Skip to content

Bump aws-lc-rs from 1.11.1 to 1.12.0 (#3575) #8969

Bump aws-lc-rs from 1.11.1 to 1.12.0 (#3575)

Bump aws-lc-rs from 1.11.1 to 1.12.0 (#3575) #8969

Workflow file for this run

name: ci-build
on:
push:
branches: [ main, release/** ]
pull_request:
workflow_dispatch:
inputs:
divviup_ts_interop_container:
description: divviup-ts container image tag for use in integration tests
required: false
type: string
jobs:
janus_build:
strategy:
matrix:
rust-toolchain: [
# MSRV policy
"stable minus 2 releases",
"stable",
]
runs-on: ubuntu-latest
permissions:
id-token: "write"
contents: "read"
needs: janus_interop_docker # We rely on this populating our Docker cache backend
env:
CARGO_INCREMENTAL: 0
CARGO_TERM_COLOR: always
RUSTFLAGS: "-D warnings"
steps:
- name: 'Workaround for issue #3178'
run: sudo sysctl -w kernel.apparmor_restrict_unprivileged_userns=0
- name: Set default input values
id: default-input-values
run: |
DIVVIUP_TS_INTEROP_CONTAINER= ${{ inputs.divviup_ts_interop_container }}
echo "divviup_ts_interop_container=${DIVVIUP_TS_INTEROP_CONTAINER:-us-west2-docker.pkg.dev/divviup-artifacts-public/divviup-ts/divviup_ts_interop_client:e2bd57d@sha256:ea32ec6d1e6522d4282b644e9885aeb30a0a92877f73e27424e9e00844b9a80c}" >> $GITHUB_OUTPUT
- name: Get OS version
id: os-version
run: echo "release=$(lsb_release --release --short)" >> $GITHUB_OUTPUT
- uses: actions/checkout@v4
- name: Setup Go toolchain
uses: actions/setup-go@v5
- name: Install Kind
# We should always make sure that the `kind` CLI we install is from the
# same release as the node image version used by
# `janus_core::test_util::kubernetes::EphemeralCluster`
run: go install sigs.k8s.io/[email protected]
- name: Install Rust toolchain
uses: dtolnay/rust-toolchain@master
with:
toolchain: ${{ matrix.rust-toolchain }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
driver: docker-container
use: true
- name: Cache dependencies
uses: Swatinem/rust-cache@v2
with:
key: ${{ steps.os-version.outputs.release }}
- name: Expose GitHub Runtime
uses: crazy-max/ghaction-github-runtime@v3
- name: Build minimal janus_messages
run: cargo build --profile ci --package janus_messages --no-default-features
- name: Build janus_core
run: cargo build --profile ci --package janus_core
- name: Test janus_client OHTTP
run: cargo test --package janus_client --features ohttp
# Note: keep Build & Test steps consecutive, and match flags other than `--no-run`.
- name: Build
run: cargo test --profile ci --locked --all-targets --features=prometheus --no-run
- name: Test
id: test
env:
RUST_LOG: info
JANUS_E2E_LOGS_PATH: ${{ github.workspace }}/test-logs
DIVVIUP_TS_INTEROP_CONTAINER: ${{ steps.default-input-values.outputs.divviup_ts_interop_container }}
run: cargo test --profile ci --locked --all-targets --features=prometheus
# Continue on error so we can upload logs
continue-on-error: true
- name: Build (Docker-specific tests)
# This matches the `cargo test` command invoked by `cargo xtask test-docker`, except for `--no-run`.
run: cargo test --profile ci --locked --package=janus_interop_binaries --package=janus_integration_tests --features=testcontainer --no-run
- name: Test (Docker)
id: test-docker
env:
RUST_LOG: info
JANUS_E2E_LOGS_PATH: ${{ github.workspace }}/test-logs
DIVVIUP_TS_INTEROP_CONTAINER: ${{ steps.default-input-values.outputs.divviup_ts_interop_container }}
run: cargo run --package xtask --profile=ci -- test-docker --profile=ci --locked
# Continue on error so we can upload logs
continue-on-error: true
- name: Upload container logs
# Only get logs on test failure
if: steps.test.outcome == 'failure' || steps.test-docker.outcome == 'failure'
uses: actions/upload-artifact@v4
with:
name: container-logs
path: ${{ github.workspace }}/test-logs/
# Not all test failures yield log files
if-no-files-found: ignore
# Force overall job to fail if tests fail
- name: test status
if: steps.test.outcome == 'failure' || steps.test-docker.outcome == 'failure'
run: exit 1
janus_lints:
strategy:
matrix:
rust-toolchain: [
# MSRV policy
"stable minus 2 releases",
"stable",
]
runs-on: ubuntu-latest
env:
CARGO_INCREMENTAL: 0
CARGO_TERM_COLOR: always
JANUS_INTEROP_CONTAINER: skip
RUSTDOCFLAGS: "-D warnings"
RUSTFLAGS: "-D warnings"
steps:
- uses: actions/checkout@v4
- name: Install Rust toolchain
uses: dtolnay/rust-toolchain@master
with:
toolchain: ${{ matrix.rust-toolchain }}
components: clippy, rustfmt
- name: Format
run: cargo fmt --message-format human -- --check
- name: Clippy
run: cargo clippy --profile ci --workspace --all-targets
- name: Clippy (all features)
run: cargo clippy --profile ci --workspace --all-targets --all-features
- name: Document
run: cargo doc --profile ci --workspace --all-features
- name: cargo-deny
uses: EmbarkStudios/[email protected]
with:
command: check bans licenses sources -A unmatched-organization
janus_docker:
runs-on: ubuntu-latest
env:
DOCKER_BUILDKIT: 1
steps:
- uses: actions/checkout@v4
- run: echo "GIT_REVISION=$(git describe --always --dirty=-modified)" >> $GITHUB_ENV
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
driver: docker-container
use: true
- name: Build
uses: docker/[email protected]
with:
files: docker-bake.hcl
workdir: .
targets: janus
load: true
- run: docker run --rm janus_aggregator --help
- run: docker run --rm janus_garbage_collector --help
- run: docker run --rm janus_aggregation_job_creator --help
- run: docker run --rm janus_aggregation_job_driver --help
- run: docker run --rm janus_collection_job_driver --help
- run: docker run --rm janus_cli --help
- run: docker run --rm janus_db_migrator --help
janus_interop_docker:
runs-on: ubuntu-latest
env:
DOCKER_BUILDKIT: 1
steps:
- uses: actions/checkout@v4
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
driver: docker-container
use: true
- name: Build
uses: docker/[email protected]
with:
files: docker-bake.hcl
workdir: .
targets: interop_binaries_ci
rustsec_advisories:
runs-on: ubuntu-latest
continue-on-error: true
steps:
- uses: actions/checkout@v4
- name: cargo-deny
uses: EmbarkStudios/[email protected]
with:
command: check advisories