-
Notifications
You must be signed in to change notification settings - Fork 10
292 lines (225 loc) · 7.88 KB
/
build-and-test.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
name: Build and test
on:
push:
branches: [main]
tags: 'v*'
pull_request:
workflow_dispatch:
env:
CARGO_TERM_COLOR: always
jobs:
check-style:
runs-on: ubuntu-latest
steps:
- name: Checkout repo
uses: actions/checkout@v4
- name: Install Rust formatter
run: rustup component add rustfmt
- name: Check if code is well formatted
run: cargo fmt --check
unit-tests-default:
needs: check-style
runs-on: ubuntu-latest
strategy:
fail-fast: false
steps:
- name: Checkout repo
uses: actions/checkout@v4
- name: Run unit tests with default features
run: RUST_BACKTRACE=1 cargo test
unit-tests:
needs: check-style
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
crypto_backend: [lakers-crypto/psa, lakers-crypto/rustcrypto]
ead: [ead-none, ead-authz]
steps:
- name: Checkout repo
uses: actions/checkout@v4
- name: Run unit tests with feature matrix # note that we only add `--package lakers-ead-authz` when testing with that config
run: RUST_BACKTRACE=1 cargo test -p lakers -p lakers-crypto -p lakers-shared ${{ matrix.ead == 'ead-authz' && '-p lakers-ead-authz' || '' }} --no-default-features --features="${{ matrix.crypto_backend }}, test-${{ matrix.ead }}" --no-fail-fast -- --test-threads 1
build-edhoc-package:
needs: unit-tests
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
crypto_backend: [lakers-crypto/psa, lakers-crypto/psa-baremetal, lakers-crypto/cryptocell310, lakers-crypto/rustcrypto]
steps:
- name: Checkout repo
uses: actions/checkout@v4
- name: Install arm targets for Rust
run: rustup target add thumbv7m-none-eabi && rustup target add thumbv7em-none-eabihf
- name: Install arm gcc
run: sudo apt-get -y update && sudo apt-get -y install gcc-arm-none-eabi
- name: Build
run: cargo build --package lakers --package lakers-crypto --package lakers-ead-authz --no-default-features --features="${{ matrix.crypto_backend }}" --release
generate-fstar:
runs-on: ubuntu-latest
steps:
- name: Checkout lakers
uses: actions/checkout@v4
- name: Generate fstar code over lakers and lakers-shared
run: |
docker run --rm -v ${{ github.workspace }}:/lakers docker.io/geonnave/hax bash -e -c "
cd lakers
# generate the fstar files
cargo-hax -C -p lakers --no-default-features --features='lakers-crypto/rustcrypto' --release \; into -i '-lakers::generate_connection_identifier_cbor -lakers::generate_connection_identifier' fstar
cargo-hax -C -p lakers-shared \; into -i '-lakers_shared::ffi::**' fstar
# even if fstar generation was ok, fail if something is not implemented
[ -z "$(find -name *.fst -type f | xargs grep 'something is not implemented yet')" ]
"
zip -j -r lakers-fstar.zip $(find . -name *fst)
- name: Upload artifact
uses: actions/upload-artifact@v4
with:
name: fstar-code
path: ./lakers-fstar.zip
build-lakers-c:
needs: unit-tests
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
crypto_backend: [crypto-rustcrypto, crypto-psa-baremetal, crypto-cryptocell310]
steps:
- name: Checkout repo
uses: actions/checkout@v4
- name: Install arm targets for Rust
run: rustup target add thumbv7em-none-eabihf
- name: Install arm gcc
run: sudo apt-get -y update && sudo apt-get -y install gcc-arm-none-eabi
- name: Build static library, generate headers, and zip to file
run: cd lakers-c && ./build.sh "${{ matrix.crypto_backend }}"
- name: Upload artifact
uses: actions/upload-artifact@v4
with:
name: lakers-c-${{ matrix.crypto_backend }}
path: ./target/lakers-c-*.zip
build-lakers-c-example:
needs: unit-tests
runs-on: ubuntu-latest
strategy:
fail-fast: false
steps:
- name: Checkout repo
uses: actions/checkout@v4
- name: Checkout libcoap
uses: actions/checkout@v4
with:
repository: obgm/libcoap
path: libcoap
- name: Install libcoap
run: |
cd libcoap && ./autogen.sh
./configure --disable-doxygen --disable-manpages --disable-dtls --disable-oscore
make && sudo make install
- name: Install arm targets for Rust
run: rustup target add thumbv7em-none-eabihf
- name: Install arm gcc
run: sudo apt-get -y update && sudo apt-get -y install gcc-arm-none-eabi
- name: Build static library and generate headers
run: cd lakers-c && ./build.sh crypto-rustcrypto
- name: Build and run native C eaxmple
run: |
cd examples/lakers-c-native
make all LAKERS_EAD=authz
test-lakers-python:
needs: check-style
runs-on: ubuntu-latest
strategy:
fail-fast: false
steps:
- name: Checkout repo
uses: actions/checkout@v4
- name: set up python
uses: actions/setup-python@v5
with:
python-version: '3.10'
- name: Test Python package
run: |
cd lakers-python
python3 -m venv .venv
source .venv/bin/activate
pip install --upgrade pip
pip install -U maturin pytest cbor2
pip freeze
maturin develop && pytest
run-example-on-qemu:
needs: unit-tests
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
crypto_backend: [crypto-psa]
steps:
- name: Checkout repo
uses: actions/checkout@v4
- name: Install arm targets for Rust
run: rustup target add thumbv7m-none-eabi
- name: Install arm gcc
run: sudo apt-get -y update && sudo apt-get -y install gcc-arm-none-eabi
- name: Install QEMU ARM emulator
run: sudo apt-get -y install qemu-system-arm
- name: Run tests in QEMU
run: cd examples/lakers-no_std && cargo run --target="thumbv7m-none-eabi" --no-default-features --features="${{ matrix.crypto_backend }}" --release
build-example-for-cortex-m4:
needs: unit-tests
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
crypto_backend: [crypto-psa, crypto-cryptocell310]
steps:
- name: Checkout repo
uses: actions/checkout@v4
- name: Install arm targets for Rust
run: rustup target add thumbv7em-none-eabihf
- name: Install arm gcc
run: sudo apt-get -y update && sudo apt-get -y install gcc-arm-none-eabi
- name: Build example
run: cd examples/lakers-no_std && cargo build --target="thumbv7em-none-eabihf" --no-default-features --features="${{ matrix.crypto_backend }}, rtt" --release
build-coap-example:
needs: unit-tests
runs-on: ubuntu-latest
steps:
- name: Checkout repo
uses: actions/checkout@v4
- name: Build server
run: cargo build --bin coapserver
- name: Build client
run: cargo build --bin coapclient
- name: Build coap-handler based server
run: cargo build --bin coapserver-coaphandler
release:
runs-on: ubuntu-latest
needs: [
build-edhoc-package, build-lakers-c,
generate-fstar,
build-example-for-cortex-m4, build-coap-example, build-lakers-c-example,
run-example-on-qemu,
]
if: >-
github.event_name == 'push' &&
startsWith(github.event.ref, 'refs/tags')
steps:
- name: Checkout repo
uses: actions/checkout@v4
- name: Download artifacts
uses: actions/[email protected]
with:
name: fstar-code
path: ./release-artifacts
- name: Download artifacts
uses: actions/[email protected]
with:
pattern: lakers-c*
path: ./release-artifacts
- name: Release
uses: ncipollo/release-action@v1
with:
generateReleaseNotes: true
artifacts: "release-artifacts/*"
token: ${{ secrets.RELEASE_TOKEN }}