Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore: only run net48 on windows and use node 17 to run integration-node #639

Merged
merged 22 commits into from
Mar 9, 2024
Merged
243 changes: 243 additions & 0 deletions .github/workflows/library_interop_tests.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,243 @@
# This workflow performs tests in .NET.
name: Library net tests

on:
workflow_call:
inputs:
dafny:
description: 'The Dafny version to run'
required: true
type: string

env:
# Used in examples
AWS_ENCRYPTION_SDK_EXAMPLE_KMS_KEY_ID: arn:aws:kms:us-west-2:658956600833:key/b3537ef1-d8dc-4780-9f5a-55776cbb2f7f
AWS_ENCRYPTION_SDK_EXAMPLE_KMS_KEY_ID_2: arn:aws:kms:eu-central-1:658956600833:key/75414c93-5285-4b57-99c9-30c1cf0a22c2
AWS_ENCRYPTION_SDK_EXAMPLE_KMS_MRK_KEY_ID: arn:aws:kms:us-east-1:658956600833:key/mrk-80bd8ecdcd4342aebd84b7dc9da498a7
AWS_ENCRYPTION_SDK_EXAMPLE_KMS_MRK_KEY_ID_2: arn:aws:kms:eu-west-1:658956600833:key/mrk-80bd8ecdcd4342aebd84b7dc9da498a7
AWS_ENCRYPTION_SDK_EXAMPLE_LIMITED_ROLE_ARN_US_EAST_1: arn:aws:iam::370957321024:role/GitHub-CI-ESDK-Dafny-Role-us-west-2
AWS_ENCRYPTION_SDK_EXAMPLE_LIMITED_ROLE_ARN_EU_WEST_1: arn:aws:iam::370957321024:role/GitHub-CI-ESDK-Dafny-Role-us-west-2
# Used for Test Vectors
VECTORS_URL: https://github.com/awslabs/aws-encryption-sdk-test-vectors/raw/master/vectors/awses-decrypt/python-2.3.0.zip

jobs:
decrypt_python_vectors:
strategy:
matrix:
os: [
windows-latest,
ubuntu-latest,
macos-latest,
]
runs-on: ${{ matrix.os }}
permissions:
id-token: write
contents: read
env:
DOTNET_CLI_TELEMETRY_OPTOUT: 1
DOTNET_NOLOGO: 1
steps:
- name: Support longpaths on Git checkout
run: |
git config --global core.longpaths true
- uses: actions/checkout@v2
- name: Init Submodules
shell: bash
run: |
git submodule update --init libraries
git submodule update --init --recursive mpl

- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v2
with:
aws-region: us-west-2
role-to-assume: arn:aws:iam::370957321024:role/GitHub-CI-Public-ESDK-Dafny-Role-us-west-2
role-session-name: NetTests

- name: Setup .NET Core SDK 6
uses: actions/setup-dotnet@v3
with:
dotnet-version: '6.0.x'

- name: Setup Dafny
uses: dafny-lang/[email protected]
with:
dafny-version: ${{ inputs.dafny }}

- name: Download Dependencies
working-directory: ./AwsEncryptionSDK
run: make setup_net

- name: Compile AwsEncryptionSDK implementation
shell: bash
working-directory: ./AwsEncryptionSDK
run: |
# This works because `node` is installed by default on GHA runners
CORES=$(node -e 'console.log(os.cpus().length)')
make transpile_net CORES=$CORES

- name: Fetch Python 2.3.0 Test Vectors
working-directory: ./
shell: bash
run: |
PYTHON_23_VECTOR_PATH=$GITHUB_WORKSPACE/python23/vectors
mkdir -p $PYTHON_23_VECTOR_PATH
DOWNLOAD_NAME=python23.zip
curl --no-progress-meter --output $DOWNLOAD_NAME --location $VECTORS_URL
unzip -o -qq $DOWNLOAD_NAME -d $PYTHON_23_VECTOR_PATH
rm $DOWNLOAD_NAME

- name: Decrypt Python 2.3.0 Test Vectors on .net48 (Windows ONLY)
working-directory: ./AwsEncryptionSDK/runtimes/net/TestVectorsNative/TestVectors
if: matrix.os == 'windows-latest'
shell: bash
run: |
PYTHON_23_VECTOR_PATH=$GITHUB_WORKSPACE/python23/vectors
DAFNY_AWS_ESDK_TEST_VECTOR_MANIFEST_PATH="$PYTHON_23_VECTOR_PATH/manifest.json" \
dotnet test --framework net48

