style: clean up Cargo.toml
, chore(deps): upgrade url
to 2.5.4, chore(deny): new template and allow more licenses, chore(ci): cargo audit, outdated and verify-project
#468
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Test | |
on: | |
pull_request: | |
jobs: | |
cargo-deny: | |
runs-on: ubuntu-latest | |
container: | |
image: ghcr.io/antonengelhardt/rust-docker-tools | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: Rust version | |
run: rustc --version && cargo --version | |
- name: Cargo Deny | |
uses: EmbarkStudios/cargo-deny-action@v2 | |
clippy: | |
runs-on: ubuntu-latest | |
container: | |
image: ghcr.io/antonengelhardt/rust-docker-tools | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: Set up cargo cache | |
uses: actions/cache@v4 | |
with: | |
path: | | |
~/.cargo/bin/ | |
~/.cargo/registry/index/ | |
~/.cargo/registry/cache/ | |
~/.cargo/git/db/ | |
target/ | |
key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }} | |
- name: Rust version | |
run: rustc --version && cargo --version | |
- name: Clippy | |
run: | | |
rustc --version && cargo --version | |
cargo clippy --release --all-targets --target=wasm32-wasip1 -- -D warnings | |
fmt: | |
runs-on: ubuntu-latest | |
container: | |
image: ghcr.io/antonengelhardt/rust-docker-tools | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: Rust version | |
run: rustc --version && cargo --version | |
- name: Fmt | |
run: cargo fmt -- --check | |
test: | |
runs-on: ubuntu-latest | |
container: | |
image: ghcr.io/antonengelhardt/rust-docker-tools | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: Set up cargo cache | |
uses: actions/cache@v4 | |
with: | |
path: | | |
~/.cargo/bin/ | |
~/.cargo/registry/index/ | |
~/.cargo/registry/cache/ | |
~/.cargo/git/db/ | |
target/ | |
key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }} | |
- name: Rust version | |
run: rustc --version && cargo --version | |
- name: Test | |
run: cargo test --workspace | |
audit: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: Set up cargo cache | |
uses: actions/cache@v4 | |
with: | |
path: | | |
~/.cargo/bin/ | |
~/.cargo/registry/index/ | |
~/.cargo/registry/cache/ | |
~/.cargo/git/db/ | |
target/ | |
key: ${{ runner.os }}-cargo-audit-${{ hashFiles('**/Cargo.lock') }} | |
restore-keys: | | |
${{ runner.os }}-cargo-audit- | |
- name: Install cargo audit | |
run: cargo install cargo-audit || true | |
- name: Rust version | |
run: rustc --version && cargo --version | |
- name: Audit | |
run: cargo audit -f audit.toml | |
verify-project: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: Rust version | |
run: rustc --version && cargo --version | |
- name: Verify project | |
run: cargo verify-project | |
outdated: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: Set up cargo cache | |
uses: actions/cache@v4 | |
with: | |
path: | | |
~/.cargo/bin/ | |
~/.cargo/registry/index/ | |
~/.cargo/registry/cache/ | |
~/.cargo/git/db/ | |
target/ | |
key: ${{ runner.os }}-cargo-outdated-${{ hashFiles('**/Cargo.lock') }} | |
restore-keys: | | |
${{ runner.os }}-cargo-outdated- | |
- name: Install cargo-outdated | |
run: cargo install cargo-outdated || true | |
- name: Rust version | |
run: rustc --version && cargo --version | |
- name: Outdated | |
run: cargo outdated --root-deps-only --exit-code 1 | |
build: | |
runs-on: ubuntu-latest | |
container: | |
image: ghcr.io/antonengelhardt/rust-docker-tools | |
needs: [audit, outdated, verify-project, cargo-deny, clippy, fmt, test] | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: Set up cargo cache | |
uses: actions/cache@v4 | |
with: | |
path: | | |
~/.cargo/bin/ | |
~/.cargo/registry/index/ | |
~/.cargo/registry/cache/ | |
~/.cargo/git/db/ | |
target/ | |
key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }} | |
- name: Rust version | |
run: rustc --version && cargo --version | |
- name: Build wasm-oidc-plugin | |
run: | | |
cargo build --target wasm32-wasip1 --release | |
- name: Upload plugin as artifact | |
uses: actions/upload-artifact@v4 | |
with: | |
name: plugin | |
path: target/wasm32-wasi/release/wasm_oidc_plugin.wasm | |
docker-image: | |
needs: [audit, outdated, verify-project, cargo-deny, clippy, fmt, test] | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: Login | |
uses: docker/login-action@v2 | |
with: | |
username: ${{ secrets.DOCKERHUB_USERNAME }} | |
password: ${{ secrets.DOCKERHUB_PASSWORD }} | |
- name: Pull previous image to cache | |
run: docker pull antonengelhardt/wasm-oidc-plugin:pr-${{ github.event.pull_request.head.ref }} || true | |
- name: Push to Docker Hub | |
uses: docker/build-push-action@v2 | |
with: | |
context: . | |
push: true | |
tags: antonengelhardt/wasm-oidc-plugin:pr-${{ github.event.pull_request.head.ref}} | |
ghcr-image: | |
runs-on: ubuntu-latest | |
needs: [audit, outdated, verify-project, cargo-deny, clippy, fmt, test] | |
permissions: | |
contents: read | |
packages: write | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: Login | |
uses: docker/login-action@v2 | |
with: | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Push to GHCR | |
run: | | |
docker pull ghcr.io/antonengelhardt/wasm-oidc-plugin:pr-${{ github.event.pull_request.head.ref }} || true # Pull the image to cache | |
docker build -t ghcr.io/antonengelhardt/wasm-oidc-plugin:pr-${{ github.event.pull_request.head.ref }} . | |
docker push ghcr.io/antonengelhardt/wasm-oidc-plugin:pr-${{ github.event.pull_request.head.ref }} |