From 52794b37ab3d6c1cb19cff0c7a3cee851fa27283 Mon Sep 17 00:00:00 2001 From: mattsb42-aws Date: Tue, 31 Mar 2020 11:56:53 -0700 Subject: [PATCH 1/2] chore: add GitHub Actions workflows for all CI that does not require AWS credentials --- .github/workflows/ci_decrypt-oracle.yaml | 53 ++++++++++ .github/workflows/ci_static-analysis.yaml | 40 +++++++ .github/workflows/ci_test-vector-handler.yaml | 88 +++++++++++++++ .github/workflows/ci_tests.yaml | 100 ++++++++++++++++++ ci-requirements.txt | 1 + 5 files changed, 282 insertions(+) create mode 100644 .github/workflows/ci_decrypt-oracle.yaml create mode 100644 .github/workflows/ci_static-analysis.yaml create mode 100644 .github/workflows/ci_test-vector-handler.yaml create mode 100644 .github/workflows/ci_tests.yaml create mode 100644 ci-requirements.txt diff --git a/.github/workflows/ci_decrypt-oracle.yaml b/.github/workflows/ci_decrypt-oracle.yaml new file mode 100644 index 000000000..d8ecff117 --- /dev/null +++ b/.github/workflows/ci_decrypt-oracle.yaml @@ -0,0 +1,53 @@ +name: Continuous Integration tests for the decrypt oracle + +on: + pull_request: + push: + # Run once a day + schedule: + - cron: '0 0 * * *' + +jobs: + tests: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - uses: actions/setup-python@v1 + with: + # The oracle runs in a Python 3.6 Lamba + python-version: 3.6 + - run: | + python -m pip install --upgrade pip + pip install --upgrade -r ci-requirements.txt + - name: run test + env: + TOXENV: local + run: | + cd decrypt_oracle + tox -- -vv + static-analysis: + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + category: + - bandit + - readme + - flake8 + - pylint + - flake8-tests + - pylint-tests + steps: + - uses: actions/checkout@v2 + - uses: actions/setup-python@v1 + with: + python-version: 3.x + - run: | + python -m pip install --upgrade pip + pip install --upgrade -r ci-requirements.txt + - name: run test + env: + TOXENV: ${{ matrix.category }} + run: | + cd decrypt_oracle + tox -- -vv diff --git a/.github/workflows/ci_static-analysis.yaml b/.github/workflows/ci_static-analysis.yaml new file mode 100644 index 000000000..f80c429fe --- /dev/null +++ b/.github/workflows/ci_static-analysis.yaml @@ -0,0 +1,40 @@ +name: Static analysis checks + +on: + pull_request: + push: + # Run once a day + schedule: + - cron: '0 0 * * *' + +jobs: + analysis: + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + category: + - bandit + - doc8 + - docs + - readme + - flake8 + - pylint + - flake8-tests + - pylint-tests + - flake8-examples + - pylint-examples + - black-check + - isort-check + steps: + - uses: actions/checkout@v2 + - uses: actions/setup-python@v1 + with: + python-version: 3.x + - run: | + python -m pip install --upgrade pip + pip install --upgrade -r ci-requirements.txt + - name: run test + env: + TOXENV: ${{ matrix.category }} + run: tox -- -vv diff --git a/.github/workflows/ci_test-vector-handler.yaml b/.github/workflows/ci_test-vector-handler.yaml new file mode 100644 index 000000000..f2efa30ce --- /dev/null +++ b/.github/workflows/ci_test-vector-handler.yaml @@ -0,0 +1,88 @@ +name: Continuous Integration tests for the test vector handler + +on: + pull_request: + push: + # Run once a day + schedule: + - cron: '0 0 * * *' + +jobs: + tests: + # Until we address the credentials problem, + # do not run for pull requests. + if: github.event != 'pull_request' + runs-on: ${{ matrix.os }} + strategy: + fail-fast: true + matrix: + os: + - ubuntu-latest + - windows-latest + - macos-latest + python: + - 2.7 + - 3.5 + - 3.6 + - 3.7 + - 3.8 + - 3.x + architecture: + - x64 + - x86 + category: + - awses_1.3.3 + - awses_1.3.max + - awses_latest + exclude: + # x86 builds are only meaningful for Windows + - os: ubuntu-latest + architecture: x86 + - os: macos-latest + architecture: x86 + steps: + - uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.INTEG_AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.INTEG_AWS_SECRET_ACCESS_KEY }} + aws-region: us-west-2 + - uses: actions/checkout@v2 + - uses: actions/setup-python@v1 + with: + python-version: ${{ matrix.python }} + architecture: ${{ matrix.architecture }} + - run: | + python -m pip install --upgrade pip + pip install --upgrade -r ci-requirements.txt + - name: run test + env: + TOXENV: ${{ matrix.category }} + run: | + cd test_vector_handlers + tox -- -vv + static-analysis: + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + category: + - bandit + - readme + - flake8 + - pylint + - flake8-tests + - pylint-tests + steps: + - uses: actions/checkout@v2 + - uses: actions/setup-python@v1 + with: + python-version: 3.x + - run: | + python -m pip install --upgrade pip + pip install --upgrade -r ci-requirements.txt + - name: run test + env: + TOXENV: ${{ matrix.category }} + run: | + cd test_vector_handlers + tox -- -vv diff --git a/.github/workflows/ci_tests.yaml b/.github/workflows/ci_tests.yaml new file mode 100644 index 000000000..c2f297ea2 --- /dev/null +++ b/.github/workflows/ci_tests.yaml @@ -0,0 +1,100 @@ +name: Continuous Integration tests + +on: + pull_request: + push: + # Run once a day + schedule: + - cron: '0 0 * * *' + +env: + AWS_ENCRYPTION_SDK_PYTHON_INTEGRATION_TEST_AWS_KMS_KEY_ID: | + arn:aws:kms:us-west-2:658956600833:key/b3537ef1-d8dc-4780-9f5a-55776cbb2f7f + AWS_ENCRYPTION_SDK_PYTHON_INTEGRATION_TEST_AWS_KMS_KEY_ID_2: | + arn:aws:kms:eu-central-1:658956600833:key/75414c93-5285-4b57-99c9-30c1cf0a22c2 + +jobs: + tests: + runs-on: ${{ matrix.os }} + strategy: + fail-fast: true + matrix: + os: + - ubuntu-latest + - windows-latest + - macos-latest + python: + - 2.7 + - 3.5 + - 3.6 + - 3.7 + - 3.8 + - 3.x + architecture: + - x64 + - x86 + category: + - local + - accept +# These require credentials. +# Enable them once we sort how to provide them. +# - integ +# - examples + exclude: + # x86 builds are only meaningful for Windows + - os: ubuntu-latest + architecture: x86 + - os: macos-latest + architecture: x86 + steps: + - uses: actions/checkout@v2 + - uses: actions/setup-python@v1 + with: + python-version: ${{ matrix.python }} + architecture: ${{ matrix.architecture }} + - run: | + python -m pip install --upgrade pip + pip install --upgrade -r ci-requirements.txt + - name: run test + env: + TOXENV: ${{ matrix.category }} + run: tox -- -vv + upstream-py3: + runs-on: ubuntu-latest + strategy: + fail-fast: true + matrix: + category: + - nocmk + - test-upstream-requirements-py37 + steps: + - uses: actions/checkout@v2 + - uses: actions/setup-python@v1 + with: + python-version: 3.7 + - run: | + python -m pip install --upgrade pip + pip install --upgrade -r ci-requirements.txt + - name: run test + env: + TOXENV: ${{ matrix.category }} + run: tox -- -vv + upstream-py2: + runs-on: ubuntu-latest + strategy: + fail-fast: true + matrix: + category: + - test-upstream-requirements-py27 + steps: + - uses: actions/checkout@v2 + - uses: actions/setup-python@v1 + with: + python-version: 2.7 + - run: | + python -m pip install --upgrade pip + pip install --upgrade -r ci-requirements.txt + - name: run test + env: + TOXENV: ${{ matrix.category }} + run: tox -- -vv diff --git a/ci-requirements.txt b/ci-requirements.txt new file mode 100644 index 000000000..053148f84 --- /dev/null +++ b/ci-requirements.txt @@ -0,0 +1 @@ +tox From 6a20af6d4e0f5bd9ce8f6fbe4e16725c0b941f9f Mon Sep 17 00:00:00 2001 From: mattsb42-aws Date: Tue, 31 Mar 2020 11:58:25 -0700 Subject: [PATCH 2/2] chore: remove checks from travis and appveyor that were moved to GitHub Actions workflows --- .travis.yml | 177 --------------------------------------------------- appveyor.yml | 40 ------------ 2 files changed, 217 deletions(-) diff --git a/.travis.yml b/.travis.yml index cf290d719..a8ca00f68 100644 --- a/.travis.yml +++ b/.travis.yml @@ -3,62 +3,34 @@ language: python matrix: include: # CPython 2.7 - - python: 2.7 - env: TOXENV=py27-local - stage: Client Tests - python: 2.7 env: TOXENV=py27-integ stage: Client Tests - - python: 2.7 - env: TOXENV=py27-accept - stage: Client Tests - python: 2.7 env: TOXENV=py27-examples stage: Client Tests # CPython 3.5 - - python: 3.5 - env: TOXENV=py35-local - stage: Client Tests - python: 3.5 env: TOXENV=py35-integ stage: Client Tests - - python: 3.5 - env: TOXENV=py35-accept - stage: Client Tests - python: 3.5 env: TOXENV=py35-examples stage: Client Tests # CPython 3.6 - - python: 3.6 - env: TOXENV=py36-local - stage: Client Tests - python: 3.6 env: TOXENV=py36-integ stage: Client Tests - - python: 3.6 - env: TOXENV=py36-accept - stage: Client Tests - python: 3.6 env: TOXENV=py36-examples stage: Client Tests # CPython 3.7 # xenial + sudo are currently needed to get 3.7 # https://github.com/travis-ci/travis-ci/issues/9815 - - python: 3.7 - env: TOXENV=py37-local - dist: xenial - sudo: true - stage: Client Tests - python: 3.7 env: TOXENV=py37-integ dist: xenial sudo: true stage: Client Tests - - python: 3.7 - env: TOXENV=py37-accept - dist: xenial - sudo: true - stage: Client Tests - python: 3.7 env: TOXENV=py37-examples dist: xenial @@ -67,78 +39,16 @@ matrix: # CPython 3.8 # xenial + sudo are currently needed to get 3.8 # https://github.com/travis-ci/travis-ci/issues/9815 - - python: 3.8 - env: TOXENV=py38-local - dist: xenial - sudo: true - stage: Client Tests - python: 3.8 env: TOXENV=py38-integ dist: xenial sudo: true stage: Client Tests - - python: 3.8 - env: TOXENV=py38-accept - dist: xenial - sudo: true - stage: Client Tests - python: 3.8 env: TOXENV=py38-examples dist: xenial sudo: true stage: Client Tests - # Upstream tests - - python: 3.6 - env: TOXENV=nocmk - stage: Upstream Tests - - python: 2.7 - env: TOXENV=test-upstream-requirements-py27 - stage: Upstream Tests - # xenial + sudo are currently needed to get 3.7 - # https://github.com/travis-ci/travis-ci/issues/9815 - - python: 3.7 - env: TOXENV=test-upstream-requirements-py37 - dist: xenial - sudo: true - stage: Upstream Tests - # Security - - python: 3.6 - env: TOXENV=bandit - stage: Security Checks - # Linting and autoformatting - - python: 3.6 - env: TOXENV=doc8 - stage: Formatting Checks - - python: 3.6 - env: TOXENV=docs - stage: Formatting Checks - - python: 3.6 - env: TOXENV=readme - stage: Formatting Checks - - python: 3.6 - env: TOXENV=flake8 - stage: Formatting Checks - - python: 3.6 - env: TOXENV=pylint - stage: Formatting Checks - - python: 3.6 - env: TOXENV=flake8-tests - stage: Formatting Checks - - python: 3.6 - env: TOXENV=pylint-tests - stage: Formatting Checks - - python: 3.6 - env: TOXENV=flake8-examples - stage: Formatting Checks - - python: 3.6 - env: TOXENV=pylint-examples - stage: Formatting Checks - - python: 3.6 - env: TOXENV=black-check - stage: Formatting Checks - - python: 3.6 - env: TOXENV=isort-check - stage: Formatting Checks ######################## # Test Vector Handlers # ######################## @@ -234,93 +144,6 @@ matrix: dist: xenial sudo: true stage: Test Vector Handler Tests - # Linters - - python: 3.6 - env: - TEST_VECTOR_HANDLERS=1 - TOXENV=bandit - stage: Test Vector Handler Formatting Checks - - python: 3.6 - env: - TEST_VECTOR_HANDLERS=1 - TOXENV=readme - stage: Test Vector Handler Formatting Checks - # Pending buildout of docs - #- python: 3.6 - # env: - # TEST_VECTOR_HANDLERS=1 - # TOXENV=docs - #- python: 3.6 - # env: - # TEST_VECTOR_HANDLERS=1 - # TOXENV=doc8 - # Pending linting cleanup - #- python: 3.6 - # env: - # TEST_VECTOR_HANDLERS=1 - # TOXENV=flake8 - #- python: 3.6 - # env: - # TEST_VECTOR_HANDLERS=1 - # TOXENV=pylint - #- python: 3.6 - # env: - # TEST_VECTOR_HANDLERS=1 - # TOXENV=flake8-tests - #- python: 3.6 - # env: - # TEST_VECTOR_HANDLERS=1 - # TOXENV=pylint-tests - ################## - # Decrypt Oracle # - ################## - # CPython 3.6 - # Because this build as Python 3.6 Lambda, this is the only runtime we are targetting. - - python: 3.6 - env: - DECRYPT_ORACLE=1 - TOXENV=py36-local - stage: Decrypt Oracle Tests - # Linters - - python: 3.6 - env: - DECRYPT_ORACLE=1 - TOXENV=bandit - stage: Decrypt Oracle Formatting Checks - - python: 3.6 - env: - DECRYPT_ORACLE=1 - TOXENV=readme - stage: Decrypt Oracle Formatting Checks - # Pending buildout of docs - #- python: 3.6 - # env: - # DECRYPT_ORACLE=1 - # TOXENV=docs - #- python: 3.6 - # env: - # DECRYPT_ORACLE=1 - # TOXENV=doc8 - - python: 3.6 - env: - DECRYPT_ORACLE=1 - TOXENV=flake8 - stage: Decrypt Oracle Formatting Checks - - python: 3.6 - env: - DECRYPT_ORACLE=1 - TOXENV=pylint - stage: Decrypt Oracle Formatting Checks - - python: 3.6 - env: - DECRYPT_ORACLE=1 - TOXENV=flake8-tests - stage: Decrypt Oracle Formatting Checks - - python: 3.6 - env: - DECRYPT_ORACLE=1 - TOXENV=pylint-tests - stage: Decrypt Oracle Formatting Checks install: pip install tox script: - | diff --git a/appveyor.yml b/appveyor.yml index ceb9318bd..d7791f6ae 100644 --- a/appveyor.yml +++ b/appveyor.yml @@ -7,92 +7,52 @@ environment: # analysis, etc are only run on Linux (via Travis CI). # Python 2.7 - - PYTHON: "C:\\Python27" - TOXENV: "py27-local" - PYTHON: "C:\\Python27" TOXENV: "py27-integ" - - PYTHON: "C:\\Python27" - TOXENV: "py27-accept" - PYTHON: "C:\\Python27" TOXENV: "py27-examples" - - PYTHON: "C:\\Python27-x64" - TOXENV: "py27-local" - PYTHON: "C:\\Python27-x64" TOXENV: "py27-integ" - - PYTHON: "C:\\Python27-x64" - TOXENV: "py27-accept" - PYTHON: "C:\\Python27-x64" TOXENV: "py27-examples" # Python 3.5 - - PYTHON: "C:\\Python35" - TOXENV: "py35-local" - PYTHON: "C:\\Python35" TOXENV: "py35-integ" - - PYTHON: "C:\\Python35" - TOXENV: "py35-accept" - PYTHON: "C:\\Python35" TOXENV: "py35-examples" - - PYTHON: "C:\\Python35-x64" - TOXENV: "py35-local" - PYTHON: "C:\\Python35-x64" TOXENV: "py35-integ" - - PYTHON: "C:\\Python35-x64" - TOXENV: "py35-accept" - PYTHON: "C:\\Python35-x64" TOXENV: "py35-examples" # Python 3.6 - - PYTHON: "C:\\Python36" - TOXENV: "py36-local" - PYTHON: "C:\\Python36" TOXENV: "py36-integ" - - PYTHON: "C:\\Python36" - TOXENV: "py36-accept" - PYTHON: "C:\\Python36" TOXENV: "py36-examples" - - PYTHON: "C:\\Python36-x64" - TOXENV: "py36-local" - PYTHON: "C:\\Python36-x64" TOXENV: "py36-integ" - - PYTHON: "C:\\Python36-x64" - TOXENV: "py36-accept" - PYTHON: "C:\\Python36-x64" TOXENV: "py36-examples" # Python 3.7 - - PYTHON: "C:\\Python37" - TOXENV: "py37-local" - PYTHON: "C:\\Python37" TOXENV: "py37-integ" - - PYTHON: "C:\\Python37" - TOXENV: "py37-accept" - PYTHON: "C:\\Python37" TOXENV: "py37-examples" - - PYTHON: "C:\\Python37-x64" - TOXENV: "py37-local" - PYTHON: "C:\\Python37-x64" TOXENV: "py37-integ" - - PYTHON: "C:\\Python37-x64" - TOXENV: "py37-accept" - PYTHON: "C:\\Python37-x64" TOXENV: "py37-examples" # Python 3.8 - - PYTHON: "C:\\Python38" - TOXENV: "py38-local" - PYTHON: "C:\\Python38" TOXENV: "py38-integ" - - PYTHON: "C:\\Python38" - TOXENV: "py38-accept" - PYTHON: "C:\\Python38" TOXENV: "py38-examples" - - PYTHON: "C:\\Python38-x64" - TOXENV: "py38-local" - PYTHON: "C:\\Python38-x64" TOXENV: "py38-integ" - - PYTHON: "C:\\Python38-x64" - TOXENV: "py38-accept" - PYTHON: "C:\\Python38-x64" TOXENV: "py38-examples"