Skip to content

config: update production policy file #625

config: update production policy file

config: update production policy file #625

Workflow file for this run

on: [push, pull_request]
name: Format and Clippy
env:
AS: nasm
AR: llvm-ar
CC: clang
permissions:
contents: read
jobs:
clippy:
name: Clippy
runs-on: ubuntu-20.04
permissions:
contents: read
security-events: write
actions: read
steps:
- name: Checkout sources
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
submodules: recursive
# Install first since it's needed to build NASM
- name: Install LLVM and Clang
uses: KyleMayes/install-llvm-action@e0a8dc9cb8a22e8a7696e8a91a4e9581bec13181 # v2.0.5
with:
version: "10.0"
directory: ${{ runner.temp }}/llvm
- name: install NASM
uses: ilammy/setup-nasm@13cbeb366c45c4379d3478cdcbadd8295feb5028 # v1.5.1
- name: Install toolchain with clippy available
uses: actions-rs/toolchain@16499b5e05bf2e26879000db0c1d13f7e13fa3af # v1.0.7
with:
profile: minimal
toolchain: nightly-2023-12-31
override: true
components: clippy
- name: Install required cargo
run: cargo install clippy-sarif sarif-fmt
- name: Preparation Work
run: bash sh_script/preparation.sh
- name: Run rust-clippy for result collection
run:
cargo clippy
--features stack-guard,virtio-vsock,virtio-serial,vmcall-interrupt
--message-format=json | clippy-sarif | tee rust-clippy-results.sarif | sarif-fmt
continue-on-error: true
- name: Upload analysis results to GitHub
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: rust-clippy-results.sarif
wait-for-processing: true
- name: Run rust-clippy
run: cargo clippy --features stack-guard,virtio-vsock,virtio-serial,vmcall-interrupt
rustfmt:
name: Format
runs-on: ubuntu-20.04
steps:
# Install first since it's needed to build NASM
- name: Install LLVM and Clang
uses: KyleMayes/install-llvm-action@e0a8dc9cb8a22e8a7696e8a91a4e9581bec13181 # v2.0.5
with:
version: "10.0"
directory: ${{ runner.temp }}/llvm
- name: install NASM
uses: ilammy/setup-nasm@13cbeb366c45c4379d3478cdcbadd8295feb5028 # v1.5.1
- name: Checkout sources
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
submodules: recursive
- name: Install toolchain with rustfmt available
uses: actions-rs/toolchain@16499b5e05bf2e26879000db0c1d13f7e13fa3af # v1.0.7
with:
profile: minimal
toolchain: nightly-2023-12-31
override: true
components: rustfmt
- name: Preparation Work
run: bash sh_script/preparation.sh
- name: Run cargo check
uses: actions-rs/cargo@844f36862e911db73fe0815f00a4a2602c279505 # v1.0.3
with:
command: check
- name: Run cargo fmt
uses: actions-rs/cargo@844f36862e911db73fe0815f00a4a2602c279505 # v1.0.3
with:
command: fmt
args: -- --check