From baae3428ca9028b3c2f3e086df086b23dd7a7f80 Mon Sep 17 00:00:00 2001 From: Lucas McDonald Date: Wed, 2 Oct 2024 16:24:40 -0700 Subject: [PATCH 01/16] m --- codebuild/py312/decrypt_hkeyring_with_net.yml | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/codebuild/py312/decrypt_hkeyring_with_net.yml b/codebuild/py312/decrypt_hkeyring_with_net.yml index 6a3b321eb..f08517069 100644 --- a/codebuild/py312/decrypt_hkeyring_with_net.yml +++ b/codebuild/py312/decrypt_hkeyring_with_net.yml @@ -24,14 +24,16 @@ phases: - unzip 312_hkeyring_reccmm_manifest.zip - export DAFNY_AWS_ESDK_TEST_VECTOR_MANIFEST_PATH="${PWD}/312_hkeyring_reccmm_manifest/manifest.json" - # Download dafny - - curl https://github.com/dafny-lang/dafny/releases/download/v4.7.0/dafny-4.7.0-x64-ubuntu-20.04.zip -L -o dafny.zip + # Build the ESDK-Dafny test vector runner + # Clone SDK-Dafny repo to get test vectors runner source code + - git clone --recurse-submodules https://github.com/aws/aws-encryption-sdk-dafny.git + # Download Dafny to build the test vector runner; get Dafny version from project.properties file + - export dafnyVersion=$(grep '^dafnyVersion=' aws-encryption-sdk-dafny/AwsEncryptionSdk/project.properties | cut -d '=' -f 2) + - curl https://github.com/dafny-lang/dafny/releases/download/v$dafnyVersion/dafny-$dafnyVersion-x64-ubuntu-20.04.zip -L -o dafny.zip - unzip -qq dafny.zip && rm dafny.zip - export PATH="$PWD/dafny:$PATH" - # Clone SDK-Dafny repo to get test vectors runner - - git clone --recurse-submodules https://github.com/aws/aws-encryption-sdk-dafny.git - # TODO: Change branch to published when available + # Build ESDK test vector runner - cd aws-encryption-sdk-dafny - git checkout lucmcdon/hkeyring-vectors - git pull From 520c4e22e18f97cc61484aeff3d8388eba8477bc Mon Sep 17 00:00:00 2001 From: Lucas McDonald Date: Wed, 2 Oct 2024 16:25:44 -0700 Subject: [PATCH 02/16] m --- codebuild/py312/decrypt_hkeyring_with_net.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/codebuild/py312/decrypt_hkeyring_with_net.yml b/codebuild/py312/decrypt_hkeyring_with_net.yml index f08517069..d8606ed58 100644 --- a/codebuild/py312/decrypt_hkeyring_with_net.yml +++ b/codebuild/py312/decrypt_hkeyring_with_net.yml @@ -35,6 +35,7 @@ phases: # Build ESDK test vector runner - cd aws-encryption-sdk-dafny + # TODO: Change branch to published when available - git checkout lucmcdon/hkeyring-vectors - git pull - cd AwsEncryptionSDK/ From 4db953de322903b95e8f777bcc3d2a808c920608 Mon Sep 17 00:00:00 2001 From: Lucas McDonald Date: Wed, 2 Oct 2024 16:54:24 -0700 Subject: [PATCH 03/16] m --- codebuild/py312/decrypt_hkeyring_with_net.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/codebuild/py312/decrypt_hkeyring_with_net.yml b/codebuild/py312/decrypt_hkeyring_with_net.yml index d8606ed58..00007b90d 100644 --- a/codebuild/py312/decrypt_hkeyring_with_net.yml +++ b/codebuild/py312/decrypt_hkeyring_with_net.yml @@ -33,7 +33,7 @@ phases: - unzip -qq dafny.zip && rm dafny.zip - export PATH="$PWD/dafny:$PATH" - # Build ESDK test vector runner + # Build ESDK test vector runner - cd aws-encryption-sdk-dafny # TODO: Change branch to published when available - git checkout lucmcdon/hkeyring-vectors From 84a6532248f032efeecb12723b05d01f57158634 Mon Sep 17 00:00:00 2001 From: Lucas McDonald Date: Wed, 2 Oct 2024 16:54:34 -0700 Subject: [PATCH 04/16] m --- codebuild/py312/decrypt_hkeyring_with_net.