From e10eab65763877d7dfb70dafe8b3d0654c3560af Mon Sep 17 00:00:00 2001
From: Hsy-Intel <siyuan.hui@intel.com>
Date: Mon, 12 Aug 2024 07:24:37 -0400
Subject: [PATCH] Add TDX CI for OSDK

---
 .github/workflows/benchmark_asterinas.yml |  2 +-
 .github/workflows/test_osdk.yml           | 40 +++++++++++++++++++++++
 2 files changed, 41 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/benchmark_asterinas.yml b/.github/workflows/benchmark_asterinas.yml
index c532b8521..c6300faec 100644
--- a/.github/workflows/benchmark_asterinas.yml
+++ b/.github/workflows/benchmark_asterinas.yml
@@ -3,7 +3,7 @@ on:
   # In case of manual trigger, use workflow_dispatch
   workflow_dispatch:
   schedule:
-    # Schedule to run on every day at 20:00 UTC (04:00 CST)
+    # Schedule to run on every day at 20:00 UTC (04:00 Beijing Time)
     - cron: '0 20 * * *'
 
 jobs:
diff --git a/.github/workflows/test_osdk.yml b/.github/workflows/test_osdk.yml
index e91eefc89..55e99bce3 100644
--- a/.github/workflows/test_osdk.yml
+++ b/.github/workflows/test_osdk.yml
@@ -10,9 +10,13 @@ on:
   push:
     branches:
       - main
+  # Schedule to run on every day at 21:00 UTC (05:00 Beijing Time)
+  schedule:
+    - cron: '0 21 * * *'
 
 jobs:
   osdk-test:
+    if: github.event_name == 'push' || github.event_name == 'pull_request'
     runs-on: ubuntu-latest
     timeout-minutes: 30
     strategy:
@@ -42,3 +46,39 @@ jobs:
           cd osdk
           RUSTUP_HOME=/root/.rustup cargo +stable build
           RUSTUP_HOME=/root/.rustup cargo test
+
+  osdk-test-tdx:
+    if: github.event_name == 'schedule'
+    runs-on: self-hosted
+    timeout-minutes: 30
+    env:
+      # Need to set up proxy since the self-hosted CI server is located in China,
+      # which has poor network connection to the official Rust crate repositories.
+      RUSTUP_DIST_SERVER: https://mirrors.ustc.edu.cn/rust-static
+      RUSTUP_UPDATE_ROOT: https://mirrors.ustc.edu.cn/rust-static/rustup
+    strategy:
+      matrix:
+        # asterinas/asterinas:0.6.2-tdx container is the developing container of asterinas,
+        # asterinas/osdk:0.6.2-tdx container is built with the intructions from Asterinas Book
+        container: ['asterinas/asterinas:0.6.2-tdx', 'asterinas/osdk:0.6.2-tdx']
+    container: 
+      image: ${{ matrix.container }}
+      options: --device=/dev/kvm --privileged
+    steps:
+      - run: echo "Running in ${{ matrix.container }}"
+      - uses: actions/checkout@v4
+      - name: Lint
+        id: lint
+        if: matrix.container == 'asterinas/asterinas:0.6.2-tdx'
+        run: make check_osdk
+      # Github's actions/checkout@v4 will result in a new user (not root) 
+      # and thus not using the Rust environment we set up in the container. 
+      # So the RUSTUP_HOME needs to be set here. 
+      # This only breaks when we invoke Cargo in the integration test of OSDK 
+      # since the OSDK toolchain is not nightly.
+      - name: Unit test
+        id: unit_test
+        run: |
+          cd osdk
+          RUSTUP_HOME=/root/.rustup INTEL_TDX=1 cargo +stable build
+          RUSTUP_HOME=/root/.rustup INTEL_TDX=1 cargo test