Towards crypto & method agility: API updates, new buffer, new credential struct #1070
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build and test | |
on: | |
push: | |
branches: [main] | |
tags: 'v*' | |
pull_request: | |
workflow_dispatch: | |
env: | |
CARGO_TERM_COLOR: always | |
jobs: | |
check-style: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout repo | |
uses: actions/checkout@v3 | |
- name: Install Rust formatter | |
run: rustup component add rustfmt | |
- name: Check if code is well formatted | |
run: cargo fmt --check | |
unit-tests-default: | |
needs: check-style | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
steps: | |
- name: Checkout repo | |
uses: actions/checkout@v3 | |
- name: Run unit tests with default features | |
run: RUST_BACKTRACE=1 cargo test | |
unit-tests: | |
needs: check-style | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
matrix: | |
crypto_backend: [lakers-crypto/psa, lakers-crypto/rustcrypto] | |
ead: [ead-none, ead-authz] | |
steps: | |
- name: Checkout repo | |
uses: actions/checkout@v3 | |
- name: Run unit tests with feature matrix # note that we only add `--package lakers-ead-authz` when testing with that config | |
run: RUST_BACKTRACE=1 cargo test -p lakers -p lakers-crypto -p lakers-shared ${{ matrix.ead == 'ead-authz' && '-p lakers-ead-authz' || '' }} --no-default-features --features="${{ matrix.crypto_backend }}, test-${{ matrix.ead }}" --no-fail-fast -- --test-threads 1 | |
build-edhoc-package: | |
needs: unit-tests | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
matrix: | |
crypto_backend: [lakers-crypto/psa, lakers-crypto/psa-baremetal, lakers-crypto/cryptocell310, lakers-crypto/rustcrypto] | |
steps: | |
- name: Checkout repo | |
uses: actions/checkout@v3 | |
- name: Install arm targets for Rust | |
run: rustup target add thumbv7m-none-eabi && rustup target add thumbv7em-none-eabihf | |
- name: Install arm gcc | |
run: sudo apt-get -y update && sudo apt-get -y install gcc-arm-none-eabi | |
- name: Build | |
run: cargo build --package lakers --package lakers-crypto --package lakers-ead-authz --no-default-features --features="${{ matrix.crypto_backend }}" --release | |
generate-fstar: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout lakers | |
uses: actions/checkout@v3 | |
- name: Generate fstar code over lakers and lakers-shared | |
run: | | |
docker run --rm -v ${{ github.workspace }}:/lakers docker.io/geonnave/hax bash -e -c " | |
cd lakers | |
# generate the fstar files | |
cargo-hax -C -p lakers --no-default-features --features='lakers-crypto/rustcrypto' --release \; into -i '-lakers::generate_connection_identifier_cbor -lakers::generate_connection_identifier' fstar | |
cargo-hax -C -p lakers-shared \; into -i '-lakers_shared::ffi::**' fstar | |
# even if fstar generation was ok, fail if something is not implemented | |
[ -z "$(find -name *.fst -type f | xargs grep 'something is not implemented yet')" ] | |
" | |
zip -j -r lakers-fstar.zip $(find . -name *fst) | |
- name: Upload artifact | |
uses: actions/upload-artifact@v3 | |
with: | |
name: fstar-code | |
path: ./lakers-fstar.zip | |
build-lakers-c: | |
needs: unit-tests | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
matrix: | |
crypto_backend: [crypto-rustcrypto, crypto-psa-baremetal, crypto-cryptocell310] | |
steps: | |
- name: Checkout repo | |
uses: actions/checkout@v3 | |
- name: Install arm targets for Rust | |
run: rustup target add thumbv7em-none-eabihf | |
- name: Install arm gcc | |
run: sudo apt-get -y update && sudo apt-get -y install gcc-arm-none-eabi | |
- name: Build static library, generate headers, and zip to file | |
run: cd lakers-c && ./build.sh "${{ matrix.crypto_backend }}" | |
- name: Upload artifact | |
uses: actions/upload-artifact@v3 | |
with: | |
name: lakers-c | |
path: ./target/lakers-c-*.zip | |
