activate venv for pkcs12 sample #2284
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
on: | |
push: | |
branches-ignore: | |
- 'main' | |
- 'docs' | |
env: | |
BUILDER_VERSION: v0.9.56 | |
BUILDER_SOURCE: releases | |
BUILDER_HOST: https://d19elf31gohf1l.cloudfront.net | |
PACKAGE_NAME: aws-iot-device-sdk-cpp-v2 | |
LINUX_BASE_IMAGE: ubuntu-18-x64 | |
HEAD_REF: ${{ github.head_ref }} | |
RUN: ${{ github.run_id }}-${{ github.run_number }} | |
AWS_DEFAULT_REGION: us-east-1 | |
DA_TOPIC: test/da | |
DA_SHADOW_PROPERTY: datest | |
DA_SHADOW_VALUE_SET: ON | |
DA_SHADOW_VALUE_DEFAULT: OFF | |
CI_FOLDER: "D:/a/work" | |
CI_UTILS_FOLDER: "./aws-iot-device-sdk-cpp-v2/utils" | |
CI_SAMPLES_CFG_FOLDER: "./aws-iot-device-sdk-cpp-v2/.github/workflows" | |
CI_SERVICE_TESTS_CFG_FOLDER: "./test_cases" | |
CI_IOT_CONTAINERS: arn:aws:iam::123124136734:role/CRT_IoT_Containers | |
CI_PUBSUB_ROLE: arn:aws:iam::180635532705:role/CI_PubSub_Role | |
CI_CYCLEPUBSUB_ROLE: arn:aws:iam::180635532705:role/CI_CyclePubSub_Role | |
CI_CUSTOM_AUTHORIZER_ROLE: arn:aws:iam::180635532705:role/CI_CustomAuthorizer_Role | |
CI_COGNITO_ROLE: arn:aws:iam::180635532705:role/CI_Cognito_Role | |
CI_SHADOW_ROLE: arn:aws:iam::180635532705:role/CI_Shadow_Role | |
CI_JOBS_ROLE: arn:aws:iam::180635532705:role/CI_Jobs_Role | |
CI_FLEET_PROVISIONING_ROLE: arn:aws:iam::180635532705:role/service-role/CI_FleetProvisioning_Role | |
CI_DEVICE_ADVISOR: arn:aws:iam::180635532705:role/CI_DeviceAdvisor_Role | |
CI_DEVICE_DEFENDER: arn:aws:iam::180635532705:role/CI_DeviceDefender_Role | |
CI_SECURE_TUNNEL: arn:aws:iam::180635532705:role/CI_SecureTunnel_Role | |
CI_X509_ROLE: arn:aws:iam::180635532705:role/CI_X509_Role | |
CI_MQTT5_ROLE: arn:aws:iam::180635532705:role/CI_MQTT5_Role | |
CI_GREENGRASS_ROLE: arn:aws:iam::180635532705:role/CI_Greengrass_Role | |
CI_GREENGRASS_INSTALLER_ROLE: arn:aws:iam::180635532705:role/CI_GreengrassInstaller_Role | |
CI_JOBS_SERVICE_CLIENT_ROLE: arn:aws:iam::180635532705:role/CI_JobsServiceClient_Role | |
CI_SHADOW_SERVICE_CLIENT_ROLE: arn:aws:iam::180635532705:role/CI_ShadowServiceClient_Role | |
jobs: | |
linux-compat: | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
image: | |
- manylinux2014-x64 | |
- manylinux2014-x86 | |
- al2-x64 | |
- alpine-3.16-x64 | |
- alpine-3.16-x86 | |
- alpine-3.16-armv6 | |
- alpine-3.16-armv7 | |
- alpine-3.16-arm64 | |
permissions: | |
id-token: write # This is required for requesting the JWT | |
steps: | |
- name: configure AWS credentials (containers) | |
uses: aws-actions/configure-aws-credentials@v2 | |
with: | |
role-to-assume: ${{ env.CI_IOT_CONTAINERS }} | |
aws-region: ${{ env.AWS_DEFAULT_REGION }} | |
- name: Install qemu/docker | |
run: docker run --rm --privileged multiarch/qemu-user-static --reset -p yes | |
- name: Build ${{ env.PACKAGE_NAME }} | |
run: | | |
aws s3 cp s3://aws-crt-test-stuff/ci/${{ env.BUILDER_VERSION }}/linux-container-ci.sh ./linux-container-ci.sh && chmod a+x ./linux-container-ci.sh | |
./linux-container-ci.sh ${{ env.BUILDER_VERSION }} aws-crt-${{ matrix.image }} build -p ${{ env.PACKAGE_NAME }} | |
raspberry: | |
runs-on: ubuntu-20.04 # latest | |
strategy: | |
fail-fast: false | |
matrix: | |
image: | |
- raspbian-bullseye | |
permissions: | |
id-token: write # This is required for requesting the JWT | |
steps: | |
- name: configure AWS credentials (containers) | |
uses: aws-actions/configure-aws-credentials@v2 | |
with: | |
role-to-assume: ${{ env.CI_IOT_CONTAINERS }} | |
aws-region: ${{ env.AWS_DEFAULT_REGION }} | |
# set arm arch | |
- name: Install qemu/docker | |
run: docker run --rm --privileged multiarch/qemu-user-static --reset -p yes | |
- name: Build ${{ env.PACKAGE_NAME }} | |
run: | | |
aws s3 cp s3://aws-crt-test-stuff/ci/${{ env.BUILDER_VERSION }}/linux-container-ci.sh ./linux-container-ci.sh && chmod a+x ./linux-container-ci.sh | |
./linux-container-ci.sh ${{ env.BUILDER_VERSION }} aws-crt-${{ matrix.image }} build -p ${{ env.PACKAGE_NAME }} | |
linux-compiler-compat: | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
compiler: | |
- clang-3 | |
- clang-6 | |
- clang-8 | |
- clang-9 | |
- clang-10 | |
- clang-11 | |
- gcc-4.8 | |
- gcc-5 | |
- gcc-6 | |
- gcc-7 | |
- gcc-8 | |
permissions: | |
id-token: write # This is required for requesting the JWT | |
steps: | |
- name: configure AWS credentials (containers) | |
uses: aws-actions/configure-aws-credentials@v2 | |
