Skip to content

Add new s2n-bignum symbols to filter #1232

Add new s2n-bignum symbols to filter

Add new s2n-bignum symbols to filter #1232

Workflow file for this run

name: tests
on:
push:
branches:
- '*'
- '!generate/aws-lc-*'
pull_request:
branches:
- '*'
concurrency:
group: ${{ github.workflow }}-${{ github.ref_name }}
cancel-in-progress: true
env:
RUST_BACKTRACE: 1
# We can pin the version if nightly is too unstable.
# Otherwise, we test against the latest version.
RUST_NIGHTLY_TOOLCHAIN: nightly
jobs:
aws-lc-rs-test:
if: github.repository_owner == 'aws'
name: aws-lc-rs tests
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
rust: [ stable ]
os: [ ubuntu-latest, macos-13, macos-14-xlarge ]
args:
- --all-targets --features unstable
- --release --all-targets --features unstable
- --no-default-features --features non-fips,unstable
- --no-default-features --features non-fips,ring-io,unstable
- --no-default-features --features non-fips,ring-sig-verify,unstable
- --no-default-features --features non-fips,alloc,unstable
steps:
- uses: actions/checkout@v4
with:
submodules: 'recursive'
- uses: dtolnay/rust-toolchain@master
id: toolchain
with:
toolchain: ${{ matrix.rust }}
- name: Set Rust toolchain override
run: rustup override set ${{ steps.toolchain.outputs.name }}
- name: Run cargo test
working-directory: ./aws-lc-rs
run: cargo test ${{ matrix.args }}
- name: Run extra tests
working-directory: ./aws-lc-rs-testing
run: cargo test --all-targets
bindgen-test:
if: github.repository_owner == 'aws'
name: aws-lc-rs bindgen-tests
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
rust: [ stable ]
os: [ ubuntu-latest, macos-13, macos-14-xlarge ]
args:
- --no-default-features --features aws-lc-sys,bindgen,unstable
- --release --all-targets --features bindgen,unstable
steps:
- uses: actions/checkout@v4
with:
submodules: 'recursive'
- if: ${{ startsWith(matrix.os, 'macos-') }}
run: |
brew install llvm
echo 'export PATH="/opt/homebrew/opt/llvm/bin:$PATH"' >> "$GITHUB_ENV"
echo 'export LIBCLANG_PATH=/opt/homebrew/opt/llvm' >> "$GITHUB_ENV"
- uses: dtolnay/rust-toolchain@master
id: toolchain
with:
toolchain: ${{ matrix.rust }}
- name: Set Rust toolchain override
run: rustup override set ${{ steps.toolchain.outputs.name }}
- name: Run cargo test
working-directory: ./aws-lc-rs
run: cargo test ${{ matrix.args }}
windows-test:
if: github.repository_owner == 'aws'
name: aws-lc-rs windows-tests
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
rust: [ stable ]
os: [ windows-2019, windows-2022 ]
args:
- --all-targets --features unstable
- --all-targets --features bindgen,unstable
- --release --all-targets --features unstable
- --no-default-features --features non-fips,unstable
- --no-default-features --features non-fips,ring-io,unstable
- --no-default-features --features non-fips,ring-sig-verify,unstable
- --no-default-features --features non-fips,alloc,unstable
env:
AWS_LC_SYS_PREBUILT_NASM: 1
steps:
- uses: actions/checkout@v4
with:
submodules: 'recursive'
- uses: dtolnay/rust-toolchain@master
id: toolchain
with:
toolchain: ${{ matrix.rust }}
- name: Set Rust toolchain override
run: rustup override set ${{ steps.toolchain.outputs.name }}
- name: Run cargo test
working-directory: ./aws-lc-rs
run: cargo test ${{ matrix.args }}
aws-lc-rs-coverage:
name: aws-ls-rs coverage
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
submodules: 'recursive'
lfs: true
- uses: dtolnay/rust-toolchain@master
id: toolchain
with:
toolchain: ${{ env.RUST_NIGHTLY_TOOLCHAIN }}
components: llvm-tools-preview
