aws · RitvikKapila · Jun 5, 2024 · Jun 7, 2024 · Jun 13, 2024 · Jun 26, 2024
diff --git a/.github/workflows/ci_tests.yaml b/.github/workflows/ci_tests.yaml
@@ -25,11 +25,7 @@ jobs:
       matrix:
         os:
           - ubuntu-latest
-          # Windows fails due to "No module named 'Wrappers'"
-          # This SHOULD be fixed once Dafny generates fully-qualified import statements
-          # (i.e. doo files, per-package module names)
-          # Disable for now
-          # - windows-latest
+          - windows-latest
           - macos-12
         python:
           - 3.8

diff --git a/.gitignore b/.gitignore
@@ -33,6 +33,12 @@ __pycache__
 .pytest_cache
 # Ignore key materials generated by examples or tests
 test_keyrings/
+# Ignore results of performance test
+performance_tests/results/*.csv
+performance_tests/results/*.pstats
+performance_tests/results/*.png
+# Ignore the memory profile logs
+mprofile_*
 
 # PyCharm
 .idea/

diff --git a/buildspec.yml b/buildspec.yml
@@ -126,6 +126,10 @@ batch:
       buildspec: codebuild/py311/integ_mpl.yml
       env:
         image: aws/codebuild/standard:7.0
+    - identifier: py311_performance_tests_mpl
+      buildspec: codebuild/py311/performance_tests_mpl.yml
+      env:
+        image: aws/codebuild/standard:7.0
     - identifier: py311_examples
       buildspec: codebuild/py311/examples.yml
       env:
@@ -212,6 +216,10 @@ batch:
       buildspec: codebuild/py312/integ_mpl.yml
       env:
         image: aws/codebuild/standard:7.0
+    - identifier: py312_performance_tests_mpl
+      buildspec: codebuild/py312/performance_tests_mpl.yml
+      env:
+        image: aws/codebuild/standard:7.0
     - identifier: py312_examples
       buildspec: codebuild/py312/examples.yml
       env:

diff --git a/codebuild/py311/performance_tests_mpl.yml b/codebuild/py311/performance_tests_mpl.yml
@@ -0,0 +1,38 @@
+# Runs the performance tests for the MPL in an environment with the MPL installed
+version: 0.2
+
+env:
+  variables:
+    # No TOXENV. This runs multiple environments.
+    REGION: "us-west-2"
+    AWS_ENCRYPTION_SDK_PYTHON_INTEGRATION_TEST_AWS_KMS_KEY_ID: >-
+      arn:aws:kms:us-west-2:658956600833:key/b3537ef1-d8dc-4780-9f5a-55776cbb2f7f
+    AWS_ENCRYPTION_SDK_PYTHON_INTEGRATION_TEST_AWS_KMS_KEY_ID_2: >-
+      arn:aws:kms:eu-central-1:658956600833:key/75414c93-5285-4b57-99c9-30c1cf0a22c2
+    AWS_ENCRYPTION_SDK_PYTHON_INTEGRATION_TEST_AWS_KMS_MRK_KEY_ID_1: >-
+      arn:aws:kms:us-west-2:658956600833:key/mrk-80bd8ecdcd4342aebd84b7dc9da498a7
+    AWS_ENCRYPTION_SDK_PYTHON_INTEGRATION_TEST_AWS_KMS_MRK_KEY_ID_2: >-
+      arn:aws:kms:us-east-1:658956600833:key/mrk-80bd8ecdcd4342aebd84b7dc9da498a7
+
+phases:
+  install:
+    runtime-versions:
+      python: 3.11
+  build:
+    commands:
+      - cd /root/.pyenv/plugins/python-build/../.. && git pull && cd -
+      - pyenv install --skip-existing 3.11.0
+      - pyenv local 3.11.0
+      - pip install --upgrade pip
+      - pip install setuptools
+      - pip install "tox < 4.0"
+      # Assume special role to access keystore
+      - TMP_ROLE=$(aws sts assume-role --role-arn "arn:aws:iam::370957321024:role/GitHub-CI-Public-ESDK-Python-Role-us-west-2" --role-session-name "CB-Py312ExamplesMpl")
+      - export TMP_ROLE
+      - export AWS_ACCESS_KEY_ID=$(echo "${TMP_ROLE}" | jq -r '.Credentials.AccessKeyId')
+      - export AWS_SECRET_ACCESS_KEY=$(echo "${TMP_ROLE}" | jq -r '.Credentials.SecretAccessKey')
+      - export AWS_SESSION_TOKEN=$(echo "${TMP_ROLE}" | jq -r '.Credentials.SessionToken')
+      - aws sts get-caller-identity
+      # Run MPL-specific tests with special role
+      - cd performance_tests/
+      - tox -e py311-performance_tests-mpl
diff --git a/codebuild/py312/performance_tests_mpl.yml b/codebuild/py312/performance_tests_mpl.yml
@@ -0,0 +1,38 @@
+# Runs the performance tests for the MPL in an environment with the MPL installed
+version: 0.2
+
+env:
+  variables:
+    # No TOXENV. This runs multiple environments.
+    REGION: "us-west-2"
+    AWS_ENCRYPTION_SDK_PYTHON_INTEGRATION_TEST_AWS_KMS_KEY_ID: >-
+      arn:aws:kms:us-west-2:658956600833:key/b3537ef1-d8dc-4780-9f5a-55776cbb2f7f
+    AWS_ENCRYPTION_SDK_PYTHON_INTEGRATION_TEST_AWS_KMS_KEY_ID_2: >-
+      arn:aws:kms:eu-central-1:658956600833:key/75414c93-5285-4b57-99c9-30c1cf0a22c2
+    AWS_ENCRYPTION_SDK_PYTHON_INTEGRATION_TEST_AWS_KMS_MRK_KEY_ID_1: >-
+      arn:aws:kms:us-west-2:658956600833:key/mrk-80bd8ecdcd4342aebd84b7dc9da498a7
+    AWS_ENCRYPTION_SDK_PYTHON_INTEGRATION_TEST_AWS_KMS_MRK_KEY_ID_2: >-
+      arn:aws:kms:us-east-1:658956600833:key/mrk-80bd8ecdcd4342aebd84b7dc9da498a7
+
+phases:
+  install:
+    runtime-versions:
+      python: 3.12
+  build:
+    commands:
+      - cd /root/.pyenv/plugins/python-build/../.. && git pull && cd -
+      - pyenv install --skip-existing 3.12.0
+      - pyenv local 3.12.0
+      - pip install --upgrade pip
+      - pip install setuptools
+      - pip install "tox < 4.0"
+      # Assume special role to access keystore
+      - TMP_ROLE=$(aws sts assume-role --role-arn "arn:aws:iam::370957321024:role/GitHub-CI-Public-ESDK-Python-Role-us-west-2" --role-session-name "CB-Py312ExamplesMpl")
+      - export TMP_ROLE
+      - export AWS_ACCESS_KEY_ID=$(echo "${TMP_ROLE}" | jq -r '.Credentials.AccessKeyId')
+      - export AWS_SECRET_ACCESS_KEY=$(echo "${TMP_ROLE}" | jq -r '.Credentials.SecretAccessKey')
+      - export AWS_SESSION_TOKEN=$(echo "${TMP_ROLE}" | jq -r '.Credentials.SessionToken')
+      - aws sts get-caller-identity
+      # Run MPL-specific tests with special role
+      - cd performance_tests/
+      - tox -e py312-performance_tests-mpl
diff --git a/examples/src/aws_kms_discovery_keyring_example.py b/examples/src/aws_kms_discovery_keyring_example.py
@@ -32,7 +32,6 @@
 For more information on how to use KMS Discovery keyrings, see
 https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/use-kms-keyring.html#kms-keyring-discovery
 """
-import sys
 
