chore(GHA): Run Java CI testing for MPL Latest Release #13
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This workflow is for testing that the latest released version | |
| # of the MPL is compatible with the current DB-ESDK Head | |
| name: Test Latest Released MPL Java with DB-ESDK HEAD | |
| on: | |
| schedule: | |
| - cron: "00 16 * * 1-5" | |
| workflow_dispatch: # allows triggering this manually through the Actions UI | |
| # TODO: Remove this before merging to main. We don't want this workflow running in CI | |
| # on PRs because we expect it to fail when the MPL is actually updated since the last version. | |
| pull_request: | |
| jobs: | |
| getVersion: | |
| # Don't run the cron builds on forks | |
| if: github.event_name != 'schedule' || github.repository_owner == 'aws' | |
| uses: ./.github/workflows/dafny_version.yml | |
| getVerifyVersion: | |
| if: github.event_name != 'schedule' || github.repository_owner == 'aws' | |
| uses: ./.github/workflows/dafny_verify_version.yml | |
| getMplDependencyJavaVersion: | |
| if: github.event_name != 'schedule' || github.repository_owner == 'aws' | |
| uses: ./.github/workflows/mpl_dependency_java_version.yml | |
| testJava: | |
| needs: [getVersion, getMplDependencyJavaVersion] | |
| strategy: | |
| max-parallel: 1 | |
| matrix: | |
| java-version: [17] | |
| os: [macos-13] | |
| runs-on: ${{ matrix.os }} | |
| permissions: | |
| id-token: write | |
| contents: read | |
| steps: | |
| - name: Configure AWS Credentials | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| aws-region: us-west-2 | |
| role-to-assume: arn:aws:iam::370957321024:role/GitHub-CI-DDBEC-Dafny-Role-us-west-2 | |
| role-session-name: DDBEC-Dafny-Java-Tests | |
| - uses: actions/checkout@v3 | |
| with: | |
| submodules: recursive | |
| - name: Setup Java ${{ matrix.java-version }} | |
| uses: actions/setup-java@v4 | |
| with: | |
| distribution: "corretto" | |
| java-version: ${{ matrix.java-version }} | |
| - name: Setup Dafny | |
| uses: dafny-lang/[email protected] | |
| with: | |
| dafny-version: ${{ needs.getVersion.outputs.version }} | |
| - name: Regenerate code using smithy-dafny if necessary | |
| if: ${{ inputs.regenerate-code }} | |
| uses: ./.github/actions/polymorph_codegen | |
| with: | |
| dafny: ${{ env.DAFNY_VERSION }} | |
| library: DynamoDbEncryption | |
| diff-generated-code: false | |
| update-and-regenerate-mpl: true | |
| # The following two steps: "Build and deploy to maven local" and "Run Extensive Tests" | |
| # mimic the tests in ./codebuild/staging/release-staging.yml | |
| - name: Build and deploy to maven local | |
| shell: bash | |
| working-directory: ./DynamoDbEncryption | |
| run: | | |
| # Run transpile by itself. We don't want to locally build the MPL because | |
| # we want to verify that the version pulled down from maven works correctly | |
| make transpile_implementation_java | |
| make transpile_test_java | |
| make mvn_local_deploy | |
| make test_java | |
| - name: Run Extensive Tests | |
| working-directory: ./DynamoDbEncryption | |
| run: | | |
| gradle -p runtimes/java clean | |
| gradle -p runtimes/java test | |
| # This makes sure that we are using the correct MPL version to test the DB-ESDK. | |
| # If this contains a SNAPSHOT version, this will fail because' | |
| # we are NOT building the MPL recursively but pulling from Maven. | |
| - name: Update project.properties to use the correct MPL version (from project.properties in DB-ESDK) | |
| working-directory: ./submodules/MaterialProviders/ | |
| run: | | |
| sed "s/mplVersion=.*/mplVersion=${{needs.getMplDependencyJavaVersion.outputs.version}}/g" project.properties > project.properties2; mv project.properties2 project.properties | |
| # The following three steps: "Transpile MPL Test Vectors without recursively building the MPL", | |
| # "Run Test Vectors", and "Test Examples" mimic the tests in ./codebuild/staging/validate-staging.yml | |
| - name: Transpile MPL Test Vectors without recursively building the MPL | |
| working-directory: ./submodules/MaterialProviders/TestVectorsAwsCryptographicMaterialProviders | |
| run: | | |
| # Run transpile by itself. We don't want to locally build the MPL because | |
| # we want to verify that the version pulled down from maven works correctly | |
| make transpile_implementation_java | |
| make transpile_test_java | |
| make mvn_local_deploy | |
| - name: Run Test Vectors | |
| working-directory: ./TestVectors | |
| run: | | |
| # Spin up ddb local | |
| docker run --name dynamodb -d -p 8000:8000 amazon/dynamodb-local -jar DynamoDBLocal.jar -port 8000 -inMemory -cors * | |
| # Run transpile by itself so we don't locally build the MPL. | |
| make transpile_implementation_java | |
| make transpile_test_java | |
| gradle -p runtimes/java runTests | |
| - name: Test Examples | |
| working-directory: ./Examples | |
| run: | | |
| # Run Simple Examples | |
| gradle -p runtimes/java/DynamoDbEncryption test | |
| # Run Migration Examples | |
| gradle -p runtimes/java/Migration/PlaintextToAWSDBE test | |
| gradle -p runtimes/java/Migration/DDBECToAWSDBE test |