Rust #464
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Rust | |
on: | |
pull_request: | |
# Run CI on the main branch after every merge. | |
# This is important to fill the GitHub Actions cache in a way that PRs can see it. | |
push: | |
branches: | |
- main | |
# Run CI on the main branch every Sunday. | |
schedule: | |
- cron: '14 3 * * 0' | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} | |
cancel-in-progress: true | |
env: | |
CARGO_TERM_COLOR: always | |
CLICOLOR_FORCE: 1 | |
# Disable incremental compilation. | |
# | |
# Incremental compilation is useful as part of an edit-build-test-edit cycle, | |
# as it lets the compiler avoid recompiling code that hasn't changed. However, | |
# on CI, we're not making small edits; we're almost always building the entire | |
# project from scratch. Thus, incremental compilation on CI actually | |
# introduces *additional* overhead to support making future builds | |
# faster...but no future builds will ever occur in any given CI environment. | |
# | |
# See https://matklad.github.io/2021/09/04/fast-rust-builds.html#ci-workflow | |
# for details. | |
CARGO_INCREMENTAL: 0 | |
# Allow more retries for network requests in cargo (downloading crates) and | |
# rustup (installing toolchains). This should help to reduce flaky CI failures | |
# from transient network timeouts or other issues. | |
CARGO_NET_RETRY: 10 | |
RUSTUP_MAX_RETRIES: 10 | |
# Don't emit giant backtraces in the CI logs. | |
RUST_BACKTRACE: short | |
RUSTDOCFLAGS: -D warnings | |
jobs: | |
diff: | |
runs-on: [ubuntu-ghcloud] | |
permissions: | |
contents: read | |
pull-requests: read | |
outputs: | |
isRust: ${{ steps.diff.outputs.isRust }} | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Detect Changes | |
uses: dorny/[email protected] | |
id: diff | |
with: | |
filters: | | |
isRust: | |
- 'crates/**' | |
- 'Cargo.toml' | |
- 'Cargo.lock' | |
- 'rust-toolchain.toml' | |
- '.github/workflows/rust.yml' | |
dependencies: | |
name: Check dependencies | |
needs: diff | |
if: ${{ needs.diff.outputs.isRust == 'true' }} | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: EmbarkStudios/cargo-deny-action@v2 | |
with: | |
# do not check advisories to prevent sudden failure due to new announcement | |
command: check bans licenses sources | |
dependencies-schedule: | |
name: Check dependencies (including vulnerabilities) | |
needs: diff | |
if: ${{ github.event_name == 'schedule' }} | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: EmbarkStudios/cargo-deny-action@v2 | |
test: | |
name: Test Rust code and report coverage | |
needs: diff | |
if: ${{ github.event_name == 'schedule' || needs.diff.outputs.isRust == 'true' }} | |
runs-on: ubuntu-ghcloud | |
permissions: | |
contents: read | |
pull-requests: write | |
env: | |
RUSTC_BOOTSTRAP: 1 | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: "./.github/actions/setup-dependencies" | |
with: | |
save-cache: ${{ github.ref == 'refs/heads/main' && 'true' || 'false' }} | |
- run: cargo install [email protected] | |
- name: Install SCION and run local topology | |
uses: "./.github/actions/setup-scion" | |
with: | |
scion-ref: v0.11.0 | |
id: scion | |
- name: Run tests (including integration tests) and record coverage | |
run: > | |
SCION_DAEMON_ADDRESS=${{ steps.scion.outputs.daemon-address-as111 }} | |
cargo tarpaulin --workspace --skip-clean | |
--lib --bins --examples --tests --doc | |
--out html --out xml | |
--exclude-files "crates/scion-grpc/*" | |
--exclude-files "crates/**/tests/*" | |
--exclude-files "crates/**/benches/*" | |
-- --include-ignored | |
- name: Upload coverage report | |
uses: actions/upload-artifact@v4 | |
with: | |
name: Coverage report | |
path: tarpaulin-report.html | |
- name: Code-coverage report | |
uses: irongut/[email protected] | |
with: | |
filename: cobertura.xml | |
badge: true | |
fail_below_min: false | |
format: markdown | |
hide_branch_rate: false | |
hide_complexity: true | |
indicators: true | |
output: both | |
thresholds: '50 75' | |
- name: Add coverage PR comment | |
uses: marocchino/sticky-pull-request-comment@v2 | |
if: ${{ github.event_name == 'pull_request' && github.actor != 'dependabot[bot]' }} | |
with: | |
path: code-coverage-results.md | |
- name: Cache SCION binaries | |
if: ${{ github.ref == 'refs/heads/main' && steps.scion.outputs.cache-hit != 'true' }} | |
uses: actions/cache/save@v4 | |
with: | |
path: ${{ steps.scion.outputs.scion-bin-path }} | |
key: ${{ steps.scion.outputs.cache-primary-key }} | |
lint: | |
name: Lint Rust code | |
needs: diff | |
if: ${{ github.event_name == 'schedule' || needs.diff.outputs.isRust == 'true' }} | |
runs-on: ubuntu-ghcloud | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: "./.github/actions/setup-dependencies" | |
with: | |
save-cache: ${{ github.ref == 'refs/heads/main' && 'true' || 'false' }} | |
- run: cargo install [email protected] | |
- name: Check formatting with rustfmt | |
run: > | |
cargo fmt --all -- --check | |
--config group_imports=StdExternalCrate,imports_granularity=Crate,imports_layout=HorizontalVertical | |
- name: Check sorting of dependencies | |
run: cargo sort -w -c | |
- name: Lint using clippy (w/o tests) | |
run: cargo clippy --all-features --no-deps -- -D warnings | |
- name: Lint using clippy (w/ tests) | |
run: cargo clippy --all-features --tests --no-deps -- -D warnings | |
- name: Check documentation | |
run: cargo doc --no-deps --workspace | |
build: | |
name: Build Rust code | |
needs: diff | |
if: ${{ github.event_name == 'schedule' || needs.diff.outputs.isRust == 'true' }} | |
runs-on: ubuntu-ghcloud | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: "./.github/actions/setup-dependencies" | |
with: | |
save-cache: ${{ github.ref == 'refs/heads/main' && 'true' || 'false' }} | |
- name: Build Rust code | |
run: cargo build --verbose | |
check-all: | |
name: Check if all Rust jobs succeeded | |
if: always() | |
needs: | |
- diff | |
- dependencies | |
- test | |
- lint | |
- build | |
runs-on: ubuntu-latest | |
steps: | |
- name: Decide whether all needed jobs succeeded | |
uses: re-actors/alls-green@release/v1 | |
with: | |
allowed-skips: ${{ toJSON(needs) }} | |
jobs: ${{ toJSON(needs) }} |