# Copyright (C) 2019 Intel Corporation. All rights reserved.
# SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
name: compilation on SGX
on:
# will be triggered on PR events
pull_request:
types:
- opened
- synchronize
paths:
- ".github/workflows/build_llvm_libraries.yml"
- ".github/workflows/compilation_on_sgx.yml"
- "build-scripts/**"
- "core/**"
- "!core/deps/**"
- "product-mini/**"
- "samples/**"
- "!samples/workload/**"
- "tests/wamr-test-suites/**"
- "wamr-compiler/**"
- "wamr-sdk/**"
# will be triggered on push events
push:
branches:
- main
- "dev/**"
paths:
- ".github/workflows/build_llvm_libraries.yml"
- ".github/workflows/compilation_on_sgx.yml"
- "build-scripts/**"
- "core/**"
- "!core/deps/**"
- "product-mini/**"
- "samples/**"
- "!samples/workload/**"
- "tests/wamr-test-suites/**"
- "wamr-compiler/**"
- "wamr-sdk/**"
# allow to be triggered manually
workflow_dispatch:
# Cancel any in-flight jobs for the same PR/branch so there's only one active
# at a time
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
env:
# ref types enabled in wamrc by default, so we need to enable it for iwasm in AOT mode
AOT_BUILD_OPTIONS: "-DWAMR_BUILD_AOT=1 -DWAMR_BUILD_FAST_INTERP=0 -DWAMR_BUILD_INTERP=0 -DWAMR_BUILD_JIT=0 -DWAMR_BUILD_LAZY_JIT=0 -DWAMR_BUILD_REF_TYPES=1"
CLASSIC_INTERP_BUILD_OPTIONS: "-DWAMR_BUILD_AOT=0 -DWAMR_BUILD_FAST_INTERP=0 -DWAMR_BUILD_INTERP=1 -DWAMR_BUILD_JIT=0 -DWAMR_BUILD_LAZY_JIT=0"
FAST_INTERP_BUILD_OPTIONS: "-DWAMR_BUILD_AOT=0 -DWAMR_BUILD_FAST_INTERP=1 -DWAMR_BUILD_INTERP=1 -DWAMR_BUILD_JIT=0 -DWAMR_BUILD_LAZY_JIT=0"
FAST_JIT_BUILD_OPTIONS: "-DWAMR_BUILD_AOT=1 -DWAMR_BUILD_FAST_INTERP=0 -DWAMR_BUILD_INTERP=1 -DWAMR_BUILD_FAST_JIT=1 -DWAMR_BUILD_JIT=0 -DWAMR_BUILD_LAZY_JIT=1"
LLVM_LAZY_JIT_BUILD_OPTIONS: "-DWAMR_BUILD_AOT=1 -DWAMR_BUILD_FAST_INTERP=0 -DWAMR_BUILD_INTERP=0 -DWAMR_BUILD_JIT=1 -DWAMR_BUILD_LAZY_JIT=1"
LLVM_EAGER_JIT_BUILD_OPTIONS: "-DWAMR_BUILD_AOT=1 -DWAMR_BUILD_FAST_INTERP=0 -DWAMR_BUILD_INTERP=0 -DWAMR_BUILD_JIT=1 -DWAMR_BUILD_LAZY_JIT=0"
jobs:
build_llvm_libraries:
uses: ./.github/workflows/build_llvm_libraries.yml
with:
os: "ubuntu-20.04"
arch: "X86"
build_iwasm:
runs-on: ${{ matrix.os }}
strategy:
matrix:
make_options_run_mode: [
# Running modes supported
$AOT_BUILD_OPTIONS,
$CLASSIC_INTERP_BUILD_OPTIONS,
$FAST_INTERP_BUILD_OPTIONS,
$FAST_JIT_BUILD_OPTIONS,
# Running modes unsupported
#$LLVM_LAZY_JIT_BUILD_OPTIONS,
#$LLVM_EAGER_JIT_BUILD_OPTIONS,
]
make_options_feature: [
# Features
"-DWAMR_BUILD_CUSTOM_NAME_SECTION=1",
# doesn't support
# "-DWAMR_BUILD_DEBUG_AOT=1",
# "-DWAMR_BUILD_DEBUG_INTERP=1",
"-DWAMR_BUILD_DUMP_CALL_STACK=1",
"-DWAMR_BUILD_LIB_PTHREAD=1",
"-DWAMR_BUILD_LIB_WASI_THREADS=1",
"-DWAMR_BUILD_LOAD_CUSTOM_SECTION=1",
"-DWAMR_BUILD_MINI_LOADER=1",
"-DWAMR_BUILD_MEMORY_PROFILING=1",
"-DWAMR_BUILD_MULTI_MODULE=1",
"-DWAMR_BUILD_PERF_PROFILING=1",
"-DWAMR_BUILD_REF_TYPES=1",
# doesn't support
# "-DWAMR_BUILD_SIMD=1",
"-DWAMR_BUILD_TAIL_CALL=1",
"-DWAMR_DISABLE_HW_BOUND_CHECK=1",
"-DWAMR_BUILD_SGX_IPFS=1",
]
os: [ubuntu-20.04]
platform: [linux-sgx]
exclude:
# uncompatiable mode and feature
# MINI_LOADER only on INTERP mode
- make_options_run_mode: $AOT_BUILD_OPTIONS
make_options_feature: "-DWAMR_BUILD_MINI_LOADER=1"
steps:
- name: install SGX SDK and necessary libraries
run: |
mkdir -p /opt/intel
cd /opt/intel
wget https://download.01.org/intel-sgx/sgx-linux/2.15/distro/ubuntu20.04-server/sgx_linux_x64_sdk_2.15.100.3.bin
chmod +x sgx_linux_x64_sdk_2.15.100.3.bin
echo 'yes' | ./sgx_linux_x64_sdk_2.15.100.3.bin