- name: Decrypt Python 2.3.0 Test Vectors on .net6.0
working-directory: ./AwsEncryptionSDK/runtimes/net/TestVectorsNative/TestVectors
shell: bash
run: |
PYTHON_23_VECTOR_PATH=$GITHUB_WORKSPACE/python23/vectors
if [ "$RUNNER_OS" == "macOS" ]; then
DAFNY_AWS_ESDK_TEST_VECTOR_MANIFEST_PATH="$PYTHON_23_VECTOR_PATH/manifest.json" \
DYLD_LIBRARY_PATH="/usr/local/opt/[email protected]/lib" \
dotnet test --framework net6.0
else
DAFNY_AWS_ESDK_TEST_VECTOR_MANIFEST_PATH="$PYTHON_23_VECTOR_PATH/manifest.json" \
dotnet test --framework net6.0
fi

generate_vectors:
needs: decrypt_python_vectors
strategy:
matrix:
os: [
windows-latest,
ubuntu-latest,
macos-latest,
]
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Issue: I think I never figured out Zip file creation on Windows.
So this Job cannot work on Windows.
See line 170 or the step that creates the Zip.

runs-on: ${{ matrix.os }}
permissions:
id-token: write
contents: read
env:
DOTNET_CLI_TELEMETRY_OPTOUT: 1
DOTNET_NOLOGO: 1
steps:
- name: Support longpaths on Git checkout
run: |
git config --global core.longpaths true
- uses: actions/checkout@v2
- name: Init Submodules
shell: bash
run: |
git submodule update --init libraries
git submodule update --init --recursive mpl

- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v2
with:
aws-region: us-west-2
role-to-assume: arn:aws:iam::370957321024:role/GitHub-CI-Public-ESDK-Dafny-Role-us-west-2
role-session-name: NetTests

- name: Setup .NET Core SDK 6
uses: actions/setup-dotnet@v3
with:
dotnet-version: '6.0.x'

- name: Setup Dafny
uses: dafny-lang/[email protected]
with:
dafny-version: ${{ inputs.dafny }}

- name: Download Dependencies
working-directory: ./AwsEncryptionSDK
run: make setup_net

- name: Compile AwsEncryptionSDK implementation
shell: bash
working-directory: ./AwsEncryptionSDK
run: |
# This works because `node` is installed by default on GHA runners
CORES=$(node -e 'console.log(os.cpus().length)')
make transpile_net CORES=$CORES

- name: Generate Test Vectors with .NET Framework net6.0
# TODO Post-#619: Fix Zip file creation on Windows
if: matrix.os != 'windows-latest'
working-directory: ./AwsEncryptionSDK
shell: bash
run: |
NET_41_VECTOR_PATH=$GITHUB_WORKSPACE/net41/vectors
mkdir -p $NET_41_VECTOR_PATH
GEN_PATH=runtimes/net/TestVectorsNative/TestVectorGenerator
dotnet run --project $GEN_PATH --framework net6.0 -- \
--encrypt-manifest $GEN_PATH/resources/0006-awses-message-decryption-generation.v2.json \
--output-dir $NET_41_VECTOR_PATH

- name: Zip the Generated Test Vectors for ESDK-JS on Mac/Linux
if: matrix.os != 'windows-latest'
shell: bash
run: |
NET_41_VECTOR_PATH=$GITHUB_WORKSPACE/net41/vectors
cd $NET_41_VECTOR_PATH
zip -qq net41.zip -r .

- name: Upload Zip File
uses: actions/upload-artifact@v4
if: matrix.os != 'windows-latest'
with:
name: ${{matrix.os}}_vector_artifact
path: $GITHUB_WORKSPACE/net41/vectors/*.zip

decrypt_net_vectors_with_js:
needs: generate_vectors
strategy:
matrix:
os: [
ubuntu-latest,
macos-latest,
]
runs-on: ${{ matrix.os }}
steps:
- name: Support longpaths on Git checkout
run: |
git config --global core.longpaths true
- uses: actions/checkout@v2
- name: Init Submodules
shell: bash
run: |
git submodule update --init libraries
git submodule update --init --recursive mpl

- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v2
with:
aws-region: us-west-2
role-to-assume: arn:aws:iam::370957321024:role/GitHub-CI-Public-ESDK-Dafny-Role-us-west-2
role-session-name: NetTests

- name: Set up Dirs
run: |
NET_41_VECTOR_PATH=$GITHUB_WORKSPACE/net41/vectors
mkdir -p $NET_41_VECTOR_PATH

- name: Download Encrypt Manifest Artifact
uses: actions/download-artifact@v4
with:
name: ${{matrix.os}}_vector_artifact
path: ./$GITHUB_WORKSPACE/net41/vectors

- name: Decrypt Generated Test Vectors with ESDK-JS
# TODO Post-#619: Fix Zip file creation on Windows
shell: bash
run: |
NET_41_VECTOR_PATH=$GITHUB_WORKSPACE/net41/vectors
cd $NET_41_VECTOR_PATH
npx -y @aws-crypto/integration-node decrypt -v $NET_41_VECTOR_PATH/net41.zip -c cpu


Loading
Loading