with: | |
role-to-assume: ${{ env.CI_IOT_CONTAINERS }} | |
aws-region: ${{ env.AWS_DEFAULT_REGION }} | |
# We can't use the `uses: docker://image` version yet, GitHub lacks authentication for actions -> packages | |
- name: Build ${{ env.PACKAGE_NAME }} | |
run: | | |
aws s3 cp s3://aws-crt-test-stuff/ci/${{ env.BUILDER_VERSION }}/linux-container-ci.sh ./linux-container-ci.sh && chmod a+x ./linux-container-ci.sh | |
./linux-container-ci.sh ${{ env.BUILDER_VERSION }} aws-crt-${{ env.LINUX_BASE_IMAGE }} build -p ${{ env.PACKAGE_NAME }} --compiler=${{ matrix.compiler }} | |
byo-crypto: | |
runs-on: ubuntu-latest | |
permissions: | |
id-token: write # This is required for requesting the JWT | |
steps: | |
- name: configure AWS credentials (containers) | |
uses: aws-actions/configure-aws-credentials@v2 | |
with: | |
role-to-assume: ${{ env.CI_IOT_CONTAINERS }} | |
aws-region: ${{ env.AWS_DEFAULT_REGION }} | |
# We can't use the `uses: docker://image` version yet, GitHub lacks authentication for actions -> packages | |
- name: Build ${{ env.PACKAGE_NAME }} | |
run: | | |
aws s3 cp s3://aws-crt-test-stuff/ci/${{ env.BUILDER_VERSION }}/linux-container-ci.sh ./linux-container-ci.sh && chmod a+x ./linux-container-ci.sh | |
./linux-container-ci.sh ${{ env.BUILDER_VERSION }} aws-crt-${{ env.LINUX_BASE_IMAGE }} build -p ${{ env.PACKAGE_NAME }} --cmake-extra=-DBYO_CRYPTO=ON --variant=skip_sample | |
linux-no-cpu-extensions: | |
runs-on: ubuntu-latest | |
permissions: | |
id-token: write # This is required for requesting the JWT | |
steps: | |
- name: configure AWS credentials (containers) | |
uses: aws-actions/configure-aws-credentials@v2 | |
with: | |
role-to-assume: ${{ env.CI_IOT_CONTAINERS }} | |
aws-region: ${{ env.AWS_DEFAULT_REGION }} | |
# We can't use the `uses: docker://image` version yet, GitHub lacks authentication for actions -> packages | |
- name: Build ${{ env.PACKAGE_NAME }} | |
run: | | |
aws s3 cp s3://aws-crt-test-stuff/ci/${{ env.BUILDER_VERSION }}/linux-container-ci.sh ./linux-container-ci.sh && chmod a+x ./linux-container-ci.sh | |
./linux-container-ci.sh ${{ env.BUILDER_VERSION }} aws-crt-${{ env.LINUX_BASE_IMAGE }} build -p ${{ env.PACKAGE_NAME }} --cmake-extra=-DUSE_CPU_EXTENSIONS=OFF | |
windows: | |
runs-on: windows-latest | |
permissions: | |
id-token: write # This is required for requesting the JWT | |
steps: | |
- name: Build ${{ env.PACKAGE_NAME }} + consumers | |
run: | | |
md ${{ env.CI_FOLDER }} | |
cd ${{ env.CI_FOLDER }} | |
python -c "from urllib.request import urlretrieve; urlretrieve('${{ env.BUILDER_HOST }}/${{ env.BUILDER_SOURCE }}/${{ env.BUILDER_VERSION }}/builder.pyz', 'builder.pyz')" | |
python builder.pyz build -p ${{ env.PACKAGE_NAME }} | |
- name: Running samples in CI setup | |
run: | | |
python -m pip install boto3 | |
- name: configure AWS credentials (PubSub) | |
uses: aws-actions/configure-aws-credentials@v2 | |
with: | |
role-to-assume: ${{ env.CI_PUBSUB_ROLE }} | |
aws-region: ${{ env.AWS_DEFAULT_REGION }} | |
- name: run MQTT3 PubSub sample | |
run: | | |
cd ${{ env.CI_FOLDER }} | |
python ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --file ${{ env.CI_SAMPLES_CFG_FOLDER }}/ci_run_pubsub_windows_cfg.json | |
- name: run Windows Certificate Connect sample | |
run: | | |
cd ${{ env.CI_FOLDER }} | |
python ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --file ${{ env.CI_SAMPLES_CFG_FOLDER }}/ci_run_windows_cert_connect_cfg.json | |
- name: configure AWS credentials (MQTT5) | |
uses: aws-actions/configure-aws-credentials@v2 | |
with: | |
role-to-assume: ${{ env.CI_MQTT5_ROLE }} | |
aws-region: ${{ env.AWS_DEFAULT_REGION }} | |
- name: run MQTT5 PubSub sample | |
run: | | |
cd ${{ env.CI_FOLDER }} | |
python ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --file ${{ env.CI_SAMPLES_CFG_FOLDER }}/ci_run_mqtt5_pubsub_windows_cfg.json | |
- name: configure AWS credentials (Device Advisor) | |
uses: aws-actions/configure-aws-credentials@v2 | |
with: | |
role-to-assume: ${{ env.CI_DEVICE_ADVISOR }} | |
aws-region: ${{ env.AWS_DEFAULT_REGION }} | |
- name: run DeviceAdvisor | |
run: | | |
cd ${{ env.CI_FOLDER }}/aws-iot-device-sdk-cpp-v2 | |
python ./deviceadvisor/script/DATestRun.py | |
windows-vs14: | |
runs-on: windows-2019 # windows-2019 is last env with Visual Studio 2015 (v14.0) | |
strategy: | |
matrix: | |
arch: [Win32, x64] | |
fail-fast: false | |
permissions: | |
