-
Notifications
You must be signed in to change notification settings - Fork 5
141 lines (134 loc) · 4.76 KB
/
ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
name: CI Check
on:
merge_group:
pull_request:
push:
branches:
- main
env:
# Use the same ssh-agent socket value across all jobs
# Useful when a GH action is using SSH behind-the-scenes
SSH_AUTH_SOCK: /tmp/ssh_agent.sock
CARGO_TERM_COLOR: always
# Disable incremental compilation.
#
# Incremental compilation is useful as part of an edit-build-test-edit cycle,
# as it lets the compiler avoid recompiling code that hasn't changed. However,
# on CI, we're not making small edits; we're almost always building the entire
# project from scratch. Thus, incremental compilation on CI actually
# introduces *additional* overhead to support making future builds
# faster...but no future builds will ever occur in any given CI environment.
#
# See https://matklad.github.io/2021/09/04/fast-rust-builds.html#ci-workflow
# for details.
CARGO_INCREMENTAL: 0
# Allow more retries for network requests in cargo (downloading crates) and
# rustup (installing toolchains). This should help to reduce flaky CI failures
# from transient network timeouts or other issues.
CARGO_NET_RETRY: 10
RUSTUP_MAX_RETRIES: 10
# Don't emit giant backtraces in the CI logs.
RUST_BACKTRACE: short
# Jobs launched for a PR event cancel the ongoing one for the same workflow + PR,
# Only retries (of the same run) for a Push event cancel the prior one.
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
jobs:
test:
name: Test
runs-on: ubuntu-latest
strategy:
matrix:
include:
- feature: default
steps:
- name: Setup SSH passphrase
env:
SSH_PASSPHRASE: ${{secrets.CI_SSH_PASSPHRASE}}
SSH_PRIVATE_KEY: ${{secrets.CI_KEY}}
run: |
ssh-agent -a $SSH_AUTH_SOCK > /dev/null
echo 'echo $SSH_PASSPHRASE' > ~/.ssh_askpass && chmod +x ~/.ssh_askpass
echo "$SSH_PRIVATE_KEY" | tr -d '\r' | DISPLAY=None SSH_ASKPASS=~/.ssh_askpass ssh-add - >/dev/null
eval `ssh-agent -s`
- uses: actions/checkout@v3
- uses: actions-rs/toolchain@v1
# use the more efficient nextest
- uses: taiki-e/install-action@nextest
- uses: Swatinem/rust-cache@v2
- name: Build
# This build will be reused by nextest,
# and also checks (--all-targets) that benches don't bit-rot
run: cargo build --release --all-targets --no-default-features
- name: Test
run: |
cargo nextest run --release --workspace --no-default-features
- name: Doctests # nextest does not support doc tests
run: |
cargo test --doc
fmt:
name: Rustfmt
timeout-minutes: 30
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: actions-rs/toolchain@v1
- uses: Swatinem/rust-cache@v2
- run: rustup component add rustfmt
- uses: actions-rs/cargo@v1
with:
command: fmt
args: --all -- --check
clippy:
name: Clippy lint checks
runs-on: ubuntu-latest
steps:
- name: Setup SSH passphrase
env:
SSH_PASSPHRASE: ${{secrets.CI_SSH_PASSPHRASE}}
SSH_PRIVATE_KEY: ${{secrets.CI_KEY}}
run: |
ssh-agent -a $SSH_AUTH_SOCK > /dev/null
echo 'echo $SSH_PASSPHRASE' > ~/.ssh_askpass && chmod +x ~/.ssh_askpass
echo "$SSH_PRIVATE_KEY" | tr -d '\r' | DISPLAY=None SSH_ASKPASS=~/.ssh_askpass ssh-add - >/dev/null
eval `ssh-agent -s`
- uses: actions/checkout@v2
- uses: actions-rs/toolchain@v1
with:
components: clippy
- uses: Swatinem/rust-cache@v2
- name: Run clippy
uses: actions-rs/cargo@v1
with:
command: clippy
args: --all-targets --all-features -- -D warnings
audit:
name: Cargo deny checks (licenses, vulnerabilities, unused dependencies)
runs-on: ubuntu-latest
steps:
- name: Setup SSH passphrase
env:
SSH_PASSPHRASE: ${{secrets.CI_SSH_PASSPHRASE}}
SSH_PRIVATE_KEY: ${{secrets.CI_KEY}}
run: |
ssh-agent -a $SSH_AUTH_SOCK > /dev/null
echo 'echo $SSH_PASSPHRASE' > ~/.ssh_askpass && chmod +x ~/.ssh_askpass
echo "$SSH_PRIVATE_KEY" | tr -d '\r' | DISPLAY=None SSH_ASKPASS=~/.ssh_askpass ssh-add - >/dev/null
eval `ssh-agent -s`
- uses: actions/checkout@v2
- uses: actions-rs/toolchain@v1
- uses: Swatinem/rust-cache@v2
- name: Run cargo deny
run: |
cargo install cargo-deny
cargo deny check
typos:
name: Spell Check with Typos
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Use typos with config file
uses: crate-ci/typos@master
with:
config: .github/workflows/typos.toml