fix(bottlecap): try kms decrypt without context as in goagent (#472) #1057
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Bottlecap (Rust) | |
| on: | |
| pull_request: | |
| push: | |
| branches: | |
| - main | |
| env: | |
| PB_VERSION: 25.3 | |
| PB_URL: https://github.com/protocolbuffers/protobuf/releases/download | |
| PB_TARGET: linux-x86_64 | |
| jobs: | |
| cancel-previous: | |
| name: Cancel Previous Jobs | |
| runs-on: ubuntu-22.04 | |
| timeout-minutes: 3 | |
| steps: | |
| - uses: styfle/[email protected] | |
| with: | |
| access_token: ${{ secrets.GITHUB_TOKEN }} | |
| all_but_latest: true # can cancel workflows scheduled later | |
| check: | |
| name: Check | |
| runs-on: ubuntu-22.04 | |
| env: | |
| CARGO_INCREMENTAL: "0" | |
| SCCACHE_GHA_ENABLED: "true" | |
| RUSTC_WRAPPER: "sccache" | |
| steps: | |
| - uses: actions/checkout@v4 | |
| # Install protobuf compiler for linux. The versions bundled with Ubuntu | |
| # 20.04 and 22.04 are too old -- our messages require protobuf >= 3.15 -- | |
| # so we need to download a protoc binary instead. | |
| - run: sudo apt-get update | |
| - run: sudo apt-get install -y curl unzip cmake | |
| - name: Install protobuf ${{ env.PB_VERSION }} compiler from binary for ${{ env.PB_TARGET }} | |
| run: | | |
| curl -LO "${{ env.PB_URL }}/v${{ env.PB_VERSION }}/protoc-${{ env.PB_VERSION }}-${{ env.PB_TARGET }}.zip" | |
| unzip "protoc-${{ env.PB_VERSION }}-${{ env.PB_TARGET }}.zip" -d "$HOME/.local" | |
| export PATH="$PATH:$HOME/.local/bin" | |
| - uses: actions-rust-lang/[email protected] | |
| with: | |
| cache: false | |
| - uses: mozilla-actions/[email protected] | |
| - working-directory: bottlecap | |
| run: cargo check --workspace | |
| clippy: | |
| name: Clippy | |
| runs-on: ubuntu-22.04 | |
| env: | |
| CARGO_INCREMENTAL: "0" | |
| SCCACHE_GHA_ENABLED: "true" | |
| RUSTC_WRAPPER: "sccache" | |
| steps: | |
| - uses: actions/checkout@v4 | |
| # Install protobuf compiler for linux. The versions bundled with Ubuntu | |
| # 20.04 and 22.04 are too old -- our messages require protobuf >= 3.15 -- | |
| # so we need to download a protoc binary instead. | |
| - run: sudo apt-get update | |
| - run: sudo apt-get install -y curl unzip cmake | |
| - name: Install protobuf ${{ env.PB_VERSION }} compiler from binary for ${{ env.PB_TARGET }} | |
| run: | | |
| curl -LO "${{ env.PB_URL }}/v${{ env.PB_VERSION }}/protoc-${{ env.PB_VERSION }}-${{ env.PB_TARGET }}.zip" | |
| unzip "protoc-${{ env.PB_VERSION }}-${{ env.PB_TARGET }}.zip" -d "$HOME/.local" | |
| export PATH="$PATH:$HOME/.local/bin" | |
| - uses: actions-rust-lang/[email protected] | |
| with: | |
| components: clippy | |
| cache: false | |
| - uses: mozilla-actions/[email protected] | |
| - working-directory: bottlecap | |
| run: cargo clippy --workspace --all-features | |
| build-all: | |
| name: Build All | |
| runs-on: ubuntu-22.04 | |
| env: | |
| CARGO_INCREMENTAL: "0" | |
| SCCACHE_GHA_ENABLED: "true" | |
| RUSTC_WRAPPER: "sccache" | |
| steps: | |
| - uses: actions/checkout@v4 | |
| # Install protobuf compiler for linux. The versions bundled with Ubuntu | |
| # 20.04 and 22.04 are too old -- our messages require protobuf >= 3.15 -- | |
| # so we need to download a protoc binary instead. | |
| - run: sudo apt-get update | |
| - run: sudo apt-get install -y curl unzip cmake | |
| - name: Install protobuf ${{ env.PB_VERSION }} compiler from binary for ${{ env.PB_TARGET }} | |
| run: | | |
| curl -LO "${{ env.PB_URL }}/v${{ env.PB_VERSION }}/protoc-${{ env.PB_VERSION }}-${{ env.PB_TARGET }}.zip" | |
| unzip "protoc-${{ env.PB_VERSION }}-${{ env.PB_TARGET }}.zip" -d "$HOME/.local" | |
| export PATH="$PATH:$HOME/.local/bin" | |
| - uses: actions-rust-lang/[email protected] | |
| with: | |
| cache: false | |
| - uses: mozilla-actions/[email protected] | |
| - working-directory: bottlecap | |
| run: cargo build --all | |
| test: | |
| name: Test Suite | |
| runs-on: ubuntu-22.04 | |
| env: | |
| CARGO_INCREMENTAL: "0" | |