build-lakers-c-example: | |
needs: unit-tests | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
steps: | |
- name: Checkout repo | |
uses: actions/checkout@v3 | |
- name: Checkout libcoap | |
uses: actions/checkout@v3 | |
with: | |
repository: obgm/libcoap | |
path: libcoap | |
- name: Install libcoap | |
run: | | |
cd libcoap && ./autogen.sh | |
./configure --disable-doxygen --disable-manpages --disable-dtls --disable-oscore | |
make && sudo make install | |
- name: Install arm targets for Rust | |
run: rustup target add thumbv7em-none-eabihf | |
- name: Install arm gcc | |
run: sudo apt-get -y update && sudo apt-get -y install gcc-arm-none-eabi | |
- name: Build static library and generate headers | |
run: cd lakers-c && ./build.sh crypto-rustcrypto | |
- name: Build and run native C eaxmple | |
run: | | |
cd examples/lakers-c-native | |
make all LAKERS_EAD=authz | |
test-lakers-python: | |
needs: check-style | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
steps: | |
- name: Checkout repo | |
uses: actions/checkout@v3 | |
- name: set up python | |
uses: actions/setup-python@v5 | |
with: | |
python-version: '3.10' | |
- name: Test Python package | |
run: | | |
cd lakers-python | |
python3 -m venv .venv | |
source .venv/bin/activate | |
pip install --upgrade pip | |
pip install -U maturin pytest cbor2 | |
pip freeze | |
maturin develop && pytest | |
run-example-on-qemu: | |
needs: unit-tests | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
matrix: | |
crypto_backend: [crypto-psa] | |
steps: | |
- name: Checkout repo | |
uses: actions/checkout@v3 | |
- name: Install arm targets for Rust | |
run: rustup target add thumbv7m-none-eabi | |
- name: Install arm gcc | |
run: sudo apt-get -y update && sudo apt-get -y install gcc-arm-none-eabi | |
- name: Install QEMU ARM emulator | |
run: sudo apt-get -y install qemu-system-arm | |
- name: Run tests in QEMU | |
run: cd examples/lakers-no_std && cargo run --target="thumbv7m-none-eabi" --no-default-features --features="${{ matrix.crypto_backend }}" --release | |
build-example-for-cortex-m4: | |
needs: unit-tests | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
matrix: | |
crypto_backend: [crypto-psa, crypto-cryptocell310] | |
steps: | |
- name: Checkout repo | |
uses: actions/checkout@v3 | |
- name: Install arm targets for Rust | |
run: rustup target add thumbv7em-none-eabihf | |
- name: Install arm gcc | |
run: sudo apt-get -y update && sudo apt-get -y install gcc-arm-none-eabi | |
- name: Build example | |
run: cd examples/lakers-no_std && cargo build --target="thumbv7em-none-eabihf" --no-default-features --features="${{ matrix.crypto_backend }}, rtt" --release | |
build-coap-example: | |
needs: unit-tests | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout repo | |
uses: actions/checkout@v3 | |
- name: Build server | |
run: cargo build --bin coapserver | |
- name: Build client | |
run: cargo build --bin coapclient | |
- name: Build coap-handler based server | |
run: cargo build --bin coapserver-coaphandler | |
release: | |
runs-on: ubuntu-latest | |
needs: [ | |
build-edhoc-package, build-lakers-c, | |
generate-fstar, | |
build-example-for-cortex-m4, build-coap-example, build-lakers-c-example, | |
run-example-on-qemu, | |
] | |
if: >- | |
github.event_name == 'push' && | |
startsWith(github.event.ref, 'refs/tags') | |
steps: | |
- name: Checkout repo | |
uses: actions/checkout@v3 | |
- name: Download artifacts | |
uses: actions/download-artifact@v3 | |
with: | |
name: fstar-code | |
path: ./release-artifacts | |
- name: Download artifacts | |
uses: actions/download-artifact@v3 | |
with: | |
name: lakers-c | |
path: ./release-artifacts | |
- name: Release | |
uses: ncipollo/release-action@v1 | |
with: | |
generateReleaseNotes: true | |
artifacts: "release-artifacts/*" | |
token: ${{ secrets.RELEASE_TOKEN }} |