File: buildspec_sanitizer.yml

package info (click to toggle)
aws-crt-python 0.28.4%2Bdfsg-1
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid
  • size: 78,428 kB
  • sloc: ansic: 437,955; python: 27,657; makefile: 5,855; sh: 4,289; ruby: 208; java: 82; perl: 73; cpp: 25; xml: 11
file content (150 lines) | stat: -rw-r--r-- 4,723 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
 
---
# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"). You may not use
# this file except in compliance with the License. A copy of the License is
# located at
#
# http://aws.amazon.com/apache2.0/
#
# or in the "license" file accompanying this file. This file is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
# implied. See the License for the specific language governing permissions and
# limitations under the License.
version: 0.2

# This buildspec runs on an Ubuntu22 image. That configuration is a property of
# the codebuild job itself.

# Codebuild's matrix jobs have non-differentiated names so use batch-list
# instead.

# Parameter motivation

# COMPILERS
# We run asan on both gcc and clang because of different features sets for their
# address sanitizers. Specifically there was a case where GCC was able to detect
# a memcpy-param-overlap that Clang did not.

# LIBCRYPTOS
# awslc: happy path libcrypto for s2n-tls
# openssl 3: s2n-tls takes different code paths for ossl3, so make sure we run 
#            asan on it. See pr 4033 for a historical motivating example.
# openssl 1.1.1: a widely deployed version of openssl.
# openssl 1.0.2: the default libcrypto on AL2, and AL2 is still widely deployed.

# CMAKE_BUILD_TYPE
# RelWithDebInfo: This instructs CMake to do all optimizations (Rel -> Release)
# along with debug info (DebInfo). Debug info is necessary to get line numbers 
# in the stack traces that ASAN reports.
batch:
  build-list:
    - identifier: clang_awslc
      env:
        compute-type: BUILD_GENERAL1_LARGE
        variables:
          S2N_LIBCRYPTO: awslc
          COMPILER: clang
    - identifier: clang_openssl_3_0
      env:
        compute-type: BUILD_GENERAL1_LARGE
        variables:
          S2N_LIBCRYPTO: openssl-3.0
          COMPILER: clang
    - identifier: clang_openssl_3_fips
      env:
        compute-type: BUILD_GENERAL1_LARGE
        variables:
          S2N_LIBCRYPTO: openssl-3.0-fips
          COMPILER: clang
    - identifier: clang_openssl_1_1_1
      env:
        compute-type: BUILD_GENERAL1_LARGE
        variables:
          S2N_LIBCRYPTO: openssl-1.1.1
          COMPILER: clang
    - identifier: clang_openssl_1_0_2
      env:
        compute-type: BUILD_GENERAL1_LARGE
        variables:
          S2N_LIBCRYPTO: openssl-1.0.2
          COMPILER: clang
    - identifier: gcc_awslc
      env:
        compute-type: BUILD_GENERAL1_LARGE
        variables:
          S2N_LIBCRYPTO: awslc
          COMPILER: gcc
    - identifier: gcc_awslc_fips_2024
      env:
        compute-type: BUILD_GENERAL1_LARGE
        variables:
          S2N_LIBCRYPTO: awslc-fips-2024
          COMPILER: gcc
    - identifier: gcc_awslc_fips_next
      env:
        compute-type: BUILD_GENERAL1_LARGE
        variables:
          S2N_LIBCRYPTO: awslc-fips-next
          COMPILER: gcc
    - identifier: gcc_openssl_3_0
      env:
        compute-type: BUILD_GENERAL1_LARGE
        variables:
          S2N_LIBCRYPTO: openssl-3.0
          COMPILER: gcc
    - identifier: gcc_openssl_3_fips
      env:
        compute-type: BUILD_GENERAL1_LARGE
        variables:
          S2N_LIBCRYPTO: openssl-3.0-fips
          COMPILER: gcc
    - identifier: gcc_openssl_1_1_1
      env:
        compute-type: BUILD_GENERAL1_LARGE
        variables:
          S2N_LIBCRYPTO: openssl-1.1.1
          COMPILER: gcc
    - identifier: gcc_openssl_1_0_2
      env:
        compute-type: BUILD_GENERAL1_LARGE
        variables:
          S2N_LIBCRYPTO: openssl-1.0.2
          COMPILER: gcc
    - identifier: clang_openssl_1_0_2_fips
      env:
        compute-type: BUILD_GENERAL1_LARGE
        variables:
          S2N_LIBCRYPTO: openssl-1.0.2-fips
          COMPILER: clang
    - identifier: gcc_openssl_1_0_2_fips
      env:
        compute-type: BUILD_GENERAL1_LARGE
        variables:
          S2N_LIBCRYPTO: openssl-1.0.2-fips
          COMPILER: gcc

phases:
  pre_build:
    commands:
      - |
        if [ -d "third-party-src" ]; then
          cd third-party-src;
          ln -s /usr/local $CODEBUILD_SRC_DIR/third-party-src/test-deps;
        fi
      - /usr/bin/$COMPILER --version
  build:
    on-failure: ABORT
    commands:
      - |
        cmake . -Bbuild \
          -DCMAKE_C_COMPILER=/usr/bin/$COMPILER \
          -DCMAKE_PREFIX_PATH=/usr/local/$S2N_LIBCRYPTO \
          -DCMAKE_BUILD_TYPE=RelWithDebInfo \
          -DASAN=ON \
          -DUBSAN=ON
      - cmake --build ./build -- -j $(nproc)
  post_build:
    on-failure: ABORT
    commands:
      - CTEST_OUTPUT_ON_FAILURE=1 CTEST_PARALLEL_LEVEL=$(nproc) make -C build test