-
Notifications
You must be signed in to change notification settings - Fork 21
135 lines (120 loc) · 4.81 KB
/
library_legacy_interop_test_vectors.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
# This workflow performs legacy test vector tests across the supported runtimes of the ESDK Dafny
name: Library Interoperability Dafny TestVectors
on:
workflow_call:
inputs:
dafny:
description: "The Dafny version to use"
required: true
type: string
regenerate-code:
description: "Regenerate code using smithy-dafny"
required: false
default: false
type: boolean
jobs:
decryptEncryptVectors:
strategy:
matrix:
library: [TestVectors]
os: [
# https://taskei.amazon.dev/tasks/CrypTool-5283
# windows-latest,
ubuntu-latest,
macos-13,
]
# java struggles with the json parsing
# however; the native java esdk already runs a subset of these decrypt
# vectors. More important for the dafny-x implementations to be able
# to decrypt these
language: [net]
legacy_zips: [
aws-encryption-sdk-test-vectors/vectors/awses-decrypt/python-1.3.5,
aws-encryption-sdk-test-vectors/vectors/awses-decrypt/python-1.3.7,
aws-encryption-sdk-test-vectors/vectors/awses-decrypt/python-1.3.8,
aws-encryption-sdk-test-vectors/vectors/awses-decrypt/python-2.0.0,
aws-encryption-sdk-test-vectors/vectors/awses-decrypt/python-2.2.0,
aws-encryption-sdk-test-vectors/vectors/awses-decrypt/python-2.3.0
]
# https://taskei.amazon.dev/tasks/CrypTool-5284
dotnet-version: ["6.0.x"]
runs-on: ${{ matrix.os }}
permissions:
id-token: write
contents: read
steps:
- name: Support longpaths on Git checkout
run: |
git config --global core.longpaths true
- uses: actions/checkout@v3
with:
submodules: true
# Not all submodules are needed.
# We manually pull the submodule we DO need.
- run: git submodule update --init libraries
- run: git submodule update --init --recursive mpl
# Set up runtimes
- name: Setup .NET Core SDK ${{ matrix.dotnet-version }}
if: matrix.language == 'net'
uses: actions/setup-dotnet@v4
with:
dotnet-version: ${{ matrix.dotnet-version }}
- name: Setup Java 17
if: matrix.language == 'java'
uses: actions/setup-java@v3
with:
distribution: "corretto"
java-version: 17
- name: Setup Dafny
uses: dafny-lang/[email protected]
with:
dafny-version: ${{ inputs.dafny }}
- name: Regenerate code using smithy-dafny if necessary
if: ${{ inputs.regenerate-code }}
uses: ./.github/actions/polymorph_codegen
with:
dafny: ${{ inputs.dafny }}
library: ${{ matrix.library }}
diff-generated-code: false
# Build implementation for each runtime
- name: Build ${{ matrix.library }} implementation in Java
if: matrix.language == 'java'
shell: bash
working-directory: ./${{ matrix.library }}
run: |
# This works because `node` is installed by default on GHA runners
CORES=$(node -e 'console.log(os.cpus().length)')
make build_java CORES=$CORES
- name: Build ${{ matrix.library }} implementation in .NET
if: matrix.language == 'net'
shell: bash
working-directory: ./${{ matrix.library }}
run: |
# This works because `node` is installed by default on GHA runners
CORES=$(node -e 'console.log(os.cpus().length)')
make transpile_net
- name: Setup gradle
if: matrix.language == 'java'
uses: gradle/gradle-build-action@v2
with:
gradle-version: 7.2
# TestVectors will call KMS
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v2
with:
aws-region: us-west-2
role-to-assume: arn:aws:iam::370957321024:role/GitHub-CI-Public-ESDK-Dafny-Role-us-west-2
role-session-name: LegacyInterOpTests
# Extract test vector zips
- name: Unzip legacy test vectors
working-directory: ./${{matrix.library}}
run: |
unzip ${{matrix.legacy_zips}}.zip -d ${{matrix.legacy_zips}}
# Test Legacy Vectors
- name: Test legacy vectors via CLI
working-directory: ./${{matrix.library}}
env:
MANIFEST_PATH: ${{matrix.legacy_zips}}/
MANIFEST_NAME: ${{ matrix.legacy_zips == 'aws-encryption-sdk-test-vectors/vectors/awses-decrypt/python-1.3.5' && 'decrypt_message.json' || 'manifest.json'}}
run: |
make test_decrypt_encrypt_vectors_net_legacy