validate-staging.yml

## Copyright Amazon.com Inc. or its affiliates. All Rights Reserved.
## SPDX-License-Identifier: Apache-2.0

version: 0.2

env:
  variables:
    REGION: us-east-1
    DOMAIN: crypto-tools-internal
    REPOSITORY: java-dbesdk-ddb-staging
  parameter-store:
    ACCOUNT: /CodeBuild/AccountId

phases:
  install:
    runtime-versions:
      java: $JAVA_ENV_VERSION
    commands:
      - cd ..
      # Get Dafny
      - curl https://github.com/dafny-lang/dafny/releases/download/v4.9.0/dafny-4.9.0-x64-ubuntu-20.04.zip  -L -o dafny.zip
      - unzip -qq dafny.zip && rm dafny.zip
      - export PATH="$PWD/dafny:$PATH"
      # Get Gradle 7.6
      - curl https://services.gradle.org/distributions/gradle-7.6-all.zip -L -o gradle.zip
      - unzip -qq gradle.zip && rm gradle.zip
      - export PATH="$PWD/gradle-7.6/bin:$PATH"
      - cd  aws-database-encryption-sdk-dynamodb/
  pre_build:
    commands:
      # Get published CA DBESDK jar
      - export CODEARTIFACT_TOKEN=$(aws codeartifact get-authorization-token --domain crypto-tools-internal --domain-owner 587316601012 --region us-east-1 --query authorizationToken --output text)
      - export CODEARTIFACT_REPO_URL=https://crypto-tools-internal-587316601012.d.codeartifact.us-east-1.amazonaws.com/maven/java-dbesdk-ddb-staging/
      # Get CI Creds to be able to call DBESDK TestVectors
      - TMP_ROLE=$(aws sts assume-role --role-arn "arn:aws:iam::370957321024:role/GitHub-CI-DDBEC-Dafny-Role-us-west-2" --role-session-name "CB-TestVectorResources")
      - export TMP_ROLE
      - export AWS_ACCESS_KEY_ID=$(echo "${TMP_ROLE}" | jq -r '.Credentials.AccessKeyId')
      - export AWS_SECRET_ACCESS_KEY=$(echo "${TMP_ROLE}" | jq -r '.Credentials.SecretAccessKey')
      - export AWS_SESSION_TOKEN=$(echo "${TMP_ROLE}" | jq -r '.Credentials.SessionToken')
      - aws sts get-caller-identity
  build:
    commands:
      # Run transpile by itself. We don't want to locally build the MPL because
      # we want to verify that the version pulled down from maven works correctly
      - cd submodules/MaterialProviders/TestVectorsAwsCryptographicMaterialProviders
      - make transpile_implementation_java
      - make transpile_test_java
      - make mvn_local_deploy

      # Run test Vectors
      - cd ../../../TestVectors
      # Spin up ddb local
      - docker run --name dynamodb -d -p 8000:8000 amazon/dynamodb-local -jar DynamoDBLocal.jar -port 8000 -inMemory -cors *
      # Run transpile by itself so we don't locally build the MPL.
      - make transpile_implementation_java
      - make transpile_test_java
      - gradle -p runtimes/java runTests

      # Test Examples
      - cd ../Examples
      # Run Simple Examples
      - gradle -p runtimes/java/DynamoDbEncryption test
      # Run Migration Examples
      - gradle -p runtimes/java/Migration/PlaintextToAWSDBE test
      - gradle -p runtimes/java/Migration/DDBECToAWSDBE test