diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index bfd6da728..b781004f7 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -381,35 +381,23 @@ jobs: # nistkat: true # kat: false # acvp: false - ec2_functests: + ec2_compatibilitytests: strategy: fail-fast: false matrix: - target: - - name: AMD EPYC 4th gen (t3a) - ec2_instance_type: t3a.small - ec2_ami: ubuntu-latest (custom AMI) - ec2_ami_id: ami-0d47e137a1108e078 # x86_64 ubuntu-latest, 32g - compile_mode: native - opt: all - - name: Intel Xeon 4th gen (t3) - ec2_instance_type: t3.small - ec2_ami: ubuntu-latest (custom AMI) - ec2_ami_id: ami-0d47e137a1108e078 # x86_64 ubuntu-latest, 32g - compile_mode: native - opt: all - - name: Graviton2 (c6g.medium) - ec2_instance_type: c6g.medium - ec2_ami: ubuntu-latest (custom AMI) - ec2_ami_id: ami-0f4b26c5372aa0525 # ami-08ddb0acd99dc3d33 # aarch64, ubuntu-latest, 64g - compile_mode: native - opt: all - - name: Graviton3 (c7g.medium) - ec2_instance_type: c7g.medium - ec2_ami: ubuntu-latest (custom AMI) - ec2_ami_id: ami-0f4b26c5372aa0525 # ami-08ddb0acd99dc3d33 # aarch64, ubuntu-latest, 64g - compile_mode: native - opt: all + container: + - id: ubuntu-22.04:gcc-12x + - id: ubuntu-22.04:gcc-11x + - id: ubuntu-20.04:gcc-8x + - id: ubuntu-20.04:gcc-7x + - id: ubuntu-20.04:clang-9x + - id: ubuntu-20.04:clang-8x + - id: ubuntu-20.04:clang-7x-bm-framework + - id: ubuntu-20.04:clang-7x + - id: ubuntu-20.04:clang-10x + - id: ubuntu-22.04:base + - id: ubuntu-20.04:base + - id: ubuntu-18.04:base name: Platform tests (${{ matrix.target.name }}) permissions: contents: 'read' @@ -417,12 +405,13 @@ jobs: uses: ./.github/workflows/ci_ec2_reusable.yml if: github.repository_owner == 'pq-code-package' && !github.event.pull_request.head.repo.fork with: - name: ${{ matrix.target.name }} - ec2_instance_type: ${{ matrix.target.ec2_instance_type }} - ec2_ami: ${{ matrix.target.ec2_ami }} - ec2_ami_id: ${{ matrix.target.ec2_ami_id }} - compile_mode: ${{ matrix.target.compile_mode }} - opt: ${{ matrix.target.opt }} + container: ${{ matrix.container.id }} + name: ${{ matrix.container.id }} + ec2_instance_type: c7g.medium + ec2_ami: ubuntu-latest (custom AMI) + ec2_ami_id: ami-0f4b26c5372aa0525 + compile_mode: native + opt: all functest: true kattest: true nistkattest: true @@ -430,6 +419,55 @@ jobs: lint: false verbose: true secrets: inherit + # ec2_functests: + # strategy: + # fail-fast: false + # matrix: + # target: + # - name: AMD EPYC 4th gen (t3a) + # ec2_instance_type: t3a.small + # ec2_ami: ubuntu-latest (custom AMI) + # ec2_ami_id: ami-0d47e137a1108e078 # x86_64 ubuntu-latest, 32g + # compile_mode: native + # opt: all + # - name: Intel Xeon 4th gen (t3) + # ec2_instance_type: t3.small + # ec2_ami: ubuntu-latest (custom AMI) + # ec2_ami_id: ami-0d47e137a1108e078 # x86_64 ubuntu-latest, 32g + # compile_mode: native + # opt: all + # - name: Graviton2 (c6g.medium) + # ec2_instance_type: c6g.medium + # ec2_ami: ubuntu-latest (custom AMI) + # ec2_ami_id: ami-0f4b26c5372aa0525 # ami-08ddb0acd99dc3d33 # aarch64, ubuntu-latest, 64g + # compile_mode: native + # opt: all + # - name: Graviton3 (c7g.medium) + # ec2_instance_type: c7g.medium + # ec2_ami: ubuntu-latest (custom AMI) + # ec2_ami_id: ami-0f4b26c5372aa0525 # ami-08ddb0acd99dc3d33 # aarch64, ubuntu-latest, 64g + # compile_mode: native + # opt: all + # name: Platform tests (${{ matrix.target.name }}) + # permissions: + # contents: 'read' + # id-token: 'write' + # uses: ./.github/workflows/ci_ec2_reusable.yml + # if: github.repository_owner == 'pq-code-package' && !github.event.pull_request.head.repo.fork + # with: + # name: ${{ matrix.target.name }} + # ec2_instance_type: ${{ matrix.target.ec2_instance_type }} + # ec2_ami: ${{ matrix.target.ec2_ami }} + # ec2_ami_id: ${{ matrix.target.ec2_ami_id }} + # compile_mode: ${{ matrix.target.compile_mode }} + # opt: ${{ matrix.target.opt }} + # functest: true + # kattest: true + # nistkattest: true + # acvptest: true + # lint: false + # verbose: true + # secrets: inherit # cbmc_k2: # name: CBMC (ML-KEM-512) # needs: [quickcheck, quickcheck-windows, quickcheck-c90, quickcheck-lib, examples, lint, lint-markdown-link] diff --git a/.github/workflows/ci_ec2_reusable.yml b/.github/workflows/ci_ec2_reusable.yml index adb143c5b..3ab39ed13 100644 --- a/.github/workflows/ci_ec2_reusable.yml +++ b/.github/workflows/ci_ec2_reusable.yml @@ -59,6 +59,9 @@ on: cbmc_mlkem_k: type: string default: 2 + container: + type: string + default: '' env: AWS_ROLE: arn:aws:iam::559050233797:role/mlkem-c-aarch64-gh-action AWS_REGION: us-east-1 @@ -112,58 +115,73 @@ jobs: ec2-instance-type: ${{ inputs.ec2_instance_type }} subnet-id: subnet-07b2729e5e065962f security-group-id: sg-0ab2e297196c8c381 - tests: - name: Run test + container_tests: + name: ${{ inputs.container }} needs: start-ec2-runner + if: ${{ inputs.container != "" }} runs-on: ${{ needs.start-ec2-runner.outputs.label }} container: - localhost:5000/ubuntu-20.04:clang-8x + localhost:5000/${{ inputs.container }} steps: - name: hello shell: bash run: | echo "Hello World" + - uses: ./.github/actions/setup-ubuntu + - name: Functional Tests + uses: ./.github/actions/multi-functest + with: + nix-shell: "" + gh_token: ${{ secrets.AWS_GITHUB_TOKEN }} + cflags: ${{ inputs.cflags }} + compile_mode: ${{ inputs.compile_mode }} + opt: ${{ inputs.opt }} + func: ${{ inputs.functest }} + kat: ${{ inputs.kattest }} + nistkat: ${{ inputs.nistkattest }} + acvp: ${{ inputs.acvptest }} - # tests: - # name: Run test - # needs: start-ec2-runner - # runs-on: ${{ needs.start-ec2-runner.outputs.label }} - # steps: - # - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - # - name: Linting - # if: ${{ inputs.lint }} - # uses: ./.github/actions/lint - # with: - # nix-shell: ci-linter - # gh_token: ${{ secrets.AWS_GITHUB_TOKEN }} - # nix-verbose: ${{ inputs.verbose }} - # - name: Preprocess - # id: preprocess - # shell: bash - # run: | - # echo "nix-shell=${{ inputs.cbmc && 'ci-cbmc' || 'ci' }}${{ (inputs.compile_mode == 'cross' || inputs.compile_mode == 'all') && '-cross' || '' }}" >> $GITHUB_OUTPUT - # - name: Functional Tests - # uses: ./.github/actions/multi-functest - # with: - # nix-shell: ${{ steps.preprocess.outputs.nix-shell }} - # nix-cache: ${{ inputs.cbmc || inputs.compile_mode == 'cross' || inputs.compile_mode == 'all' }} - # nix-verbose: ${{ inputs.verbose }} - # gh_token: ${{ secrets.AWS_GITHUB_TOKEN }} - # cflags: ${{ inputs.cflags }} - # compile_mode: ${{ inputs.compile_mode }} - # opt: ${{ inputs.opt }} - # func: ${{ inputs.functest }} - # kat: ${{ inputs.kattest }} - # nistkat: ${{ inputs.nistkattest }} - # acvp: ${{ inputs.acvptest }} - # - name: CBMC - # if: ${{ inputs.cbmc && (success() || failure()) }} - # uses: ./.github/actions/cbmc - # with: - # nix-shell: ${{ steps.preprocess.outputs.nix-shell }} - # nix-verbose: ${{ inputs.verbose }} - # mlkem_k: ${{ inputs.cbmc_mlkem_k }} - # gh_token: ${{ secrets.AWS_GITHUB_TOKEN }} + tests: + name: Run tests + needs: start-ec2-runner + if: ${{ inputs.container == "" } + runs-on: ${{ needs.start-ec2-runner.outputs.label }} + steps: + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - name: Linting + if: ${{ inputs.lint }} + uses: ./.github/actions/lint + with: + nix-shell: ci-linter + gh_token: ${{ secrets.AWS_GITHUB_TOKEN }} + nix-verbose: ${{ inputs.verbose }} + - name: Preprocess + id: preprocess + shell: bash + run: | + echo "nix-shell=${{ inputs.cbmc && 'ci-cbmc' || 'ci' }}${{ (inputs.compile_mode == 'cross' || inputs.compile_mode == 'all') && '-cross' || '' }}" >> $GITHUB_OUTPUT + - name: Functional Tests + uses: ./.github/actions/multi-functest + with: + nix-shell: ${{ steps.preprocess.outputs.nix-shell }} + nix-cache: ${{ inputs.cbmc || inputs.compile_mode == 'cross' || inputs.compile_mode == 'all' }} + nix-verbose: ${{ inputs.verbose }} + gh_token: ${{ secrets.AWS_GITHUB_TOKEN }} + cflags: ${{ inputs.cflags }} + compile_mode: ${{ inputs.compile_mode }} + opt: ${{ inputs.opt }} + func: ${{ inputs.functest }} + kat: ${{ inputs.kattest }} + nistkat: ${{ inputs.nistkattest }} + acvp: ${{ inputs.acvptest }} + - name: CBMC + if: ${{ inputs.cbmc && (success() || failure()) }} + uses: ./.github/actions/cbmc + with: + nix-shell: ${{ steps.preprocess.outputs.nix-shell }} + nix-verbose: ${{ inputs.verbose }} + mlkem_k: ${{ inputs.cbmc_mlkem_k }} + gh_token: ${{ secrets.AWS_GITHUB_TOKEN }} stop-ec2-runner: name: Stop instance (${{ inputs.ec2_instance_type }}) permissions: