Force use of TLS 1.3 in OpenSSL demos #2185
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI Checks | |
on: | |
push: | |
branches: ["**"] | |
pull_request: | |
branches: [main] | |
workflow_dispatch: | |
jobs: | |
build-check-demos: | |
runs-on: ubuntu-20.04 | |
steps: | |
- name: Clone This Repo | |
uses: actions/checkout@v2 | |
with: | |
submodules: recursive | |
- name: Configure CMake build | |
run: | | |
sudo apt-get install -y libmosquitto-dev | |
curl https://cmake.org/files/v3.2/cmake-3.2.0-Linux-x86_64.tar.gz -o cmake.tar.gz | |
tar -xf cmake.tar.gz | |
mkdir build && cd build | |
../cmake-3.2.0-Linux-x86_64/bin/cmake .. \ | |
-G "Unix Makefiles" \ | |
-DBUILD_DEMOS=1 \ | |
-DCMAKE_BUILD_TYPE=Release \ | |
-DCMAKE_C_FLAGS='-Wall -Wextra -Werror' \ | |
-DAWS_IOT_ENDPOINT="aws-iot-endpoint" \ | |
-DBROKER_ENDPOINT="broker-endpoint" \ | |
-DCLIENT_CERT_PATH="cert/path" \ | |
-DROOT_CA_CERT_PATH="cert/path" \ | |
-DCLIENT_PRIVATE_KEY_PATH="key/path" \ | |
-DCLIENT_IDENTIFIER="ci-identifier" \ | |
-DTHING_NAME="thing-name" \ | |
-DS3_PRESIGNED_GET_URL="get-url" \ | |
-DS3_PRESIGNED_PUT_URL="put-url" \ | |
-DCLAIM_CERT_PATH="cert/path" \ | |
-DCLAIM_PRIVATE_KEY_PATH="key/path" \ | |
-DPROVISIONING_TEMPLATE_NAME="template-name" \ | |
-DDEVICE_SERIAL_NUMBER="00000" \ | |
-DCSR_SUBJECT_NAME="CN=Fleet Provisioning Demo" \ | |
-DGREENGRASS_ADDRESS="greengrass-address" | |
- name: Build Demos | |
run: | | |
make -C build/ help | grep demo | tr -d '. ' | xargs make -C build/ | |
make -C demos/jobs/jobs_demo_mosquitto | |
build-check-demos-cpp: | |
runs-on: ubuntu-20.04 | |
steps: | |
- name: Clone This Repo | |
uses: actions/checkout@v2 | |
with: | |
submodules: recursive | |
- name: Rename source files | |
run: | | |
for demo in mqtt http shadow defender pkcs11 fleet_provisioning | |
do | |
for source in demos/$demo/*/*.c | |
do | |
mv -- "$source" "${source%.c}.cpp" | |
done | |
done | |
- name: Configure CMake build | |
run: | | |
sudo apt-get install -y libmosquitto-dev | |
curl https://cmake.org/files/v3.2/cmake-3.2.0-Linux-x86_64.tar.gz -o cmake.tar.gz | |
tar -xf cmake.tar.gz | |
mkdir build && cd build | |
../cmake-3.2.0-Linux-x86_64/bin/cmake .. \ | |
-G "Unix Makefiles" \ | |
-DBUILD_DEMOS=1 \ | |
-DCMAKE_BUILD_TYPE=Release \ | |
-DCMAKE_C_FLAGS='-Wall -Wextra' \ | |
-DAWS_IOT_ENDPOINT="aws-iot-endpoint" \ | |
-DBROKER_ENDPOINT="broker-endpoint" \ | |
-DCLIENT_CERT_PATH="cert/path" \ | |
-DROOT_CA_CERT_PATH="cert/path" \ | |
-DCLIENT_PRIVATE_KEY_PATH="key/path" \ | |
-DCLIENT_IDENTIFIER="ci-identifier" \ | |
-DTHING_NAME="thing-name" \ | |
-DS3_PRESIGNED_GET_URL="get-url" \ | |
-DS3_PRESIGNED_PUT_URL="put-url" \ | |
-DCLAIM_CERT_PATH="cert/path" \ | |
-DCLAIM_PRIVATE_KEY_PATH="key/path" \ | |
-DPROVISIONING_TEMPLATE_NAME="template-name" \ | |
-DDEVICE_SERIAL_NUMBER="00000" \ | |
-DCSR_SUBJECT_NAME="CN=Fleet Provisioning Demo" \ | |
-DGREENGRASS_ADDRESS="greengrass-address" | |
- name: Build Demos | |
run: | | |
make -C build/ help | grep demo | tr -d '. ' | xargs make -C build/ | |
build-check-install: | |
runs-on: ubuntu-20.04 | |
steps: | |
- name: Clone This Repo | |
uses: actions/checkout@v2 | |
with: | |
submodules: recursive | |
- name: Configure CMake for installation of shared libraries at custom location | |
run: | | |
curl https://cmake.org/files/v3.2/cmake-3.2.0-Linux-x86_64.tar.gz -o cmake.tar.gz | |
tar -xf cmake.tar.gz | |
mkdir build && cd build | |
../cmake-3.2.0-Linux-x86_64/bin/cmake .. \ | |
-DBUILD_DEMOS=0 \ | |
-DCSDK_HEADER_INSTALL_PATH="$PWD/../shared-libs-headers-install-dir" -DCSDK_LIB_INSTALL_PATH="$PWD/../shared-libs-install-dir" | |
- name: Install shared libraries and verify custom install location | |
run: | | |
cd build && sudo make install | |
while IFS="" read -r p || [ -n "$p" ] | |
do | |
if [[ $p != "$PWD/../shared-libs-headers-install-dir"* ]] && [[ $p != "$PWD/../shared-libs-install-dir"* ]]; then | |
exit 1 | |
fi | |
# Each line of install_manifest.txt contains the location of an installed library or header | |
done <install_manifest.txt | |
# Uninstall and reset build. | |
sudo xargs rm < install_manifest.txt || echo "transport_interface.h is installed twice because of duplicate copies in spoke repos." | |
rm -rf * | |
- name: Configure CMake for installation of static libraries at custom location | |
run: | | |
cd build | |
../cmake-3.2.0-Linux-x86_64/bin/cmake .. \ | |
-DBUILD_SHARED_LIBRARIES=OFF \ | |
-DBUILD_DEMOS=0 \ | |
-DCSDK_HEADER_INSTALL_PATH="$PWD/../static-libs-headers-install-dir" -DCSDK_LIB_INSTALL_PATH="$PWD/../static-libs-install-dir" | |
- name: Install static libraries and verify custom install location | |
run: | | |
cd build && sudo make install | |
while IFS="" read -r p || [ -n "$p" ] | |
do | |
if [[ $p != "$PWD/../static-libs-headers-install-dir"* ]] && [[ $p != "$PWD/../static-libs-install-dir"* ]]; then | |
exit 1 | |
fi | |
# Each line of install_manifest.txt contains the location of an installed library or header | |
done <install_manifest.txt | |
# Uninstall and reset build. | |
sudo xargs rm < install_manifest.txt || echo "transport_interface.h is installed twice because of duplicate copies in spoke repos." | |
rm -rf * | |
- name: Configure CMake build for system install location and selective installation | |
run: | | |
cd build | |
../cmake-3.2.0-Linux-x86_64/bin/cmake .. \ | |
-DBUILD_DEMOS=0 -DBUILD_TESTS=0 -DINSTALL_TO_SYSTEM=1 \ | |
-DINSTALL_LIBS="SHADOW;DEFENDER" -DINSTALL_PLATFORM_ABSTRACTIONS=0 | |
- name: Install selected libraries and verify default system installation path is used | |
run: | | |
cd build && sudo make install | |
while IFS="" read -r p || [ -n "$p" ] | |
do | |
if [[ $p != "/usr/local/include"* ]] && [[ $p != "/usr/local/lib"* ]]; then | |
exit 1 | |
fi | |
# Each line of install_manifest.txt contains the location of an installed library or header | |
done <install_manifest.txt | |
- name: Verify filenames from selective build | |
run: | | |
cd build | |
while IFS="" read -r p || [ -n "$p" ] | |
do | |
if [[ $p != *"shadow"* ]] && [[ $p != *"defender"* ]]; then | |
exit 1 | |
fi | |
# Each line of install_manifest.txt contains the location of an installed library or header | |
done <install_manifest.txt | |
complexity: | |
runs-on: ubuntu-20.04 | |
steps: | |
- uses: actions/checkout@v2 | |
- name: Setup | |
run: sudo apt-get install complexity | |
- name: Check Complexity | |
run: | | |
find platform/ \( -iname '*.c' ! -wholename '*test*' \) |\ | |
xargs complexity --scores --threshold=0 --horrid-threshold=8 | |
spell-check: | |
runs-on: ubuntu-20.04 | |
steps: | |
- uses: actions/checkout@v2 | |
- name: Install spell | |
run: | | |
sudo apt-get install -y spell util-linux | |
- name: Check Spelling | |
run: | | |
PATH=$PATH:$PWD/tools/spell | |
for lexfile in `find platform/ demos/ integration-test/ docs/ -name lexicon.txt` | |
do dir=${lexfile%/lexicon.txt} | |
echo $dir | |
find-unknown-comment-words --directory $dir | |
if [ $? -ne "0" ] | |
then | |
exit 1 | |
fi | |
done | |
formatting: | |
runs-on: ubuntu-20.04 | |
steps: | |
- uses: actions/checkout@v2 | |
- name: Install Uncrustify | |
run: sudo apt-get install uncrustify | |
- name: Check Formatting With Uncrustify | |
run: find . -iname "*.[hc]" -exec uncrustify --check -c tools/uncrustify.cfg {} + | |
- name: Check For Trailing Whitespace | |
run: | | |
set +e | |
grep --exclude="README.md" -rnI -e "[[:blank:]]$" . | |
if [ "$?" = "0" ]; then | |
echo "Files have trailing whitespace." | |
exit 1 | |
else | |
exit 0 | |
fi | |
- name: Check for CRLF | |
run: | | |
set +e | |
find . -path ./.git -prune -o -exec file {} + | grep "CRLF" | |
if [ "$?" = "0" ]; then | |
echo "Files have CRLF line endings." | |
exit 1 | |
else | |
exit 0 | |
fi | |
doxygen: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v2 | |
with: | |
submodules: recursive | |
- name: Install Doxygen | |
run: | | |
wget -qO- "https://sourceforge.net/projects/doxygen/files/rel-1.9.6/doxygen-1.9.6.linux.bin.tar.gz/download" | sudo tar --strip-components=1 -xz -C /usr/local | |
sudo apt-get install -y libclang-11-dev libclang-cpp11 graphviz | |
- name: Install Python3 | |
uses: actions/setup-python@v2 | |
with: | |
python-version: '3.11.0' | |
- name: Generate doxygen output | |
run: | | |
if [[ "$GITHUB_REF" == "refs/heads/main" ]]; then | |
echo 'Generate ZIP artifact of doxygen output' | |
python3 tools/doxygen/generate_docs.py --root . --zip | |
else | |
python3 tools/doxygen/generate_docs.py --root . | |
fi | |
- name: Upload doxygen artifact if main branch | |
if: success() && github.ref == 'refs/heads/main' | |
uses: actions/upload-artifact@v4 | |
with: | |
name: doxygen.zip | |
path: ./doxygen.zip | |
retention-days: 2 | |
git-secrets: | |
runs-on: ubuntu-20.04 | |
steps: | |
- uses: actions/checkout@v2 | |
with: | |
submodules: recursive | |
- name: Checkout awslabs/git-secrets | |
uses: actions/checkout@v2 | |
with: | |
repository: awslabs/git-secrets | |
ref: master | |
path: git-secrets | |
- name: Install git-secrets | |
run: cd git-secrets && sudo make install && cd .. | |
- name: Run git-secrets | |
run: | | |
git-secrets --register-aws | |
git-secrets --scan | |
link-verifier: | |
runs-on: ubuntu-20.04 | |
steps: | |
- uses: actions/checkout@v2 | |
with: | |
submodules: recursive | |
- name: Setup Python for link verifier action | |
uses: actions/setup-python@v2 | |
with: | |
python-version: '3.7.10' | |
- name: Check Links | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
uses: FreeRTOS/CI-CD-GitHub-Actions/link-verifier@main | |
with: | |
path: ./ | |
exclude-dirs: cmock,unity,cbmc,third-party,3rdparty,libmosquitto,libraries | |
include-file-types: .c,.h,.dox | |
allowlist-file: ./.github/links_allowlist.txt | |
verify-manifest: | |
runs-on: ubuntu-20.04 | |
steps: | |
- uses: actions/checkout@v2 | |
with: | |
submodules: recursive | |
- name: Setup Python for manifest.yml verifier action | |
uses: actions/setup-python@v2 | |
with: | |
python-version: '3.x' | |
- name: Verify manifest.yml | |
uses: FreeRTOS/CI-CD-GitHub-Actions/manifest-verifier@main | |
with: | |
path: ./ | |
exclude-submodules: libraries/3rdparty/CMock,libraries/3rdparty/mbedtls,libraries/3rdparty/tinycbor,demos/jobs/jobs_demo_mosquitto/libmosquitto | |
fail-on-incorrect-version: true | |