Skip to content

Commit

Permalink
chore: merge Golang/dev branch with mainline (#704)
Browse files Browse the repository at this point in the history
  • Loading branch information
rishav-karanjit authored Dec 2, 2024
1 parent 2db84c0 commit 6db9ace
Show file tree
Hide file tree
Showing 72 changed files with 20,302 additions and 150 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -12,10 +12,10 @@ runs:
uses: gradle/gradle-build-action@v2
with:
arguments: :codegen-client:pTML :codegen-core:pTML :rust-runtime:pTML
build-root-directory: smithy-dafny/smithy-dafny-codegen-modules/smithy-rs
build-root-directory: mpl/smithy-dafny/smithy-dafny-codegen-modules/smithy-rs

- name: Install smithy-dafny-codegen Python dependencies locally
uses: gradle/gradle-build-action@v2
with:
arguments: :smithy-python-codegen:pTML
build-root-directory: smithy-dafny/codegen/smithy-dafny-codegen-modules/smithy-python/codegen
build-root-directory: mpl/smithy-dafny/codegen/smithy-dafny-codegen-modules/smithy-python/codegen
7 changes: 7 additions & 0 deletions .github/actions/polymorph_codegen/action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -109,6 +109,13 @@ runs:
run: |
make polymorph_dotnet ${{ steps.dependencies.outputs.PROJECT_DEPENDENCIES }}
# TODO: Uncomment when checking in polymorph_rust code
# - name: Regenerate Rust code using smithy-dafny
# working-directory: ./${{ inputs.library }}
# shell: bash
# run: |
# make polymorph_rust ${{ steps.dependencies.outputs.PROJECT_DEPENDENCIES }}

- name: Check regenerated code against commited code
# Composite action inputs seem to not actually support booleans properly for some reason
if: inputs.diff-generated-code == 'true'
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/dafny_interop_test_net.yml
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ jobs:
os: [
windows-latest,
ubuntu-latest,
macos-12,
macos-13,
]
runs-on: ${{ matrix.os }}
permissions:
Expand Down
7 changes: 3 additions & 4 deletions .github/workflows/dafny_interop_test_vector_net.yml
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ jobs:
os: [
windows-latest,
ubuntu-latest,
macos-12,
macos-13,
]
runs-on: ${{matrix.os}}
permissions:
Expand Down Expand Up @@ -146,7 +146,7 @@ jobs:
matrix:
os: [
ubuntu-latest,
macos-12,
macos-13,
]
runs-on: ${{ matrix.os }}
permissions:
Expand Down Expand Up @@ -251,7 +251,7 @@ jobs:
matrix:
os: [
ubuntu-latest,
macos-12,
macos-13,
]
runs-on: ${{ matrix.os }}
permissions:
Expand All @@ -267,7 +267,6 @@ jobs:
run: |
git submodule update --init libraries
git submodule update --init --recursive mpl
git submodule update --init smithy-dafny
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v4
Expand Down
13 changes: 9 additions & 4 deletions .github/workflows/daily_ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -11,13 +11,13 @@ jobs:
if: github.event_name != 'schedule' || github.repository_owner == 'aws'
uses: ./.github/workflows/library_codegen.yml
with:
dafny: '4.8.0'
dafny: '4.8.1'
daily-ci-verification:
# Don't run the cron builds on forks
if: github.event_name != 'schedule' || github.repository_owner == 'aws'
uses: ./.github/workflows/library_dafny_verification.yml
with:
dafny: '4.8.0'
dafny: '4.8.1'
# daily-ci-java:
# if: github.event_name != 'schedule' || github.repository_owner == 'aws'
# uses: ./.github/workflows/library_java_tests.yml
Expand All @@ -27,10 +27,15 @@ jobs:
if: github.event_name != 'schedule' || github.repository_owner == 'aws'
uses: ./.github/workflows/library_net_tests.yml
with:
dafny: '4.8.0'
dafny: '4.8.1'
daily-ci-rust:
if: github.event_name != 'schedule' || github.repository_owner == 'aws'
uses: ./.github/workflows/library_rust_tests.yml
with:
dafny: '4.8.1'

daily-ci-interop-tests:
if: github.event_name != 'schedule' || github.repository_owner == 'aws'
uses: ./.github/workflows/library_interop_tests.yml
with:
dafny: '4.8.0'
dafny: '4.8.1'
1 change: 0 additions & 1 deletion .github/workflows/library_codegen.yml
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,6 @@ jobs:
# it to verify the Dafny code. Instead we manually pull the submodules we DO need.
- run: git submodule update --init libraries
- run: git submodule update --init --recursive mpl
- run: git submodule update --init --recursive smithy-dafny