 import boto3
 from aws_cryptographic_materialproviders.mpl import AwsCryptographicMaterialProviders
@@ -49,11 +48,6 @@
 from aws_encryption_sdk import CommitmentPolicy
 from aws_encryption_sdk.exceptions import AWSEncryptionSDKClientError
 
-# TODO-MPL: Remove this as part of removing PYTHONPATH hacks.
-MODULE_ROOT_DIR = '/'.join(__file__.split("/")[:-1])
-
-sys.path.append(MODULE_ROOT_DIR)
-
 EXAMPLE_DATA: bytes = b"Hello World"
 
 

diff --git a/examples/src/aws_kms_discovery_multi_keyring_example.py b/examples/src/aws_kms_discovery_multi_keyring_example.py
@@ -29,7 +29,6 @@
 For more information on how to use KMS Discovery keyrings, see
 https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/use-kms-keyring.html#kms-keyring-discovery
 """
-import sys
 
 import boto3
 from aws_cryptographic_materialproviders.mpl import AwsCryptographicMaterialProviders
@@ -45,11 +44,6 @@
 import aws_encryption_sdk
 from aws_encryption_sdk import CommitmentPolicy
 
-# TODO-MPL: Remove this as part of removing PYTHONPATH hacks.
-MODULE_ROOT_DIR = '/'.join(__file__.split("/")[:-1])
-
-sys.path.append(MODULE_ROOT_DIR)
-
 EXAMPLE_DATA: bytes = b"Hello World"
 
 

diff --git a/examples/src/aws_kms_keyring_example.py b/examples/src/aws_kms_keyring_example.py
@@ -17,7 +17,6 @@
 For more information on how to use KMS keyrings, see
 https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/use-kms-keyring.html
 """
-import sys
 
 import boto3
 from aws_cryptographic_materialproviders.mpl import AwsCryptographicMaterialProviders
@@ -29,11 +28,6 @@
 import aws_encryption_sdk
 from aws_encryption_sdk import CommitmentPolicy
 
-# TODO-MPL: Remove this as part of removing PYTHONPATH hacks.
-MODULE_ROOT_DIR = '/'.join(__file__.split("/")[:-1])
-
-sys.path.append(MODULE_ROOT_DIR)
-
 EXAMPLE_DATA: bytes = b"Hello World"
 
 

diff --git a/examples/src/aws_kms_mrk_discovery_keyring_example.py b/examples/src/aws_kms_mrk_discovery_keyring_example.py
@@ -34,7 +34,6 @@
 For more information on how to use KMS Discovery keyrings, see
 https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/use-kms-keyring.html#kms-keyring-discovery
 """
-import sys
 
 import boto3
 from aws_cryptographic_materialproviders.mpl import AwsCryptographicMaterialProviders
@@ -50,11 +49,6 @@
 import aws_encryption_sdk
 from aws_encryption_sdk import CommitmentPolicy
 
-# TODO-MPL: Remove this as part of removing PYTHONPATH hacks.
-MODULE_ROOT_DIR = '/'.join(__file__.split("/")[:-1])
-
-sys.path.append(MODULE_ROOT_DIR)
-
 EXAMPLE_DATA: bytes = b"Hello World"
 
 

diff --git a/examples/src/aws_kms_mrk_discovery_multi_keyring_example.py b/examples/src/aws_kms_mrk_discovery_multi_keyring_example.py
@@ -36,7 +36,6 @@
 For more information on how to use KMS Discovery keyrings, see
 https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/use-kms-keyring.html#kms-keyring-discovery
 """
-import sys
 
 import boto3
 from aws_cryptographic_materialproviders.mpl import AwsCryptographicMaterialProviders
@@ -52,11 +51,6 @@
 import aws_encryption_sdk
 from aws_encryption_sdk import CommitmentPolicy
 
-# TODO-MPL: Remove this as part of removing PYTHONPATH hacks.
-MODULE_ROOT_DIR = '/'.join(__file__.split("/")[:-1])
-
-sys.path.append(MODULE_ROOT_DIR)
-
 EXAMPLE_DATA: bytes = b"Hello World"
 
 

diff --git a/examples/src/aws_kms_mrk_keyring_example.py b/examples/src/aws_kms_mrk_keyring_example.py
@@ -21,7 +21,6 @@
 For more info on KMS MRK (multi-region keys), see the KMS documentation:
 https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html
 """
-import sys
 
 import boto3
 from aws_cryptographic_materialproviders.mpl import AwsCryptographicMaterialProviders
@@ -33,11 +32,6 @@
 import aws_encryption_sdk
 from aws_encryption_sdk import CommitmentPolicy
 
-# TODO-MPL: Remove this as part of removing PYTHONPATH hacks.
-MODULE_ROOT_DIR = '/'.join(__file__.split("/")[:-1])
-
-sys.path.append(MODULE_ROOT_DIR)
-
 EXAMPLE_DATA: bytes = b"Hello World"
 
 

diff --git a/examples/src/aws_kms_mrk_multi_keyring_example.py b/examples/src/aws_kms_mrk_multi_keyring_example.py
@@ -27,7 +27,6 @@
 For more info on KMS MRK (multi-region keys), see the KMS documentation:
 https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html
 """
-import sys
 
 import boto3
 from aws_cryptographic_materialproviders.mpl import AwsCryptographicMaterialProviders
@@ -39,11 +38,6 @@
 import aws_encryption_sdk
 from aws_encryption_sdk import CommitmentPolicy
 
-# TODO-MPL: Remove this as part of removing PYTHONPATH hacks.
-MODULE_ROOT_DIR = '/'.join(__file__.split("/")[:-1])
-
-sys.path.append(MODULE_ROOT_DIR)
-
 EXAMPLE_DATA: bytes = b"Hello World"
 
 

diff --git a/examples/src/aws_kms_multi_keyring_example.py b/examples/src/aws_kms_multi_keyring_example.py
@@ -36,7 +36,6 @@
 For more information on how to use Multi keyrings, see
 https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/use-multi-keyring.html
 """
-import sys
 
 import boto3
 from aws_cryptographic_materialproviders.mpl import AwsCryptographicMaterialProviders
@@ -48,11 +47,6 @@
 import aws_encryption_sdk
 from aws_encryption_sdk import CommitmentPolicy
 
-# TODO-MPL: Remove this as part of removing PYTHONPATH hacks.
-MODULE_ROOT_DIR = '/'.join(__file__.split("/")[:-1])
-
-sys.path.append(MODULE_ROOT_DIR)
-
 EXAMPLE_DATA: bytes = b"Hello World"
 
 

diff --git a/examples/src/aws_kms_rsa_keyring_example.py b/examples/src/aws_kms_rsa_keyring_example.py
@@ -14,7 +14,6 @@
 # For more information on how to use KMS keyrings, see
 # https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/use-kms-keyring.html
 """
-import sys
 
 import boto3
 from aws_cryptographic_materialproviders.mpl import AwsCryptographicMaterialProviders
@@ -27,11 +26,6 @@
 from aws_encryption_sdk import CommitmentPolicy
 from aws_encryption_sdk.identifiers import AlgorithmSuite
 
-# TODO-MPL: Remove this as part of removing PYTHONPATH hacks.
-MODULE_ROOT_DIR = '/'.join(__file__.split("/")[:-1])
-
-sys.path.append(MODULE_ROOT_DIR)
-
 EXAMPLE_DATA: bytes = b"Hello World"