CI: Update versions of cargo-deny and cargo-audit #503
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: ci | |
permissions: | |
contents: read | |
on: | |
pull_request: | |
push: | |
jobs: | |
rustfmt: | |
runs-on: ubuntu-22.04 | |
steps: | |
- run: rustup --version | |
- uses: briansmith/actions-checkout@v4 | |
with: | |
persist-credentials: false | |
- run: cargo fmt --all -- --check | |
clippy: | |
runs-on: ubuntu-22.04 | |
steps: | |
- run: rustup --version | |
- uses: briansmith/actions-checkout@v4 | |
with: | |
persist-credentials: false | |
- run: mk/clippy.sh | |
audit: | |
runs-on: ubuntu-22.04 | |
steps: | |
- run: rustup --version | |
- uses: briansmith/actions-cache@v3 | |
with: | |
path: | | |
~/.cargo/bin/cargo-audit | |
~/.cargo/.crates.toml | |
~/.cargo/.crates2.json | |
key: ${{ runner.os }}-v2-cargo-audit-locked-0.18.3 | |
- run: cargo install cargo-audit --locked --vers "0.18.3" | |
- uses: briansmith/actions-checkout@v4 | |
with: | |
persist-credentials: false | |
- run: cargo generate-lockfile | |
- run: cargo audit --deny warnings | |
deny: | |
runs-on: ubuntu-22.04 | |
steps: | |
- run: rustup --version | |
- uses: briansmith/actions-cache@v3 | |
with: | |
path: | | |
~/.cargo/bin/cargo-deny | |
~/.cargo/.crates.toml | |
~/.cargo/.crates2.json | |
key: ${{ runner.os }}-v2-cargo-deny-locked-0.14.3 | |
- run: cargo install cargo-deny --locked --vers "0.14.3" | |
- uses: briansmith/actions-checkout@v4 | |
with: | |
persist-credentials: false | |
- run: cargo deny check | |
# Verify that documentation builds. | |
rustdoc: | |
runs-on: ubuntu-22.04 | |
steps: | |
- run: rustup --version | |
- uses: briansmith/actions-checkout@v4 | |
with: | |
persist-credentials: false | |
- run: | | |
cargo doc --all-features | |
package: | |
runs-on: ubuntu-22.04 | |
steps: | |
- run: rustup --version | |
- uses: briansmith/actions-checkout@v4 | |
with: | |
persist-credentials: false | |
- run: cargo package | |
test: | |
runs-on: ${{ matrix.host_os }} | |
strategy: | |
matrix: | |
features: | |
- # Default | |
- --features=alloc | |
- --all-features | |
target: | |
# There is no platform-specific code in webpki. Choose a handful of | |
# platforms mostly to smoketest that the build machinery in mk/ is | |
# portable. | |
# Specifically choose `aarch64-pc-windows-msvc` since it was new in | |
# *ring* 0.17. | |
- aarch64-pc-windows-msvc | |
- arm-unknown-linux-gnueabihf | |
- i686-pc-windows-msvc | |
- x86_64-unknown-linux-musl | |
- x86_64-unknown-linux-gnu | |
mode: | |
- # debug | |
- --release | |
rust_channel: | |
- stable | |
- nightly | |
- 1.61.0 | |
- beta | |
include: | |
- target: aarch64-pc-windows-msvc | |
host_os: windows-latest | |
# GitHub Actions doesn't have a way to run this target yet. | |
cargo_options: --no-run | |
- target: arm-unknown-linux-gnueabihf | |
host_os: ubuntu-22.04 | |
- target: i686-pc-windows-msvc | |
host_os: windows-latest | |
- target: x86_64-unknown-linux-musl | |
host_os: ubuntu-22.04 | |
- target: x86_64-unknown-linux-gnu | |
host_os: ubuntu-22.04 | |
steps: | |
- if: ${{ contains(matrix.host_os, 'ubuntu') }} | |
