Bump aws-lc-rs from 1.11.1 to 1.12.0 (#3575) #8969
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: ci-build | |
on: | |
push: | |
branches: [ main, release/** ] | |
pull_request: | |
workflow_dispatch: | |
inputs: | |
divviup_ts_interop_container: | |
description: divviup-ts container image tag for use in integration tests | |
required: false | |
type: string | |
jobs: | |
janus_build: | |
strategy: | |
matrix: | |
rust-toolchain: [ | |
# MSRV policy | |
"stable minus 2 releases", | |
"stable", | |
] | |
runs-on: ubuntu-latest | |
permissions: | |
id-token: "write" | |
contents: "read" | |
needs: janus_interop_docker # We rely on this populating our Docker cache backend | |
env: | |
CARGO_INCREMENTAL: 0 | |
CARGO_TERM_COLOR: always | |
RUSTFLAGS: "-D warnings" | |
steps: | |
- name: 'Workaround for issue #3178' | |
run: sudo sysctl -w kernel.apparmor_restrict_unprivileged_userns=0 | |
- name: Set default input values | |
id: default-input-values | |
run: | | |
DIVVIUP_TS_INTEROP_CONTAINER= ${{ inputs.divviup_ts_interop_container }} | |
echo "divviup_ts_interop_container=${DIVVIUP_TS_INTEROP_CONTAINER:-us-west2-docker.pkg.dev/divviup-artifacts-public/divviup-ts/divviup_ts_interop_client:e2bd57d@sha256:ea32ec6d1e6522d4282b644e9885aeb30a0a92877f73e27424e9e00844b9a80c}" >> $GITHUB_OUTPUT | |
- name: Get OS version | |
id: os-version | |
run: echo "release=$(lsb_release --release --short)" >> $GITHUB_OUTPUT | |
- uses: actions/checkout@v4 | |
- name: Setup Go toolchain | |
uses: actions/setup-go@v5 | |
- name: Install Kind | |
# We should always make sure that the `kind` CLI we install is from the | |
# same release as the node image version used by | |
# `janus_core::test_util::kubernetes::EphemeralCluster` | |
run: go install sigs.k8s.io/[email protected] | |
- name: Install Rust toolchain | |
uses: dtolnay/rust-toolchain@master | |
with: | |
toolchain: ${{ matrix.rust-toolchain }} | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
with: | |
driver: docker-container | |
use: true | |
- name: Cache dependencies | |
uses: Swatinem/rust-cache@v2 | |
with: | |
key: ${{ steps.os-version.outputs.release }} | |
- name: Expose GitHub Runtime | |
uses: crazy-max/ghaction-github-runtime@v3 | |
- name: Build minimal janus_messages | |
run: cargo build --profile ci --package janus_messages --no-default-features | |
- name: Build janus_core | |
run: cargo build --profile ci --package janus_core | |
- name: Test janus_client OHTTP | |
run: cargo test --package janus_client --features ohttp | |
# Note: keep Build & Test steps consecutive, and match flags other than `--no-run`. | |
- name: Build | |
run: cargo test --profile ci --locked --all-targets --features=prometheus --no-run | |
- name: Test | |
id: test | |
env: | |
RUST_LOG: info | |
JANUS_E2E_LOGS_PATH: ${{ github.workspace }}/test-logs | |
DIVVIUP_TS_INTEROP_CONTAINER: ${{ steps.default-input-values.outputs.divviup_ts_interop_container }} | |
run: cargo test --profile ci --locked --all-targets --features=prometheus | |
# Continue on error so we can upload logs | |
continue-on-error: true | |
- name: Build (Docker-specific tests) | |
# This matches the `cargo test` command invoked by `cargo xtask test-docker`, except for `--no-run`. | |
run: cargo test --profile ci --locked --package=janus_interop_binaries --package=janus_integration_tests --features=testcontainer --no-run | |
- name: Test (Docker) | |
id: test-docker | |
env: | |
RUST_LOG: info | |
JANUS_E2E_LOGS_PATH: ${{ github.workspace }}/test-logs | |
DIVVIUP_TS_INTEROP_CONTAINER: ${{ steps.default-input-values.outputs.divviup_ts_interop_container }} | |
run: cargo run --package xtask --profile=ci -- test-docker --profile=ci --locked | |
# Continue on error so we can upload logs | |
continue-on-error: true | |
- name: Upload container logs | |
# Only get logs on test failure | |
if: steps.test.outcome == 'failure' || steps.test-docker.outcome == 'failure' | |
uses: actions/upload-artifact@v4 | |
with: | |
name: container-logs | |
path: ${{ github.workspace }}/test-logs/ | |
# Not all test failures yield log files | |
if-no-files-found: ignore | |
# Force overall job to fail if tests fail | |
- name: test status | |
if: steps.test.outcome == 'failure' || steps.test-docker.outcome == 'failure' | |
run: exit 1 | |
janus_lints: | |
strategy: | |
matrix: | |
rust-toolchain: [ | |
# MSRV policy | |
"stable minus 2 releases", | |
"stable", | |
] | |
runs-on: ubuntu-latest | |
env: | |
CARGO_INCREMENTAL: 0 | |
CARGO_TERM_COLOR: always | |
JANUS_INTEROP_CONTAINER: skip | |
RUSTDOCFLAGS: "-D warnings" | |
RUSTFLAGS: "-D warnings" | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Install Rust toolchain | |
uses: dtolnay/rust-toolchain@master | |
with: | |
toolchain: ${{ matrix.rust-toolchain }} | |
components: clippy, rustfmt | |
- name: Format | |
run: cargo fmt --message-format human -- --check | |
- name: Clippy | |
run: cargo clippy --profile ci --workspace --all-targets | |
- name: Clippy (all features) | |
run: cargo clippy --profile ci --workspace --all-targets --all-features | |
- name: Document | |
run: cargo doc --profile ci --workspace --all-features | |
- name: cargo-deny | |
uses: EmbarkStudios/[email protected] | |
with: | |
command: check bans licenses sources -A unmatched-organization | |
janus_docker: | |
runs-on: ubuntu-latest | |
env: | |
DOCKER_BUILDKIT: 1 | |
steps: | |
- uses: actions/checkout@v4 | |
- run: echo "GIT_REVISION=$(git describe --always --dirty=-modified)" >> $GITHUB_ENV | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
with: | |
driver: docker-container | |
use: true | |
- name: Build | |
uses: docker/[email protected] | |
with: | |
files: docker-bake.hcl | |
workdir: . | |
targets: janus | |
load: true | |
- run: docker run --rm janus_aggregator --help | |
- run: docker run --rm janus_garbage_collector --help | |
- run: docker run --rm janus_aggregation_job_creator --help | |
- run: docker run --rm janus_aggregation_job_driver --help | |
- run: docker run --rm janus_collection_job_driver --help | |
- run: docker run --rm janus_cli --help | |
- run: docker run --rm janus_db_migrator --help | |
janus_interop_docker: | |
runs-on: ubuntu-latest | |
env: | |
DOCKER_BUILDKIT: 1 | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
with: | |
driver: docker-container | |
use: true | |
- name: Build | |
uses: docker/[email protected] | |
with: | |
files: docker-bake.hcl | |
workdir: . | |
targets: interop_binaries_ci | |
rustsec_advisories: | |
runs-on: ubuntu-latest | |
continue-on-error: true | |
steps: | |
- uses: actions/checkout@v4 | |
- name: cargo-deny | |
uses: EmbarkStudios/[email protected] | |
with: | |
command: check advisories |