# Only used to format generated code
# and to translate version strings such as "nightly-latest"
Expand Down
13 changes: 10 additions & 3 deletions .github/workflows/library_dafny_verification.yml
Original file line number Diff line number Diff line change
Expand Up @@ -19,9 +19,10 @@ jobs:
strategy:
matrix:
library: [
AwsEncryptionSDK
AwsEncryptionSDK,
TestVectors
]
os: [ macos-12 ]
os: [ macos-13 ]
runs-on: ${{ matrix.os }}
env:
DOTNET_CLI_TELEMETRY_OPTOUT: 1
Expand All @@ -36,7 +37,13 @@ jobs:
run: |
git submodule update --init libraries
git submodule update --init --recursive mpl
git submodule update --init smithy-dafny
# dafny-reportgenerator requires next6
# but only 7.0 is installed on macos-13-large
- name: Setup .NET Core SDK '6.0.x'
uses: actions/setup-dotnet@v3
with:
dotnet-version: "6.0.x"

- name: Setup Dafny
uses: dafny-lang/[email protected]
Expand Down
216 changes: 216 additions & 0 deletions .github/workflows/library_interop_test_vectors.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,216 @@
# This workflow performs interoperability tests across the supported runtimes of the ESDK Dafny
name: Library Interoperability Dafny TestVectors

on:
workflow_call:
inputs:
dafny:
description: "The Dafny version to use"
required: true
type: string
regenerate-code:
description: "Regenerate code using smithy-dafny"
required: false
default: false
type: boolean

jobs:
generateEncryptVectors:
strategy:
matrix:
library: [TestVectors]
os: [
# https://taskei.amazon.dev/tasks/CrypTool-5283
# windows-latest,
ubuntu-latest,
macos-13,
]
language: [java, net]
# https://taskei.amazon.dev/tasks/CrypTool-5284
dotnet-version: ["6.0.x"]
runs-on: ${{ matrix.os }}
permissions:
id-token: write
contents: read

steps:
- name: Support longpaths on Git checkout
run: |
git config --global core.longpaths true
- uses: actions/checkout@v3
# Not all submodules are needed.
# We manually pull the submodule we DO need.
- run: git submodule update --init libraries
- run: git submodule update --init --recursive mpl

# Set up runtimes
- name: Setup .NET Core SDK ${{ matrix.dotnet-version }}
if: matrix.language == 'net'
uses: actions/setup-dotnet@v3
with:
dotnet-version: ${{ matrix.dotnet-version }}

- name: Setup Java 17
if: matrix.language == 'java'
uses: actions/setup-java@v3
with:
distribution: "corretto"
java-version: 17

- name: Setup Dafny
uses: dafny-lang/[email protected]
with:
dafny-version: ${{ inputs.dafny }}

- name: Regenerate code using smithy-dafny if necessary
if: ${{ inputs.regenerate-code }}
uses: ./.github/actions/polymorph_codegen
with:
dafny: ${{ inputs.dafny }}
library: ${{ matrix.library }}
diff-generated-code: false

# Build implementation for each runtime
- name: Build ${{ matrix.library }} implementation in Java
if: matrix.language == 'java'
shell: bash
working-directory: ./${{ matrix.library }}
run: |
# This works because `node` is installed by default on GHA runners
CORES=$(node -e 'console.log(os.cpus().length)')
make build_java CORES=$CORES
- name: Build ${{ matrix.library }} implementation in .NET
if: matrix.language == 'net'
shell: bash
working-directory: ./${{ matrix.library }}
run: |
# This works because `node` is installed by default on GHA runners
CORES=$(node -e 'console.log(os.cpus().length)')
make transpile_net
- name: Setup gradle
if: matrix.language == 'java'
uses: gradle/gradle-build-action@v2
with:
gradle-version: 7.2

# TestVectors will call KMS
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v2
with:
aws-region: us-west-2
role-to-assume: arn:aws:iam::370957321024:role/GitHub-CI-Public-ESDK-Dafny-Role-us-west-2
role-session-name: InterOpTests

- name: Create Manifests
working-directory: ./${{ matrix.library }}
run: make test_generate_vectors_${{ matrix.language }}

- name: Create Encrypt Manifests
working-directory: ./${{ matrix.library }}
run: make test_encrypt_vectors_${{ matrix.language }}

- name: Upload Encrypt Manifest and keys.json files
uses: actions/upload-artifact@v4
with:
name: ${{matrix.os}}_vector_artifact_${{matrix.language}}_${{github.sha}}
path: |
./${{matrix.library}}/runtimes/${{matrix.language}}/*.json
./${{matrix.library}}/runtimes/${{matrix.language}}/plaintexts
./${{matrix.library}}/runtimes/${{matrix.language}}/ciphertexts
testInteroperablity:
needs: generateEncryptVectors
strategy:
matrix:
library: [TestVectors]
os: [
# https://taskei.amazon.dev/tasks/CrypTool-5283
# windows-latest,
ubuntu-latest,
macos-13,
]
encrypting_language: [java, net]
decrypting_language: [java, net]
# https://taskei.amazon.dev/tasks/CrypTool-5284
dotnet-version: ["6.0.x"]
runs-on: ${{ matrix.os }}
permissions:
id-token: write
contents: read

steps:
- name: Support longpaths on Git checkout
run: |
git config --global core.longpaths true
# TestVectors will call KMS
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v2
with:
aws-region: us-west-2
role-to-assume: arn:aws:iam::370957321024:role/GitHub-CI-Public-ESDK-Dafny-Role-us-west-2
role-session-name: InterOpTests

- uses: actions/checkout@v3
# Not all submodules are needed.
# We manually pull the submodule we DO need.
- run: git submodule update --init libraries
- run: git submodule update --init --recursive mpl

- name: Setup .NET Core SDK ${{ matrix.dotnet-version }}
if: matrix.decrypting_language == 'net'
uses: actions/setup-dotnet@v3
with:
dotnet-version: ${{ matrix.dotnet-version }}

- name: Setup Java 17
if: matrix.decrypting_language == 'java'
uses: actions/setup-java@v3
with:
distribution: "corretto"
java-version: 17

- name: Setup Dafny
uses: dafny-lang/[email protected]
with:
dafny-version: ${{ inputs.dafny }}

- name: Regenerate code using smithy-dafny if necessary
if: ${{ inputs.regenerate-code }}
uses: ./.github/actions/polymorph_codegen
with:
dafny: ${{ inputs.dafny }}
library: ${{ matrix.library }}
diff-generated-code: false

# Build implementation for each runtime
- name: Build ${{ matrix.library }} implementation in Java
if: matrix.decrypting_language == 'java'
working-directory: ./${{ matrix.library }}
shell: bash
run: |
# This works because `node` is installed by default on GHA runners
CORES=$(node -e 'console.log(os.cpus().length)')
make build_java CORES=$CORES
- name: Build ${{ matrix.library }} implementation in .NET
if: matrix.decrypting_language == 'net'
working-directory: ./${{ matrix.library }}
shell: bash
run: |
# This works because `node` is installed by default on GHA runners
CORES=$(node -e 'console.log(os.cpus().length)')
make transpile_net
- name: Download Encrypt Manifest Artifact
uses: actions/download-artifact@v4
with:
name: ${{matrix.os}}_vector_artifact_${{matrix.encrypting_language}}_${{github.sha}}
path: ./${{matrix.library}}/runtimes/${{matrix.decrypting_language}}

- name: Decrypt Encrypt Manifest
working-directory: ./${{ matrix.library }}
run: make test_decrypt_encrypt_vectors_${{matrix.decrypting_language}}

Loading

0 comments on commit 6db9ace

Please sign in to comment.