id-token: write # This is required for requesting the JWT | |
steps: | |
- name: Build ${{ env.PACKAGE_NAME }} + consumers | |
run: | | |
md ${{ env.CI_FOLDER }} | |
cd ${{ env.CI_FOLDER }} | |
python -c "from urllib.request import urlretrieve; urlretrieve('${{ env.BUILDER_HOST }}/${{ env.BUILDER_SOURCE }}/${{ env.BUILDER_VERSION }}/builder.pyz?run=${{ env.RUN }}', 'builder.pyz')" | |
python builder.pyz build -p ${{ env.PACKAGE_NAME }} --cmake-extra=-Tv140 --cmake-extra=-A${{ matrix.arch }} | |
- name: Running samples in CI setup | |
run: | | |
python -m pip install boto3 | |
- name: configure AWS credentials (PubSub) | |
uses: aws-actions/configure-aws-credentials@v2 | |
with: | |
role-to-assume: ${{ env.CI_PUBSUB_ROLE }} | |
aws-region: ${{ env.AWS_DEFAULT_REGION }} | |
- name: run MQTT3 PubSub sample | |
run: | | |
cd ${{ env.CI_FOLDER }} | |
python ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --file ${{ env.CI_SAMPLES_CFG_FOLDER }}/ci_run_pubsub_windows_cfg.json | |
- name: run Windows Certificate Connect sample | |
run: | | |
cd ${{ env.CI_FOLDER }} | |
python ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --file ${{ env.CI_SAMPLES_CFG_FOLDER }}/ci_run_windows_cert_connect_cfg.json | |
- name: configure AWS credentials (MQTT5) | |
uses: aws-actions/configure-aws-credentials@v2 | |
with: | |
role-to-assume: ${{ env.CI_MQTT5_ROLE }} | |
aws-region: ${{ env.AWS_DEFAULT_REGION }} | |
- name: run MQTT5 PubSub sample | |
run: | | |
cd ${{ env.CI_FOLDER }} | |
python ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --file ${{ env.CI_SAMPLES_CFG_FOLDER }}/ci_run_mqtt5_pubsub_windows_cfg.json | |
- name: configure AWS credentials (Device Advisor) | |
uses: aws-actions/configure-aws-credentials@v2 | |
with: | |
role-to-assume: ${{ env.CI_DEVICE_ADVISOR }} | |
aws-region: ${{ env.AWS_DEFAULT_REGION }} | |
- name: run DeviceAdvisor | |
run: | | |
cd ${{ env.CI_FOLDER }}/aws-iot-device-sdk-cpp-v2 | |
python ./deviceadvisor/script/DATestRun.py | |
windows-no-cpu-extensions: | |
runs-on: windows-latest | |
permissions: | |
id-token: write # This is required for requesting the JWT | |
steps: | |
- name: Build ${{ env.PACKAGE_NAME }} + consumers | |
run: | | |
md ${{ env.CI_FOLDER }} | |
cd ${{ env.CI_FOLDER }} | |
python -c "from urllib.request import urlretrieve; urlretrieve('${{ env.BUILDER_HOST }}/${{ env.BUILDER_SOURCE }}/${{ env.BUILDER_VERSION }}/builder.pyz', 'builder.pyz')" | |
python builder.pyz build -p ${{ env.PACKAGE_NAME }} --cmake-extra=-DUSE_CPU_EXTENSIONS=OFF | |
- name: Running samples in CI setup | |
run: | | |
python -m pip install boto3 | |
- name: configure AWS credentials (PubSub) | |
uses: aws-actions/configure-aws-credentials@v2 | |
with: | |
role-to-assume: ${{ env.CI_PUBSUB_ROLE }} | |
aws-region: ${{ env.AWS_DEFAULT_REGION }} | |
- name: run MQTT3 PubSub sample | |
run: | | |
cd ${{ env.CI_FOLDER }} | |
python ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --file ${{ env.CI_SAMPLES_CFG_FOLDER }}/ci_run_pubsub_windows_cfg.json | |
- name: run Windows Certificate Connect sample | |
run: | | |
cd ${{ env.CI_FOLDER }} | |
python ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --file ${{ env.CI_SAMPLES_CFG_FOLDER }}/ci_run_windows_cert_connect_cfg.json | |
- name: configure AWS credentials (MQTT5) | |
uses: aws-actions/configure-aws-credentials@v2 | |
with: | |
role-to-assume: ${{ env.CI_MQTT5_ROLE }} | |
aws-region: ${{ env.AWS_DEFAULT_REGION }} | |
- name: run MQTT5 PubSub sample | |
run: | | |
cd ${{ env.CI_FOLDER }} | |
python ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --file ${{ env.CI_SAMPLES_CFG_FOLDER }}/ci_run_mqtt5_pubsub_windows_cfg.json | |
- name: configure AWS credentials (Device Advisor) | |
uses: aws-actions/configure-aws-credentials@v2 | |
with: | |
role-to-assume: ${{ env.CI_DEVICE_ADVISOR }} | |
aws-region: ${{ env.AWS_DEFAULT_REGION }} | |
- name: run DeviceAdvisor | |
run: | | |
cd ${{ env.CI_FOLDER }}/aws-iot-device-sdk-cpp-v2 | |
python ./deviceadvisor/script/DATestRun.py | |
windows-app-verifier: | |
runs-on: windows-2022 # latest | |
permissions: | |
id-token: write # This is required for requesting the JWT | |
steps: | |
- name: Build ${{ env.PACKAGE_NAME }} + consumers | |
run: | | |
md ${{ env.CI_FOLDER }} | |
cd ${{ env.CI_FOLDER }} | |
python -c "from urllib.request import urlretrieve; urlretrieve('${{ env.BUILDER_HOST }}/${{ env.BUILDER_SOURCE }}/${{ env.BUILDER_VERSION }}/builder.pyz', 'builder.pyz')" | |