- name: Set Rust toolchain override
run: rustup override set ${{ steps.toolchain.outputs.name }}
- name: Install cargo-llvm-cov
run: cargo install cargo-llvm-cov
- name: Run coverage
run: cargo llvm-cov -p aws-lc-rs --features unstable --no-fail-fast --ignore-filename-regex "aws-lc-(fips-)?sys/.*" --codecov --output-path ./codecov.json
- name: Run FIPS coverage
run: cargo llvm-cov -p aws-lc-rs --features unstable,fips --no-fail-fast --ignore-filename-regex "aws-lc-(fips-)?sys/.*" --codecov --output-path ./codecov-fips.json
- name: Upload coverage reports to Codecov
env:
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
uses: codecov/codecov-action@v4
with:
files: ./codecov.json,./codecov-fips.json
verbose: true
fail_ci_if_error: true
aws-lc-rs-asan:
if: github.repository_owner == 'aws'
name: aws-lc-rs asan
strategy:
matrix:
args:
-
- --release
features:
- --features asan
- --no-default-features --features fips,asan
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
submodules: 'recursive'
- uses: dtolnay/rust-toolchain@master
id: toolchain
with:
toolchain: ${{ env.RUST_NIGHTLY_TOOLCHAIN }}
- name: Set Rust toolchain override
run: rustup override set ${{ steps.toolchain.outputs.name }}
- name: Run address sanitizers
env:
ASAN_OPTIONS: detect_leaks=1
RUSTFLAGS: -Zsanitizer=address
RUSTDOCFLAGS: -Zsanitizer=address
working-directory: ./aws-lc-rs
run: cargo test ${{ matrix.args }} --lib --bins --tests --examples --target x86_64-unknown-linux-gnu --features asan
build-env-static-test:
if: github.repository_owner == 'aws'
name: aws-lc-rs build-env-static-test
runs-on: ${{ matrix.os }}
env:
AWS_LC_SYS_STATIC: ${{ matrix.static }}
strategy:
fail-fast: false
matrix:
os: [ ubuntu-latest, macos-13, macos-14-xlarge ]
static: [ 0, 1 ]
steps:
- uses: actions/checkout@v4
with:
submodules: 'recursive'
- uses: dtolnay/rust-toolchain@stable
- name: Run cargo test
# Doc-tests fail to link with dynamic build
# See: https://github.com/rust-lang/cargo/issues/8531
run: cargo test -p aws-lc-rs --tests
build-prebuild-nasm-test:
if: github.repository_owner == 'aws'
name: prebuilt-nasm usage
runs-on: windows-latest
strategy:
fail-fast: false
matrix:
target:
- 'x86_64-pc-windows-msvc'
- 'x86_64-pc-windows-gnu'
steps:
- uses: actions/checkout@v4
with:
submodules: 'recursive'
- uses: dtolnay/rust-toolchain@stable
- name: Verify NASM not available
shell: bash
run: |
if nasm --version; then
exit 1
else
exit 0;
fi
- name: Run cargo test w/ prebuilt-nasm feature
shell: bash
run: cargo test --tests -p aws-lc-rs --release --no-default-features --features aws-lc-sys,prebuilt-nasm
- name: Run cargo test w/ AWS_LC_SYS_PREBUILT_NASM=1
shell: bash
run: AWS_LC_SYS_PREBUILT_NASM=1 cargo test --tests -p aws-lc-rs --release --no-default-features --features aws-lc-sys
build-env-nasm-test:
if: github.repository_owner == 'aws'
name: prebuilt NASM verification
runs-on: windows-latest
strategy:
fail-fast: false
matrix:
target:
- 'x86_64-pc-windows-msvc'
- 'x86_64-pc-windows-gnu'
steps:
- uses: actions/checkout@v4
with:
submodules: 'recursive'
- uses: dtolnay/rust-toolchain@stable
- name: Install NASM
uses: ilammy/setup-nasm@v1
- name: Remove NASM artifacts
shell: bash
run: |
cargo clean
rm ./aws-lc-sys/builder/prebuilt-nasm/*
- name: Run cargo test
shell: bash
run: AWS_LC_SYS_PREBUILT_NASM=0 cargo test --tests -p aws-lc-rs --release --no-default-features --features aws-lc-sys
- name: Collect NASM outputs
shell: bash
run: ./scripts/build/collect_nasm_obj.sh
- name: Flag any NASM changes
shell: bash
run: |
git add .
