ci(action/config): Update GitHub workflows

- Configure Dependabot for GitHub Actions and Cargo dependencies.
- Add a scheduled audit job to run daily using rustsec/audit-check.

.github/workflows/audit.yml

@@ -11,6 +11,6 @@ jobs:
       - name: Checkout code
         uses: actions/checkout@v4
       - name: Run audit check
-        uses: actions-rs/audit-check@v1
+        uses: rustsec/audit-check@v2
         with:
           token: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/check.yml

@@ -10,49 +10,61 @@ on:
     branches: [ "main" ]
 
 jobs:
+  check:
+    name: Check
+    runs-on: ubuntu-latest
+    timeout-minutes: 5
+    strategy:
+      fail-fast: true
+      matrix:
+        rustc: [ nightly, stable ] # MSVR and current stable rustc
+    steps:
+      - uses: actions/checkout@v4
+      - uses: dtolnay/rust-toolchain@master
+        with:
+          toolchain: ${{ matrix.rustc }}
+      - uses: actions-rs/cargo@v1
+        with:
+          command: check
   rust_fmt_check:
     name: RustFmt check
     runs-on: ubuntu-latest
     steps:
       - name: Checkout code
         uses: actions/checkout@v4
-      - uses: actions/cache@v3
+      - uses: actions/cache@v4
         with:
           path: |
             ~/.cargo/registry
             ~/.cargo/git
             target
           key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
       - name: Install rust
-        uses: actions-rs/toolchain@v1
+        uses: dtolnay/rust-toolchain@master
         with:
           toolchain: stable
           components: rustfmt
       - name: Run cargo fmt
-        uses: actions-rs/cargo@v1
-        with:
-          command: fmt
-          args: -- --check
+        run: cargo fmt --all -- --check
   clippy_check:
     name: Clippy check
     runs-on: ubuntu-latest
     steps:
       - name: Checkout code
         uses: actions/checkout@v4
-      - uses: actions/cache@v3
+      - uses: actions/cache@v4
         with:
           path: |
             ~/.cargo/registry
             ~/.cargo/git
             target
           key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
-      - name: Install clippy
-        run: rustup component add clippy
-      - name: Run clippy check
-        uses: actions-rs/clippy-check@v1
+      - uses: dtolnay/rust-toolchain@master
         with:
-          token: ${{ secrets.GITHUB_TOKEN }}
-          args: --all-features
+          toolchain: stable
+          components: clippy
+      - name: Run clippy check
+        run: cargo clippy --all-features
   test:
     name: Run tests
     runs-on: ubuntu-latest
@@ -67,8 +79,27 @@ jobs:
             target
           key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
       - name: Install rust
-        uses: actions-rs/toolchain@v1
-      - name: Run cargo test
-        uses: actions-rs/cargo@v1
+        uses: dtolnay/rust-toolchain@master
         with:
-          command: test
+          toolchain: stable
+      - name: Run cargo test
+        run: cargo test --all-features
+  publish_on_crates_io:
+    name: Publish on crates.io
+    runs-on: ubuntu-latest
+    if: startsWith(github.ref, 'refs/tags') # Only on tags
+    needs:
+      - check
+      - rust_fmt_check
+      - clippy_check
+      - test
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+      - name: Install rust
+        uses: dtolnay/rust-toolchain@stable
+      - name: Run cargo publish
+        run: cargo publish --registry crates-io --package polaris-rust --allow-dirty
+        env:
+          CARGO_REGISTRY_TOKEN: ${{ secrets.CRATES_IO_TOKEN }}
+

.github/workflows/docs.yml

@@ -0,0 +1,26 @@
+on:
+  push:
+    branches:
+      - main
+
+name: Docs
+
+jobs:
+  docs:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout sources
+        uses: actions/checkout@v4
+        with:
+          submodules: 'recursive'
+
+      - name: Install build dependencies
+        run: |
+          sudo apt update
+          sudo apt install -y cmake libclang-dev
+
+      - name: Install stable toolchain
+        uses: dtolnay/rust-toolchain@stable
+
+      - name: Run cargo doc
+        run: cargo doc --no-deps --all-features

.github/workflows/rust-clippy.yml

@@ -0,0 +1,52 @@
+# This workflow uses actions that are not certified by GitHub.
+# They are provided by a third-party and are governed by
+# separate terms of service, privacy policy, and support
+# documentation.
+# rust-clippy is a tool that runs a bunch of lints to catch common
+# mistakes in your Rust code and help improve your Rust code.
+# More details at https://github.com/rust-lang/rust-clippy
+# and https://rust-lang.github.io/rust-clippy/
+
+name: rust-clippy analyze
+
+on:
+  push:
+    branches: [ "main" ]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [ "main" ]
+  schedule:
+    - cron: '25 15 * * 1'
+
+jobs:
+  rust-clippy-analyze:
+    name: Run rust-clippy analyzing
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      security-events: write
+      actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Install Rust toolchain
+        uses: dtolnay/rust-toolchain@stable
+        with:
+          components: clippy
+
+      - name: Install required cargo
+        run: cargo install clippy-sarif sarif-fmt
+
+      - name: Run rust-clippy
+        run:
+          cargo clippy
+          --all-features
+          --message-format=json | clippy-sarif | tee rust-clippy-results.sarif | sarif-fmt
+        continue-on-error: true
+
+      - name: Upload analysis results to GitHub
+        uses: github/codeql-action/upload-sarif@v3
+        with:
+          sarif_file: rust-clippy-results.sarif
+          wait-for-processing: true