python builder.pyz build -p ${{ env.PACKAGE_NAME }} --cmake-extra=-DUSE_CPU_EXTENSIONS=OFF | |
- name: Running samples in CI setup | |
run: | | |
python -m pip install boto3 | |
- name: configure AWS credentials (CyclePubSub) | |
uses: aws-actions/configure-aws-credentials@v2 | |
with: | |
role-to-assume: ${{ env.CI_CYCLEPUBSUB_ROLE }} | |
aws-region: ${{ env.AWS_DEFAULT_REGION }} | |
- name: Run and check AppVerifier | |
run: | | |
cd ${{ env.CI_FOLDER }} | |
echo "Starting to run AppVerifier with cycle pub-sub sample" | |
python ${{ env.CI_UTILS_FOLDER }}/appverifier_launch_sample.py --sample_file ".\aws-iot-device-sdk-cpp-v2\build\samples\pub_sub\cycle_pub_sub\RelWithDebInfo\cycle-pub-sub.exe" --sample_secret_endpoint 'ci/endpoint' --sample_secret_certificate 'ci/CyclePubSub/cert' --sample_secret_private_key 'ci/CyclePubSub/key' | |
windows-shared-lib: | |
runs-on: windows-latest | |
permissions: | |
id-token: write # This is required for requesting the JWT | |
steps: | |
- name: Build ${{ env.PACKAGE_NAME }} + consumers | |
run: | | |
md ${{ env.CI_FOLDER }} | |
cd ${{ env.CI_FOLDER }} | |
python -c "from urllib.request import urlretrieve; urlretrieve('${{ env.BUILDER_HOST }}/${{ env.BUILDER_SOURCE }}/${{ env.BUILDER_VERSION }}/builder.pyz', 'builder.pyz')" | |
python builder.pyz build -p ${{ env.PACKAGE_NAME }} --cmake-extra=-DBUILD_SHARED_LIBS=ON | |
osx: | |
runs-on: ${{ matrix.runner }} | |
strategy: | |
matrix: | |
runner: | |
- macos-13 | |
- macos-latest | |
permissions: | |
id-token: write # This is required for requesting the JWT | |
security-events: write # This is required for pkcs12 sample to sign the key | |
steps: | |
- name: Build ${{ env.PACKAGE_NAME }} + consumers | |
run: | | |
python3 -c "from urllib.request import urlretrieve; urlretrieve('${{ env.BUILDER_HOST }}/${{ env.BUILDER_SOURCE }}/${{ env.BUILDER_VERSION }}/builder.pyz', 'builder')" | |
chmod a+x builder | |
./builder build -p ${{ env.PACKAGE_NAME }} --spec=downstream | |
- name: Running samples in CI setup | |
run: | | |
python3 -m venv .venv | |
source .venv/bin/activate | |
python3 -m pip install boto3 | |
- name: configure AWS credentials (PubSub) | |
uses: aws-actions/configure-aws-credentials@v2 | |
with: | |
role-to-assume: ${{ env.CI_PUBSUB_ROLE }} | |
aws-region: ${{ env.AWS_DEFAULT_REGION }} | |
- name: run MQTT3 PubSub sample | |
run: | | |
source .venv/bin/activate | |
python3 ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --file ${{ env.CI_SAMPLES_CFG_FOLDER }}/ci_run_pubsub_cfg.json | |
- name: run PKCS12 sample | |
run: | | |
source .venv/bin/activate | |
aws s3 cp s3://iot-sdk-ci-bucket-us-east1/pkcs12_identity.p12 ./pkcs12_identity.p12 | |
pkcs12_identity_name=$(aws secretsmanager get-secret-value --region us-east-1 --secret-id "ci/macos/pkcs12_identity" --query "SecretString" | cut -f2 -d":" | cut -f2 -d\") | |
pkcs12_identity_password=$(aws secretsmanager get-secret-value --region us-east-1 --secret-id "ci/macos/pkcs12_identity_password" --query "SecretString" | cut -f2 -d":" | cut -f2 -d\") | |
cert=$(aws secretsmanager get-secret-value --region us-east-1 --secret-id "ci/PubSub/cert" --query "SecretString" | cut -f2 -d":" | cut -f2 -d\") && echo -e "$cert" > /tmp/certificate.pem | |
key=$(aws secretsmanager get-secret-value --region us-east-1 --secret-id "ci/PubSub/key" --query "SecretString" | cut -f2 -d":" | cut -f2 -d\") && echo -e "$key" > /tmp/privatekey.pem | |
iot_pkcs12_password=$(aws secretsmanager get-secret-value --region us-east-1 --secret-id "ci/PubSub/key_pkcs12_password" --query "SecretString" | cut -f2 -d":" | cut -f2 -d\") | |
openssl pkcs12 -export -in /tmp/certificate.pem -inkey /tmp/privatekey.pem -out ./iot_pkcs12_key.p12 -name PubSub_Thing_Alias -password pass:$iot_pkcs12_password | |
security create-keychain -p test_password build.keychain | |
security set-keychain-settings -lut 21600 build.keychain | |
security default-keychain -s build.keychain | |
security unlock-keychain -p test_password build.keychain | |
security import pkcs12_identity.p12 -A -k build.keychain -f pkcs12 -P $pkcs12_identity_password -T /usr/bin/codesign -T /usr/bin/security | |
security set-key-partition-list -S 'apple-tool:,apple:' -k test_password build.keychain | |
/usr/bin/codesign --force -s $pkcs12_identity_name ./aws-iot-device-sdk-cpp-v2/build/samples/mqtt/pkcs12_connect/pkcs12-connect -v | |
python3 ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --file ${{ env.CI_SAMPLES_CFG_FOLDER }}/ci_run_pkcs12_connect_cfg.json | |
- name: configure AWS credentials (MQTT5) | |
uses: aws-actions/configure-aws-credentials@v2 | |
with: | |
role-to-assume: ${{ env.CI_MQTT5_ROLE }} | |
aws-region: ${{ env.AWS_DEFAULT_REGION }} | |
- name: run MQTT5 PubSub sample | |
run: | | |
source .venv/bin/activate | |
python3 ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --file ${{ env.CI_SAMPLES_CFG_FOLDER }}/ci_run_mqtt5_pubsub_cfg.json | |
- name: configure AWS credentials (Device Advisor) | |
uses: aws-actions/configure-aws-credentials@v2 | |
with: | |
role-to-assume: ${{ env.CI_DEVICE_ADVISOR }} | |
aws-region: ${{ env.AWS_DEFAULT_REGION }} | |
- name: run DeviceAdvisor | |
run: | | |
source .venv/bin/activate | |
cd ./aws-iot-device-sdk-cpp-v2 | |
python3 ./deviceadvisor/script/DATestRun.py | |
# Not strictly needed, but allows us to run Device Advisor and PubSub on Linux without needing to run all samples | |
linux-github-actions: | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
permissions: | |
id-token: write # This is required for requesting the JWT | |
steps: | |
- name: Build ${{ env.PACKAGE_NAME }} + consumers | |
run: | | |
python -c "from urllib.request import urlretrieve; urlretrieve('${{ env.BUILDER_HOST }}/${{ env.BUILDER_SOURCE }}/${{ env.BUILDER_VERSION }}/builder.pyz?run=${{ env.RUN }}', 'builder.pyz')" | |
python builder.pyz build -p ${{ env.PACKAGE_NAME }} | |
- name: Running samples in CI setup | |
run: | | |
python3 -m pip install boto3 | |
- name: configure AWS credentials (PubSub) | |
uses: aws-actions/configure-aws-credentials@v2 | |
with: | |
role-to-assume: ${{ env.CI_PUBSUB_ROLE }} | |
aws-region: ${{ env.AWS_DEFAULT_REGION }} | |
- name: run MQTT3 PubSub sample | |
run: | | |
python3 ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --file ${{ env.CI_SAMPLES_CFG_FOLDER }}/ci_run_pubsub_cfg.json | |
- name: configure AWS credentials (MQTT5) | |
uses: aws-actions/configure-aws-credentials@v2 | |
with: | |
role-to-assume: ${{ env.CI_MQTT5_ROLE }} | |
aws-region: ${{ env.AWS_DEFAULT_REGION }} | |
- name: run MQTT5 PubSub sample | |
run: | | |
python3 ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --file ${{ env.CI_SAMPLES_CFG_FOLDER }}/ci_run_mqtt5_pubsub_cfg.json | |
- name: configure AWS credentials (Device Advisor) | |
uses: aws-actions/configure-aws-credentials@v2 | |
with: | |
role-to-assume: ${{ env.CI_DEVICE_ADVISOR }} | |
aws-region: ${{ env.AWS_DEFAULT_REGION }} | |
- name: run DeviceAdvisor | |
run: | | |
cd ./aws-iot-device-sdk-cpp-v2 | |
python3 ./deviceadvisor/script/DATestRun.py | |
- name: configure AWS credentials (Device Defender) | |
uses: aws-actions/configure-aws-credentials@v2 | |
with: | |
role-to-assume: ${{ env.CI_DEVICE_DEFENDER }} | |
aws-region: ${{ env.AWS_DEFAULT_REGION }} | |
- name: run DeviceDefender | |
run: | | |
cd ./aws-iot-device-sdk-cpp-v2 | |
python3 ./devicedefender/script/DDTestRun.py | |
- name: run Mqtt5 DeviceDefender | |
run: | | |
cd ./aws-iot-device-sdk-cpp-v2 | |
python3 ./devicedefender/script/DDTestRun.py mqtt5 | |
# Runs the samples and ensures that everything is working | |
linux-smoke-tests: | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
permissions: | |
id-token: write # This is required for requesting the JWT | |
steps: | |
- name: Setup C++ | |
run: | | |
sudo apt-get -qq update -y | |
sudo apt-get -qq install -y build-essential | |
sudo apt install cmake | |
gcc --version | |
cmake --version | |
- name: Build ${{ env.PACKAGE_NAME }} + consumers | |
run: | | |
echo "Downloading source" | |
git clone --recursive https://github.com/aws/aws-iot-device-sdk-cpp-v2.git --branch ${{ env.HEAD_REF || github.ref_name }} | |
echo "Running builder" | |
python -c "from urllib.request import urlretrieve; urlretrieve('${{ env.BUILDER_HOST }}/${{ env.BUILDER_SOURCE }}/${{ env.BUILDER_VERSION }}/builder.pyz?run=${{ env.RUN }}', 'builder.pyz')" | |
python builder.pyz build -p ${{ env.PACKAGE_NAME }} | |
- name: Running samples in CI setup | |
run: | | |
python3 -m pip install boto3 | |
sudo apt-get update -y | |
sudo apt-get install softhsm -y | |
softhsm2-util --version | |
- name: configure AWS credentials (Fleet provisioning) | |
uses: aws-actions/configure-aws-credentials@v2 | |
with: | |
role-to-assume: ${{ env.CI_FLEET_PROVISIONING_ROLE }} | |
aws-region: ${{ env.AWS_DEFAULT_REGION }} | |
- name: run Fleet Provisioning service client test for MQTT311 | |
working-directory: ./aws-iot-device-sdk-cpp-v2/servicetests | |
run: | | |
export PYTHONPATH=${{ github.workspace }}/aws-iot-device-sdk-cpp-v2/utils | |
python3 ./test_cases/test_fleet_provisioning.py --config-file test_cases/mqtt3_fleet_provisioning_cfg.json --thing-name-prefix Fleet_Thing_ | |
- name: run Fleet Provisioning service client test for MQTT5 | |
working-directory: ./aws-iot-device-sdk-cpp-v2/servicetests | |
run: | | |
export PYTHONPATH=${{ github.workspace }}/aws-iot-device-sdk-cpp-v2/utils | |
python3 ./test_cases/test_fleet_provisioning.py --config-file test_cases/mqtt5_fleet_provisioning_cfg.json --thing-name-prefix Fleet_Thing_ | |
- name: run Fleet Provisioning with CSR service client test for MQTT311 | |
working-directory: ./aws-iot-device-sdk-cpp-v2/servicetests | |
run: | | |
export PYTHONPATH=${{ github.workspace }}/aws-iot-device-sdk-cpp-v2/utils | |
python3 ./test_cases/test_fleet_provisioning.py --config-file test_cases/mqtt3_fleet_provisioning_with_csr_cfg.json --thing-name-prefix Fleet_Thing_ | |
- name: run Fleet Provisioning with CSR service client test for MQTT5 | |
working-directory: ./aws-iot-device-sdk-cpp-v2/servicetests | |
run: | | |
export PYTHONPATH=${{ github.workspace }}/aws-iot-device-sdk-cpp-v2/utils | |
python3 ./test_cases/test_fleet_provisioning.py --config-file test_cases/mqtt5_fleet_provisioning_with_csr_cfg.json --thing-name-prefix Fleet_Thing_ | |
- name: configure AWS credentials (Jobs) | |
uses: aws-actions/configure-aws-credentials@v2 | |
with: | |
role-to-assume: ${{ env.CI_JOBS_SERVICE_CLIENT_ROLE }} | |
aws-region: ${{ env.AWS_DEFAULT_REGION }} | |
- name: run mqtt3 Jobs serviceTests | |
working-directory: ./aws-iot-device-sdk-cpp-v2/servicetests | |
run: | | |
export PYTHONPATH=${{ github.workspace }}/aws-iot-device-sdk-cpp-v2/utils | |
python3 ./test_cases/test_jobs_execution.py --config-file ${{ env.CI_SERVICE_TESTS_CFG_FOLDER }}/mqtt3_jobs_cfg.json | |
- name: run mqtt5 Jobs serviceTests | |
working-directory: ./aws-iot-device-sdk-cpp-v2/servicetests | |
run: | | |
export PYTHONPATH=${{ github.workspace }}/aws-iot-device-sdk-cpp-v2/utils | |
python3 ./test_cases/test_jobs_execution.py --config-file ${{ env.CI_SERVICE_TESTS_CFG_FOLDER }}/mqtt5_jobs_cfg.json | |
- name: configure AWS credentials (Shadow) | |
uses: aws-actions/configure-aws-credentials@v2 | |
with: | |
role-to-assume: ${{ env.CI_SHADOW_SERVICE_CLIENT_ROLE }} | |
aws-region: ${{ env.AWS_DEFAULT_REGION }} | |
- name: run Shadow service client test for MQTT5 | |
working-directory: ./aws-iot-device-sdk-cpp-v2/servicetests | |
run: | | |
export PYTHONPATH=${{ github.workspace }}/aws-iot-device-sdk-cpp-v2/utils | |
python3 ./test_cases/test_shadow_update.py --config-file test_cases/mqtt5_shadow_cfg.json | |
- name: run Shadow service client test for MQTT311 | |
working-directory: ./aws-iot-device-sdk-cpp-v2/servicetests | |
run: | | |
export PYTHONPATH=${{ github.workspace }}/aws-iot-device-sdk-cpp-v2/utils | |
python3 ./test_cases/test_shadow_update.py --config-file test_cases/mqtt3_shadow_cfg.json | |
- name: run Named Shadow service client test for MQTT311 | |
working-directory: ./aws-iot-device-sdk-cpp-v2/servicetests | |
run: | | |
export PYTHONPATH=${{ github.workspace }}/aws-iot-device-sdk-cpp-v2/utils | |
python3 ./test_cases/test_shadow_update.py --config-file test_cases/mqtt3_named_shadow_cfg.json | |
- name: run Named Shadow service client test for MQTT5 | |
working-directory: ./aws-iot-device-sdk-cpp-v2/servicetests | |
run: | | |
export PYTHONPATH=${{ github.workspace }}/aws-iot-device-sdk-cpp-v2/utils | |
python3 ./test_cases/test_shadow_update.py --config-file test_cases/mqtt5_named_shadow_cfg.json | |
- name: configure AWS credentials (Connect and PubSub) | |
uses: aws-actions/configure-aws-credentials@v2 | |
with: | |
role-to-assume: ${{ env.CI_PUBSUB_ROLE }} | |
aws-region: ${{ env.AWS_DEFAULT_REGION }} | |
- name: run Basic Connect sample | |
run: | | |
python3 ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --file ${{ env.CI_SAMPLES_CFG_FOLDER }}/ci_run_basic_connect_cfg.json | |
- name: run Websocket Connect sample | |
run: | | |
python3 ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --file ${{ env.CI_SAMPLES_CFG_FOLDER }}/ci_run_websocket_connect_cfg.json | |
- name: run MQTT3 PubSub sample | |
run: | | |
