-
Notifications
You must be signed in to change notification settings - Fork 12
76 lines (70 loc) · 2.54 KB
/
ci_verification.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
# This workflow performs verification checks
name: verification
on:
pull_request:
push:
branches:
- main
workflow_dispatch:
# Manual trigger for this workflow, either the normal version
# or the nightly build that uses the latest Dafny prerelease
# (accordingly to the "nightly" parameter).
inputs:
nightly:
description: "Run the nightly build"
required: false
type: boolean
schedule:
# Nightly build against Dafny's nightly prereleases,
# for early warning of verification issues or regressions.
# Timing chosen to be adequately after Dafny's own nightly build,
# but this might need to be tweaked:
# https://github.com/dafny-lang/dafny/blob/master/.github/workflows/deep-tests.yml#L16
- cron: "30 16 * * *"
jobs:
verification:
# Don't run the nightly build on forks
if: github.event_name != 'schedule' || github.repository_owner == 'aws'
strategy:
fail-fast: false
matrix:
# Break up verification between namespaces over multiple
# actions to take advantage of parallelization
service:
[
DynamoDbEncryption,
DynamoDbEncryptionTransforms,
DynamoDbItemEncryptor,
StructuredEncryption,
]
os: [macos-12]
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v3
with:
submodules: recursive
- name: Setup Dafny
uses: dafny-lang/[email protected]
with:
# A && B || C is the closest thing to an if .. then ... else ... or ?: expression the GitHub Actions syntax supports.
dafny-version: ${{ (github.event_name == 'schedule' || inputs.nightly) && 'nightly-latest' || '4.2.0' }}
- name: Regenerate code using smithy-dafny if necessary
if: ${{ inputs.nightly }}
uses: ./.github/actions/polymorph_codegen
with:
dafny: ${{ env.DAFNY_VERSION }}
library: DynamoDbEncryption
diff-generated-code: false
update-and-regenerate-mpl: true
- name: Verify ${{ matrix.service }} Dafny code
shell: bash
working-directory: ./DynamoDbEncryption
run: |
# This works because `node` is installed by default on GHA runners
CORES=$(node -e 'console.log(os.cpus().length)')
make verify_service CORES=$CORES SERVICE=${{ matrix.service }}
- name: Check solver resource use
shell: bash
working-directory: ./DynamoDbEncryption
run: |
make dafny-reportgenerator