diff --git a/.github/actions/install_smithy_dafny_codegen_dependencies/action.yml b/.github/actions/install_smithy_dafny_codegen_dependencies/action.yml index 79e52b2e8..33aad451c 100644 --- a/.github/actions/install_smithy_dafny_codegen_dependencies/action.yml +++ b/.github/actions/install_smithy_dafny_codegen_dependencies/action.yml @@ -9,7 +9,7 @@ runs: using: "composite" steps: - name: Setup Java 17 for codegen - uses: actions/setup-java@v3 + uses: actions/setup-java@v5 with: distribution: "corretto" java-version: "17" @@ -20,7 +20,7 @@ runs: make -C submodules/smithy-dafny mvn_local_deploy_polymorph_dependencies - name: Setup Python, black, and docformatter for code formatting - uses: actions/setup-python@v4 + uses: actions/setup-python@v6 with: python-version: ${{ matrix.python-version }} architecture: x64 @@ -31,14 +31,14 @@ runs: python -m pip install --upgrade docformatter - name: Install Go - uses: actions/setup-go@v2 + uses: actions/setup-go@v6 with: go-version: "1.23" - name: Install Go imports shell: bash run: | - go install golang.org/x/tools/cmd/goimports@latest + go install golang.org/x/tools/cmd/goimports@v0.36.0 # Without this the if-dafny-at-least command includes "Downloading ..." output - name: Arbitrary makefile target to force downloading Gradle diff --git a/.github/workflows/check-files.yml b/.github/workflows/check-files.yml index 59f613d0c..c8dfdb37f 100644 --- a/.github/workflows/check-files.yml +++ b/.github/workflows/check-files.yml @@ -16,7 +16,7 @@ jobs: # to add more allowlisted approvers just modify this env variable maintainers: seebees, texastony, ShubhamChaturvedi7, lucasmcdonald3, josecorella, imabhichow, rishav-karanjit, antonf-amzn, kessplas, ajewellamz, RitvikKapila steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 with: fetch-depth: 0 diff --git a/.github/workflows/check_only_key_word.yml b/.github/workflows/check_only_key_word.yml index 4a8a5c9f3..66d03fcc5 100644 --- a/.github/workflows/check_only_key_word.yml +++ b/.github/workflows/check_only_key_word.yml @@ -13,7 +13,7 @@ jobs: issues: write pull-requests: write steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 with: fetch-depth: 0 diff --git a/.github/workflows/ci_codegen.yml b/.github/workflows/ci_codegen.yml index 43856d3a7..ece6e8709 100644 --- a/.github/workflows/ci_codegen.yml +++ b/.github/workflows/ci_codegen.yml @@ -31,7 +31,7 @@ jobs: run: | git config --global core.longpaths true - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 with: submodules: recursive - run: git submodule update --init --recursive submodules/smithy-dafny @@ -45,12 +45,12 @@ jobs: dafny-version: ${{ inputs.dafny }} - name: Setup .NET Core SDK ${{ matrix.dotnet-version }} - uses: actions/setup-dotnet@v4 + uses: actions/setup-dotnet@v5 with: dotnet-version: ${{ matrix.dotnet-version }} - name: Install Go - uses: actions/setup-go@v5 + uses: actions/setup-go@v6 with: go-version: ${{ matrix.go-version }} @@ -58,7 +58,7 @@ jobs: run: echo '{"sdk":{"rollForward":"latestFeature","version":"6.0.0"}}' > ./global.json - name: Setup Java 17 for codegen - uses: actions/setup-java@v4 + uses: actions/setup-java@v5 with: distribution: "corretto" java-version: "17" diff --git a/.github/workflows/ci_duvet.yml b/.github/workflows/ci_duvet.yml index 7bceb87b5..9b8273df7 100644 --- a/.github/workflows/ci_duvet.yml +++ b/.github/workflows/ci_duvet.yml @@ -13,7 +13,7 @@ jobs: duvet: runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 - name: Install duvet shell: bash diff --git a/.github/workflows/ci_examples_java.yml b/.github/workflows/ci_examples_java.yml index a8c221dc6..c5efc2f03 100644 --- a/.github/workflows/ci_examples_java.yml +++ b/.github/workflows/ci_examples_java.yml @@ -27,26 +27,32 @@ jobs: testJava: strategy: matrix: - java-version: [8, 11, 16, 17] - os: [macos-13] + java-version: [8, 11, 17, 19] + os: [macos-14] runs-on: ${{ matrix.os }} permissions: id-token: write contents: read steps: - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v4 + uses: aws-actions/configure-aws-credentials@v5 with: aws-region: us-west-2 role-to-assume: arn:aws:iam::370957321024:role/GitHub-CI-DDBEC-Dafny-Role-us-west-2 role-session-name: DDBEC-Dafny-Java-Tests - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 with: submodules: recursive + - name: Setup Java 8 + uses: actions/setup-java@v5 + with: + distribution: "corretto" + java-version: 8 + - name: Setup Java ${{ matrix.java-version }} - uses: actions/setup-java@v4 + uses: actions/setup-java@v5 with: distribution: "corretto" java-version: ${{ matrix.java-version }} diff --git a/.github/workflows/ci_examples_net.yml b/.github/workflows/ci_examples_net.yml index 41d90d49c..07a0884ca 100644 --- a/.github/workflows/ci_examples_net.yml +++ b/.github/workflows/ci_examples_net.yml @@ -27,7 +27,7 @@ jobs: matrix: library: [DynamoDbEncryption] dotnet-version: ["6.0.x"] - os: [macos-13] + os: [macos-14] runs-on: ${{ matrix.os }} permissions: id-token: write @@ -36,15 +36,22 @@ jobs: DOTNET_CLI_TELEMETRY_OPTOUT: 1 DOTNET_NOLOGO: 1 steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 with: submodules: recursive - name: Setup .NET Core SDK ${{ matrix.dotnet-version }} - uses: actions/setup-dotnet@v4 + uses: actions/setup-dotnet@v5 with: dotnet-version: ${{ matrix.dotnet-version }} + - name: Setup .NET OpenSSL on Mac + if: matrix.os == 'macos-14' + run: | + brew install openssl@3 + echo "DYLD_LIBRARY_PATH=$(brew --prefix openssl@3)/lib" >> $GITHUB_ENV + echo "DOTNET_CRYPTO_ENGINE_ADAPTER=System.Security.Cryptography.Algorithms.Managed" >> $GITHUB_ENV + - name: Setup Dafny uses: ./submodules/MaterialProviders/.github/actions/setup_dafny/ with: @@ -76,7 +83,7 @@ jobs: run: make setup_net - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v4 + uses: aws-actions/configure-aws-credentials@v5 with: aws-region: us-west-2 role-to-assume: arn:aws:iam::370957321024:role/GitHub-CI-DDBEC-Dafny-Role-us-west-2 diff --git a/.github/workflows/ci_static_analysis.yml b/.github/workflows/ci_static_analysis.yml index fb0ec3779..b587fcd7e 100644 --- a/.github/workflows/ci_static_analysis.yml +++ b/.github/workflows/ci_static_analysis.yml @@ -11,6 +11,6 @@ jobs: not-grep: runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v5 - name: not-grep uses: mattsb42-meta/not-grep@1.0.0 diff --git a/.github/workflows/ci_test_go.yml b/.github/workflows/ci_test_go.yml index 3cb97b7c6..e9dc77a4a 100644 --- a/.github/workflows/ci_test_go.yml +++ b/.github/workflows/ci_test_go.yml @@ -29,16 +29,23 @@ jobs: fail-fast: false matrix: library: [DynamoDbEncryption, TestVectors] - os: [ubuntu-22.04, macos-13] + os: [ubuntu-22.04, macos-15-intel] go-version: ["1.23", "1.24", "1.25"] runs-on: ${{ matrix.os }} permissions: id-token: write contents: read steps: + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v5 + with: + aws-region: us-west-2 + role-to-assume: arn:aws:iam::370957321024:role/GitHub-CI-DDBEC-Dafny-Role-us-west-2 + role-session-name: DDBEC-Dafny-Java-Tests + - name: Setup Docker - if: matrix.os == 'macos-13' && matrix.library == 'TestVectors' - uses: douglascamata/setup-docker-macos-action@v1-alpha + if: matrix.os == 'macos-15-intel' && matrix.library == 'TestVectors' + uses: douglascamata/setup-docker-macos-action@v1.0.1 - name: Setup DynamoDB Local if: matrix.library == 'TestVectors' @@ -51,14 +58,7 @@ jobs: run: | git config --global core.longpaths true - - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v4 - with: - aws-region: us-west-2 - role-to-assume: arn:aws:iam::370957321024:role/GitHub-CI-DDBEC-Dafny-Role-us-west-2 - role-session-name: DDBEC-Dafny-Java-Tests - - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 with: submodules: recursive @@ -71,7 +71,7 @@ jobs: run: echo '{"sdk":{"rollForward":"latestFeature","version":"6.0.0"}}' > ./global.json - name: Setup Java 17 for codegen - uses: actions/setup-java@v3 + uses: actions/setup-java@v5 with: distribution: "corretto" java-version: "17" @@ -91,11 +91,11 @@ jobs: sed "s/mplDependencyJavaVersion=.