Ensure service indicator is incremented only once, update RSA and ED25519 to ensure the state is locked #1603
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Miscellaneous test jobs | |
| on: | |
| push: | |
| branches: [ '*' ] | |
| pull_request: | |
| branches: [ '*' ] | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref_name }} | |
| cancel-in-progress: true | |
| jobs: | |
| pre-sandbox: | |
| if: github.repository_owner == 'aws' | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Install OS Dependencies | |
| run: | | |
| sudo apt-get update -o Acquire::Languages=none -o Acquire::Translation=none | |
| sudo apt-get -y --no-install-recommends install \ | |
| cmake clang ninja-build golang | |
| echo "CC=clang" >> $GITHUB_ENV | |
| echo "CXX=clang++" >> $GITHUB_ENV | |
| - name: Install seccomp dependencies | |
| run: | | |
| sudo apt-get -y --no-install-recommends install libseccomp-dev | |
| - uses: actions/checkout@v3 | |
| - name: Test sandbox configuration | |
| run: | | |
| ./tests/ci/run_presandbox_tests.sh | |
| assert-license-statement-in-pr-description: | |
| if: github.repository_owner == 'aws' | |
| runs-on: ubuntu-latest | |
| steps: | |
| - if: ${{ github.event.pull_request != null }} | |
| name: Install jq | |
| run: | | |
| sudo apt-get update -o Acquire::Languages=none -o Acquire::Translation=none | |
| sudo apt-get install -y jq | |
| - if: ${{ github.event.pull_request != null }} | |
| name: Check PR description | |
| run: | | |
| # License statement we want present. | |
| LICENSE_STATEMENT="By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license and the ISC license." | |
| # Fetches the PR description. | |
| PR_DESCRIPTION=$(curl -s -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \ | |
| https://api.github.com/repos/${{ github.repository }}/pulls/${{ github.event.pull_request.number }} | jq -r .body) | |
| printf "PR description:\n%s" "${PR_DESCRIPTION}" | |
| echo "" | |
| echo "" | |
| printf "Must contain:\n%s" "${LICENSE_STATEMENT}" | |
| echo "" | |
| echo "" | |
| # Normalize line endings (convert CRLF to LF) | |
| PR_DESCRIPTION=$(echo "${PR_DESCRIPTION}" | tr -d '\r') | |
| # Escape quotes in PR description | |
| PR_DESCRIPTION=$(echo "${PR_DESCRIPTION}" | sed 's/"/\\"/g; s/'"'"'/\\'"'"'/g') | |
| # Remove all spaces and tabs | |
| PR_DESCRIPTION=$(echo "${PR_DESCRIPTION}" | tr -d ' \t') | |
| LICENSE_STATEMENT=$(echo "${LICENSE_STATEMENT}" | tr -d ' \t') | |
| printf "PR description trimmed:\n%s" "${PR_DESCRIPTION}" | |
| echo "" | |
| echo "" | |
| printf "Must contain trimmed:\n%s" "${LICENSE_STATEMENT}" | |
| echo "" | |
| echo "" | |
| # Assert PR description contains license statement. | |
| if printf "%s\n" "${PR_DESCRIPTION}" | grep -ixq "${LICENSE_STATEMENT}"; then | |
| echo "Success: PR description contains license statement." | |
| else | |
| echo "Error: PR description does not contain the required license statement." | |
| exit 1 | |
| fi | |
| path-has-spaces: | |
| if: github.repository_owner == 'aws' | |
| runs-on: ${{ matrix.os }} | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| os: [ ubuntu-latest, windows-latest, macos-14-xlarge ] | |
| steps: | |
| - if: ${{ matrix.os == 'windows-latest' }} | |
| name: Install NASM | |
| uses: ilammy/setup-nasm@v1.5.1 | |
| - uses: actions/setup-go@v4 | |
| with: | |
| go-version: '>=1.18' | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| path: "path has spaces/aws-lc" | |
| - uses: ilammy/msvc-dev-cmd@v1 | |
| - name: Setup CMake | |
| uses: threeal/cmake-action@v1.3.0 | |
| with: | |
| source-dir: 'path has spaces/aws-lc' | |
| build-dir: 'path has spaces/build' | |
| generator: Ninja | |
| - name: Build Project | |
| run: cmake --build "path has spaces/build" --target all | |
| - name: Run tests | |
| run: cmake --build "path has spaces/build" --target run_tests | |
| - name: Setup CMake FIPS | |
| uses: threeal/cmake-action@v1.3.0 | |
| with: | |
| source-dir: 'path has spaces/aws-lc' | |
| build-dir: 'path has spaces/build-fips' | |
| generator: Ninja | |
| options: CMAKE_BUILD_TYPE=Release FIPS=1 BUILD_SHARED_LIBS=${{ (matrix.os == 'ubuntu-latest' && '0') || '1' }} | |
| - name: Build Project | |
| run: cmake --build "path has spaces/build-fips" --target all | |
| # TODO: Fix the FIPS ACVP tests on Windows to handle spaces in the path | |
| - if: ${{ matrix.os != 'windows-latest' }} | |
| name: Run tests | |
| run: cmake --build "path has spaces/build-fips" --target run_tests |