Skip to content

Rust

Rust #464

Workflow file for this run

name: Rust
on:
pull_request:
# Run CI on the main branch after every merge.
# This is important to fill the GitHub Actions cache in a way that PRs can see it.
push:
branches:
- main
# Run CI on the main branch every Sunday.
schedule:
- cron: '14 3 * * 0'
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
cancel-in-progress: true
env:
CARGO_TERM_COLOR: always
CLICOLOR_FORCE: 1
# Disable incremental compilation.
#
# Incremental compilation is useful as part of an edit-build-test-edit cycle,
# as it lets the compiler avoid recompiling code that hasn't changed. However,
# on CI, we're not making small edits; we're almost always building the entire
# project from scratch. Thus, incremental compilation on CI actually
# introduces *additional* overhead to support making future builds
# faster...but no future builds will ever occur in any given CI environment.
#
# See https://matklad.github.io/2021/09/04/fast-rust-builds.html#ci-workflow
# for details.
CARGO_INCREMENTAL: 0
# Allow more retries for network requests in cargo (downloading crates) and
# rustup (installing toolchains). This should help to reduce flaky CI failures
# from transient network timeouts or other issues.
CARGO_NET_RETRY: 10
RUSTUP_MAX_RETRIES: 10
# Don't emit giant backtraces in the CI logs.
RUST_BACKTRACE: short
RUSTDOCFLAGS: -D warnings
jobs:
diff:
runs-on: [ubuntu-ghcloud]
permissions:
contents: read
pull-requests: read
outputs:
isRust: ${{ steps.diff.outputs.isRust }}
steps:
- uses: actions/checkout@v4
- name: Detect Changes
uses: dorny/[email protected]
id: diff
with:
filters: |
isRust:
- 'crates/**'
- 'Cargo.toml'
- 'Cargo.lock'
- 'rust-toolchain.toml'
- '.github/workflows/rust.yml'
dependencies:
name: Check dependencies
needs: diff
if: ${{ needs.diff.outputs.isRust == 'true' }}
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: EmbarkStudios/cargo-deny-action@v2
with:
# do not check advisories to prevent sudden failure due to new announcement
command: check bans licenses sources
dependencies-schedule:
name: Check dependencies (including vulnerabilities)
needs: diff
if: ${{ github.event_name == 'schedule' }}
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: EmbarkStudios/cargo-deny-action@v2
test:
name: Test Rust code and report coverage
needs: diff
if: ${{ github.event_name == 'schedule' || needs.diff.outputs.isRust == 'true' }}
runs-on: ubuntu-ghcloud
permissions:
contents: read
pull-requests: write
env:
RUSTC_BOOTSTRAP: 1
steps:
- uses: actions/checkout@v4
- uses: "./.github/actions/setup-dependencies"
with:
save-cache: ${{ github.ref == 'refs/heads/main' && 'true' || 'false' }}
- run: cargo install [email protected]
- name: Install SCION and run local topology
uses: "./.github/actions/setup-scion"
with:
scion-ref: v0.11.0
id: scion
- name: Run tests (including integration tests) and record coverage
run: >
SCION_DAEMON_ADDRESS=${{ steps.scion.outputs.daemon-address-as111 }}
cargo tarpaulin --workspace --skip-clean
--lib --bins --examples --tests --doc
--out html --out xml
--exclude-files "crates/scion-grpc/*"
--exclude-files "crates/**/tests/*"
--exclude-files "crates/**/benches/*"
-- --include-ignored
- name: Upload coverage report
uses: actions/upload-artifact@v4
with:
name: Coverage report
path: tarpaulin-report.html
- name: Code-coverage report
uses: irongut/[email protected]
with:
filename: cobertura.xml
badge: true
fail_below_min: false
format: markdown
hide_branch_rate: false
hide_complexity: true
indicators: true
output: both
thresholds: '50 75'
- name: Add coverage PR comment
uses: marocchino/sticky-pull-request-comment@v2
if: ${{ github.event_name == 'pull_request' && github.actor != 'dependabot[bot]' }}
with:
path: code-coverage-results.md
- name: Cache SCION binaries
if: ${{ github.ref == 'refs/heads/main' && steps.scion.outputs.cache-hit != 'true' }}
uses: actions/cache/save@v4
with:
path: ${{ steps.scion.outputs.scion-bin-path }}
key: ${{ steps.scion.outputs.cache-primary-key }}
lint:
name: Lint Rust code
needs: diff
if: ${{ github.event_name == 'schedule' || needs.diff.outputs.isRust == 'true' }}
runs-on: ubuntu-ghcloud
steps:
- uses: actions/checkout@v4
- uses: "./.github/actions/setup-dependencies"
with:
save-cache: ${{ github.ref == 'refs/heads/main' && 'true' || 'false' }}
- run: cargo install [email protected]
- name: Check formatting with rustfmt
run: >
cargo fmt --all -- --check
--config group_imports=StdExternalCrate,imports_granularity=Crate,imports_layout=HorizontalVertical
- name: Check sorting of dependencies
run: cargo sort -w -c
- name: Lint using clippy (w/o tests)
run: cargo clippy --all-features --no-deps -- -D warnings
- name: Lint using clippy (w/ tests)
run: cargo clippy --all-features --tests --no-deps -- -D warnings
- name: Check documentation
run: cargo doc --no-deps --workspace
build:
name: Build Rust code
needs: diff
if: ${{ github.event_name == 'schedule' || needs.diff.outputs.isRust == 'true' }}
runs-on: ubuntu-ghcloud
steps:
- uses: actions/checkout@v4
- uses: "./.github/actions/setup-dependencies"
with:
save-cache: ${{ github.ref == 'refs/heads/main' && 'true' || 'false' }}
- name: Build Rust code
run: cargo build --verbose
check-all:
name: Check if all Rust jobs succeeded
if: always()
needs:
- diff
- dependencies
- test
- lint
- build
runs-on: ubuntu-latest
steps:
- name: Decide whether all needed jobs succeeded
uses: re-actors/alls-green@release/v1
with:
allowed-skips: ${{ toJSON(needs) }}
jobs: ${{ toJSON(needs) }}