| SCCACHE_GHA_ENABLED: "true" | |
| RUSTC_WRAPPER: "sccache" | |
| steps: | |
| - uses: actions/checkout@v4 | |
| # Install protobuf compiler for linux. The versions bundled with Ubuntu | |
| # 20.04 and 22.04 are too old -- our messages require protobuf >= 3.15 -- | |
| # so we need to download a protoc binary instead. | |
| - run: sudo apt-get update | |
| - run: sudo apt-get install -y curl unzip cmake | |
| - name: Install protobuf ${{ env.PB_VERSION }} compiler from binary for ${{ env.PB_TARGET }} | |
| run: | | |
| curl -LO "${{ env.PB_URL }}/v${{ env.PB_VERSION }}/protoc-${{ env.PB_VERSION }}-${{ env.PB_TARGET }}.zip" | |
| unzip "protoc-${{ env.PB_VERSION }}-${{ env.PB_TARGET }}.zip" -d "$HOME/.local" | |
| export PATH="$PATH:$HOME/.local/bin" | |
| - uses: actions-rust-lang/[email protected] | |
| with: | |
| cache: false | |
| - uses: taiki-e/install-action@v2 | |
| with: | |
| tool: [email protected] | |
| - uses: mozilla-actions/[email protected] | |
| - working-directory: bottlecap | |
| run: cargo nextest run --workspace | |
| format: | |
| name: Format | |
| runs-on: ${{ matrix.os }} | |
| strategy: | |
| matrix: | |
| os: [ ubuntu-22.04, macos-latest ] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions-rust-lang/[email protected] | |
| with: | |
| components: rustfmt | |
| cache: false | |
| - working-directory: bottlecap | |
| run: cargo fmt --all -- --check | |
| # todo: fix upstream warnings; from the readme: | |
| # The most common cause of missing licenses seems to be workspaces that | |
| # don't include forward their license files. Go to the repo for the | |
| # workspace and copy the relevant files from there. | |
| # A package license may receive a confidence warning stating that | |
| # cargo-bundle-licenses is "unsure" or "semi" confident. This means that | |
| # when the found license was compared to a template license it was found to | |
| # have diverged in more than a few words. You should verify that the licence | |
| # text is in fact correct in these cases. | |
| # | |
| # If this job fails, you probably need to regenerate the license, e.g. | |
| # CARGO_HOME=/tmp/dd-cargo cargo bundle-licenses --format yaml --output LICENSE-3rdparty.yml | |
| license-3rdparty: | |
| runs-on: ubuntu-latest | |
| name: "Valid LICENSE-3rdparty.yml" | |
| steps: | |
| - name: Checkout sources | |
| uses: actions/checkout@v4 | |
| - run: stat LICENSE-3rdparty.yml | |
| working-directory: bottlecap | |
| - name: Cache | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| ~/.cargo/registry/ | |
| ~/.cargo/git/db/ | |
| ~/.cargo/bin/ | |
| ~/.cargo/.crates.toml | |
| # cache key contains current version of cargo-bundle-licenses | |
| # when upstream version is updated we can bump the cache key version, | |
| # to cache the latest version of the tool | |
| key: "v1-2.0.0" | |
| # cargo-bundle-licenses v2.0 doesn't understand path differences due to | |
| # sparse vs git index, so force git. | |
| - run: mkdir -p .cargo && printf "[registries.crates-io]\nprotocol = \"git\"\n" > .cargo/config.toml | |
| working-directory: bottlecap | |
| - run: cargo install cargo-bundle-licenses | |
| - name: "Generate new LICENSE-3rdparty.yml and check against the previous" | |
| working-directory: bottlecap | |
| env: | |
| CARGO_HOME: "/tmp/dd-cargo" | |
| run: | | |
| # Run cargo bundle-licenses without directly checking against a previous snapshot | |
| cargo bundle-licenses \ | |
| --format yaml \ | |
| --output /tmp/CI.yaml | |
| # Normalize the paths in both files to ignore registry differences | |
| sed -E 's/(registry\/src\/)[^\/]+/\1normalized_path/g' /tmp/CI.yaml > /tmp/CI_normalized.yaml | |
| sed -E 's/(registry\/src\/)[^\/]+/\1normalized_path/g' LICENSE-3rdparty.yml > /tmp/LICENSE-3rdparty_normalized.yml | |
| # Now perform the diff on the normalized files | |
| if ! diff /tmp/CI_normalized.yaml /tmp/LICENSE-3rdparty_normalized.yml; then | |
| echo "Differences detected." | |
| exit 1 | |
| fi | |
| echo "No differences found." |