python3 ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --file ${{ env.CI_SAMPLES_CFG_FOLDER }}/ci_run_pubsub_cfg.json | |
- name: run PKCS11 Connect sample | |
run: | | |
mkdir -p /tmp/tokens | |
export SOFTHSM2_CONF=/tmp/softhsm2.conf | |
echo "directories.tokendir = /tmp/tokens" > /tmp/softhsm2.conf | |
python3 ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --file ${{ env.CI_SAMPLES_CFG_FOLDER }}/ci_run_pkcs11_connect_cfg.json | |
- name: configure AWS credentials (MQTT5) | |
uses: aws-actions/configure-aws-credentials@v2 | |
with: | |
role-to-assume: ${{ env.CI_MQTT5_ROLE }} | |
aws-region: ${{ env.AWS_DEFAULT_REGION }} | |
- name: run MQTT5 PubSub sample | |
run: | | |
python3 ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --file ${{ env.CI_SAMPLES_CFG_FOLDER }}/ci_run_mqtt5_pubsub_cfg.json | |
- name: run MQTT5 Shared Subscription sample | |
run: | | |
python3 ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --file ${{ env.CI_SAMPLES_CFG_FOLDER }}/ci_run_mqtt5_shared_subscription_cfg.json | |
- name: configure AWS credentials (Jobs) | |
uses: aws-actions/configure-aws-credentials@v2 | |
with: | |
role-to-assume: ${{ env.CI_JOBS_ROLE }} | |
aws-region: ${{ env.AWS_DEFAULT_REGION }} | |
- name: run Jobs sample | |
run: | | |
python3 ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --file ${{ env.CI_SAMPLES_CFG_FOLDER }}/ci_run_jobs_cfg.json | |
- name: run Mqtt5 Jobs sample | |
run: | | |
python3 ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --file ${{ env.CI_SAMPLES_CFG_FOLDER }}/ci_run_jobs_mqtt5_cfg.json | |
- name: configure AWS credentials (Cognito) | |
uses: aws-actions/configure-aws-credentials@v2 | |
with: | |
role-to-assume: ${{ env.CI_COGNITO_ROLE }} | |
aws-region: ${{ env.AWS_DEFAULT_REGION }} | |
- name: run CognitoConnect sample | |
run: | | |
python3 ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --file ${{ env.CI_SAMPLES_CFG_FOLDER }}/ci_run_cognito_connect_cfg.json | |
- name: configure AWS credentials (Custom Authorizer) | |
uses: aws-actions/configure-aws-credentials@v2 | |
with: | |
role-to-assume: ${{ env.CI_CUSTOM_AUTHORIZER_ROLE }} | |
aws-region: ${{ env.AWS_DEFAULT_REGION }} | |
- name: run CustomAuthorizerConnect sample | |
run: | | |
python3 ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --file ${{ env.CI_SAMPLES_CFG_FOLDER }}/ci_run_custom_authorizer_connect_cfg.json | |
- name: configure AWS credentials (Shadow) | |
uses: aws-actions/configure-aws-credentials@v2 | |
with: | |
role-to-assume: ${{ env.CI_SHADOW_ROLE }} | |
aws-region: ${{ env.AWS_DEFAULT_REGION }} | |
- name: run Shadow sample | |
run: | | |
python3 ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --file ${{ env.CI_SAMPLES_CFG_FOLDER }}/ci_run_shadow_cfg.json | |
- name: run Mqtt5 Shadow sample | |
run: | | |
python3 ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --file ${{ env.CI_SAMPLES_CFG_FOLDER }}/ci_run_shadow_mqtt5_cfg.json | |
- name: configure AWS credentials (Fleet provisioning) | |
uses: aws-actions/configure-aws-credentials@v2 | |
with: | |
role-to-assume: ${{ env.CI_FLEET_PROVISIONING_ROLE }} | |
aws-region: ${{ env.AWS_DEFAULT_REGION }} | |
- name: run Fleet Provisioning sample | |
run: | | |
echo "Generating UUID for IoT thing" | |
Sample_UUID=$(python3 -c "import uuid; print (uuid.uuid4())") | |
python3 ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --file ${{ env.CI_SAMPLES_CFG_FOLDER }}/ci_run_fleet_provisioning_cfg.json --input_uuid ${Sample_UUID} | |
python3 ${{ env.CI_UTILS_FOLDER }}/delete_iot_thing_ci.py --thing_name "Fleet_Thing_${Sample_UUID}" --region "us-east-1" | |
- name: run Mqtt5 Fleet Provisioning sample | |
run: | | |
echo "Generating UUID for IoT thing" | |
Sample_UUID=$(python3 -c "import uuid; print (uuid.uuid4())") | |
python3 ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --file ${{ env.CI_SAMPLES_CFG_FOLDER }}/ci_run_fleet_provisioning_mqtt5_cfg.json --input_uuid ${Sample_UUID} | |
python3 ${{ env.CI_UTILS_FOLDER }}/delete_iot_thing_ci.py --thing_name "Fleet_Thing_${Sample_UUID}" --region "us-east-1" | |
- name: configure AWS credentials (Secure tunneling) | |
uses: aws-actions/configure-aws-credentials@v2 | |
with: | |
role-to-assume: ${{ env.CI_SECURE_TUNNEL }} | |
aws-region: ${{ env.AWS_DEFAULT_REGION }} | |
# Secure Tunneling has special requirements, so it uses a different Python file | |
- name: run Secure Tunneling sample | |
run: | | |