git diff --cached --exit-code HEAD -- aws-lc-sys/builder/prebuilt-nasm/*.txt
build-env-external-bindgen-test:
if: github.repository_owner == 'aws'
name: aws-lc-rs - External bindgen test (${{ matrix.os }})
runs-on: ${{ matrix.os }}
env:
AWS_LC_SYS_EXTERNAL_BINDGEN: 1
strategy:
fail-fast: false
matrix:
os: [ ubuntu-latest, macos-13, macos-14-xlarge ]
steps:
- uses: actions/checkout@v4
with:
submodules: 'recursive'
- uses: dtolnay/rust-toolchain@stable
- name: Install bindgen-cli
run: cargo install --locked bindgen-cli
- name: Remove bindings
run: |
rm ./aws-lc-sys/src/x86_64*
rm ./aws-lc-sys/src/aarch64*
- name: Run cargo test
run: cargo test --tests -p aws-lc-rs --no-default-features --features aws-lc-sys
build-env-external-bindgen-windows-test:
if: github.repository_owner == 'aws'
name: aws-lc-rs - External bindgen test (${{ matrix.target }})
runs-on: windows-latest
env:
AWS_LC_SYS_EXTERNAL_BINDGEN: 1
strategy:
fail-fast: false
matrix:
target: [ 'i686-pc-windows-gnu', 'i686-pc-windows-msvc', 'x86_64-pc-windows-msvc', 'x86_64-pc-windows-gnu' ]
steps:
- uses: actions/checkout@v4
with:
submodules: 'recursive'
- uses: dtolnay/rust-toolchain@stable
with:
target: ${{ matrix.target }}
- uses: ilammy/setup-nasm@v1
- name: Install bindgen-cli
run: cargo install --locked bindgen-cli
- name: Remove bindings
run: |
rm ./aws-lc-sys/src/x86_64*
rm ./aws-lc-sys/src/aarch64*
rm ./aws-lc-sys/src/i686*
- if: ${{ matrix.target == 'i686-pc-windows-gnu' }}
name: Install mingw
uses: bwoodsend/setup-winlibs-action@v1
with:
architecture: i686
- name: Run cargo test
run: cargo test --tests -p aws-lc-rs --no-default-features --features aws-lc-sys --target ${{ matrix.target }}
build-env-fips-static-test:
if: github.repository_owner == 'aws'
name: aws-lc-rs build-env-fips-static-test
runs-on: ${{ matrix.os }}
env:
AWS_LC_FIPS_SYS_STATIC: ${{ matrix.static }}
strategy:
fail-fast: false
matrix:
os: [ ubuntu-latest, macos-13, macos-14-xlarge ]
static: [ 0, 1 ]
steps:
- uses: actions/checkout@v4
with:
submodules: 'recursive'
- uses: dtolnay/rust-toolchain@stable
- uses: actions/setup-go@v4
with:
go-version: '>=1.18'
- name: Run cargo test
if: ${{ matrix.os == 'ubuntu-latest' || matrix.static != 1 }}
run: cargo test -p aws-lc-rs --no-default-features --features fips
build-env-no-asm-test:
if: github.repository_owner == 'aws'
name: build-env-no-asm-test
runs-on: ${{ matrix.os }}
env:
AWS_LC_SYS_NO_ASM: 1
strategy:
fail-fast: false
matrix:
os: [ ubuntu-latest, macos-13, macos-14-xlarge, windows-latest ]
steps:
- uses: actions/checkout@v4
with:
submodules: 'recursive'
- uses: dtolnay/rust-toolchain@stable
- name: Run cargo test
run: cargo test -p aws-lc-rs
- name: Release build
if: ${{ matrix.os != 'windows-latest' }}
run: |
if cargo build -p aws-lc-rs --release; then
exit 1
else
exit 0
fi
- name: Release build
if: ${{ matrix.os == 'windows-latest' }}
shell: pwsh
run: |
if (cargo build -p aws-lc-rs --release) {
exit 1
} else {
exit 0
}
build-env-fips-no-asm-test:
if: github.repository_owner == 'aws'
name: aws-lc-rs build-env-fips-no-asm-test
runs-on: ${{ matrix.os }}
env:
AWS_LC_FIPS_SYS_NO_ASM: 1
strategy:
fail-fast: false
matrix:
os: [ ubuntu-latest, macos-13, macos-14-xlarge, windows-latest ]
steps:
- uses: actions/checkout@v4
with:
submodules: 'recursive'
- uses: dtolnay/rust-toolchain@stable
- uses: actions/setup-go@v4
with:
go-version: '>=1.18'
- uses: seanmiddleditch/gha-setup-ninja@v5
- name: Run cargo test
run: cargo test -p aws-lc-rs --tests --no-default-features --features fips
- name: Release build
if: ${{ matrix.os != 'windows-latest' }}
run: |
if cargo build -p aws-lc-rs --release --no-default-features --features fips; then
exit 1
else
exit 0
fi
- name: Release build
if: ${{ matrix.os == 'windows-latest' }}
shell: pwsh
run: |
if (cargo build -p aws-lc-rs --release --no-default-features --features fips) {
exit 1
} else {
exit 0
}
build-env-fips-external-bindgen-test:
if: github.repository_owner == 'aws'
name: aws-lc-rs FIPS - External bindgen test
runs-on: ${{ matrix.os }}
env:
AWS_LC_FIPS_SYS_EXTERNAL_BINDGEN: 1
strategy:
fail-fast: false
matrix:
os: [ ubuntu-latest, macos-13, macos-14-xlarge, windows-latest ]
steps:
- uses: actions/checkout@v4
with:
submodules: 'recursive'
- if: ${{ matrix.os == 'windows-latest' }}
uses: ilammy/setup-nasm@v1
- if: ${{ matrix.os == 'windows-latest' }}
uses: seanmiddleditch/gha-setup-ninja@v5
- uses: dtolnay/rust-toolchain@stable
- uses: actions/setup-go@v4
with:
go-version: '>=1.18'
- name: Install bindgen-cli
run: cargo install --locked bindgen-cli
- name: Remove bindings
run: |
rm ./aws-lc-fips-sys/src/x86_64*
rm ./aws-lc-fips-sys/src/aarch64*
- name: Run cargo test
run: cargo test --tests -p aws-lc-rs --no-default-features --features fips
careful:
if: github.repository_owner == 'aws'
name: Run carefully
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
os:
- ubuntu-latest
- macos-13
- macos-14-xlarge
steps:
- uses: actions/checkout@v4
with:
submodules: 'recursive'
lfs: true
- uses: dtolnay/rust-toolchain@master
id: toolchain
with:
toolchain: ${{ env.RUST_NIGHTLY_TOOLCHAIN }}
components: 'rust-src'
- if: ${{ startsWith(matrix.os, 'macos-') }}
run: |
brew install llvm
echo 'export PATH="/opt/homebrew/opt/llvm/bin:$PATH"'
echo 'export LIBCLANG_PATH=/opt/homebrew/opt/llvm' >> "$GITHUB_ENV"
- name: Set Rust toolchain override
run: rustup override set ${{ steps.toolchain.outputs.name }}
- name: Install cargo-careful
run: cargo install --locked cargo-careful
- uses: actions/setup-go@v4
with:
go-version: '>=1.18'
- name: Run tests
working-directory: ./aws-lc-rs
run: cargo careful test
- name: Run tests w/ FIPS
working-directory: ./aws-lc-rs
# Rust doc tests dislike dynamic linking
run: cargo careful test --tests --features fips,bindgen
clang-19-bindgen:
if: github.repository_owner == 'aws'
name: Clang 19.1 + bindgen tests
runs-on: macos-14-xlarge
env:
LIBCLANG_PATH: /opt/homebrew/opt/llvm/lib
LLVM_CONFIG_PATH: /opt/homebrew/opt/llvm/llvm-config
steps:
- uses: actions/checkout@v4
with:
submodules: 'recursive'
- uses: actions/setup-go@v4
with:
go-version: '>=1.18'
- uses: dtolnay/rust-toolchain@master
id: toolchain
with:
toolchain: stable
- run: |
brew update
brew uninstall --force llvm
brew install llvm@19
echo 'export PATH="/opt/homebrew/opt/llvm/bin:$PATH"' >> "$GITHUB_ENV"
- name: aws-lc-sys bindgen build
working-directory: ./aws-lc-sys
run: cargo test --features bindgen
- name: aws-lc-fips-sys bindgen build
working-directory: ./aws-lc-fips-sys
run: cargo test --features bindgen
source-path-has-spaces:
if: github.repository_owner == 'aws'
name:
"Spaces in path - ${{ matrix.os }} - FIPS: ${{ matrix.fips }}"
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
os: [ ubuntu-latest, macos-13, macos-14-xlarge, windows-latest ]
fips: [ 0, 1 ]
steps:
- uses: actions/checkout@v4
with:
submodules: 'recursive'
path: "path has spaces/aws-lc-rs"
- if: ${{ matrix.os == 'windows-latest' }}
uses: ilammy/setup-nasm@v1
- uses: dtolnay/rust-toolchain@stable
- uses: seanmiddleditch/gha-setup-ninja@v5
- uses: actions/setup-go@v4
with:
go-version: '>=1.18'
- name: Run cargo test
# macOS aarch64 fix for FIPS pending the following PR applied to FIPS branch:
# https://github.com/aws/aws-lc/pull/2005
if: ${{ matrix.fips == 0 || matrix.os != 'macos-14-xlarge' }}
working-directory: "path has spaces/aws-lc-rs"
run: cargo test --tests -p aws-lc-rs --no-default-features --features ${{ (matrix.fips == 1 && 'fips') || 'aws-lc-sys' }}
cmake-source-path-has-spaces:
if: github.repository_owner == 'aws'
name:
"Spaces in path (CMake) - ${{ matrix.os }}"
runs-on: ${{ matrix.os }}
env:
AWS_LC_SYS_CMAKE_BUILDER: 1
strategy:
fail-fast: false
matrix:
os: [ ubuntu-latest, macos-13, macos-14-xlarge ]
steps:
- uses: actions/checkout@v4
with:
submodules: 'recursive'
path: "path has spaces/aws-lc-rs"
- if: ${{ matrix.os == 'windows-latest' }}
uses: ilammy/setup-nasm@v1
- uses: dtolnay/rust-toolchain@stable
- uses: seanmiddleditch/gha-setup-ninja@v5
- uses: actions/setup-go@v4
with:
go-version: '>=1.18'
- name: Run cargo test
working-directory: "path has spaces/aws-lc-rs"
run: cargo test --tests -p aws-lc-rs --features bindgen