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/codebuild/py312/decrypt_hkeyring_with_net.yml b/codebuild/py312/decrypt_hkeyring_with_net.yml index 00007b90d..d8606ed58 100644 --- a/codebuild/py312/decrypt_hkeyring_with_net.yml +++ b/codebuild/py312/decrypt_hkeyring_with_net.yml @@ -33,7 +33,7 @@ phases: - unzip -qq dafny.zip && rm dafny.zip - export PATH="$PWD/dafny:$PATH" - # Build ESDK test vector runner + # Build ESDK test vector runner - cd aws-encryption-sdk-dafny # TODO: Change branch to published when available - git checkout lucmcdon/hkeyring-vectors From bd902847afcba3fa045ffff390314570b19d51fd Mon Sep 17 00:00:00 2001 From: Lucas McDonald Date: Wed, 2 Oct 2024 17:03:03 -0700 Subject: [PATCH 05/16] m --- codebuild/py312/decrypt_hkeyring_with_net.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/codebuild/py312/decrypt_hkeyring_with_net.yml b/codebuild/py312/decrypt_hkeyring_with_net.yml index d8606ed58..71f64a205 100644 --- a/codebuild/py312/decrypt_hkeyring_with_net.yml +++ b/codebuild/py312/decrypt_hkeyring_with_net.yml @@ -27,6 +27,11 @@ phases: # Build the ESDK-Dafny test vector runner # Clone SDK-Dafny repo to get test vectors runner source code - git clone --recurse-submodules https://github.com/aws/aws-encryption-sdk-dafny.git + - ls + - cd aws-encryption-sdk-dafny + - ls + - cd AwsEncryptionSdk + - ls # Download Dafny to build the test vector runner; get Dafny version from project.properties file - export dafnyVersion=$(grep '^dafnyVersion=' aws-encryption-sdk-dafny/AwsEncryptionSdk/project.properties | cut -d '=' -f 2) - curl https://github.com/dafny-lang/dafny/releases/download/v$dafnyVersion/dafny-$dafnyVersion-x64-ubuntu-20.04.zip -L -o dafny.zip From 8d512d8deed17531e5cb5d48f29b112a37a8c114 Mon Sep 17 00:00:00 2001 From: Lucas McDonald Date: Wed, 2 Oct 2024 17:11:09 -0700 Subject: [PATCH 06/16] case sense --- codebuild/py312/decrypt_hkeyring_with_net.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/codebuild/py312/decrypt_hkeyring_with_net.yml b/codebuild/py312/decrypt_hkeyring_with_net.yml index 71f64a205..513f86c8b 100644 --- a/codebuild/py312/decrypt_hkeyring_with_net.yml +++ b/codebuild/py312/decrypt_hkeyring_with_net.yml @@ -27,13 +27,13 @@ phases: # Build the ESDK-Dafny test vector runner # Clone SDK-Dafny repo to get test vectors runner source code - git clone --recurse-submodules https://github.com/aws/aws-encryption-sdk-dafny.git - - ls - - cd aws-encryption-sdk-dafny - - ls - - cd AwsEncryptionSdk - - ls + # - ls + # - cd aws-encryption-sdk-dafny + # - ls + # - cd AwsEncryptionSDK + # - ls # Download Dafny to build the test vector runner; get Dafny version from project.properties file - - export dafnyVersion=$(grep '^dafnyVersion=' aws-encryption-sdk-dafny/AwsEncryptionSdk/project.properties | cut -d '=' -f 2) + - export dafnyVersion=$(grep '^dafnyVersion=' aws-encryption-sdk-dafny/AwsEncryptionSDK/project.properties | cut -d '=' -f 2) - curl https://github.com/dafny-lang/dafny/releases/download/v$dafnyVersion/dafny-$dafnyVersion-x64-ubuntu-20.04.zip -L -o dafny.zip - unzip -qq dafny.zip && rm dafny.zip - export PATH="$PWD/dafny:$PATH" From af3ba73e10757d941414e21c062a2b32940c184d Mon Sep 17 00:00:00 2001 From: Lucas McDonald Date: Thu, 3 Oct 2024 09:32:23 -0700 Subject: [PATCH 07/16] m --- codebuild/py312/decrypt_hkeyring_with_net.yml | 5 ----- 1 file changed, 5 deletions(-) diff --git a/codebuild/py312/decrypt_hkeyring_with_net.yml b/codebuild/py312/decrypt_hkeyring_with_net.yml index 