diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 2bd4b07..44b5ae7 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -7,7 +7,7 @@ jobs: cargo-deny: runs-on: ubuntu-latest container: - image: antonengelhardt/rust-docker-tools + image: ghcr.io/antonengelhardt/rust-docker-tools steps: - name: Checkout code uses: actions/checkout@v4 @@ -21,7 +21,7 @@ jobs: clippy: runs-on: ubuntu-latest container: - image: antonengelhardt/rust-docker-tools + image: ghcr.io/antonengelhardt/rust-docker-tools steps: - name: Checkout code uses: actions/checkout@v4 @@ -48,7 +48,7 @@ jobs: fmt: runs-on: ubuntu-latest container: - image: antonengelhardt/rust-docker-tools + image: ghcr.io/antonengelhardt/rust-docker-tools steps: - name: Checkout code uses: actions/checkout@v4 @@ -62,7 +62,7 @@ jobs: test: runs-on: ubuntu-latest container: - image: antonengelhardt/rust-docker-tools + image: ghcr.io/antonengelhardt/rust-docker-tools steps: - name: Checkout code uses: actions/checkout@v4 @@ -84,11 +84,79 @@ jobs: - name: Test run: cargo test --workspace + audit: + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Set up cargo cache + uses: actions/cache@v4 + with: + path: | + ~/.cargo/bin/ + ~/.cargo/registry/index/ + ~/.cargo/registry/cache/ + ~/.cargo/git/db/ + target/ + key: ${{ runner.os }}-cargo-audit-${{ hashFiles('**/Cargo.lock') }} + restore-keys: | + ${{ runner.os }}-cargo-audit- + + - name: Install cargo audit + run: cargo install cargo-audit || true + + - name: Rust version + run: rustc --version && cargo --version + + - name: Audit + run: cargo audit -f audit.toml + + verify-project: + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Rust version + run: rustc --version && cargo --version + + - name: Verify project + run: cargo verify-project + + outdated: + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Set up cargo cache + uses: actions/cache@v4 + with: + path: | + ~/.cargo/bin/ + ~/.cargo/registry/index/ + ~/.cargo/registry/cache/ + ~/.cargo/git/db/ + target/ + key: ${{ runner.os }}-cargo-outdated-${{ hashFiles('**/Cargo.lock') }} + restore-keys: | + ${{ runner.os }}-cargo-outdated- + + - name: Install cargo-outdated + run: cargo install cargo-outdated || true + + - name: Rust version + run: rustc --version && cargo --version + + - name: Outdated + run: cargo outdated --root-deps-only --exit-code 1 + build: runs-on: ubuntu-latest container: image: ghcr.io/antonengelhardt/rust-docker-tools - needs: [cargo-deny, clippy, fmt, test] + needs: [audit, outdated, verify-project, cargo-deny, clippy, fmt, test] steps: - name: Checkout code @@ -105,6 +173,9 @@ jobs: target/ key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }} + - name: Rust version + run: rustc --version && cargo --version + - name: Build wasm-oidc-plugin run: | cargo build --target wasm32-wasip1 --release @@ -116,7 +187,7 @@ jobs: path: target/wasm32-wasi/release/wasm_oidc_plugin.wasm docker-image: - needs: [cargo-deny, clippy, fmt, test] + needs: [audit, outdated, verify-project, cargo-deny, clippy, fmt, test] runs-on: ubuntu-latest steps: @@ -141,7 +212,7 @@ jobs: ghcr-image: runs-on: ubuntu-latest - needs: [cargo-deny, clippy, fmt, test] + needs: [audit, outdated, verify-project, cargo-deny, clippy, fmt, test] permissions: contents: read packages: write