Skip to content
CI

chore(ci): merge in codeql.yml and mark as requirement for ci-success #269

Sign in to view logs

chore(ci): merge in codeql.yml and mark as requirement for ci-success

chore(ci): merge in codeql.yml and mark as requirement for ci-success #269

Workflow file for this run

.github/workflows/ci.yml at 381f517
name: CI
permissions: {}
on:
push:
branches: [main]
pull_request:
env:
CARGO_TERM_COLOR: always
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
jobs:
test:
name: test ${{ matrix.rust }} ${{ matrix.flags }}
runs-on: ubuntu-latest
timeout-minutes: 30
permissions:
contents: read
strategy:
fail-fast: false
matrix:
rust: ["stable", "nightly", "1.88"] # MSRV
flags: ["--no-default-features", "", "--all-features"]
exclude:
# Some features have higher MSRV.
- rust: "1.88" # MSRV
flags: "--all-features"
steps:
- uses: actions/checkout@v5
with:
persist-credentials: false
- uses: dtolnay/rust-toolchain@e97e2d8cc328f1b50210efc529dca0028893a2d9 # master
with:
toolchain: ${{ matrix.rust }}
# Only run tests on latest stable and above
- name: Install cargo-nextest
if: ${{ matrix.rust != '1.88' }} # MSRV
uses: taiki-e/install-action@522492a8c115f1b6d4d318581f09638e9442547b # master
with:
tool: nextest
- name: build
if: ${{ matrix.rust == '1.88' }} # MSRV
run: cargo build --workspace ${{ matrix.flags }}
- name: test
if: ${{ matrix.rust != '1.88' }} # MSRV
run: cargo nextest run --workspace ${{ matrix.flags }}
doctest:
runs-on: ubuntu-latest
timeout-minutes: 30
permissions:
contents: read
steps:
- uses: actions/checkout@v5
with:
persist-credentials: false
- uses: dtolnay/rust-toolchain@e97e2d8cc328f1b50210efc529dca0028893a2d9 # master
with:
toolchain: stable
- uses: Swatinem/rust-cache@f13886b937689c021905a6b90929199931d60db1 # v2
with:
cache-on-failure: true
- run: cargo test --workspace --doc
- run: cargo test --all-features --workspace --doc
feature-checks:
runs-on: ubuntu-latest
timeout-minutes: 30
permissions:
contents: read
steps:
- uses: actions/checkout@v5
with:
persist-credentials: false
- uses: dtolnay/rust-toolchain@e97e2d8cc328f1b50210efc529dca0028893a2d9 # master
with:
toolchain: stable
- uses: taiki-e/install-action@522492a8c115f1b6d4d318581f09638e9442547b # master
with:
tool: cargo-hack
- uses: Swatinem/rust-cache@f13886b937689c021905a6b90929199931d60db1 # v2
with:
cache-on-failure: true
- name: cargo hack
run: cargo hack check --feature-powerset --depth 1
clippy:
runs-on: ubuntu-latest
timeout-minutes: 30
permissions:
contents: read
steps:
- uses: actions/checkout@v5
with:
persist-credentials: false
- uses: dtolnay/rust-toolchain@e97e2d8cc328f1b50210efc529dca0028893a2d9 # master
with:
toolchain: nightly
components: clippy
- uses: Swatinem/rust-cache@f13886b937689c021905a6b90929199931d60db1 # v2
with:
cache-on-failure: true
- run: cargo clippy --workspace --all-targets --all-features
env:
RUSTFLAGS: -Dwarnings
docs:
runs-on: ubuntu-latest
timeout-minutes: 30
permissions:
contents: read
steps:
- uses: actions/checkout@v5
with:
persist-credentials: false
- uses: dtolnay/rust-toolchain@e97e2d8cc328f1b50210efc529dca0028893a2d9 # master
with:
toolchain: nightly
- uses: Swatinem/rust-cache@f13886b937689c021905a6b90929199931d60db1 # v2
with:
cache-on-failure: true
- run: cargo doc --workspace --all-features --no-deps --document-private-items
env:
RUSTDOCFLAGS: --cfg docsrs -D warnings --show-type-layout --generate-link-to-definition --enable-index-page -Zunstable-options
fmt:
runs-on: ubuntu-latest
timeout-minutes: 30
permissions:
contents: read
steps:
- uses: actions/checkout@v5
with:
persist-credentials: false
- uses: dtolnay/rust-toolchain@e97e2d8cc328f1b50210efc529dca0028893a2d9 # master
with:
toolchain: nightly
components: rustfmt
- run: cargo fmt --all --check
deny:
uses: ithacaxyz/ci/.github/workflows/deny.yml@9c8d0dc20e7ad02455d3fdab2378a05f29907630 # main
permissions:
contents: read
codeql:
name: Analyze (${{ matrix.language }})
runs-on: ubuntu-latest
permissions:
security-events: write
actions: read
contents: read
strategy:
fail-fast: false
matrix:
include:
- language: actions
build-mode: none
steps:
- name: Checkout repository
uses: actions/checkout@v5
with:
persist-credentials: false
- name: Initialize CodeQL
uses: github/codeql-action/init@v3
with:
languages: ${{ matrix.language }}
build-mode: ${{ matrix.build-mode }}
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3
with:
category: "/language:${{matrix.language}}"
ci-success:
runs-on: ubuntu-latest
if: always()
needs:
- test
- doctest
- feature-checks
- clippy
- docs
- fmt
- deny
- codeql
timeout-minutes: 30
steps:
- name: Decide whether the needed jobs succeeded or failed
uses: re-actors/alls-green@05ac9388f0aebcb5727afa17fcccfecd6f8ec5fe # release/v1
with:
jobs: ${{ toJSON(needs) }}