513f86c8b..10e43d4d7 100644 --- a/codebuild/py312/decrypt_hkeyring_with_net.yml +++ b/codebuild/py312/decrypt_hkeyring_with_net.yml @@ -27,11 +27,6 @@ phases: # Build the ESDK-Dafny test vector runner # Clone SDK-Dafny repo to get test vectors runner source code - git clone --recurse-submodules https://github.com/aws/aws-encryption-sdk-dafny.git - # - ls - # - cd aws-encryption-sdk-dafny - # - ls - # - cd AwsEncryptionSDK - # - ls # Download Dafny to build the test vector runner; get Dafny version from project.properties file - export dafnyVersion=$(grep '^dafnyVersion=' aws-encryption-sdk-dafny/AwsEncryptionSDK/project.properties | cut -d '=' -f 2) - curl https://github.com/dafny-lang/dafny/releases/download/v$dafnyVersion/dafny-$dafnyVersion-x64-ubuntu-20.04.zip -L -o dafny.zip From f3fa2254ba500be0df4f27f345822416130a7b37 Mon Sep 17 00:00:00 2001 From: Lucas McDonald Date: Thu, 3 Oct 2024 10:13:26 -0700 Subject: [PATCH 08/16] fix(CI): Fix oracle linting (#702) --- decrypt_oracle/.chalice/pipeline.py | 1 + 1 file changed, 1 insertion(+) diff --git a/decrypt_oracle/.chalice/pipeline.py b/decrypt_oracle/.chalice/pipeline.py index 9d5573646..de8ee1b9c 100644 --- a/decrypt_oracle/.chalice/pipeline.py +++ b/decrypt_oracle/.chalice/pipeline.py @@ -145,6 +145,7 @@ def _cloudformation_role() -> iam.Role: ) +# pylint: disable=too-many-positional-arguments def _pipeline( pipeline_role: iam.Role, cfn_role: iam.Role, From 35412a943301ab240197ea621bd40e2c7c149f3c Mon Sep 17 00:00:00 2001 From: Lucas McDonald Date: Thu, 3 Oct 2024 11:11:46 -0700 Subject: [PATCH 09/16] m --- codebuild/py312/decrypt_hkeyring_with_net.yml | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/codebuild/py312/decrypt_hkeyring_with_net.yml b/codebuild/py312/decrypt_hkeyring_with_net.yml index 10e43d4d7..c7be62056 100644 --- a/codebuild/py312/decrypt_hkeyring_with_net.yml +++ b/codebuild/py312/decrypt_hkeyring_with_net.yml @@ -23,17 +23,16 @@ phases: - aws s3 cp s3://generated-vectors-artifacts-bucket/$CODEBUILD_RESOLVED_SOURCE_VERSION/312_hkeyring_reccmm_manifest.zip 312_hkeyring_reccmm_manifest.zip - unzip 312_hkeyring_reccmm_manifest.zip - export DAFNY_AWS_ESDK_TEST_VECTOR_MANIFEST_PATH="${PWD}/312_hkeyring_reccmm_manifest/manifest.json" - - # Build the ESDK-Dafny test vector runner - # Clone SDK-Dafny repo to get test vectors runner source code + + # Clone SDK-Dafny repo to get test vectors runner source code and the Dafny version to use - git clone --recurse-submodules https://github.com/aws/aws-encryption-sdk-dafny.git - # Download Dafny to build the test vector runner; get Dafny version from project.properties file + # Download Dafny to build the test vector runner; get Dafny version from ESDK's project.properties file - export dafnyVersion=$(grep '^dafnyVersion=' aws-encryption-sdk-dafny/AwsEncryptionSDK/project.properties | cut -d '=' -f 2) - curl https://github.com/dafny-lang/dafny/releases/download/v$dafnyVersion/dafny-$dafnyVersion-x64-ubuntu-20.04.zip -L -o dafny.zip - unzip -qq dafny.zip && rm dafny.zip - export PATH="$PWD/dafny:$PATH" - # Build ESDK test vector runner + # Build ESDK test vector runner from source - cd aws-encryption-sdk-dafny # TODO: Change branch to published when available - git checkout lucmcdon/hkeyring-vectors @@ -44,9 +43,8 @@ phases: - make transpile_net # Change TestVectors to reference the published .NET ESDK - - cd ../../AwsEncryptionSDK/runtimes/net/TestVectorsNative/TestVectors - # - sed -i -e 's///g' AWSEncryptionSDKTestVectorLib.csproj - # - cd ../TestVectors + - cd ../../AwsEncryptionSDK/runtimes/net/TestVectorsNative/TestVectorLib + - sed -i 's///g' AWSEncryptionSDKTestVectorLib.csproj build: commands: From 296704bf1143b0285e591a9ff22553ac29e61931 Mon Sep 17 00:00:00 2001 From: Lucas McDonald Date: Thu, 3 Oct 2024 11:12:15 -0700 Subject: [PATCH 10/16] m --- codebuild/py312/decrypt_hkeyring_with_net.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/codebuild/py312/decrypt_hkeyring_with_net.yml b/codebuild/py312/decrypt_hkeyring_with_net.yml index c7be62056..259f73100 100644 --- a/codebuild/py312/decrypt_hkeyring_with_net.yml +++ b/codebuild/py312/decrypt_hkeyring_with_net.yml @@ -37,8 +37,6 @@ phases: # TODO: Change branch to published when available - git checkout lucmcdon/hkeyring-vectors - git pull - - cd AwsEncryptionSDK/ - - make transpile_net - cd ../mpl/TestVectorsAwsCryptographicMaterialProviders/ - make transpile_net From d53296609e2803a80534b0cce39d8ff9b9aa6d80 Mon Sep 17 00:00:00 2001 From: Lucas McDonald Date: Thu, 3 Oct 2024 12:05:14 -0700 Subject: [PATCH 11/16] m --- codebuild/py312/decrypt_hkeyring_with_net.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/codebuild/py312/decrypt_hkeyring_with_net.yml b/codebuild/py312/decrypt_hkeyring_with_net.yml index 259f73100..00584ad8b 100644 --- a/codebuild/py312/decrypt_hkeyring_with_net.yml +++ b/codebuild/py312/decrypt_hkeyring_with_net.yml @@ -37,7 +37,7 @@ phases: # TODO: Change branch to published when available - git checkout lucmcdon/hkeyring-vectors - git pull - - cd ../mpl/TestVectorsAwsCryptographicMaterialProviders/ + - cd mpl/TestVectorsAwsCryptographicMaterialProviders/ - make transpile_net # Change TestVectors to reference the published .NET ESDK From a7305d34ace0e1ce4b7c5626730946cf754dae9c Mon Sep 17 00:00:00 2001 From: Lucas McDonald Date: Thu, 3 Oct 2024 12:05:50 -0700 Subject: [PATCH 12/16] m --- codebuild/py312/decrypt_hkeyring_with_net.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/codebuild/py312/decrypt_hkeyring_with_net.yml b/codebuild/py312/decrypt_hkeyring_with_net.yml index 00584ad8b..8c630cc80 100644 --- a/codebuild/py312/decrypt_hkeyring_with_net.yml +++ b/codebuild/py312/decrypt_hkeyring_with_net.yml @@ -43,6 +43,7 @@ phases: # Change TestVectors to reference the published .NET ESDK - cd ../../AwsEncryptionSDK/runtimes/net/TestVectorsNative/TestVectorLib - sed -i 's///g' AWSEncryptionSDKTestVectorLib.csproj + - cd ../TestVectors build: commands: From b6aad0b35369c463266549827014f0fd01e27002 Mon Sep 17 00:00:00 2001 From: Lucas McDonald Date: Thu, 3 Oct 2024 12:44:15 -0700 Subject: [PATCH 13/16] m --- codebuild/py312/decrypt_hkeyring_with_net.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/codebuild/py312/decrypt_hkeyring_with_net.yml b/codebuild/py312/decrypt_hkeyring_with_net.yml index 8c630cc80..11f32d36d 100644 --- a/codebuild/py312/decrypt_hkeyring_with_net.yml +++ b/codebuild/py312/decrypt_hkeyring_with_net.yml @@ -42,7 +42,7 @@ phases: # Change TestVectors to reference the published .NET ESDK - cd ../../AwsEncryptionSDK/runtimes/net/TestVectorsNative/TestVectorLib - - sed -i 's///g' AWSEncryptionSDKTestVectorLib.csproj + - sed -i 's|||g' AWSEncryptionSDKTestVectorLib.csproj - cd ../TestVectors build: From 666f79d0505d59d8bca698dacfd2bc158fbcf2a1 Mon Sep 17 00:00:00 2001 From: Lucas McDonald Date: Thu, 3 Oct 2024 13:10:52 -0700 Subject: [PATCH 14/16] m --- codebuild/py312/decrypt_hkeyring_with_net.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/codebuild/py312/decrypt_hkeyring_with_net.yml b/codebuild/py312/decrypt_hkeyring_with_net.yml index 11f32d36d..d6a129688 100644 --- a/codebuild/py312/decrypt_hkeyring_with_net.yml +++ b/codebuild/py312/decrypt_hkeyring_with_net.yml @@ -42,7 +42,10 @@ phases: # Change TestVectors to reference the published .NET ESDK - cd ../../AwsEncryptionSDK/runtimes/net/TestVectorsNative/TestVectorLib - - sed -i 's|||g' AWSEncryptionSDKTestVectorLib.csproj + # CodeBuild seems to want to use ESDK-NET 4.0.0, which is not a good version... + # Pin to at least 4.1.0; this is the most recent version at time of writing. + # Hopefully CodeBuild will find more recent versions in the future, but this cannot be guaranteed I guess... + - sed -i 's|||g' AWSEncryptionSDKTestVectorLib.csproj - cd ../TestVectors build: From cd0c45084b1ea65870f260ced12d3a5089fe403c Mon Sep 17 00:00:00 2001 From: Lucas McDonald Date: Thu, 3 Oct 2024 13:42:33 -0700 Subject: [PATCH 15/16] m --- codebuild/py312/decrypt_hkeyring_with_net.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/codebuild/py312/decrypt_hkeyring_with_net.yml b/codebuild/py312/decrypt_hkeyring_with_net.yml index d6a129688..c186cc39f 100644 --- a/codebuild/py312/decrypt_hkeyring_with_net.yml +++ b/codebuild/py312/decrypt_hkeyring_with_net.yml @@ -44,7 +44,7 @@ phases: - cd ../../AwsEncryptionSDK/runtimes/net/TestVectorsNative/TestVectorLib # CodeBuild seems to want to use ESDK-NET 4.0.0, which is not a good version... # Pin to at least 4.1.0; this is the most recent version at time of writing. - # Hopefully CodeBuild will find more recent versions in the future, but this cannot be guaranteed I guess... + # Hopefully CodeBuild will find more recent versions in the future - sed -i 's|||g' AWSEncryptionSDKTestVectorLib.csproj - cd ../TestVectors From 5d627c291697fe2cf89330d6822040752ad43e03 Mon Sep 17 00:00:00 2001 From: Lucas McDonald Date: Thu, 3 Oct 2024 16:29:11 -0700 Subject: [PATCH 16/16] m --- codebuild/py312/decrypt_hkeyring_with_net.yml | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) diff --git a/codebuild/py312/decrypt_hkeyring_with_net.yml b/codebuild/py312/decrypt_hkeyring_with_net.yml index c186cc39f..1a1ab1827 100644 --- a/codebuild/py312/decrypt_hkeyring_with_net.yml +++ b/codebuild/py312/decrypt_hkeyring_with_net.yml @@ -32,17 +32,13 @@ phases: - unzip -qq dafny.zip && rm dafny.zip - export PATH="$PWD/dafny:$PATH" - # Build ESDK test vector runner from source - - cd aws-encryption-sdk-dafny - # TODO: Change branch to published when available - - git checkout lucmcdon/hkeyring-vectors - - git pull - - cd mpl/TestVectorsAwsCryptographicMaterialProviders/ + # Build MPL test vector runner from source + - cd aws-encryption-sdk-dafny/mpl/TestVectorsAwsCryptographicMaterialProviders/ - make transpile_net - # Change TestVectors to reference the published .NET ESDK + # Change ESDK TestVectors project to reference the published .NET ESDK - cd ../../AwsEncryptionSDK/runtimes/net/TestVectorsNative/TestVectorLib - # CodeBuild seems to want to use ESDK-NET 4.0.0, which is not a good version... + # CodeBuild seems to want to use ESDK-NET 4.0.0, which is not the most recent version... # Pin to at least 4.1.0; this is the most recent version at time of writing. # Hopefully CodeBuild will find more recent versions in the future - sed -i 's|||g' AWSEncryptionSDKTestVectorLib.csproj