chore: Patch release prometheus to fix security vulnerability (#2927) #9

Workflow file for this run

	name: CI
	env:
	CI: true
	permissions:
	contents: read
	on:
	pull_request:
	push:
	branches:
	- main
	paths-ignore:
	- '**.md'
	concurrency:
	group: ${{ github.workflow }}-${{ github.ref }}
	cancel-in-progress: true
	jobs:
	test:
	strategy:
	matrix:
	# test both stable and beta versions of Rust on ubuntu-latest
	os: [ubuntu-latest]
	rust: [stable, beta]
	# test only stable version of Rust on Windows and MacOS
	include:
	- rust: stable
	os: windows-latest
	- rust: stable
	os: macos-latest
	- rust: stable
	os: ubuntu-22.04-arm
	runs-on: ${{ matrix.os }}
	continue-on-error: ${{ matrix.rust == 'beta' }}
	steps:
	- name: Harden the runner (Audit all outbound calls)
	uses: step-security/harden-runner@c6295a65d1254861815972266d5933fd6e532bdf # v2.11.1
	with:
	egress-policy: audit

	- name: Free disk space
	if: ${{ matrix.os == 'