Stateful initialization of crypto backends #883
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build and test | |
on: | |
push: | |
branches: [main] | |
tags: 'v*' | |
pull_request: | |
workflow_dispatch: | |
env: | |
CARGO_TERM_COLOR: always | |
jobs: | |
check-style: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout repo | |
uses: actions/checkout@v3 | |
- name: Install Rust formatter | |
run: rustup component add rustfmt | |
- name: Check if code is well formatted | |
run: cargo fmt --check | |
unit-tests-default: | |
needs: check-style | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
steps: | |
- name: Checkout repo | |
uses: actions/checkout@v3 | |
- name: Run unit tests with default features | |
run: RUST_BACKTRACE=1 cargo test | |
unit-tests: | |
needs: check-style | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
matrix: | |
crypto_backend: [lakers-crypto/psa, lakers-crypto/rustcrypto] | |
ead: [ead-none, ead-authz] | |
steps: | |
- name: Checkout repo | |
uses: actions/checkout@v3 | |
- name: Run unit tests with feature matrix # note that we only add `--package lakers-ead-authz` when testing with that config | |
run: RUST_BACKTRACE=1 cargo test -p lakers -p lakers-crypto -p lakers-shared ${{ matrix.ead == 'ead-authz' && '-p lakers-ead-authz' || '' }} --no-default-features --features="${{ matrix.crypto_backend }}, test-${{ matrix.ead }}" --no-fail-fast -- --test-threads 1 | |
build-edhoc-package: | |
needs: unit-tests | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
matrix: | |
crypto_backend: [lakers-crypto/psa, lakers-crypto/psa-baremetal, lakers-crypto/cryptocell310, lakers-crypto/rustcrypto] | |
ead: [lakers-ead/ead-none, lakers-ead/ead-authz] | |
steps: | |
- name: Checkout repo | |
uses: actions/checkout@v3 | |
- name: Install arm targets for Rust | |
run: rustup target add thumbv7m-none-eabi && rustup target add thumbv7em-none-eabihf | |
- name: Install arm gcc | |
run: sudo apt-get -y update && sudo apt-get -y install gcc-arm-none-eabi | |
- name: Build | |
run: cargo build --package lakers --package lakers-crypto --package lakers-ead --no-default-features --features="${{ matrix.crypto_backend }}, ${{ matrix.ead }}" --release | |
generate-fstar: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout lakers | |
uses: actions/checkout@v3 | |
- name: Generate fstar code over lakers and lakers-shared | |
run: | | |
docker run --rm -v ${{ github.workspace }}:/lakers docker.io/geonnave/hax bash -e -c " | |
cd lakers | |
# generate the fstar files | |
cargo-hax -C -p lakers --no-default-features --features='lakers-crypto/rustcrypto, lakers-ead/ead-none' --release \; into -i '-lakers::generate_connection_identifier_cbor -lakers::generate_connection_identifier' fstar | |
cargo-hax -C -p lakers-shared \; into -i '-lakers_shared::ffi::**' fstar | |
# even if fstar generation was ok, fail if something is not implemented | |
[ -z "$(find -name *.fst -type f | xargs grep 'something is not implemented yet')" ] | |
" | |
zip -j -r lakers-fstar.zip $(find . -name *fst) | |
- name: Upload artifact | |
uses: actions/upload-artifact@v3 | |
with: | |
name: fstar-code | |
path: ./lakers-fstar.zip | |
build-lakers-c: | |
needs: unit-tests | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
matrix: | |
crypto_backend: [crypto-rustcrypto, crypto-psa-baremetal, crypto-cryptocell310] | |
steps: | |
- name: Checkout repo | |
uses: actions/checkout@v3 | |
- name: Install arm targets for Rust | |
run: rustup target add thumbv7em-none-eabihf | |
- name: Install arm gcc | |
run: sudo apt-get -y update && sudo apt-get -y install gcc-arm-none-eabi | |
- name: Build static library, generate headers, and zip to file | |
run: cd lakers-c && ./build.sh "${{ matrix.crypto_backend }}" | |
- name: Upload artifact | |
uses: actions/upload-artifact@v3 | |
with: | |
name: lakers-c | |
path: ./target/lakers-c-*.zip | |
test-lakers-python: | |
needs: check-style | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
steps: | |
- name: Checkout repo | |
uses: actions/checkout@v3 | |
- name: set up python | |
uses: actions/setup-python@v5 | |
with: | |
python-version: '3.10' | |
- name: Test Python package | |
run: | | |
cd lakers-python | |
python3 -m venv .venv | |
source .venv/bin/activate | |
pip install --upgrade pip | |
pip install -U maturin pytest | |
pip freeze | |
maturin develop && pytest | |
run-example-on-qemu: | |
needs: unit-tests | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
matrix: | |
crypto_backend: [crypto-psa] | |
ead: [lakers-ead/ead-none, lakers-ead/ead-authz] | |
steps: | |
- name: Checkout repo | |
uses: actions/checkout@v3 | |
- name: Install arm targets for Rust | |
run: rustup target add thumbv7m-none-eabi | |
- name: Install arm gcc | |
run: sudo apt-get -y update && sudo apt-get -y install gcc-arm-none-eabi | |
- name: Install QEMU ARM emulator | |
run: sudo apt-get -y install qemu-system-arm | |
- name: Run tests in QEMU | |
run: cd examples/lakers-no_std && cargo run --target="thumbv7m-none-eabi" --no-default-features --features="${{ matrix.crypto_backend }}, ${{ matrix.ead }}" --release | |
build-example-for-cortex-m4: | |
needs: unit-tests | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
matrix: | |
crypto_backend: [crypto-psa, crypto-cryptocell310] | |
ead: [lakers-ead/ead-none, lakers-ead/ead-authz] | |
steps: | |
- name: Checkout repo | |
uses: actions/checkout@v3 | |
- name: Install arm targets for Rust | |
run: rustup target add thumbv7em-none-eabihf | |
- name: Install arm gcc | |
run: sudo apt-get -y update && sudo apt-get -y install gcc-arm-none-eabi | |
- name: Build example | |
run: cd examples/lakers-no_std && cargo build --target="thumbv7em-none-eabihf" --no-default-features --features="${{ matrix.crypto_backend }}, ${{ matrix.ead }}, rtt" --release | |
build-coap-example: | |
needs: unit-tests | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout repo | |
uses: actions/checkout@v3 | |
- name: Build server | |
run: cargo build --bin coapserver | |
- name: Build client | |
run: cargo build --bin coapclient | |
- name: Build coap-handler based server | |
run: cargo build --bin coapserver-coaphandler | |
release: | |
runs-on: ubuntu-latest | |
needs: [build-edhoc-package, run-example-on-qemu, build-example-for-cortex-m4, build-coap-example, generate-fstar, build-lakers-c] | |
if: >- | |
github.event_name == 'push' && | |
startsWith(github.event.ref, 'refs/tags') | |
steps: | |
- name: Checkout repo | |
uses: actions/checkout@v3 | |
- name: Download artifacts | |
uses: actions/download-artifact@v3 | |
with: | |
name: fstar-code | |
path: ./release-artifacts | |
- name: Download artifacts | |
uses: actions/download-artifact@v3 | |
with: | |
name: lakers-c | |
path: ./release-artifacts | |
- name: Release | |
uses: ncipollo/release-action@v1 | |
with: | |
generateReleaseNotes: true | |
artifacts: "release-artifacts/*" | |
token: ${{ secrets.RELEASE_TOKEN }} |