Skip to content

more perms

more perms #982

Workflow file for this run

name: Sanity Tests
on:
push:
branches-ignore:
- 'main'
paths:
- '.github/workflows/sanity-test.yml'
- 'builder/**'
- 'tests/**'
- '.github/actions/**/*'
env:
AWS_S3_BUCKET: ${{ secrets.AWS_S3_BUCKET }}
CRT_CI_ROLE: ${{ secrets.CRT_CI_ROLE_ARN }}
AWS_DEFAULT_REGION: us-east-1
permissions:
id-token: write # This is required for requesting the JWT
jobs:
cleanup:
name: Clean up previous branch jobs
runs-on: ubuntu-24.04
steps:
- name: Clean up previous branch jobs
uses: rokroskar/workflow-run-cleanup-action@master
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
unit_test:
name: Unit Tests
runs-on: ubuntu-24.04
steps:
- name: Checkout Source
uses: actions/checkout@v4
- name: Run Tests
run: python3 -m unittest discover tests --verbose
package:
name: Package builder app
runs-on: ubuntu-24.04
steps:
- uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ env.CRT_CI_ROLE }}
aws-region: ${{ env.AWS_DEFAULT_REGION }}
- name: Checkout Source
uses: actions/checkout@v4
- name: Get release tag
uses: ./.github/actions/release-tag
id: tag
with:
output: tag
- run: echo TAG ${{ steps.tag.outputs.release_tag }}
# re-enable this when requirements.txt has actual dependencies
# - name: Bundle dependencies
# run: |
# python3 -m pip install -r requirements.txt --target builder
# rm -rf builder/*.dist-info
- name: Package builder to S3
run: |
mkdir -p build
mkdir -p staging
cp -r builder staging/.
python3 -m zipapp --python="/usr/bin/env python3" -m "builder.main:main" --output=build/builder.pyz staging
aws s3 cp build/builder.pyz s3://$AWS_S3_BUCKET/channels/${{ steps.tag.outputs.release_tag }}/builder.pyz
zipinfo -1 build/builder.pyz
- name: Artifact builder
uses: actions/upload-artifact@v4
with:
name: builder
path: build/builder.pyz
sanity_test:
name: Sanity Test
strategy:
fail-fast: false
matrix:
host: [ubuntu-22.04, macos-13, macos-14, windows-2022]
needs: package
runs-on: ${{ matrix.host }}
steps:
- name: Checkout Source
uses: actions/checkout@v4
- name: Install builder
uses: actions/download-artifact@v4
with:
name: builder
path: .
- name: Sanity Test Run Compat (Unix)
if: ${{ !startsWith(matrix.host, 'windows') }}
run: |
ls -al
zipinfo -1 builder.pyz
python3 builder.pyz run test --project tests
- name: Sanity Test Action (Unix)
if: ${{ !startsWith(matrix.host, 'windows') }}
run: |
python3 builder.pyz test --project tests
- name: Sanity Test Build (Unix)
if: ${{ !startsWith(matrix.host, 'windows') }}
run: |
python3 builder.pyz build --project tests
- name: Sanity Test aws-c-common (Unix)
if: ${{ !startsWith(matrix.host, 'windows') }}
run: |
python3 builder.pyz build --project aws-c-common
- name: Sanity Test Run Compat (Windows)
if: startsWith(matrix.host, 'windows')
run: |
choco install --no-progress vswhere
python builder.pyz run test --project tests
- name: Sanity Test Action (Windows)
if: startsWith(matrix.host, 'windows')
run: |
choco install --no-progress vswhere
python builder.pyz test --project tests
- name: Sanity Test Build (Windows)
if: startsWith(matrix.host, 'windows')
run: |
python builder.pyz build --project tests
- name: Sanity Test aws-c-common (Windows)
if: startsWith(matrix.host, 'windows')
run: |
python builder.pyz build --project aws-c-common
# Make sure cross compiling works
cross_compile:
runs-on: ubuntu-24.24
needs: [package]
strategy:
matrix:
arch: [linux-armv6, linux-armv7, linux-armv8]
steps:
- name: Checkout Source
uses: actions/checkout@v4
- name: Install builder
uses: actions/download-artifact@v4
with:
name: builder
path: .
- name: Build aws-crt-cpp + consumers
run: python3 builder.pyz build downstream -p aws-crt-cpp --target=${{matrix.arch}} --dump-config
# Make sure all the linux compilers work
compilers:
strategy:
fail-fast: false
matrix:
compiler:
# Note: 18.04 image is no longer supported by gh and 20.04 image does
# not have some of the old compilers we want. disable those for now
# until we figure out a way to test them.
# - clang-6
# - clang-7 # this one actually has to be installed by the script
# - clang-8
- clang-9
- clang-10
- clang-11
# - gcc-4.8
# - gcc-5
# - gcc-6
- gcc-7
- gcc-8
- gcc-9
- gcc-10
- gcc-11
needs: [package]
runs-on: ubuntu-20.04
steps:
- name: Checkout Source
uses: actions/checkout@v4
- name: Install builder
uses: actions/download-artifact@v4
with:
name: builder
path: .
- name: Build aws-c-common
run: python3 builder.pyz build --project aws-c-common --compiler=${{ matrix.compiler }} run_tests=false
# Make sure linux compilers + stdlibs are installing properly
std-compat:
needs: [package, sanity_test]
runs-on: ubuntu-20.04
strategy:
fail-fast: false
matrix:
compiler: [gcc-8, clang-9]
std: [c++11, c++14, c++17, c++2a]
steps:
- uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ env.CRT_CI_ROLE }}
aws-region: ${{ env.AWS_DEFAULT_REGION }}
- name: Checkout Source
uses: actions/checkout@v4
- name: Install builder
uses: actions/download-artifact@v4
with:
name: builder
path: .
- name: Build aws-crt-cpp with ${{ matrix.compiler }}/${{ matrix.std }}
run: |
export CXXFLAGS=-std=${{ matrix.std }}
python3 builder.pyz build -p aws-crt-cpp --compiler=${{ matrix.compiler }}
release_notes:
strategy:
fail-fast: false
matrix:
project:
- aws-crt-python
- aws-iot-device-sdk-python-v2
needs: package
runs-on: ubuntu-24.04
steps:
- name: Install builder
uses: actions/download-artifact@v4
with:
name: builder
path: .
- name: Build ${{ matrix.project }}
run: python3 builder.pyz release-notes --project ${{ matrix.project }} --ignore-warnings
# Make sure downstream projects that use the builder compile after any changes
downstream:
strategy:
fail-fast: false
matrix:
project:
- aws-c-mqtt
- aws-c-http
- aws-crt-python
- aws-crt-cpp
- aws-crt-java
- aws-crt-nodejs
needs: package
runs-on: ubuntu-20.04
steps:
- uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ env.CRT_CI_ROLE }}
aws-region: ${{ env.AWS_DEFAULT_REGION }}
- name: Checkout Source
uses: actions/checkout@v4
- name: Install builder
uses: actions/download-artifact@v4
with:
name: builder
path: .
- name: Build ${{ matrix.project }}
run: python3 builder.pyz build --project ${{ matrix.project }} --compiler=clang
# This mostly tests that libcrypto and s2n resolve correctly on manylinux vs ubuntu
aws-c-cal:
strategy:
fail-fast: false
matrix:
linux:
- manylinux1-x86
- manylinux1-x64
- manylinux2014-x86
- manylinux2014-x64
- manylinux2014-aarch64
- musllinux-1-1-aarch64
- musllinux-1-1-x64
needs: package
runs-on: ubuntu-24.04
steps:
- uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ env.CRT_CI_ROLE }}
aws-region: ${{ env.AWS_DEFAULT_REGION }}
- name: Checkout Source
uses: actions/checkout@v4
- name: Get release tag
uses: ./.github/actions/release-tag
id: tag
with:
output: tag
# Only aarch64 needs this, but it doesn't hurt anything
- name: Install qemu/docker
run: docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
- name: Build ${{ env.PACKAGE_NAME }}
run: |
aws ecr get-login-password --region us-east-1 | docker login ${{ secrets.AWS_ECR_REPO }} -u AWS --password-stdin
export DOCKER_IMAGE=${{ secrets.AWS_ECR_REPO }}/aws-crt-${{ matrix.linux }}:${{ steps.tag.outputs.release_tag }}
docker pull $DOCKER_IMAGE
docker run --env GITHUB_REF $DOCKER_IMAGE --version=${{ steps.tag.outputs.release_tag }} build -p aws-c-cal --spec=downstream run_tests=false
# This tests for swift version
swift:
strategy:
fail-fast: false
matrix:
linux:
- swift-5-ubuntu-x64
- swift-5-centos-x64
- swift-5-al2-x64
needs: package
runs-on: ubuntu-24.04
steps:
- uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ env.CRT_CI_ROLE }}
aws-region: ${{ env.AWS_DEFAULT_REGION }}
- name: Checkout Source
uses: actions/checkout@v4
- name: Get release tag
uses: ./.github/actions/release-tag
id: tag
with:
output: tag
- name: Check for Swift
run: |
aws ecr get-login-password --region us-east-1 | docker login ${{ secrets.AWS_ECR_REPO }} -u AWS --password-stdin
export DOCKER_IMAGE=${{ secrets.AWS_ECR_REPO }}/aws-crt-${{ matrix.linux }}:${{ steps.tag.outputs.release_tag }}
docker pull $DOCKER_IMAGE
docker run --env GITHUB_REF --entrypoint swift $DOCKER_IMAGE --version
sanity-tests-passed:
name: All Sanity Tests passed
runs-on: ubuntu-24.04
needs:
- unit_test
- sanity_test
- cross_compile
- compilers
- release_notes
steps:
- run: echo "All sanity tests passed"