python3 ${{ env.CI_UTILS_FOLDER }}/run_secure_tunnel_ci.py --sample_file "./aws-iot-device-sdk-cpp-v2/build/samples/secure_tunneling/secure_tunnel/secure-tunnel" --sample_region ${{ env.AWS_DEFAULT_REGION }} | |
- name: configure AWS credentials (X509) | |
uses: aws-actions/configure-aws-credentials@v2 | |
with: | |
role-to-assume: ${{ env.CI_X509_ROLE }} | |
aws-region: ${{ env.AWS_DEFAULT_REGION }} | |
- name: run X509 sample | |
run: | | |
python3 ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --file ${{ env.CI_SAMPLES_CFG_FOLDER }}/ci_run_x509_connect_cfg.json | |
# Runs the Greengrass samples | |
linux-greengrass-tests: | |
runs-on: ubuntu-latest | |
permissions: | |
id-token: write # This is required for requesting the JWT | |
steps: | |
- name: Setup C++ | |
run: | | |
sudo apt-get -qq update -y | |
sudo apt-get -qq install -y build-essential | |
sudo apt install cmake | |
gcc --version | |
cmake --version | |
- name: Build ${{ env.PACKAGE_NAME }} + consumers | |
run: | | |
echo "Downloading source" | |
git clone --recursive https://github.com/aws/aws-iot-device-sdk-cpp-v2.git --branch ${{ env.HEAD_REF || github.ref_name }} | |
echo "Running builder" | |
python -c "from urllib.request import urlretrieve; urlretrieve('${{ env.BUILDER_HOST }}/${{ env.BUILDER_SOURCE }}/${{ env.BUILDER_VERSION }}/builder.pyz?run=${{ env.RUN }}', 'builder.pyz')" | |
python builder.pyz build -p ${{ env.PACKAGE_NAME }} --variant build_gg_samples_only | |
- name: Install Greengrass Development Kit | |
run: | | |
python3 -m pip install awsiotsdk | |
python3 -m pip install -U git+https://github.com/aws-greengrass/[email protected] | |
- name: Configure AWS credentials (Greengrass) | |
uses: aws-actions/configure-aws-credentials@v2 | |
with: | |
role-to-assume: ${{ env.CI_GREENGRASS_INSTALLER_ROLE }} | |
aws-region: ${{ env.AWS_DEFAULT_REGION }} | |
- name: Build and run Greengrass basic discovery sample | |
working-directory: ./aws-iot-device-sdk-cpp-v2/tests/greengrass/basic_discovery | |
run: | | |
gdk component build | |
gdk test-e2e build | |
gdk test-e2e run | |
- name: Show logs | |
working-directory: ./aws-iot-device-sdk-cpp-v2/tests/greengrass/basic_discovery | |
# Print logs unconditionally to provide more details on Greengrass run even if the test failed. | |
if: always() | |
run: | | |
echo "=== greengrass.log" | |
cat testResults/gg*/greengrass.log | |
echo "=== software.amazon.awssdk.sdk-gg-test-discovery.log" | |
cat testResults/gg*/software.amazon.awssdk.sdk-gg-test-discovery.log | |
- name: Build and run Greengrass IPC sample | |
working-directory: ./aws-iot-device-sdk-cpp-v2/tests/greengrass/ipc | |
run: | | |
gdk component build | |
gdk test-e2e build | |
gdk test-e2e run | |
- name: Show logs | |
working-directory: ./aws-iot-device-sdk-cpp-v2/tests/greengrass/ipc | |
# Print logs unconditionally to provide more details on Greengrass run even if the test failed. | |
if: always() | |
run: | | |
echo "=== greengrass.log" | |
cat testResults/gg*/greengrass.log | |
echo "=== software.amazon.awssdk.sdk-gg-ipc.log" | |
cat testResults/gg*/software.amazon.awssdk.sdk-gg-ipc.log | |
# check that docs can still build | |
check-docs: | |
runs-on: ubuntu-20.04 # latest | |
steps: | |
- uses: actions/checkout@v2 | |
with: | |
submodules: recursive | |
- name: Check docs | |
run: | | |
echo "Compiling and installing doxygen 1.8.20 from source" | |
sudo apt-get install -y llvm-11 llvm-11-dev clang-11 libclang-11-dev | |
git clone https://github.com/doxygen/doxygen.git -b Release_1_8_20 | |
cd doxygen | |
mkdir build | |
cd build | |
cmake -G "Unix Makefiles" -DCMAKE_BUILD_TYPE=Release -DCMAKE_INSTALL_PREFIX=/usr .. | |
sudo make -j 4 | |
sudo make install | |
cd ../.. | |
echo "Finished compiling and installing Doxygen" | |
./make-docs.py | |
check-submodules: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout Source | |
uses: actions/checkout@v2 | |
with: | |
submodules: true | |
fetch-depth: 0 | |
- name: Check Submodules | |
# note: using "@main" because "@${{env.BUILDER_VERSION}}" doesn't work | |
# https://github.com/actions/runner/issues/480 | |
uses: awslabs/aws-crt-builder/.github/actions/check-submodules@main | |
check-codegen-edits: | |
runs-on: ubuntu-20.04 # latest | |
steps: | |
- uses: actions/checkout@v2 | |
with: | |
fetch-depth: 0 | |
- name: Check for edits to code-generated files | |
run: | | |
./utils/check_codegen_edits.py |