-
Notifications
You must be signed in to change notification settings - Fork 54
154 lines (148 loc) · 5.67 KB
/
compilers.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
name: compilers
on:
push:
branches:
- '*'
- '!generate/aws-lc-*'
pull_request:
branches:
- '*'
concurrency:
group: ${{ github.workflow }}-${{ github.ref_name }}
cancel-in-progress: true
env:
RUST_BACKTRACE: 1
# We can pin the version if nightly is too unstable.
# Otherwise, we test against the latest version.
RUST_NIGHTLY_TOOLCHAIN: nightly
jobs:
aws-lc-rs-2004-gcc:
if: github.repository_owner == 'aws'
name: GCC ${{ matrix.gcc_version }} - CMake ${{ matrix.cmake }} - FIPS ${{ matrix.fips }}
runs-on: ubuntu-20.04
env:
AWS_LC_SYS_CMAKE_BUILDER: ${{ matrix.cmake }}
strategy:
fail-fast: false
matrix:
cmake: [ '0', '1' ]
gcc_version: [ '7', '8' ]
fips: [ '0', '1' ]
steps:
- uses: actions/checkout@v4
with:
submodules: 'recursive'
- uses: dtolnay/rust-toolchain@master
id: toolchain
with:
toolchain: stable
- name: Set up GCC
uses: egor-tensin/setup-gcc@v1.3
with:
version: ${{ matrix.gcc_version }}
platform: x64
- if: matrix.fips == '1'
uses: actions/setup-go@v4
with:
go-version: '>=1.18'
- name: Run cargo test (debug)
run: cargo test -p aws-lc-rs --all-targets --no-default-features --features ${{ (matrix.fips == '0' && 'unstable,aws-lc-sys') || 'unstable,fips' }}
- name: Run cargo test (release)
run: cargo test -p aws-lc-rs --release --all-targets --no-default-features --features ${{ (matrix.fips == '0' && 'unstable,aws-lc-sys') || 'unstable,fips' }}
# The steps below verify that we're successfully using `-ffile-prefix-map`
# to remove build environment paths from the resulting library.
- if: ${{ matrix.gcc_version == '8' }}
name: Verify paths found in debug build
run: |
DEBUG_LIBCRYPTO=$(find ./target/debug -name "libaws_lc_*_crypto.a")
if strings ${DEBUG_LIBCRYPTO} | grep runner; then
exit 0; # SUCCESS
else
exit 1; # FAIL - we expected to find "runner" (i.e., a path)
fi
# TODO: Due to the nature of the FIPS build (e.g., its dynamic generation of
# assembly files and its custom compilation commands within CMake), not all
# source paths are stripped from the resulting binary.
- if: ${{ matrix.gcc_version == '8' && matrix.fips == '0' }}
name: Verify paths not found in release build
run: |
RELEASE_LIBCRYPTO=$(find ./target/release -name "libaws_lc_*_crypto.a")
if strings ${RELEASE_LIBCRYPTO} | grep runner; then
exit 1; # FAIL - we did not expect to find "runner" (i.e., a path)
else
exit 0; # SUCCESS
fi
aws-lc-rs-1804-gcc:
if: github.repository_owner == 'aws'
name: GCC ${{ matrix.gcc_version }} - CMake ${{ matrix.cmake }} - FIPS ${{ matrix.fips }}
runs-on: ubuntu-20.04
container:
image: ubuntu:18.04
env:
AWS_LC_SYS_CMAKE_BUILDER: ${{ matrix.cmake }}
strategy:
fail-fast: false
matrix:
cmake: [ '0', '1' ]
gcc_version: [ '4.8', '5', '6' ]
fips: [ '0', '1' ]
steps:
- run: |
apt-get update
apt-get install -y ca-certificates
apt-get install -y cmake curl sudo
apt-get install -y --no-install-recommends gpg-agent software-properties-common
apt-add-repository --yes ppa:git-core/ppa
add-apt-repository --yes ppa:longsleep/golang-backports
apt-get update
apt-get install -y build-essential git golang-go
curl -L -O -J https://github.com/PowerShell/PowerShell/releases/download/v7.2.23/powershell_7.2.23-1.deb_amd64.deb
dpkg -i powershell_7.2.23-1.deb_amd64.deb
apt-get install -f
rm powershell_7.2.23-1.deb_amd64.deb
- name: Checkout
run: |
git config --global --add safe.directory '*'
git clone --recursive ${{ github.server_url }}/${{ github.repository }}.git .
git fetch origin ${{ github.sha }}
git checkout --recurse-submodules -b ci-job ${{ github.sha }}
- uses: dtolnay/rust-toolchain@master
id: toolchain
with:
toolchain: stable
- name: Set up GCC
uses: egor-tensin/setup-gcc@v1.3
with:
version: ${{ matrix.gcc_version }}
platform: x64
- name: Run cargo test (debug)
run: cargo test -p aws-lc-rs --all-targets --no-default-features --features ${{ (matrix.fips == '0' && 'unstable,aws-lc-sys') || 'unstable,fips' }}
- name: Run cargo test (release)
run: cargo test -p aws-lc-rs --release --all-targets --no-default-features --features ${{ (matrix.fips == '0' && 'unstable,aws-lc-sys') || 'unstable,fips' }}
aws-lc-rs-c-std-test:
if: github.repository_owner == 'aws'
name: C-std ${{ matrix.os }} - ${{ matrix.c_std }} - Force CMake ${{ matrix.cmake }}
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
rust: [ stable ]
os: [ ubuntu-latest, macos-13, macos-14-xlarge, windows-latest ]
c_std: [ "11", "99" ]
cmake: [ '0', '1' ]
steps:
- uses: actions/checkout@v4
with:
submodules: 'recursive'
- uses: dtolnay/rust-toolchain@master
id: toolchain
with:
toolchain: stable
- run: |
echo 'export AWS_LC_SYS_CMAKE_BUILDER=${{ matrix.cmake }}' >> "$GITHUB_ENV"
- name: Run cargo test
working-directory: ./aws-lc-rs
env:
AWS_LC_SYS_PREBUILT_NASM: 1
AWS_LC_SYS_C_STD: ${{ matrix.c_std }}
run: cargo test --all-targets --features unstable