tests: generate negative PEM fixtures via Factory (replace hardcoded blobs) #1054
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| push: | |
| branches: | |
| - main | |
| pull_request: | |
| workflow_dispatch: | |
| # Cancel redundant runs: on PRs cancel previous runs for the same PR; | |
| # on main each push gets its own run. | |
| concurrency: | |
| group: ci-${{ github.event_name == 'pull_request' && github.head_ref || github.sha }} | |
| cancel-in-progress: true | |
| env: | |
| CARGO_TERM_COLOR: always | |
| CARGO_INCREMENTAL: 0 | |
| jobs: | |
| pr: | |
| if: github.event_name == 'pull_request' | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 75 | |
| steps: | |
| - uses: actions/checkout@v6 | |
| with: | |
| fetch-depth: 0 | |
| - uses: dtolnay/rust-toolchain@stable | |
| with: | |
| components: rustfmt, clippy | |
| - uses: dtolnay/rust-toolchain@nightly | |
| - name: Install NASM (for aws-lc-rs) | |
| run: sudo apt-get update && sudo apt-get install -y nasm | |
| - name: Cache cargo | |
| uses: Swatinem/rust-cache@v2 | |
| with: | |
| cache-on-failure: true | |
| - name: Install tools | |
| uses: taiki-e/install-action@v2 | |
| with: | |
| tool: cargo-fuzz,cargo-mutants,typos-cli,cargo-deny | |
| - name: Toolchain diagnostics | |
| run: | | |
| rustc -vV | |
| cargo +nightly -vV | |
| cargo fuzz --version || true | |
| - name: Fetch base branch | |
| if: github.base_ref != '' | |
| run: git fetch origin ${{ github.base_ref }} | |
| - name: cargo deny advisories | |
| run: cargo deny check advisories | |
| - name: xtask pr | |
| run: cargo xtask pr | |
| - name: docs-sync check | |
| run: cargo xtask docs-sync --check | |
| - name: examples smoke check | |
| run: cargo xtask examples-smoke | |
| - name: Upload receipt | |
| uses: actions/upload-artifact@v7 | |
| with: | |
| name: receipt-pr | |
| path: target/xtask/receipt.json | |
| if: always() | |
| main: | |
| if: (github.event_name == 'push' && github.ref == 'refs/heads/main') || github.event_name == 'workflow_dispatch' | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 75 | |
| steps: | |
| - uses: actions/checkout@v6 | |
| with: | |
| fetch-depth: 0 | |
| - uses: dtolnay/rust-toolchain@stable | |
| with: | |
| components: rustfmt, clippy | |
| - uses: dtolnay/rust-toolchain@nightly | |
| - name: Install NASM (for aws-lc-rs) | |
| run: sudo apt-get update && sudo apt-get install -y nasm | |
| - name: Cache cargo | |
| uses: Swatinem/rust-cache@v2 | |
| with: | |
| cache-on-failure: true | |
| - name: Install tools | |
| uses: taiki-e/install-action@v2 | |
| with: | |
| tool: cargo-fuzz,cargo-mutants,typos-cli,cargo-deny | |
| - name: Toolchain diagnostics | |
| run: | | |
| rustc -vV | |
| cargo +nightly -vV | |
| cargo fuzz --version || true | |
| - name: xtask ci | |
| run: cargo xtask ci | |
| - name: Clean target test scratch dirs | |
| if: always() | |
| run: rm -rf target/tests | |
| - name: Upload receipt | |
| uses: actions/upload-artifact@v7 | |
| with: | |
| name: receipt-main | |
| path: target/xtask/receipt.json | |
| if: always() |