Skip to content

chore: Use the cargo-deny-action #20

chore: Use the cargo-deny-action

chore: Use the cargo-deny-action #20

Workflow file for this run

name: wot-discovery
on:
push:
branches:
- master
paths:
- 'src/**'
- 'crates/**'
- 'fuzz/**'
- '.github/**'
- 'Cargo.toml'
- 'Cargo.lock'
pull_request:
branches:
- master
paths:
- 'src/**'
- 'crates/**'
- 'fuzz/**'
- '.github/**'
- 'Cargo.toml'
- 'Cargo.lock'
jobs:
################################## LEGAL AND FORMAT LAYER ######################
reuse:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: REUSE Compliance Check
uses: fsfe/reuse-action@v1
clippy-rustfmt:
strategy:
matrix:
platform: [ubuntu-latest]
runs-on: ${{ matrix.platform }}
steps:
- uses: actions/checkout@v4
- name: Install Rust stable
uses: dtolnay/rust-toolchain@stable
with:
toolchain: stable
components: clippy, rustfmt
- name: Run rustfmt
run:
cargo fmt --all -- --check --verbose
- name: Run cargo clippy
uses: giraffate/clippy-action@v1
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
clippy_flags: --all-targets -- -D warnings
reporter: github-pr-review
static-code-analysis:
env:
RCA_LINK: https://github.com/mozilla/rust-code-analysis/releases/download
RCA_VERSION: v0.0.25
strategy:
matrix:
conf:
- ubuntu
include:
- conf: ubuntu
platform: ubuntu-latest
dir: $PWD
runs-on: ${{ matrix.platform }}
steps:
- uses: actions/checkout@v4
- name: Install rust-code-analysis on Ubuntu
if: matrix.conf == 'ubuntu'
run: |
mkdir -p $HOME/.local/bin
curl -L "$RCA_LINK/$RCA_VERSION/rust-code-analysis-linux-cli-x86_64.tar.gz" |
tar xz -C $HOME/.local/bin
echo "$HOME/.local/bin" >> $GITHUB_PATH
- name: Run rust-code-analysis
run: |
mkdir $HOME/rca-json
rust-code-analysis-cli --metrics -O json --pr -o "$HOME/rca-json" -p ${{ matrix.dir }}
- name: Upload rust-code-analysis json
uses: actions/upload-artifact@v3
with:
name: rca-json-${{ matrix.conf }}
path: ~/rca-json
################################## BUILD AND DOCS LAYER ########################
build:
needs: [reuse, clippy-rustfmt, static-code-analysis]
strategy:
matrix:
platform: [ubuntu-latest, macos-latest, windows-latest]
runs-on: ${{ matrix.platform }}
steps:
- uses: actions/checkout@v4
- name: Install Rust stable
uses: dtolnay/rust-toolchain@stable
with:
toolchain: stable
- name: Build
run: cargo build --verbose
docs:
needs: [reuse, clippy-rustfmt, static-code-analysis]
strategy:
matrix:
platform: [ubuntu-latest]
runs-on: ${{ matrix.platform }}
steps:
- uses: actions/checkout@v4
- name: Install Rust stable
uses: dtolnay/rust-toolchain@stable
with:
toolchain: stable
- name: Generate docs
run: cargo doc --verbose --no-deps
################################## CODE COVERAGE LAYER ##################################
code-coverage-ubuntu:
needs: [build, docs]
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Install Rust stable
uses: dtolnay/rust-toolchain@stable
with:
toolchain: stable
- name: Install grcov
env:
GRCOV_LINK: https://github.com/mozilla/grcov/releases/download
GRCOV_VERSION: v0.8.13
run: |
curl -L "$GRCOV_LINK/$GRCOV_VERSION/grcov-x86_64-unknown-linux-musl.tar.bz2" |
tar xj -C $HOME/.cargo/bin
- name: Install llvm-tools-preview
run: |
rustup component add llvm-tools-preview
# Not necessary on a newly created image, but strictly advised
- name: Run cargo clean
run: |
cargo clean
- name: Run tests
env:
RUSTFLAGS: "-Cinstrument-coverage"
LLVM_PROFILE_FILE: "wot-td-%p-%m.profraw"
run: |
cargo test --verbose
- name: Get coverage data for codecov
run: |
grcov . --binary-path ./target/debug/ -s . -t lcov --branch \
--ignore-not-existing --ignore "/*" --ignore "../*" -o lcov.info
- name: Codecov upload
uses: codecov/codecov-action@v3
with:
files: lcov.info
################################## DEPENDENCY LAYER ###########################
audit-ubuntu:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Check dependencies changes
uses: dorny/paths-filter@v3
id: changes
with:
filters: |
cargo:
- 'Cargo.toml'
- 'Cargo.lock'
- name: Run cargo-audit
if: steps.changes.outputs.cargo == 'true'
uses: actions-rs/audit-check@v1
with:
token: ${{ secrets.GITHUB_TOKEN }}
deny-ubuntu:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: EmbarkStudios/cargo-deny-action@v2
udeps-ubuntu:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Check dependencies changes
uses: dorny/paths-filter@v3
id: changes
with:
filters: |
cargo:
- 'Cargo.toml'
- 'Cargo.lock'
- name: Install Rust nightly
if: steps.changes.outputs.cargo == 'true'
uses: dtolnay/rust-toolchain@nightly
with:
toolchain: nightly
- name: Install cargo-udeps
if: steps.changes.outputs.cargo == 'true'
env:
UDEPS_LINK: https://github.com/est31/cargo-udeps/releases/download
UDEPS_VERSION: v0.1.53
run: |
curl -L "$UDEPS_LINK/$UDEPS_VERSION/cargo-udeps-$UDEPS_VERSION-x86_64-unknown-linux-gnu.tar.gz" |
tar xz -C $HOME/.cargo/bin --strip-components 2
- name: Run cargo-udeps
if: steps.changes.outputs.cargo == 'true'
run: |
cargo +nightly udeps --all-targets