Skip to content

update sanity check script #2411

update sanity check script

update sanity check script #2411

Workflow file for this run

name: CI
on:
push:
branches-ignore:
- 'main'
- 'docs'
env:
BUILDER_VERSION: v0.9.67
BUILDER_SOURCE: releases
BUILDER_HOST: https://d19elf31gohf1l.cloudfront.net
PACKAGE_NAME: aws-crt-python
LINUX_BASE_IMAGE: ubuntu-18-x64
RUN: ${{ github.run_id }}-${{ github.run_number }}
CRT_CI_ROLE: ${{ secrets.CRT_CI_ROLE_ARN }}
AWS_DEFAULT_REGION: us-east-1
jobs:
manylinux1:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
image:
- x64
- x86
python:
- cp38-cp38
- cp39-cp39
permissions:
id-token: write # This is required for requesting the JWT
steps:
- name: configure AWS credentials (containers)
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ env.CRT_CI_ROLE }}
aws-region: ${{ env.AWS_DEFAULT_REGION }}
- name: Build ${{ env.PACKAGE_NAME }}
run: |
aws s3 cp s3://aws-crt-test-stuff/ci/${{ env.BUILDER_VERSION }}/linux-container-ci.sh ./linux-container-ci.sh && chmod a+x ./linux-container-ci.sh
./linux-container-ci.sh ${{ env.BUILDER_VERSION }} aws-crt-manylinux1-${{ matrix.image }} build -p ${{ env.PACKAGE_NAME }} --python /opt/python/${{ matrix.python }}/bin/python
manylinux2014:
runs-on: ubuntu-20.04 # latest
strategy:
fail-fast: false
matrix:
image:
- x64
- x86
- aarch64
python:
- cp38-cp38
- cp39-cp39
- cp310-cp310
- cp311-cp311
- cp312-cp312
- cp313-cp313
permissions:
id-token: write # This is required for requesting the JWT
steps:
- name: configure AWS credentials (containers)
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ env.CRT_CI_ROLE }}
aws-region: ${{ env.AWS_DEFAULT_REGION }}
# Only aarch64 needs this, but it doesn't hurt anything
- name: Install qemu/docker
run: docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
- name: Build ${{ env.PACKAGE_NAME }}
run: |
aws s3 cp s3://aws-crt-test-stuff/ci/${{ env.BUILDER_VERSION }}/linux-container-ci.sh ./linux-container-ci.sh && chmod a+x ./linux-container-ci.sh
./linux-container-ci.sh ${{ env.BUILDER_VERSION }} aws-crt-manylinux2014-${{ matrix.image }} build -p ${{ env.PACKAGE_NAME }} --python /opt/python/${{ matrix.python }}/bin/python
musllinux-1-1:
runs-on: ubuntu-22.04 # latest
strategy:
fail-fast: false
matrix:
image:
- x64
- aarch64
python:
- cp38-cp38
- cp39-cp39
- cp310-cp310
- cp311-cp311
- cp312-cp312
- cp313-cp313
permissions:
id-token: write # This is required for requesting the JWT
steps:
- name: configure AWS credentials (containers)
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ env.CRT_CI_ROLE }}
aws-region: ${{ env.AWS_DEFAULT_REGION }}
# Only aarch64 needs this, but it doesn't hurt anything
- name: Install qemu/docker
run: docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
- name: Build ${{ env.PACKAGE_NAME }}
run: |
aws s3 cp s3://aws-crt-test-stuff/ci/${{ env.BUILDER_VERSION }}/linux-container-ci.sh ./linux-container-ci.sh && chmod a+x ./linux-container-ci.sh
./linux-container-ci.sh ${{ env.BUILDER_VERSION }} aws-crt-musllinux-1-1-${{ matrix.image }} build -p ${{ env.PACKAGE_NAME }} --python /opt/python/${{ matrix.python }}/bin/python
raspberry:
runs-on: ubuntu-20.04 # latest
strategy:
fail-fast: false
matrix:
image:
- raspbian-bullseye
permissions:
id-token: write # This is required for requesting the JWT
steps:
- name: configure AWS credentials (containers)
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ env.CRT_CI_ROLE }}
aws-region: ${{ env.AWS_DEFAULT_REGION }}
# set arm arch
- name: Install qemu/docker
run: docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
- name: Build ${{ env.PACKAGE_NAME }}
run: |
aws s3 cp s3://aws-crt-test-stuff/ci/${{ env.BUILDER_VERSION }}/linux-container-ci.sh ./linux-container-ci.sh && chmod a+x ./linux-container-ci.sh
./linux-container-ci.sh ${{ env.BUILDER_VERSION }} aws-crt-${{ matrix.image }} build -p ${{ env.PACKAGE_NAME }}
linux-compat:
runs-on: ubuntu-22.04 # latest
strategy:
matrix:
image:
- al2-x64
- fedora-34-x64
- opensuse-leap
- rhel8-x64
permissions:
id-token: write # This is required for requesting the JWT
steps:
- name: configure AWS credentials (containers)
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ env.CRT_CI_ROLE }}
aws-region: ${{ env.AWS_DEFAULT_REGION }}
- name: Build ${{ env.PACKAGE_NAME }}
run: |
aws s3 cp s3://aws-crt-test-stuff/ci/${{ env.BUILDER_VERSION }}/linux-container-ci.sh ./linux-container-ci.sh && chmod a+x ./linux-container-ci.sh
./linux-container-ci.sh ${{ env.BUILDER_VERSION }} aws-crt-${{ matrix.image }} build -p ${{ env.PACKAGE_NAME }}
linux-compiler-compat:
runs-on: ubuntu-22.04 # latest
strategy:
matrix:
compiler:
- clang-3
- clang-6
- clang-8
- clang-9
- clang-10
- clang-11
- gcc-5
- gcc-6
- gcc-7
- gcc-8
permissions:
id-token: write # This is required for requesting the JWT
steps:
- name: configure AWS credentials (containers)
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ env.CRT_CI_ROLE }}
aws-region: ${{ env.AWS_DEFAULT_REGION }}
- name: Caller Identity
run: |
aws sts get-caller-identity
- name: Build ${{ env.PACKAGE_NAME }}
run: |
aws s3 cp s3://aws-crt-test-stuff/ci/${{ env.BUILDER_VERSION }}/linux-container-ci.sh ./linux-container-ci.sh && chmod a+x ./linux-container-ci.sh
./linux-container-ci.sh ${{ env.BUILDER_VERSION }} aws-crt-${{ env.LINUX_BASE_IMAGE }} build -p ${{ env.PACKAGE_NAME }} --compiler=${{ matrix.compiler }}
use-system-libcrypto:
runs-on: ubuntu-20.04 # latest
permissions:
id-token: write # This is required for requesting the JWT
steps:
- name: configure AWS credentials (containers)
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ env.CRT_CI_ROLE }}
aws-region: ${{ env.AWS_DEFAULT_REGION }}
- name: Build ${{ env.PACKAGE_NAME }}
env:
AWS_CRT_BUILD_USE_SYSTEM_LIBCRYPTO: '1'
run: |
python3 -c "from urllib.request import urlretrieve; urlretrieve('${{ env.BUILDER_HOST }}/${{ env.BUILDER_SOURCE }}/${{ env.BUILDER_VERSION }}/builder.pyz?run=${{ env.RUN }}', 'builder')"
chmod a+x builder
./builder build -p ${{ env.PACKAGE_NAME }}
- name: Assert libcrypto.so used
run: |
# assert it's linked against the system's libcrypto.so
AWSCRT_PATH=`aws-crt-python/.venv-builder/bin/python3 -c "import _awscrt; print(_awscrt.__file__)"`
printf "AWSCRT_PATH: $AWSCRT_PATH\n"
LINKED_AGAINST=`ldd $AWSCRT_PATH`
printf "LINKED AGAINST:\n$LINKED_AGAINST\n"
USES_LIBCRYPTO_SO=`echo "$LINKED_AGAINST" | grep 'libcrypto*.so' | head -1`
test -n "$USES_LIBCRYPTO_SO"
windows:
runs-on: windows-2022 # latest
strategy:
matrix:
arch: [x86, x64]
permissions:
id-token: write # This is required for requesting the JWT
steps:
- name: configure AWS credentials (containers)
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ env.CRT_CI_ROLE }}
aws-region: ${{ env.AWS_DEFAULT_REGION }}
- name: Build ${{ env.PACKAGE_NAME }} + consumers
run: |
python -c "from urllib.request import urlretrieve; urlretrieve('${{ env.BUILDER_HOST }}/${{ env.BUILDER_SOURCE }}/${{ env.BUILDER_VERSION }}/builder.pyz?run=${{ env.RUN }}', 'builder.pyz')"
python builder.pyz build -p ${{ env.PACKAGE_NAME }} --python "C:\\hostedtoolcache\\windows\\Python\\3.8.10\\${{ matrix.arch }}\\python.exe"
macos:
runs-on: macos-14 # latest
permissions:
id-token: write # This is required for requesting the JWT
steps:
- name: configure AWS credentials (containers)
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ env.CRT_CI_ROLE }}
aws-region: ${{ env.AWS_DEFAULT_REGION }}
- name: Build ${{ env.PACKAGE_NAME }} + consumers
run: |
python3 -c "from urllib.request import urlretrieve; urlretrieve('${{ env.BUILDER_HOST }}/${{ env.BUILDER_SOURCE }}/${{ env.BUILDER_VERSION }}/builder.pyz?run=${{ env.RUN }}', 'builder')"
chmod a+x builder
./builder build -p ${{ env.PACKAGE_NAME }}
macos-x64:
runs-on: macos-14-large # latest
permissions:
id-token: write # This is required for requesting the JWT
steps:
- name: configure AWS credentials (containers)
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ env.CRT_CI_ROLE }}
aws-region: ${{ env.AWS_DEFAULT_REGION }}
- name: Build ${{ env.PACKAGE_NAME }} + consumers
run: |
python3 -c "from urllib.request import urlretrieve; urlretrieve('${{ env.BUILDER_HOST }}/${{ env.BUILDER_SOURCE }}/${{ env.BUILDER_VERSION }}/builder.pyz?run=${{ env.RUN }}', 'builder')"
chmod a+x builder
./builder build -p ${{ env.PACKAGE_NAME }}
openbsd:
runs-on: ubuntu-22.04 # latest
strategy:
fail-fast: false
matrix:
# OpenBSD only supports the two most recent releases
version: ['7.4', '7.5']
permissions:
id-token: write # This is required for requesting the JWT
steps:
- name: configure AWS credentials (containers)
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ env.CRT_CI_ROLE }}
aws-region: ${{ env.AWS_DEFAULT_REGION }}
# Cannot use builder to checkout as OpenBSD doesn't ship git in the base install
- uses: actions/checkout@v4
with:
submodules: true
- name: Build ${{ env.PACKAGE_NAME }} + consumers
uses: cross-platform-actions/[email protected]
with:
operating_system: openbsd
version: ${{ matrix.version }}
cpu_count: 4
shell: bash
environment_variables: AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN AWS_DEFAULT_REGION
run: |
sudo pkg_add awscli py3-pip py3-urllib3
python3 -c "from urllib.request import urlretrieve; urlretrieve('${{ env.BUILDER_HOST }}/${{ env.BUILDER_SOURCE }}/${{ env.BUILDER_VERSION }}/builder.pyz', 'builder')"
chmod a+x builder
./builder build -p ${{ env.PACKAGE_NAME }}
freebsd:
runs-on: ubuntu-22.04 # latest
permissions:
id-token: write # This is required for requesting the JWT
steps:
- name: configure AWS credentials (containers)
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ env.CRT_CI_ROLE }}
aws-region: ${{ env.AWS_DEFAULT_REGION }}
- uses: actions/checkout@v4
with:
submodules: true
- name: Build ${{ env.PACKAGE_NAME }} + consumers
uses: cross-platform-actions/[email protected]
with:
operating_system: freebsd
version: '14.0'
cpu_count: 4
shell: bash
environment_variables: AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN AWS_DEFAULT_REGION
run: |
sudo pkg install -y python3 devel/py-pip net/py-urllib3 devel/py-awscli cmake
python3 -c "from urllib.request import urlretrieve; urlretrieve('${{ env.BUILDER_HOST }}/${{ env.BUILDER_SOURCE }}/${{ env.BUILDER_VERSION }}/builder.pyz', 'builder')"
chmod a+x builder
./builder build -p ${{ env.PACKAGE_NAME }}
# check that tests requiring custom env-vars or AWS credentials are simply skipped
tests-ok-without-creds:
runs-on: ubuntu-22.04 # latest
steps:
- uses: actions/checkout@v4
with:
submodules: true
- name: Run tests
run: |
python3 -m pip install --upgrade --requirement requirements-dev.txt
python3 -m pip install . --verbose
python3 -m unittest discover --failfast --verbose
package-source:
runs-on: ubuntu-22.04 # latest
permissions:
id-token: write # This is required for requesting the JWT
steps:
- name: configure AWS credentials (containers)
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ env.CRT_CI_ROLE }}
aws-region: ${{ env.AWS_DEFAULT_REGION }}
- uses: actions/checkout@v4
with:
submodules: true
- name: Package source + install
run: |
python3 setup.py sdist
cd dist
python3 -m pip install -v awscrt-1.0.0.dev0.tar.gz
python3 -c "import awscrt.io"
# check that docs can still build
check-docs:
runs-on: ubuntu-22.04 # latest
steps:
- uses: actions/checkout@v4
with:
submodules: true
- name: Check docs
run: |
python3 -m pip install -r requirements-dev.txt
python3 -m pip install --verbose .
./scripts/make-docs.py
check-submodules:
runs-on: ubuntu-22.04 # latest
steps:
- name: Checkout Source
uses: actions/checkout@v4
with:
submodules: true
fetch-depth: 0
- name: Check Submodules
# note: using "@main" because "@${{env.BUILDER_VERSION}}" doesn't work
# https://github.com/actions/runner/issues/480
uses: awslabs/aws-crt-builder/.github/actions/check-submodules@main