codebuild/ci/vectors-ci.yml

version: 0.2

phases:
  install:
    runtime-versions:
      java: $JAVA_ENV_VERSION
    commands:
      - git submodule update --init submodules/MaterialProviders
      # Get Dafny
      - curl https://github.com/dafny-lang/dafny/releases/download/v4.2.0/dafny-4.2.0-x64-ubuntu-20.04.zip  -L -o dafny.zip
      - unzip -qq dafny.zip && rm dafny.zip
      - export PATH="$PWD/dafny:$PATH"
      # Get Gradle 7.6
      - curl https://services.gradle.org/distributions/gradle-7.6-all.zip -L -o gradle.zip
      - unzip -qq gradle.zip && rm gradle.zip
      - export PATH="$PWD/gradle-7.6/bin:$PATH"
  pre_build:
    commands:
      # Assume Role to access non-prod resources
      - TMP_ROLE=$(aws sts assume-role --role-arn "arn:aws:iam::370957321024:role/GitHub-CI-Public-ESDK-Java-Role-us-west-2" --role-session-name "CB-TestVectorResources")
      - export TMP_ROLE
      - export AWS_ACCESS_KEY_ID=$(echo "${TMP_ROLE}" | jq -r '.Credentials.AccessKeyId')
      - export AWS_SECRET_ACCESS_KEY=$(echo "${TMP_ROLE}" | jq -r '.Credentials.SecretAccessKey')
      - export AWS_SESSION_TOKEN=$(echo "${TMP_ROLE}" | jq -r '.Credentials.SessionToken')
      - aws sts get-caller-identity

      # Build and deploy TestVectors to maven local
      - cd submodules/MaterialProviders
      - git checkout $BRANCH
      - cd TestVectorsAwsCryptographicMaterialProviders/
      # This works because `node` is installed by default on GHA runners
      - CORES=$(node -e 'console.log(os.cpus().length)')
      - make build_java CORES=$CORES
      - ./runtimes/java/gradlew -p runtimes/java publishMavenLocalPublicationToMavenLocal
      - cd $CODEBUILD_SRC_DIR
  build:
    commands:
      - mvn install -T 8 -Dgpg.skip=true -ntp "-DtestVectorZip=file://$CODEBUILD_SRC_DIR/src/test/resources/aws-encryption-sdk-test-vectors/vectors/awses-decrypt/python-2.3.0.zip"