Warn unsupported compiler on FIPS build #1155
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: integration | |
on: | |
push: | |
branches: | |
- '*' | |
- '!generate/aws-lc-*' | |
pull_request: | |
branches: | |
- '*' | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.ref_name }} | |
cancel-in-progress: true | |
env: | |
RUST_BACKTRACE: 1 | |
# We can pin the version if nightly is too unstable. | |
# Otherwise, we test against the latest version. | |
RUST_NIGHTLY_TOOLCHAIN: nightly | |
jobs: | |
s2n-quic-integration: | |
if: github.repository_owner == 'aws' | |
name: s2n-quic-integration | |
runs-on: ${{ matrix.os }} | |
strategy: | |
fail-fast: false | |
matrix: | |
os: [ ubuntu-latest, macos-13, macos-14-xlarge ] | |
env: | |
GIT_CLONE_PROTECTION_ACTIVE: false | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
submodules: 'recursive' | |
- uses: dtolnay/rust-toolchain@stable | |
id: toolchain | |
- name: Set Rust toolchain override | |
run: rustup override set ${{ steps.toolchain.outputs.name }} | |
- name: Run s2n-quic integration | |
working-directory: ./aws-lc-rs | |
run: | | |
./scripts/run-s2n-quic-integration.sh | |
rustls-integration: | |
if: github.repository_owner == 'aws' | |
name: rustls-integration | |
runs-on: ${{ matrix.os }} | |
strategy: | |
fail-fast: false | |
matrix: | |
os: [ ubuntu-latest, macos-13, macos-14-xlarge ] | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
submodules: 'recursive' | |
- uses: dtolnay/rust-toolchain@stable | |
id: toolchain | |
- name: Set Rust toolchain override | |
run: rustup override set ${{ steps.toolchain.outputs.name }} | |
- name: Install cargo-download | |
run: cargo install cargo-download | |
- name: Run rustls integration | |
working-directory: ./aws-lc-rs | |
run: | | |
./scripts/run-rustls-integration.sh | |
links-crate-tests: | |
if: github.repository_owner == 'aws' | |
name: sys crate tests | |
runs-on: ${{ matrix.os }} | |
strategy: | |
fail-fast: false | |
matrix: | |
os: [ ubuntu-latest, macos-13, macos-14-xlarge, windows-latest ] | |
features: [ aws-lc-rs, aws-lc-rs-fips, aws-lc-sys, aws-lc-fips-sys ] | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
submodules: 'recursive' | |
- uses: dtolnay/rust-toolchain@stable | |
id: toolchain | |
- name: Set Rust toolchain override | |
run: rustup override set ${{ steps.toolchain.outputs.name }} | |
- name: Install NASM on Windows | |
if: runner.os == 'Windows' | |
uses: ilammy/setup-nasm@v1 | |
- name: Setup Go >=v1.18 | |
uses: actions/setup-go@v4 | |
with: | |
go-version: '>=1.18' | |
- name: Install ninja-build tool | |
uses: seanmiddleditch/gha-setup-ninja@v4 | |
- name: Run cargo test | |
working-directory: ./links-testing | |
run: cargo test --features ${{ matrix.features }} --no-default-features | |
- name: Run cargo run | |
working-directory: ./links-testing | |
run: cargo run --features ${{ matrix.features }} --no-default-features | |
publish-dry-run: | |
if: github.repository_owner == 'aws' | |
name: publish dry-run | |
runs-on: ${{ matrix.os }} | |
strategy: | |
fail-fast: false | |
matrix: | |
rust: [ stable ] | |
os: [ windows-latest, ubuntu-latest, macos-13, macos-14-xlarge ] | |
crate: [ aws-lc-sys, aws-lc-rs, aws-lc-fips-sys ] | |
args: | |
- publish --dry-run | |
steps: | |
- uses: actions/setup-go@v4 | |
with: | |
go-version: '>=1.18' | |
- run: go version | |
- uses: actions/checkout@v3 | |
with: | |
submodules: 'recursive' | |
- if: ${{ matrix.os == 'windows-latest' }} | |
uses: ilammy/setup-nasm@v1 | |
- name: Install ninja-build tool | |
if: ${{ matrix.os == 'windows-latest' }} | |
uses: seanmiddleditch/gha-setup-ninja@v4 | |
- uses: dtolnay/rust-toolchain@master | |
id: toolchain | |
with: | |
toolchain: ${{ matrix.rust }} | |
- name: Set Rust toolchain override | |
run: rustup override set ${{ steps.toolchain.outputs.name }} | |
- name: ${{ matrix.crate }} | |
working-directory: ./${{ matrix.crate }} | |
run: cargo ${{ matrix.args }} | |
- name: Clean | |
run: cargo clean | |
- name: Force Linux shared build | |
working-directory: ./${{ matrix.crate }} | |
if: ${{ matrix.os == 'ubuntu-latest' }} | |
# Doc-tests fail to link with dynamic build | |
# See: https://github.com/rust-lang/cargo/issues/8531 | |
run: AWS_LC_SYS_STATIC=0 AWS_LC_FIPS_SYS_STATIC=0 cargo publish --dry-run | |
## Verify that prebuilt-nasm objects were published properly | |
publish-dry-run-prebuild-nasm: | |
if: github.repository_owner == 'aws' | |
name: publish dry-run prebuilt-nasm | |
runs-on: windows-latest | |
strategy: | |
fail-fast: false | |
matrix: | |
crate: [ aws-lc-sys, aws-lc-rs ] | |
args: | |
- publish --dry-run | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
submodules: 'recursive' | |
- uses: dtolnay/rust-toolchain@master | |
id: toolchain | |
with: | |
toolchain: stable | |
- name: Set Rust toolchain override | |
run: rustup override set ${{ steps.toolchain.outputs.name }} | |
- name: Verify NASM not available | |
shell: bash | |
run: | | |
if nasm --version; then | |
exit 1 | |
else | |
exit 0; | |
fi | |
- name: ${{ matrix.crate }} | |
working-directory: ./${{ matrix.crate }} | |
shell: bash | |
run: AWS_LC_SYS_PREBUILT_NASM=1 cargo publish --dry-run | |
msrv: | |
name: Minimum Supported Rust Version | |
if: github.repository_owner == 'aws' | |
runs-on: ${{ matrix.os }} | |
strategy: | |
fail-fast: false | |
matrix: | |
os: [ ubuntu-latest, macos-13, macos-14-xlarge, windows-latest ] | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
submodules: 'recursive' | |
lfs: true | |
- if: ${{ startsWith(matrix.os, 'macos-') }} | |
run: | | |
brew install llvm | |
echo 'export PATH="/opt/homebrew/opt/llvm/bin:$PATH"' | |
echo 'export LIBCLANG_PATH=/opt/homebrew/opt/llvm' >> "$GITHUB_ENV" | |
- name: Install NASM on Windows | |
if: runner.os == 'Windows' | |
uses: ilammy/setup-nasm@v1 | |
- name: Install MSRV Rust version | |
uses: dtolnay/rust-toolchain@stable | |
with: | |
toolchain: 1.63.0 # TODO: dynamically identify MSRV | |
- name: Verify msrv | |
working-directory: ./aws-lc-rs | |
run: cargo +1.63.0 check --features bindgen |