff --git a/.github/workflows/payload.yaml b/.github/workflows/payload.yaml
@@ -9,9 +9,13 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        asset:
-          - HW
-          - SIM
+        include:
+          - sgx_mode: SIM
+            kbc: sample-kbc
+          - sgx_mode: HW
+            kbc: eaa-kbc
+          - sgx_mode: HW
+            kbc: cc-kbc
     steps:
       - name: Login to quay.io
         uses: docker/login-action@v2
@@ -23,10 +27,11 @@ jobs:
       - uses: actions/checkout@v3
         with:
           fetch-depth: 0 # This is needed in order to keep the commit ids history
-      - name: Build Enclave CC Payload using SGX_MODE=${{ matrix.asset }}
+      - name: Build Enclave CC Payload using SGX_MODE=${{ matrix.sgx_mode }} KBC=${{ matrix.kbc }}
         run: |
           ./tools/packaging/build/build_payload.sh 
         env:
-          SGX_MODE: ${{ matrix.asset }}
+          SGX_MODE: ${{ matrix.sgx_mode }}
+          KBC: ${{ matrix.kbc }}
           CI: yes
           PUSH: yes
diff --git a/tools/packaging/build/build_payload.sh b/tools/packaging/build/build_payload.sh
@@ -7,11 +7,11 @@ SGX_MODE=${SGX_MODE:-HW}
 KBC=${KBC:-cc-kbc}
 GO_VERSION=${GO_VERSION:-1.19}
 if [ "${CI}" == "yes" ]; then
-	DEFAULT_IMAGE=quay.io/confidential-containers/runtime-payload-ci:enclave-cc-${SGX_MODE}-$(git rev-parse HEAD)
-	DEFAULT_LATEST_IMAGE=quay.io/confidential-containers/runtime-payload-ci:enclave-cc-${SGX_MODE}-latest
+	DEFAULT_IMAGE=quay.io/confidential-containers/runtime-payload-ci:enclave-cc-${SGX_MODE}-${KBC}-$(git rev-parse HEAD)
+	DEFAULT_LATEST_IMAGE=quay.io/confidential-containers/runtime-payload-ci:enclave-cc-${SGX_MODE}-${KBC}-latest
 else
-	DEFAULT_IMAGE=quay.io/confidential-containers/runtime-payload:enclave-cc-${SGX_MODE}-$(git describe --tags --abbrev=0)
-	DEFAULT_LATEST_IMAGE=quay.io/confidential-containers/runtime-payload:enclave-cc-${SGX_MODE}-latest
+	DEFAULT_IMAGE=quay.io/confidential-containers/runtime-payload:enclave-cc-${SGX_MODE}-${KBC}-$(git describe --tags --abbrev=0)
+	DEFAULT_LATEST_IMAGE=quay.io/confidential-containers/runtime-payload:enclave-cc-${SGX_MODE}-${KBC}-latest
 fi
 IMAGE=${IMAGE:-${DEFAULT_IMAGE}}