*/mplDependencyJavaVersion=${{inputs.mpl-version}}/g" project.properties > project.properties2; mv project.properties2 project.properties - name: Install Go - uses: actions/setup-go@v5 + uses: actions/setup-go@v6 with: go-version: ${{ matrix.go-version }} - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 - name: Init Submodules shell: bash run: | diff --git a/.github/workflows/ci_test_java.yml b/.github/workflows/ci_test_java.yml index 4715bb174..e48506bdc 100644 --- a/.github/workflows/ci_test_java.yml +++ b/.github/workflows/ci_test_java.yml @@ -29,21 +29,21 @@ jobs: fail-fast: false matrix: library: [DynamoDbEncryption] - java-version: [8, 11, 16, 17] - os: [macos-13] + java-version: [8, 11, 17, 19] + os: [macos-14] runs-on: ${{ matrix.os }} permissions: id-token: write contents: read steps: - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v4 + uses: aws-actions/configure-aws-credentials@v5 with: aws-region: us-west-2 role-to-assume: arn:aws:iam::370957321024:role/GitHub-CI-DDBEC-Dafny-Role-us-west-2 role-session-name: DDBEC-Dafny-Java-Tests - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 with: submodules: recursive @@ -78,8 +78,14 @@ jobs: diff-generated-code: false update-and-regenerate-mpl: true + - name: Setup Java 8 + uses: actions/setup-java@v5 + with: + distribution: "corretto" + java-version: 8 + - name: Setup Java ${{ matrix.java-version }} - uses: actions/setup-java@v4 + uses: actions/setup-java@v5 with: distribution: "corretto" java-version: ${{ matrix.java-version }} diff --git a/.github/workflows/ci_test_latest_released_mpl_java.yml b/.github/workflows/ci_test_latest_released_mpl_java.yml index 79b193440..0bf6aa261 100644 --- a/.github/workflows/ci_test_latest_released_mpl_java.yml +++ b/.github/workflows/ci_test_latest_released_mpl_java.yml @@ -37,18 +37,18 @@ jobs: contents: read steps: - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v4 + uses: aws-actions/configure-aws-credentials@v5 with: aws-region: us-west-2 role-to-assume: arn:aws:iam::370957321024:role/GitHub-CI-DDBEC-Dafny-Role-us-west-2 role-session-name: DDBEC-Dafny-Java-Tests - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 with: submodules: recursive - name: Setup Java ${{ matrix.java-version }} - uses: actions/setup-java@v4 + uses: actions/setup-java@v5 with: distribution: "corretto" java-version: ${{ matrix.java-version }} diff --git a/.github/workflows/ci_test_net.yml b/.github/workflows/ci_test_net.yml index 6c90f0e52..91485ed9f 100644 --- a/.github/workflows/ci_test_net.yml +++ b/.github/workflows/ci_test_net.yml @@ -25,7 +25,7 @@ jobs: matrix: library: [DynamoDbEncryption] dotnet-version: ["6.0.x"] - os: [macos-13, ubuntu-22.04, windows-latest] + os: [macos-14, ubuntu-22.04, windows-latest] runs-on: ${{ matrix.os }} permissions: id-token: write @@ -37,15 +37,22 @@ jobs: - name: Support longpaths on Git checkout run: | git config --global core.longpaths true - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 with: submodules: recursive - name: Setup .NET Core SDK ${{ matrix.dotnet-version }} - uses: actions/setup-dotnet@v4 + uses: actions/setup-dotnet@v5 with: dotnet-version: ${{ matrix.dotnet-version }} + - name: Setup .NET OpenSSL on Mac + if: matrix.os == 'macos-14' + run: | + brew install openssl@3 + echo "DYLD_LIBRARY_PATH=$(brew --prefix openssl@3)/lib" >> $GITHUB_ENV + echo "DOTNET_CRYPTO_ENGINE_ADAPTER=System.Security.Cryptography.Algorithms.Managed" >> $GITHUB_ENV + - name: Setup Dafny uses: ./submodules/MaterialProviders/.github/actions/setup_dafny/ with: @@ -77,7 +84,7 @@ jobs: run: make setup_net - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v4 + uses: aws-actions/configure-aws-credentials@v5 with: aws-region: us-west-2 role-to-assume: arn:aws:iam::370957321024:role/GitHub-CI-DDBEC-Dafny-Role-us-west-2 @@ -106,11 +113,7 @@ jobs: run: | dotnet restore runtimes/net/tests dotnet build runtimes/net/tests - if [ "$RUNNER_OS" == "macOS" ]; then - make test_net_mac_intel - else - make test_net FRAMEWORK=net6.0 - fi + make test_net FRAMEWORK=net6.0 - name: Test Build and Pack ${{ matrix.library}} shell: bash diff --git a/.github/workflows/ci_test_vector_java.yml b/.github/workflows/ci_test_vector_java.yml index d0396f2b4..02b66f491 100644 --- a/.github/workflows/ci_test_vector_java.yml +++ b/.github/workflows/ci_test_vector_java.yml @@ -28,35 +28,36 @@ jobs: strategy: matrix: library: [TestVectors] - java-version: [8, 11, 16, 17] + java-version: [8, 11, 17, 19] os: [ # Run on ubuntu image that comes pre-configured with docker ubuntu-22.04, - macos-13, + macos-15-intel, ] runs-on: ${{ matrix.os }} permissions: id-token: write contents: read steps: + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v5 + with: + aws-region: us-west-2 + role-to-assume: arn:aws:iam::370957321024:role/GitHub-CI-DDBEC-Dafny-Role-us-west-2 + role-session-name: DDBEC-Dafny-Java-Tests + - name: Setup Docker - if: matrix.os == 'macos-13' && matrix.library == 'TestVectors' - uses: douglascamata/setup-docker-macos-action@v1.0.0 + if: matrix.os == 'macos-15-intel' && matrix.library == 'TestVectors' + uses: douglascamata/setup-docker-macos-action@v1.0.1 - name: Setup DynamoDB Local + if: matrix.library == 'TestVectors' uses: rrainn/dynamodb-action@v4.0.0 with: port: 8000 cors: "*" - - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v4 - with: - aws-region: us-west-2 - role-to-assume: arn:aws:iam::370957321024:role/GitHub-CI-DDBEC-Dafny-Role-us-west-2 - role-session-name: DDBEC-Dafny-Java-Tests - - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 with: submodules: recursive @@ -91,8 +92,14 @@ jobs: diff-generated-code: false update-and-regenerate-mpl: true + - name: Setup Java 8 + uses: actions/setup-java@v5 + with: + distribution: "corretto" + java-version: 8 + - name: Setup Java ${{ matrix.java-version }} - uses: actions/setup-java@v4 + uses: actions/setup-java@v5 with: distribution: "corretto" java-version: ${{ matrix.java-version }} diff --git a/.github/workflows/ci_test_vector_net.yml b/.github/workflows/ci_test_vector_net.yml index c98fb33ed..d0597b399 100644 --- a/.github/workflows/ci_test_vector_net.yml +++ b/.github/workflows/ci_test_vector_net.yml @@ -28,31 +28,32 @@ jobs: os: [ # Run on ubuntu image that comes pre-configured with docker ubuntu-22.04, - macos-13, + macos-15-intel, ] runs-on: ${{ matrix.os }} permissions: id-token: write contents: read steps: + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v5 + with: + aws-region: us-west-2 + role-to-assume: arn:aws:iam::370957321024:role/GitHub-CI-DDBEC-Dafny-Role-us-west-2 + role-session-name: DDBEC-Dafny-DotNet-Tests + - name: Setup Docker - if: matrix.os == 'macos-13' && matrix.library == 'TestVectors' - uses: douglascamata/setup-docker-macos-action@v1.0.0 + if: matrix.os == 'macos-15-intel' && matrix.library == 'TestVectors' + uses: douglascamata/setup-docker-macos-action@v1.0.1 - name: Setup DynamoDB Local + if: matrix.library == 'TestVectors' uses: rrainn/dynamodb-action@v4.0.0 with: port: 8000 cors: "*" - - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v4 - with: - aws-region: us-west-2 - role-to-assume: arn:aws:iam::370957321024:role/GitHub-CI-DDBEC-Dafny-Role-us-west-2 - role-session-name: DDBEC-Dafny-DotNet-Tests - - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 with: submodules: recursive @@ -83,10 +84,17 @@ jobs: update-and-regenerate-mpl: true - name: Setup .NET Core SDK ${{ matrix.dotnet-version }} - uses: actions/setup-dotnet@v4 + uses: actions/setup-dotnet@v5 with: dotnet-version: ${{ matrix.dotnet-version }} + - name: Setup .NET OpenSSL on Mac + if: matrix.os == 'macos-15-intel' + run: | + brew install openssl@3 + echo "DYLD_LIBRARY_PATH=$(brew --prefix openssl@3)/lib" >> $GITHUB_ENV + echo "DOTNET_CRYPTO_ENGINE_ADAPTER=System.Security.Cryptography.Algorithms.Managed" >> $GITHUB_ENV + - name: Build TestVectors implementation shell: bash working-directory: ${{matrix.library}} diff --git a/.github/workflows/ci_todos.yml b/.github/workflows/ci_todos.yml index 20a75492f..939542568 100644 --- a/.github/workflows/ci_todos.yml +++ b/.github/workflows/ci_todos.yml @@ -9,9 +9,9 @@ on: jobs: findTodos: - runs-on: macos-13 + runs-on: macos-14 steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 - name: Check TODOs in code shell: bash diff --git a/.github/workflows/dafny_interop_examples_java.yml b/.github/workflows/dafny_interop_examples_java.yml index 4a77907e9..11b6c9321 100644 --- a/.github/workflows/dafny_interop_examples_java.yml +++ b/.github/workflows/dafny_interop_examples_java.yml @@ -27,21 +27,21 @@ jobs: strategy: max-parallel: 1 matrix: - java-version: [8, 11, 16, 17] - os: [macos-13] + java-version: [8, 11, 17, 19] + os: [macos-14] runs-on: ${{ matrix.os }} permissions: id-token: write contents: read steps: - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v4 + uses: aws-actions/configure-aws-credentials@v5 with: aws-region: us-west-2 role-to-assume: arn:aws:iam::370957321024:role/GitHub-CI-DDBEC-Dafny-Role-us-west-2 role-session-name: DDBEC-Dafny-Java-Tests - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 with: submodules: recursive fetch-depth: 0 @@ -59,8 +59,14 @@ jobs: git submodule update --init --recursive git rev-parse HEAD + - name: Setup Java 8 + uses: actions/setup-java@v5 + with: + distribution: "corretto" + java-version: 8 + - name: Setup Java ${{ matrix.java-version }} - uses: actions/setup-java@v4 + uses: actions/setup-java@v5 with: distribution: "corretto" java-version: ${{ matrix.java-version }} diff --git a/.github/workflows/dafny_interop_examples_net.yml b/.github/workflows/dafny_interop_examples_net.yml index 7e3f031ab..c74945edc 100644 --- a/.github/workflows/dafny_interop_examples_net.yml +++ b/.github/workflows/dafny_interop_examples_net.yml @@ -24,7 +24,7 @@ jobs: matrix: library: [DynamoDbEncryption] dotnet-version: ["6.0.x"] - os: [macos-13] + os: [macos-14] runs-on: ${{ matrix.os }} permissions: id-token: write @@ -36,16 +36,23 @@ jobs: - name: Support longpaths on Git checkout run: | git config --global core.longpaths true - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 with: submodules: recursive fetch-depth: 0 - name: Setup .NET Core SDK ${{ matrix.dotnet-version }} - uses: actions/setup-dotnet@v4 + uses: actions/setup-dotnet@v5 with: dotnet-version: ${{ matrix.dotnet-version }} + - name: Setup .NET OpenSSL on Mac + if: matrix.os == 'macos-14' + run: | + brew install openssl@3 + echo "DYLD_LIBRARY_PATH=$(brew --prefix openssl@3)/lib" >> $GITHUB_ENV + echo "DOTNET_CRYPTO_ENGINE_ADAPTER=System.Security.Cryptography.Algorithms.Managed" >> $GITHUB_ENV + - name: Setup MPL Dafny uses: ./submodules/MaterialProviders/.github/actions/setup_dafny/ with: @@ -64,7 +71,7 @@ jobs: run: make setup_net - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v4 + uses: aws-actions/configure-aws-credentials@v5 with: aws-region: us-west-2 role-to-assume: arn:aws:iam::370957321024:role/GitHub-CI-DDBEC-Dafny-Role-us-west-2 diff --git a/.github/workflows/dafny_interop_java.yml b/.github/workflows/dafny_interop_java.yml index 685d0035f..b01de2d2d 100644 --- a/.github/workflows/dafny_interop_java.yml +++ b/.github/workflows/dafny_interop_java.yml @@ -27,21 +27,21 @@ jobs: strategy: matrix: library: [DynamoDbEncryption] - java-version: [8, 11, 16, 17] - os: [macos-13] + java-version: [8, 11, 17, 19] + os: [macos-14] runs-on: ${{ matrix.os }} permissions: id-token: write contents: read steps: - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v4 + uses: aws-actions/configure-aws-credentials@v5 with: aws-region: us-west-2 role-to-assume: arn:aws:iam::370957321024:role/GitHub-CI-DDBEC-Dafny-Role-us-west-2 role-session-name: DDBEC-Dafny-Java-Tests - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 with: submodules: recursive fetch-depth: 0 @@ -59,8 +59,14 @@ jobs: git submodule update --init --recursive git rev-parse HEAD + - name: Setup Java 8 + uses: actions/setup-java@v5 + with: + distribution: "corretto" + java-version: 8 + - name: Setup Java ${{ matrix.java-version }} - uses: actions/setup-java@v4 + uses: actions/setup-java@v5 with: distribution: "corretto" java-version: ${{ matrix.java-version }} diff --git a/.github/workflows/dafny_interop_test_net.yml b/.github/workflows/dafny_interop_test_net.yml index 701794438..79d459730 100644 --- a/.github/workflows/dafny_interop_test_net.yml +++ b/.github/workflows/dafny_interop_test_net.yml @@ -24,7 +24,7 @@ jobs: matrix: library: [DynamoDbEncryption] dotnet-version: ["6.0.x"] - os: [macos-13, ubuntu-22.04, windows-latest] + os: [macos-14, ubuntu-22.04, windows-latest] runs-on: ${{ matrix.os }} permissions: id-token: write @@ -36,16 +36,23 @@ jobs: - name: Support longpaths on Git checkout run: | git config --global core.longpaths true - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 with: submodules: recursive fetch-depth: 0 - name: Setup .NET Core SDK ${{ matrix.dotnet-version }} - uses: actions/setup-dotnet@v4 + uses: actions/setup-dotnet@v5 with: dotnet-version: ${{ matrix.dotnet-version }} + - name: Setup .NET OpenSSL on Mac + if: matrix.os == 'macos-14' + run: | + brew install openssl@3 + echo "DYLD_LIBRARY_PATH=$(brew --prefix openssl@3)/lib" >> $GITHUB_ENV + echo "DOTNET_CRYPTO_ENGINE_ADAPTER=System.Security.Cryptography.Algorithms.Managed" >> $GITHUB_ENV + - name: Setup MPL Dafny uses: ./submodules/MaterialProviders/.github/actions/setup_dafny/ with: @@ -64,7 +71,7 @@ jobs: run: make setup_net - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v4 + uses: aws-actions/configure-aws-credentials@v5 with: aws-region: us-west-2 role-to-assume: arn:aws:iam::370957321024:role/GitHub-CI-DDBEC-Dafny-Role-us-west-2 @@ -108,11 +115,7 @@ jobs: run: | dotnet restore runtimes/net/tests dotnet build runtimes/net/tests - if [ "$RUNNER_OS" == "macOS" ]; then - make test_net_mac_intel - else - make test_net FRAMEWORK=net6.0 - fi + make test_net FRAMEWORK=net6.0 - name: Test Build and Pack ${{ matrix.library}} shell: bash diff --git a/.github/workflows/dafny_interop_test_vector_java.yml b/.github/workflows/dafny_interop_test_vector_java.yml index 1d29bf32f..dd74c0610 100644 --- a/.github/workflows/dafny_interop_test_vector_java.yml +++ b/.github/workflows/dafny_interop_test_vector_java.yml @@ -44,13 +44,13 @@ jobs: cors: "*" - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v4 + uses: aws-actions/configure-aws-credentials@v5 with: aws-region: us-west-2 role-to-assume: arn:aws:iam::370957321024:role/GitHub-CI-DDBEC-Dafny-Role-us-west-2 role-session-name: DDBEC-Dafny-Java-Tests - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 with: submodules: recursive fetch-depth: 0 @@ -69,7 +69,7 @@ jobs: git rev-parse HEAD - name: Setup Java ${{ matrix.java-version }} - uses: actions/setup-java@v4 + uses: actions/setup-java@v5 with: distribution: "corretto" java-version: ${{ matrix.java-version }} diff --git a/.github/workflows/dafny_interop_test_vector_net.yml b/.github/workflows/dafny_interop_test_vector_net.yml index bc8500c3d..44fe1ec07 100644 --- a/.github/workflows/dafny_interop_test_vector_net.yml +++ b/.github/workflows/dafny_interop_test_vector_net.yml @@ -41,13 +41,13 @@ jobs: - name: Support longpaths on Git checkout run: | git config --global core.longpaths true - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 with: submodules: recursive fetch-depth: 0 - name: Setup .NET Core SDK ${{ matrix.dotnet-version }} - uses: actions/setup-dotnet@v4 + uses: actions/setup-dotnet@v5 with: dotnet-version: ${{ matrix.dotnet-version }} @@ -69,7 +69,7 @@ jobs: run: make setup_net - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v4 + uses: aws-actions/configure-aws-credentials@v5 with: aws-region: us-west-2 role-to-assume: arn:aws:iam::370957321024:role/GitHub-CI-DDBEC-Dafny-Role-us-west-2 diff --git a/.github/workflows/dafny_verify_version.yml b/.github/workflows/dafny_verify_version.yml index ec9ce95b9..2ba81e5cf 100644 --- a/.github/workflows/dafny_verify_version.yml +++ b/.github/workflows/dafny_verify_version.yml @@ -16,7 +16,7 @@ jobs: outputs: version: ${{ steps.read_property.outputs.dafnyVerifyVersion }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - name: Read version from Properties-file id: read_property uses: christian-draeger/read-properties@1.1.1 diff --git a/.github/workflows/dafny_version.yml b/.github/workflows/dafny_version.yml index c20e01a43..c4e148281 100644 --- a/.github/workflows/dafny_version.yml +++ b/.github/workflows/dafny_version.yml @@ -16,7 +16,7 @@ jobs: outputs: version: ${{ steps.read_property.outputs.dafnyVersion }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - name: Read version from Properties-file id: read_property uses: christian-draeger/read-properties@1.1.1 diff --git a/.github/workflows/go-release.yml b/.github/workflows/go-release.yml index adf530554..df7a851b4 100644 --- a/.github/workflows/go-release.yml +++ b/.github/workflows/go-release.yml @@ -18,7 +18,7 @@ jobs: go-release: needs: get-dafny-version - runs-on: macos-13 + runs-on: macos-14 permissions: contents: write pull-requests: write @@ -31,14 +31,14 @@ jobs: # KMS and MPL tests need to use credentials which can call KMS - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v4 + uses: aws-actions/configure-aws-credentials@v5 with: aws-region: us-west-2 role-to-assume: arn:aws:iam::370957321024:role/GitHub-CI-DDBEC-Dafny-Role-us-west-2 role-session-name: GoRelease-DBESDK-Tests - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v5 with: fetch-depth: 0 token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/library_dafny_verification.yml b/.github/workflows/library_dafny_verification.yml index 1759804e1..97b435137 100644 --- a/.github/workflows/library_dafny_verification.yml +++ b/.github/workflows/library_dafny_verification.yml @@ -39,7 +39,7 @@ jobs: DynamoDbItemEncryptor, StructuredEncryption, ] - os: [macos-13] + os: [macos-14] runs-on: ${{ matrix.os }} defaults: run: @@ -48,7 +48,7 @@ jobs: DOTNET_CLI_TELEMETRY_OPTOUT: 1 DOTNET_NOLOGO: 1 steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 with: submodules: recursive @@ -72,9 +72,9 @@ jobs: sed "s/mplDependencyJavaVersion=.