run: sudo apt-get update -y | |
- uses: briansmith/actions-checkout@v4 | |
with: | |
persist-credentials: false | |
- run: rustup toolchain add --profile=minimal ${{ matrix.rust_channel }} | |
- run: rustup target add --toolchain=${{ matrix.rust_channel }} ${{ matrix.target }} | |
- if: ${{ !contains(matrix.host_os, 'windows') }} | |
run: mk/install-build-tools.sh --target=${{ matrix.target }} ${{ matrix.features }} | |
- if: ${{ matrix.target == 'aarch64-pc-windows-msvc' }} | |
run: | | |
echo "C:\Program Files (x86)\Microsoft Visual Studio\2022\Enterprise\VC\Tools\Llvm\x64\bin" >> $GITHUB_PATH | |
shell: bash | |
- if: ${{ !contains(matrix.host_os, 'windows') }} | |
run: | | |
mk/cargo.sh +${{ matrix.rust_channel }} test -vv --target=${{ matrix.target }} ${{ matrix.cargo_options }} ${{ matrix.features }} ${{ matrix.mode }} | |
- if: ${{ contains(matrix.host_os, 'windows') }} | |
run: | | |
cargo +${{ matrix.rust_channel }} test -vv --target=${{ matrix.target }} ${{ matrix.cargo_options }} ${{ matrix.features }} ${{ matrix.mode }} | |
# rcgen-based tests require Rust 1.67. | |
- if: ${{ !contains(matrix.host_os, 'windows') && !contains(matrix.rust_channel, '1.61.0') }} | |
run: | | |
mk/cargo.sh +${{ matrix.rust_channel }} test -p rcgen-tests -vv --target=${{ matrix.target }} ${{ matrix.cargo_options }} ${{ matrix.features }} ${{ matrix.mode }} | |
# rcgen-based tests require Rust 1.67, and uses *ring* 0.16 which doesn't build for aarch64-pc-windows-msvc. | |
- if: ${{ contains(matrix.host_os, 'windows') && !contains(matrix.rust_channel, '1.61.0') && !contains(matrix.target, 'aarch64-pc-windows-msvc') }} | |
run: | | |
cargo +${{ matrix.rust_channel }} test -vv -p rcgen-tests --target=${{ matrix.target }} ${{ matrix.cargo_options }} ${{ matrix.features }} ${{ matrix.mode }} | |
coverage: | |
runs-on: ${{ matrix.host_os }} | |
strategy: | |
matrix: | |
features: | |
- --all-features | |
# TODO: targets | |
target: | |
- x86_64-unknown-linux-musl | |
mode: | |
- # debug | |
# Coverage collection is Nightly-only | |
rust_channel: | |
- nightly | |
# TODO: targets | |
include: | |
- target: x86_64-unknown-linux-musl | |
host_os: ubuntu-22.04 | |
steps: | |
- if: ${{ contains(matrix.host_os, 'ubuntu') }} | |
run: sudo apt-get update -y | |
- uses: briansmith/actions-checkout@v4 | |
with: | |
persist-credentials: false | |
- run: rustup toolchain add --profile=minimal ${{ matrix.rust_channel }} | |
- run: rustup target add --toolchain=${{ matrix.rust_channel }} ${{ matrix.target }} | |
- if: ${{ !contains(matrix.host_os, 'windows') }} | |
run: RING_COVERAGE=1 mk/install-build-tools.sh --target=${{ matrix.target }} ${{ matrix.features }} | |
- if: ${{ !contains(matrix.host_os, 'windows') }} | |
run: | | |
RING_COVERAGE=1 mk/cargo.sh +${{ matrix.rust_channel }} test --workspace -vv --target=${{ matrix.target }} ${{ matrix.cargo_options }} ${{ matrix.features }} ${{ matrix.mode }} | |
- uses: briansmith/codecov-codecov-action@v3 | |
with: | |
directory: ./target/${{ matrix.target }}/debug/coverage/reports | |
fail_ci_if_error: true | |
verbose: true |