Cargo.toml

@@ -1,58 +1,67 @@
 [package]
-edition = "2021"
 name = "polaris-rust"
-version = "0.0.1"
+edition = "2021"
+version = "0.2.0"
+license = "BSD 3-Clause"
+authors = ["houseme <[email protected]>", "liaochuntao <[email protected]>"]
+repository = "https://github.com/polaris-contrib/polaris-rust"
+description = "Lightweight Rust SDK used as Proxyless Service Governance Solution."
+homepage = "https://polarismesh.cn"
+documentation = "https://docs.rs/polaris-rust"
+keywords = ["polaris", "solution", "governance", "server", "proxyless"]
+categories = ["config", "asynchronous", "development-tools"]
+readme = "README.md"
 
 # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
 [dependencies]
-bytes = {version = "1.4.0"}
-schemars = {version = "0.8.16"}
-serde = {version = "1.0.198", features = ["derive"]}
-serde-duration-ext = {version = "0.1.0"}
-serde_json = {version = "1.0.116"}
-serde_yaml = {version = "0.9.34"}
-
-uuid = {version = "1.8.0", features = [
-  "v4", # Lets you generate random UUIDs
-  "fast-rng", # Use a faster (but still sufficiently random) RNG
-  "macro-diagnostics", # Enable better diagnostics for compile-time UUIDs
-]}
+bytes = { version = "1.4.0" }
+schemars = { version = "0.8.16" }
+serde = { version = "1.0.198", features = ["derive"] }
+serde-duration-ext = { version = "0.1.0" }
+serde_json = { version = "1.0.116" }
+serde_yaml = { version = "0.9.34" }
+
+uuid = { version = "1.8.0", features = [
+    "v4", # Lets you generate random UUIDs
+    "fast-rng", # Use a faster (but still sufficiently random) RNG
+    "macro-diagnostics", # Enable better diagnostics for compile-time UUIDs
+] }
 
 # cache
-dashmap = {version = "5.4.0"}
+dashmap = { version = "5.4.0" }
 
 # http
-reqwest = {version = "0.12.8", features = ["blocking"]}
+reqwest = { version = "0.12.8", features = ["blocking"] }
 
 # async
-async-trait = {version = "0.1"}
-http = {version = "0.2.12"}
-hyper = {version = "0.14.28", features = ["full"]}
-tokio = {version = "1.37.0", features = ["full"]}
-tokio-stream = {version = "0.1.16"}
-tower = {version = "0.4.13"}
+async-trait = { version = "0.1" }
+http = { version = "0.2.12" }
+hyper = { version = "0.14.28", features = ["full"] }
+tokio = { version = "1.37.0", features = ["full"] }
+tokio-stream = { version = "0.1.16" }
+tower = { version = "0.4.13" }
 
 # gRPC dep
-futures = {version = "0.3.30"}
-once_cell = {version = "1.19.0"}
-prost = {version = "0.12.4"}
-prost-build = {version = "0.12.4"}
-prost-types = {version = "0.12.4"}
-tonic = {version = "0.11.0"}
+futures = { version = "0.3.30" }
+once_cell = { version = "1.19.0" }
+prost = { version = "0.12.4" }
+prost-build = { version = "0.12.4" }
+prost-types = { version = "0.12.4" }
+tonic = { version = "0.11.0" }
 
 # logging
-tracing = {version = "0.1.36"}
+tracing = { version = "0.1.36" }
 
 # crypto
-aes = {version = "0.7.4"}
-base64 = {version = "0.22.1"}
-block-modes = {version = "0.8.1"}
-hex = {version = "0.4.3"}
-rand = {version = "0.8.4"}
-rsa = {version = "0.9.6"}
+aes = { version = "0.7.4" }
+base64 = { version = "0.22.1" }
+block-modes = { version = "0.8.1" }
+hex = { version = "0.4.3" }
+rand = { version = "0.8.4" }
+rsa = { version = "0.9.6" }
 
 [dev-dependencies]
-tracing-subscriber = {version = "0.3", features = ["default"]}
+tracing-subscriber = { version = "0.3", features = ["default"] }
 
 [[example]]
 name = "discover"

README.md

@@ -1,22 +1,26 @@
 # Polaris rust sdk
 
-[![Build](https://github.com/polarismesh/polaris-rust/workflows/Build/badge.svg)](https://github.com/polarismesh/polaris-rust/actions?query=workflow%3ABuild)
+[![Build](https://github.com/polaris-contrib/polaris-rust/workflows/Build/badge.svg)](https://github.com/polarismesh/polaris-rust/actions?query=workflow%3ABuild)
 [![docs.rs](https://docs.rs/polaris-rust/badge.svg)](https://docs.rs/polaris-rust/)
-[![License](https://img.shields.io/crates/l/polaris-rust)](LICENSE-APACHE)
+[![License](https://img.shields.io/crates/l/polaris-rust)](LICENSE)
 [![Crates.io](https://img.shields.io/crates/v/polaris-rust)](https://crates.io/crates/polaris-rust)
 [![Crates.io](https://img.shields.io/crates/d/polaris-rust)](https://crates.io/crates/polaris-rust)
 
 ## Introduction
+
 Lightweight Rust SDK used as Proxyless Service Governance
 
 ## Install
-Add the following to your `Cargo.toml`: 
+
+Add the following to your `Cargo.toml`:
+
 ```toml 
 [dependencies]
-polaris-rust = "0.0.1"
+polaris-rust = "0.2.0"
 ```
 
 ## Quickstart
+
 rust version >= 1.63.0
 
 ```rust
@@ -28,6 +32,7 @@ rust version >= 1.63.0
 Run them yourself with `cargo bench`.
 
 ## License
+
 Licensed under either of
 
 * Apache License, Version 2.0, ([LICENSE-APACHE](LICENSE-APACHE) or http://www.apache.org/licenses/LICENSE-2.0)