*/mplDependencyJavaVersion=${{inputs.mpl-version}}/g" project.properties > project.properties2; mv project.properties2 project.properties # dafny-reportgenerator requires next6 - # but only 7.0 is installed on macos-13-large + # but only 7.0 is installed on macos-14-large - name: Setup .NET Core SDK '6.0.x' - uses: actions/setup-dotnet@v4 + uses: actions/setup-dotnet@v5 with: dotnet-version: "6.0.x" diff --git a/.github/workflows/library_format.yml b/.github/workflows/library_format.yml index 1732bc57b..69396630a 100644 --- a/.github/workflows/library_format.yml +++ b/.github/workflows/library_format.yml @@ -19,7 +19,7 @@ jobs: if: github.event_name != 'schedule' || github.repository_owner == 'aws' strategy: matrix: - os: [macos-13] + os: [macos-14] runs-on: ${{ matrix.os }} defaults: run: @@ -32,7 +32,7 @@ jobs: run: | git config --global core.longpaths true - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 with: submodules: recursive diff --git a/.github/workflows/library_rust_tests.yml b/.github/workflows/library_rust_tests.yml index bae6b3aaf..fa5bb51d4 100644 --- a/.github/workflows/library_rust_tests.yml +++ b/.github/workflows/library_rust_tests.yml @@ -26,7 +26,7 @@ jobs: matrix: library: [DynamoDbEncryption, TestVectors] # removed windows-latest because somehow it can't build aws-lc in CI - os: [ubuntu-22.04, macos-13] + os: [ubuntu-22.04, macos-15-intel] runs-on: ${{ matrix.os }} permissions: id-token: write @@ -34,9 +34,16 @@ jobs: env: RUST_MIN_STACK: 838860800 steps: + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v5 + with: + aws-region: us-west-2 + role-to-assume: arn:aws:iam::370957321024:role/GitHub-CI-DDBEC-Dafny-Role-us-west-2 + role-session-name: DDBEC-Dafny-Rust-Tests + - name: Setup Docker - if: matrix.os == 'macos-13' && matrix.library == 'TestVectors' - uses: douglascamata/setup-docker-macos-action@v1.0.0 + if: matrix.os == 'macos-15-intel' && matrix.library == 'TestVectors' + uses: douglascamata/setup-docker-macos-action@v1.0.1 - name: Setup DynamoDB Local if: matrix.library == 'TestVectors' @@ -48,22 +55,15 @@ jobs: - name: Support longpaths on Git checkout run: | git config --global core.longpaths true - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 - name: Init Submodules shell: bash run: | git submodule update --init --recursive submodules/smithy-dafny git submodule update --init --recursive submodules/MaterialProviders - - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v4 - with: - aws-region: us-west-2 - role-to-assume: arn:aws:iam::370957321024:role/GitHub-CI-DDBEC-Dafny-Role-us-west-2 - role-session-name: DDBEC-Dafny-Rust-Tests - - name: Setup Rust Toolchain for GitHub CI - uses: actions-rust-lang/setup-rust-toolchain@v1.10.1 + uses: actions-rust-lang/setup-rust-toolchain@v1 with: components: rustfmt @@ -82,7 +82,7 @@ jobs: git rev-parse HEAD - name: Setup Java 17 for codegen - uses: actions/setup-java@v4 + uses: actions/setup-java@v5 with: distribution: "corretto" java-version: "17" diff --git a/.github/workflows/mpl_dependency_java_version.yml b/.github/workflows/mpl_dependency_java_version.yml index 640b82e33..607f620d7 100644 --- a/.github/workflows/mpl_dependency_java_version.yml +++ b/.github/workflows/mpl_dependency_java_version.yml @@ -16,7 +16,7 @@ jobs: outputs: version: ${{ steps.read_property.outputs.mplDependencyJavaVersion }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - name: Read version from Properties-file id: read_property uses: christian-draeger/read-properties@1.1.1 diff --git a/.github/workflows/mpl_head_version.yml b/.github/workflows/mpl_head_version.yml index 0d32688fb..2e6a953e3 100644 --- a/.github/workflows/mpl_head_version.yml +++ b/.github/workflows/mpl_head_version.yml @@ -22,7 +22,7 @@ jobs: outputs: version: ${{ steps.read_property.outputs.mplVersion }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 with: submodules: recursive fetch-depth: 0 diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml index eb4bc6e20..20685555d 100644 --- a/.github/workflows/nightly.yml +++ b/.github/workflows/nightly.yml @@ -81,7 +81,7 @@ jobs: steps: # We need access to the role that is able to get CI Bot Creds - name: Configure AWS Credentials for Release - uses: aws-actions/configure-aws-credentials@v4 + uses: aws-actions/configure-aws-credentials@v5 with: aws-region: us-west-2 role-to-assume: arn:aws:iam::587316601012:role/GitHub-CI-CI-Bot-Credential-Access-Role-us-west-2 diff --git a/.github/workflows/sem_ver.yml b/.github/workflows/sem_ver.yml index 93154bb36..3f9c6fcee 100644 --- a/.github/workflows/sem_ver.yml +++ b/.github/workflows/sem_ver.yml @@ -6,7 +6,7 @@ on: jobs: semantic-release: - runs-on: macos-13 + runs-on: macos-14 permissions: id-token: write contents: read @@ -14,20 +14,20 @@ jobs: - name: Support longpaths on Git checkout run: | git config --global core.longpaths true - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 with: submodules: recursive # We need access to the role that is able to get CI Bot Creds - name: Configure AWS Credentials for Release - uses: aws-actions/configure-aws-credentials@v4 + uses: aws-actions/configure-aws-credentials@v5 with: aws-region: us-west-2 role-to-assume: arn:aws:iam::587316601012:role/GitHub-CI-CI-Bot-Credential-Access-Role-us-west-2 role-session-name: CI_Bot_Release - name: Upgrade Node - uses: actions/setup-node@v4 + uses: actions/setup-node@v5 with: node-version: 21 @@ -48,6 +48,6 @@ jobs: # Test to see if we can setup semantic release - name: Test Semantic Release Installation - uses: actions/checkout@v4 + uses: actions/checkout@v5 - run: | make setup_semantic_release diff --git a/.github/workflows/semantic_release.yml b/.github/workflows/semantic_release.yml index 9110e579e..52f0680de 100644 --- a/.github/workflows/semantic_release.yml +++ b/.github/workflows/semantic_release.yml @@ -15,7 +15,7 @@ jobs: # privileged operation, so we must make sure this list of users is a subset of the users labeled as maintainers of # https://github.com/orgs/aws/teams/aws-crypto-tools if: contains('["seebees","texastony","ShubhamChaturvedi7","lucasmcdonald3","josecorella","imabhichow","rishav-karanjit","antonf-amzn","kessplas","ajewellamz","RitvikKapila"]', github.actor) - runs-on: macos-13 + runs-on: macos-14 permissions: id-token: write contents: write @@ -23,20 +23,20 @@ jobs: - name: Support longpaths on Git checkout run: | git config --global core.longpaths true - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 # We only pull in the submodules we need to build the library - run: git submodule update --init libraries # We need access to the role that is able to get CI Bot Creds - name: Configure AWS Credentials for Release - uses: aws-actions/configure-aws-credentials@v4 + uses: aws-actions/configure-aws-credentials@v5 with: aws-region: us-west-2 role-to-assume: arn:aws:iam::587316601012:role/GitHub-CI-CI-Bot-Credential-Access-Role-us-west-2 role-session-name: CI_Bot_Release - name: Upgrade Node - uses: actions/setup-node@v4 + uses: actions/setup-node@v5 with: node-version: 21 diff --git a/.github/workflows/smithy-diff.yml b/.github/workflows/smithy-diff.yml index df756f6a2..c1f44c73e 100644 --- a/.github/workflows/smithy-diff.yml +++ b/.github/workflows/smithy-diff.yml @@ -13,7 +13,7 @@ jobs: issues: write pull-requests: write steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 with: fetch-depth: 0 diff --git a/.github/workflows/test_vector_verification.yml b/.github/workflows/test_vector_verification.yml index d00b1fdc2..7c41aa82d 100644 --- a/.github/workflows/test_vector_verification.yml +++ b/.github/workflows/test_vector_verification.yml @@ -29,7 +29,7 @@ jobs: if: github.event_name != 'schedule' || github.repository_owner == 'aws' strategy: matrix: - os: [macos-13] + os: [macos-14] runs-on: ${{ matrix.os }} defaults: run: @@ -38,7 +38,7 @@ jobs: DOTNET_CLI_TELEMETRY_OPTOUT: 1 DOTNET_NOLOGO: 1 steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 with: submodules: recursive @@ -62,9 +62,9 @@ jobs: sed "s/mplDependencyJavaVersion=.*/mplDependencyJavaVersion=${{inputs.mpl-version}}/g" project.properties > project.properties2; mv project.properties2 project.properties # dafny-reportgenerator requires next6 - # but only 7.0 is installed on macos-13-large + # but only 7.0 is installed on macos-14-large - name: Setup .NET Core SDK '6.0.x' - uses: actions/setup-dotnet@v4 + uses: actions/setup-dotnet@v5 with: dotnet-version: "6.0.x"