diff --git a/.github/workflows/build-and-test.yml b/.github/workflows/build-and-test.yml index 2ef8bd8..227da2f 100644 --- a/.github/workflows/build-and-test.yml +++ b/.github/workflows/build-and-test.yml @@ -45,7 +45,9 @@ jobs: - name: Run unit and integration tests env: LLVM_COV_ARGS: --lcov --output-path ${{ env.LCOV_OUT }} - run: make test-coverage + run: | + make fetch-public-key + make test-coverage - name: Run doc tests run: make doc-test diff --git a/Makefile b/Makefile index 424c23d..5bd5ac8 100644 --- a/Makefile +++ b/Makefile @@ -4,8 +4,7 @@ TOOL_CHAIN = ifndef TOOL_CHAIN TOOL_CHAIN = x86_64-unknown-linux-gnu endif -build: - cargo fmt +build: format cargo clippy cargo build --target=$(TOOL_CHAIN) --release @@ -17,37 +16,58 @@ doc: # Run all tests (no coverage) .PHONY: test -test: check-env - cargo fmt +test: format check-env cargo test -# Run unit and integration tests and measure coverage. Additional flags can be passed with LLVM_COV_ARGS +# Clean up +.PHONY: clean +clean: + cargo clean + +# ==== Directives for developers ==== + +# Run unit and integration tests and measure coverage. +# Additional flags can be passed with LLVM_COV_ARGS .PHONY: test-coverage test-coverage: check-env cargo llvm-cov $(LLVM_COV_ARGS) # Run only documentation tests (shorthand for developers) .PHONY: doc-test -test-test: check-env - cargo fmt +doc-test: format check-env cargo test --doc # Run only unit tests (shorthand for developers) .PHONY: unit-test -unit-test: - cargo fmt +unit-test: format cargo test --lib # Run only integration tests (shorthand for developers) .PHONY: integration-test -integration-test: check-env - cargo fmt +integration-test: format check-env cargo test --tests -# Clean up -.PHONY: clean -clean: - cargo clean +# ==== Helper directives ==== + +# Format codebase +.PHONY: format +format: + cargo fmt + +# Downloads and decodes the public key from KMS +.PHONY: fetch-public-key +PUBLIC_KEY_FILE_PATH = ./tests/data/pub-key +PUBLIC_KEY_FILE_PEM = $(PUBLIC_KEY_FILE_PATH).pem +PUBLIC_KEY_FILE_DER = $(PUBLIC_KEY_FILE_PATH).der +fetch-public-key: check-env + @aws kms get-public-key \ + --region $(AWS_REGION) \ + --key-id $(KMS_KEY_ID) \ + --output text \ + --query PublicKey > $(PUBLIC_KEY_FILE_PEM) || \ + (echo "Failed to fetch public key" && exit 1) + @cat $(PUBLIC_KEY_FILE_PEM) | base64 -d > $(PUBLIC_KEY_FILE_DER) + @echo "Public key saved to $(PUBLIC_KEY_FILE_PEM) and decoded to $(PUBLIC_KEY_FILE_DER)" # Check if the environment variables are set and STS token is valid .PHONY: check-env @@ -59,4 +79,6 @@ ifndef AWS_REGION $(error AWS_REGION is not set) endif @aws --version &> /dev/null || (echo "AWS CLI not installed" && exit 1) - @aws sts get-caller-identity &> /dev/null || (echo "AWS CLI could not assume role. Did the token expire?" && exit 1) \ No newline at end of file + @aws sts get-caller-identity &> /dev/null || \ + (echo "AWS CLI could not assume role. Did the STS token expire?" && exit 1) + @echo "Environment variables are set and the STS token is valid" \ No newline at end of file