Skip to content

[v1.2-branch][Infineon] Cherry-pick #34770 Provision to enable/disable NOC key-pair generation using HSM #34924 #90269

[v1.2-branch][Infineon] Cherry-pick #34770 Provision to enable/disable NOC key-pair generation using HSM #34924

[v1.2-branch][Infineon] Cherry-pick #34770 Provision to enable/disable NOC key-pair generation using HSM #34924 #90269

Workflow file for this run

# Copyright (c) 2020-2021 Project CHIP Authors
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
name: Darwin
on:
push:
pull_request:
merge_group:
workflow_dispatch:
concurrency:
group: ${{ github.ref }}-${{ github.workflow }}-${{ (github.event_name == 'pull_request' && github.event.number) || (github.event_name == 'workflow_dispatch' && github.run_number) || github.sha }}
cancel-in-progress: true
env:
CHIP_NO_LOG_TIMESTAMPS: true
jobs:
darwin:
name: Build Darwin
if: github.actor != 'restyled-io[bot]'
runs-on: macos-13
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup Environment
run: brew install [email protected]
- name: Checkout submodules & Bootstrap
uses: ./.github/actions/checkout-submodules-and-bootstrap
with:
platform: darwin
- name: Block zap-cli from being used
# xcodebuild is NOT expected to require zap-cli
run: scripts/run_in_build_env.sh 'D=$(dirname $(which zap-cli)) && mv $D/zap-cli $D/zap-cli.moved'
- name: Validate zap-cli is NOT available
# run_in_build_env.sh is used to ensure PATH is set to something that would otherwise find zap-cli
run: scripts/run_in_build_env.sh '(zap-cli --version && exit 1) || exit 0'
- name: Run iOS Build Debug
working-directory: src/darwin/Framework
# Disable availability annotations, since we are not building a system
# Matter.framework.
run: xcodebuild -target "Matter" -sdk iphoneos -configuration Debug GCC_PREPROCESSOR_DEFINITIONS='${inherited} MTR_NO_AVAILABILITY=1'
- name: Run iOS Build Release
working-directory: src/darwin/Framework
# Disable availability annotations, since we are not building a system
# Matter.framework.
run: xcodebuild -target "Matter" -sdk iphoneos -configuration Release GCC_PREPROCESSOR_DEFINITIONS='${inherited} MTR_NO_AVAILABILITY=1'
- name: Clean Build
run: xcodebuild clean
working-directory: src/darwin/Framework
- name: Delete Defaults
run: defaults delete com.apple.dt.xctest.tool
continue-on-error: true
- name: Run macOS Build
# Enable -Werror by hand here, because the Xcode config can't
# enable it for various reasons. Keep whatever Xcode settings
# for OTHER_CFLAGS exist by using ${inherited}.
#
# Enable -Wconversion by hand as well, because it seems to not be
# enabled by default in the Xcode config.
#
# Disable availability annotations, since we are not building a system
# Matter.framework.
run: xcodebuild -target "Matter" -sdk macosx OTHER_CFLAGS='${inherited} -Werror -Wconversion' GCC_PREPROCESSOR_DEFINITIONS='${inherited} MTR_NO_AVAILABILITY=1'
working-directory: src/darwin/Framework
- name: Clean Build
run: xcodebuild clean
working-directory: src/darwin/Framework
- name: Make zap-cli work again
run: scripts/run_in_build_env.sh 'D=$(dirname $(which zap-cli.moved)) && mv $D/zap-cli.moved $D/zap-cli'
- name: Validate zap-cli is again available
run: scripts/run_in_build_env.sh 'zap-cli --version'
- name: Build example All Clusters Server
run: |
scripts/examples/gn_build_example.sh examples/all-clusters-app/linux out/debug chip_config_network_layer_ble=false
- name: Build example OTA Provider
run: |
scripts/examples/gn_build_example.sh examples/ota-provider-app/linux out/debug chip_config_network_layer_ble=false
- name: Build example OTA Requestor
run: |
scripts/examples/gn_build_example.sh examples/ota-requestor-app/linux out/debug/ota-requestor-app chip_config_network_layer_ble=false non_spec_compliant_ota_action_delay_floor=0
- name: Delete Defaults
run: defaults delete com.apple.dt.xctest.tool
continue-on-error: true
- name: Run Framework Tests
# For now disable unguarded-availability-new warnings because we
# internally use APIs that we are annotating as only available on
# new enough versions. Maybe we should change out deployment
# target versions instead?
run: |
mkdir -p /tmp/darwin/framework-tests
