-
Notifications
You must be signed in to change notification settings - Fork 14
130 lines (118 loc) · 5.37 KB
/
ci_test_latest_released_mpl_java.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
# This workflow is for testing that the latest released version
# of the MPL is compatible with the current DB-ESDK Head
name: Test Latest Released MPL Java with DB-ESDK HEAD
on:
schedule:
- cron: "00 16 * * 1-5"
workflow_dispatch: # allows triggering this manually through the Actions UI
inputs:
run_test_vectors:
description: "Run Test Vectors?"
required: false
default: true
type: boolean
# TODO: Remove this before merging to main. We don't want this workflow running in CI
# on PRs because we expect it to fail when the MPL is actually updated since the last version.
pull_request:
jobs:
getVersion:
# Don't run the cron builds on forks
if: github.event_name != 'schedule' || github.repository_owner == 'aws'
uses: ./.github/workflows/dafny_version.yml
getVerifyVersion:
if: github.event_name != 'schedule' || github.repository_owner == 'aws'
uses: ./.github/workflows/dafny_verify_version.yml
getMplDependencyJavaVersion:
if: github.event_name != 'schedule' || github.repository_owner == 'aws'
uses: ./.github/workflows/mpl_dependency_java_version.yml
testJava:
needs: [getVersion, getMplDependencyJavaVersion]
strategy:
max-parallel: 1
matrix:
java-version: [17]
os: [macos-13]
runs-on: ${{ matrix.os }}
permissions:
id-token: write
contents: read
steps:
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v4
with:
aws-region: us-west-2
role-to-assume: arn:aws:iam::370957321024:role/GitHub-CI-DDBEC-Dafny-Role-us-west-2
role-session-name: DDBEC-Dafny-Java-Tests
- uses: actions/checkout@v3
with:
submodules: recursive
- name: Setup Java ${{ matrix.java-version }}
uses: actions/setup-java@v4
with:
distribution: "corretto"
java-version: ${{ matrix.java-version }}
- name: Setup Dafny
uses: dafny-lang/[email protected]
with:
dafny-version: ${{ needs.getVersion.outputs.version }}
- name: Regenerate code using smithy-dafny if necessary
if: ${{ inputs.regenerate-code }}
uses: ./.github/actions/polymorph_codegen
with:
dafny: ${{ env.DAFNY_VERSION }}
library: DynamoDbEncryption
diff-generated-code: false
update-and-regenerate-mpl: true
# The following two steps: "Build and deploy to maven local" and "Run Extensive Tests"
# mimic the tests in ./codebuild/staging/release-staging.yml
- name: Build and deploy to maven local
shell: bash
working-directory: ./DynamoDbEncryption
run: |
# Run transpile by itself. We don't want to locally build the MPL because
# we want to verify that the version pulled down from maven works correctly
make transpile_implementation_java
make transpile_test_java
make mvn_local_deploy
make test_java
- name: Run Extensive Tests
working-directory: ./DynamoDbEncryption
run: |
gradle -p runtimes/java clean
gradle -p runtimes/java test
# This makes sure that we are using the correct MPL version to test the DB-ESDK.
# If this contains a SNAPSHOT version, this will fail because'
# we are NOT building the MPL recursively but pulling from Maven.
- name: Update project.properties to use the correct MPL version (from project.properties in DB-ESDK)
working-directory: ./submodules/MaterialProviders/
run: |
sed "s/mplVersion=.*/mplVersion=${{needs.getMplDependencyJavaVersion.outputs.version}}/g" project.properties > project.properties2; mv project.properties2 project.properties
# The following three steps: "Transpile MPL Test Vectors without recursively building the MPL",
# "Run Test Vectors", and "Test Examples" mimic the tests in ./codebuild/staging/validate-staging.yml
- name: Transpile MPL Test Vectors without recursively building the MPL
working-directory: ./submodules/MaterialProviders/TestVectorsAwsCryptographicMaterialProviders
run: |
# Run transpile by itself. We don't want to locally build the MPL because
# we want to verify that the version pulled down from maven works correctly
make transpile_implementation_java
make transpile_test_java
make mvn_local_deploy
- name: Run Test Vectors
# TODO: Remove pull_request from here
if: github.event_name == 'pull_request' || github.event_name == 'schedule' || (github.event_name == 'workflow_dispatch' && ${{inputs.run_test_vectors}})
working-directory: ./TestVectors
run: |
# Spin up ddb local
docker run --name dynamodb -d -p 8000:8000 amazon/dynamodb-local -jar DynamoDBLocal.jar -port 8000 -inMemory -cors *
# Run transpile by itself so we don't locally build the MPL.
make transpile_implementation_java
make transpile_test_java
gradle -p runtimes/java runTests
- name: Test Examples
working-directory: ./Examples
run: |
# Run Simple Examples
gradle -p runtimes/java/DynamoDbEncryption test
# Run Migration Examples
gradle -p runtimes/java/Migration/PlaintextToAWSDBE test
gradle -p runtimes/java/Migration/DDBECToAWSDBE test