Skip to content
.github/workflows/ci_ec2_container.yml

Remove CPPFLAGS, use EXTRAFLAGS instead #1

Sign in to view logs

Remove CPPFLAGS, use EXTRAFLAGS instead

Remove CPPFLAGS, use EXTRAFLAGS instead #1

Workflow file for this run

.github/workflows/ci_ec2_container.yml at 0876b7e
# SPDX-License-Identifier: Apache-2.0
name: ci-ec2-reusable
permissions:
contents: read
on:
workflow_call:
inputs:
name:
type: string
description: Alternative name of instance
default: Graviton2
ec2_instance_type:
type: string
description: Type if EC2 instance to benchmark on
default: t4g.small
ec2_ami:
type: string
description: Textual description of AMI
default: ubuntu-latest (aarch64)
ec2_ami_id:
type: string
description: AMI ID
default: ami-096ea6a12ea24a797
cflags:
type: string
description: Custom CFLAGS for compilation
default: ""
<<<<<<< HEAD

Check failure on line 29 in .github/workflows/ci_ec2_container.yml

View workflow run for this annotation

GitHub Actions / .github/workflows/ci_ec2_container.yml

Invalid workflow file 

You have an error in your yaml syntax on line 29
extraflags:
type: string
description: Custom EXTRAFLAGS for compilation
default: ""
=======
>>>>>>> 6ff950b9 (CI: Add further container-based compatibility tests)
verbose:
description: Determine for the log verbosity
type: boolean
default: false
compile_mode:
type: string
description: either all, native, cross or none
default: all
opt:
type: string
description: either all, opt or no_opt
default: all
functest:
type: boolean
default: true
kattest:
type: boolean
default: true
nistkattest:
type: boolean
default: true
acvptest:
type: boolean
default: true
lint:
type: boolean
default: true
cbmc:
type: boolean
default: false
cbmc_mlkem_k:
type: string
default: 2
container:
type: string
default: ''
env:
AWS_ROLE: arn:aws:iam::559050233797:role/mlkem-c-aarch64-gh-action
AWS_REGION: us-east-1
AMI_UBUNTU_LATEST_X86_64: ami-0e86e20dae9224db8
AMI_UBUNTU_LATEST_AARCH64: ami-096ea6a12ea24a797
jobs:
start-ec2-runner:
name: Start instance (${{ inputs.ec2_instance_type }})
permissions:
contents: 'read'
id-token: 'write'
runs-on: ubuntu-latest
if: ${{ always() }} # The point is to make this step non-cancellable,
# avoiding race conditions where an instance is started,
# but isn't yet done registering as a runner and reporting back.
outputs:
label: ${{ steps.start-ec2-runner.outputs.label }}
ec2-instance-id: ${{ steps.start-ec2-runner.outputs.ec2-instance-id }}
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Determine AMI ID
id: det_ami_id
run: |
if [[ "${{ inputs.ec2_ami }}" == "ubuntu-latest (x86_64)" ]]; then
AMI_ID=${{ env.AMI_UBUNTU_LATEST_X86_64 }}
elif [[ "${{ inputs.ec2_ami }}" == "ubuntu-latest (aarch64)" ]]; then
AMI_ID=${{ env.AMI_UBUNTU_LATEST_AARCH64 }}
elif [[ "${{ inputs.ec2_ami }}" == "ubuntu-latest (custom AMI)" ]]; then
AMI_ID=${{ inputs.ec2_ami_id }}
fi
echo "Using AMI ID: $AMI_ID"
echo "AMI_ID=$AMI_ID" >> $GITHUB_OUTPUT
- name: Clear nix-installer action cache
uses: ./.github/actions/clear-cache
with:
key_prefix: determinatesystem-nix-installer-
repository: ${{ github.repository }}
gh_token: ${{ secrets.AWS_GITHUB_TOKEN }}
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2
with:
role-to-assume: ${{ env.AWS_ROLE }}
aws-region: ${{ env.AWS_REGION }}
- name: Start EC2 runner
id: start-ec2-runner
uses: mkannwischer/ec2-github-runner@d15c8804522523d2bac7119a01ffff83b7795d87
with:
mode: start
github-token: ${{ secrets.AWS_GITHUB_TOKEN }}
ec2-image-id: ${{ steps.det_ami_id.outputs.AMI_ID }}
ec2-instance-type: ${{ inputs.ec2_instance_type }}
subnet-id: subnet-07b2729e5e065962f
security-group-id: sg-0ab2e297196c8c381
tests:
name: Run tests
needs: start-ec2-runner
if: ${{ inputs.container != '' }}
runs-on: ${{ needs.start-ec2-runner.outputs.label }}
container:
localhost:5000/${{ inputs.container }}
steps:
# We're not using the checkout action here because on it's not supported
# on all containers we want to test. Resort to a manual checkout.
#
# We can't hoist this into an action since calling an action can only
# be done after checkout.
- name: Manual checkout
shell: bash
run: |
if /usr/bin/which yum; then
yum install git -y
elif /usr/bin/which apt; then
apt update
apt install git -y
fi
git init
git remote add origin $GITHUB_SERVER_URL/$GITHUB_REPOSITORY
git fetch origin --depth 1 $GITHUB_SHA
git checkout FETCH_HEAD
- uses: ./.github/actions/setup-os
with:
sudo: ""
- name: make quickcheck
run: |
OPT=0 make quickcheck >/dev/null
make clean >/dev/null
OPT=1 make quickcheck >/dev/null
- name: Functional Tests
uses: ./.github/actions/multi-functest
with:
nix-shell: ""
gh_token: ${{ secrets.AWS_GITHUB_TOKEN }}
cflags: ${{ inputs.cflags }}
extraflags: ${{ inputs.extraflags }}
compile_mode: ${{ inputs.compile_mode }}
opt: ${{ inputs.opt }}
func: ${{ inputs.functest }}
kat: ${{ inputs.kattest }}
nistkat: ${{ inputs.nistkattest }}
acvp: ${{ inputs.acvptest }}
stop-ec2-runner:
name: Stop instance (${{ inputs.ec2_instance_type }})
permissions:
contents: 'read'
id-token: 'write'
needs:
- start-ec2-runner
- tests
runs-on: ubuntu-latest
if: ${{ always() }} # required to stop the runner even if the error happened in the previous jobs
steps:
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2
with:
role-to-assume: ${{ env.AWS_ROLE }}
aws-region: ${{ env.AWS_REGION }}
- name: Stop EC2 runner
uses: mkannwischer/ec2-github-runner@d15c8804522523d2bac7119a01ffff83b7795d87
with:
mode: stop
github-token: ${{ secrets.AWS_GITHUB_TOKEN }}
label: ${{ needs.start-ec2-runner.outputs.label }}
ec2-instance-id: ${{ needs.start-ec2-runner.outputs.ec2-instance-id }}