echo 'deb [arch=amd64] https://download.01.org/intel-sgx/sgx_repo/ubuntu focal main' | sudo tee /etc/apt/sources.list.d/intel-sgx.list
wget -qO - https://download.01.org/intel-sgx/sgx_repo/ubuntu/intel-sgx-deb.key | sudo apt-key add -
sudo apt update
sudo apt install -y libsgx-launch libsgx-urts
source /opt/intel/sgxsdk/environment
- name: checkout
uses: actions/checkout@v4
- name: Build iwasm
run: |
mkdir build && cd build
cmake .. ${{ matrix.make_options_run_mode }} ${{ matrix.make_options_feature }}
cmake --build . --config Release --parallel 4
cd ../enclave-sample
make
working-directory: product-mini/platforms/${{ matrix.platform }}
run_samples_file:
needs: [build_iwasm, build_llvm_libraries]
runs-on: ${{ matrix.os }}
strategy:
matrix:
iwasm_make_options_run_mode: [
# Running modes supported
$AOT_BUILD_OPTIONS,
$CLASSIC_INTERP_BUILD_OPTIONS,
$FAST_INTERP_BUILD_OPTIONS,
$FAST_JIT_BUILD_OPTIONS,
# Running modes unsupported
#$LLVM_LAZY_JIT_BUILD_OPTIONS,
#$LLVM_EAGER_JIT_BUILD_OPTIONS,
]
os: [ubuntu-20.04]
wasi_sdk_release:
[
"https://github.com/WebAssembly/wasi-sdk/releases/download/wasi-sdk-19/wasi-sdk-19.0-linux.tar.gz",
]
wabt_release:
[
"https://github.com/WebAssembly/wabt/releases/download/1.0.31/wabt-1.0.31-ubuntu.tar.gz",
]
iwasm_make_options_feature: [
# Features to be tested: IPFS
"-DWAMR_BUILD_SGX_IPFS=1",
]
platform: [linux-sgx]
include:
- os: ubuntu-20.04
llvm_cache_key: ${{ needs.build_llvm_libraries.outputs.cache_key }}
steps:
- name: checkout
uses: actions/checkout@v4
- name: download and install wasi-sdk
run: |
cd /opt
sudo wget ${{ matrix.wasi_sdk_release }}
sudo tar -xzf wasi-sdk-*.tar.gz
sudo mv wasi-sdk-19.0 wasi-sdk
- name: download and install wabt
run: |
cd /opt
sudo wget ${{ matrix.wabt_release }}
sudo tar -xzf wabt-1.0.31-*.tar.gz
sudo mv wabt-1.0.31 wabt
- name: build wasi-libc (needed for wasi-threads)
run: |
mkdir wasi-libc
cd wasi-libc
git init
# "Fix a_store operation in atomic.h" commit on main branch
git fetch https://github.com/WebAssembly/wasi-libc \
1dfe5c302d1c5ab621f7abf04620fae92700fd22
git checkout FETCH_HEAD
make \
AR=/opt/wasi-sdk/bin/llvm-ar \
NM=/opt/wasi-sdk/bin/llvm-nm \
CC=/opt/wasi-sdk/bin/clang \
THREAD_MODEL=posix
working-directory: core/deps
- name: install SGX SDK and necessary libraries
run: |
mkdir -p /opt/intel
cd /opt/intel
wget https://download.01.org/intel-sgx/sgx-linux/2.15/distro/ubuntu20.04-server/sgx_linux_x64_sdk_2.15.100.3.bin
chmod +x sgx_linux_x64_sdk_2.15.100.3.bin
echo 'yes' | ./sgx_linux_x64_sdk_2.15.100.3.bin
echo 'deb [arch=amd64] https://download.01.org/intel-sgx/sgx_repo/ubuntu focal main' | sudo tee /etc/apt/sources.list.d/intel-sgx.list
wget -qO - https://download.01.org/intel-sgx/sgx_repo/ubuntu/intel-sgx-deb.key | sudo apt-key add -
sudo apt update
sudo apt install -y libsgx-launch libsgx-urts
- name: Build iwasm for testing samples
run: |
mkdir build && cd build
cmake .. ${{ matrix.iwasm_make_options_run_mode }} ${{ matrix.iwasm_make_options_feature }}
cmake --build . --config Release --parallel 4
cd ../enclave-sample
make
working-directory: product-mini/platforms/${{ matrix.platform }}
- name: Get LLVM libraries
if: matrix.iwasm_make_options_run_mode == '$AOT_BUILD_OPTIONS'
id: retrieve_llvm_libs
uses: actions/cache@v4
with:
path: |
./core/deps/llvm/build/bin
./core/deps/llvm/build/include
./core/deps/llvm/build/lib
./core/deps/llvm/build/libexec
./core/deps/llvm/build/share
key: ${{ matrix.llvm_cache_key }}
fail-on-cache-miss: true
- name: Build wamrc only for testing samples in aot mode
if: matrix.iwasm_make_options_run_mode == '$AOT_BUILD_OPTIONS'
run: |
mkdir build && cd build
cmake ..
cmake --build . --config Release --parallel 4
cp wamrc `pwd`/../../product-mini/platforms/${{ matrix.platform }}/enclave-sample
working-directory: wamr-compiler
- name: Build Sample [file]
run: |
cd samples/file
mkdir build && cd build
cmake ..
cmake --build . --config Debug --parallel 4
cp wasm-app/file.wasm `pwd`/../../../product-mini/platforms/${{ matrix.platform }}/enclave-sample
- name: Test Sample [file] in non-aot mode
if: matrix.iwasm_make_options_run_mode != '$AOT_BUILD_OPTIONS'
run: |
source /opt/intel/sgxsdk/environment
./iwasm --dir=. file.wasm
working-directory: product-mini/platforms/${{ matrix.platform }}/enclave-sample
- name: Test Sample [file] in aot mode
if: matrix.iwasm_make_options_run_mode == '$AOT_BUILD_OPTIONS'
run: |
source /opt/intel/sgxsdk/environment
./wamrc -sgx -o file.aot file.wasm
./iwasm --dir=. file.aot
working-directory: product-mini/platforms/${{ matrix.platform }}/enclave-sample
spec_test_default:
needs: [build_iwasm, build_llvm_libraries]
runs-on: ubuntu-20.04
strategy:
matrix:
running_mode: ["classic-interp", "fast-interp", "aot", "fast-jit"]
test_option: ["-x -p -s spec -b -P", "-x -p -s spec -S -b -P", "-x -p -s spec -X -b -P"]
llvm_cache_key: ["${{ needs.build_llvm_libraries.outputs.cache_key }}"]
exclude:
# classic-interp, fast-interp and fast-jit don't support simd
- running_mode: "classic-interp"
test_option: "-x -p -s spec -S -b -P"
- running_mode: "fast-interp"
test_option: "-x -p -s spec -S -b -P"
- running_mode: "fast-jit"
test_option: "-x -p -s spec -S -b -P"
# classic-interp, fast-interp and fast jit don't support XIP
- running_mode: "classic-interp"
test_option: "-x -p -s spec -X -b -P"
- running_mode: "fast-interp"
test_option: "-x -p -s spec -X -b -P"
- running_mode: "fast-jit"
test_option: "-x -p -s spec -X -b -P"
steps:
- name: checkout
uses: actions/checkout@v4
- name: Get LLVM libraries
if: matrix.running_mode == 'aot'
id: retrieve_llvm_libs
uses: actions/cache@v4
with:
path: |
./core/deps/llvm/build/bin
./core/deps/llvm/build/include
./core/deps/llvm/build/lib
./core/deps/llvm/build/libexec
./core/deps/llvm/build/share
key: ${{ matrix.llvm_cache_key }}
- name: Quit if cache miss
if: matrix.running_mode == 'aot' && steps.retrieve_llvm_libs.outputs.cache-hit != 'true'
run: echo "::error::can not get prebuilt llvm libraries" && exit 1
- name: install SGX SDK and necessary libraries
run: |
mkdir -p /opt/intel
cd /opt/intel
wget https://download.01.org/intel-sgx/sgx-linux/2.15/distro/ubuntu20.04-server/sgx_linux_x64_sdk_2.15.100.3.bin
chmod +x sgx_linux_x64_sdk_2.15.100.3.bin
echo 'yes' | ./sgx_linux_x64_sdk_2.15.100.3.bin
echo 'deb [arch=amd64] https://download.01.org/intel-sgx/sgx_repo/ubuntu focal main' | sudo tee /etc/apt/sources.list.d/intel-sgx.list
wget -qO - https://download.01.org/intel-sgx/sgx_repo/ubuntu/intel-sgx-deb.key | sudo apt-key add -
sudo apt update
sudo apt install -y libsgx-launch libsgx-urts
- name: run spec tests
run: |
source /opt/intel/sgxsdk/environment
./test_wamr.sh ${{ matrix.test_option }} -t ${{ matrix.running_mode }}
working-directory: ./tests/wamr-test-suites