../../../out/debug/chip-all-clusters-app --interface-id -1 > >(tee /tmp/darwin/framework-tests/all-cluster-app.log) 2> >(tee /tmp/darwin/framework-tests/all-cluster-app-err.log >&2) &
../../../out/debug/chip-all-clusters-app --interface-id -1 --dac_provider ../../../credentials/development/commissioner_dut/struct_cd_origin_pid_vid_correct/test_case_vector.json --product-id 32768 --discriminator 3839 --secured-device-port 5539 --KVS /tmp/chip-all-clusters-app-kvs2 > >(tee /tmp/darwin/framework-tests/all-cluster-app-origin-vid.log) 2> >(tee /tmp/darwin/framework-tests/all-cluster-app-origin-vid-err.log >&2) &
# Disable BLE because the app does not have the permission to use
# it and that may crash the CI.
#
# -enableUndefinedBehaviorSanitizer instruments the code in Matter.framework,
# but to instrument the code in the underlying libCHIP we need to pass CHIP_IS_UBSAN=YES
TEST_RUNNER_ASAN_OPTIONS=__CURRENT_VALUE__:detect_stack_use_after_return=1 xcodebuild test -target "Matter" -scheme "Matter Framework Tests" -sdk macosx -enableAddressSanitizer YES -enableUndefinedBehaviorSanitizer YES OTHER_CFLAGS='${inherited} -Werror -Wconversion' CHIP_IS_UBSAN=YES CHIP_IS_BLE=NO GCC_PREPROCESSOR_DEFINITIONS='${inherited} MTR_NO_AVAILABILITY=1'> >(tee /tmp/darwin/framework-tests/darwin-tests-asan.log) 2> >(tee /tmp/darwin/framework-tests/darwin-tests-asan-err.log >&2)
# And the same thing, but with MTR_PER_CONTROLLER_STORAGE_ENABLED turned on.
TEST_RUNNER_ASAN_OPTIONS=__CURRENT_VALUE__:detect_stack_use_after_return=1 xcodebuild test -target "Matter" -scheme "Matter Framework Tests" -sdk macosx -enableAddressSanitizer YES -enableUndefinedBehaviorSanitizer YES OTHER_CFLAGS='${inherited} -Werror -Wconversion' CHIP_IS_UBSAN=YES CHIP_IS_BLE=NO GCC_PREPROCESSOR_DEFINITIONS='${inherited} MTR_NO_AVAILABILITY=1 MTR_PER_CONTROLLER_STORAGE_ENABLED=1' > >(tee /tmp/darwin/framework-tests/darwin-tests-asan-controller-storage.log) 2> >(tee /tmp/darwin/framework-tests/darwin-tests-asan-controller-storage-err.log >&2)
# And the same thing, but with MTR_ENABLE_PROVISIONAL also turned on.
TEST_RUNNER_ASAN_OPTIONS=__CURRENT_VALUE__:detect_stack_use_after_return=1 xcodebuild test -target "Matter" -scheme "Matter Framework Tests" -sdk macosx -enableAddressSanitizer YES -enableUndefinedBehaviorSanitizer YES OTHER_CFLAGS='${inherited} -Werror -Wconversion' CHIP_IS_UBSAN=YES CHIP_IS_BLE=NO GCC_PREPROCESSOR_DEFINITIONS='${inherited} MTR_NO_AVAILABILITY=1 MTR_PER_CONTROLLER_STORAGE_ENABLED=1 MTR_ENABLE_PROVISIONAL=1' > >(tee /tmp/darwin/framework-tests/darwin-tests-asan-provisional.log) 2> >(tee /tmp/darwin/framework-tests/darwin-tests-asan-provisional-err.log >&2)
# And the same thing, but with MTR_NO_AVAILABILITY not turned on. This requires -Wno-unguarded-availability-new to avoid availability errors.
TEST_RUNNER_ASAN_OPTIONS=__CURRENT_VALUE__:detect_stack_use_after_return=1 xcodebuild test -target "Matter" -scheme "Matter Framework Tests" -sdk macosx -enableAddressSanitizer YES -enableUndefinedBehaviorSanitizer YES OTHER_CFLAGS='${inherited} -Werror -Wconversion -Wno-unguarded-availability-new' CHIP_IS_UBSAN=YES CHIP_IS_BLE=NO GCC_PREPROCESSOR_DEFINITIONS='${inherited}' > >(tee /tmp/darwin/framework-tests/darwin-tests-asan-with-availability-annotations.log) 2> >(tee /tmp/darwin/framework-tests/darwin-tests-asan-with-availability-annotations-err.log >&2)
# -enableThreadSanitizer instruments the code in Matter.framework,
# but to instrument the code in the underlying libCHIP we need to pass CHIP_IS_TSAN=YES
xcodebuild test -target "Matter" -scheme "Matter Framework Tests" -sdk macosx -enableThreadSanitizer YES OTHER_CFLAGS='${inherited} -Werror -Wconversion' CHIP_IS_TSAN=YES CHIP_IS_BLE=NO GCC_PREPROCESSOR_DEFINITIONS='${inherited} MTR_NO_AVAILABILITY=1' > >(tee /tmp/darwin/framework-tests/darwin-tests-tsan.log) 2> >(tee /tmp/darwin/framework-tests/darwin-tests-tsan-err.log >&2)
working-directory: src/darwin/Framework
- name: Build Matter TV Casting Bridge
run: |
xcodebuild -target "MatterTvCastingBridge" -sdk iphoneos
working-directory: examples/tv-casting-app/darwin/MatterTvCastingBridge
- name: Uploading log files
uses: actions/upload-artifact@v3
if: ${{ failure() && !env.ACT }}
with:
name: darwin-framework-test-logs
path: /tmp/darwin/framework-tests
retention-days: 5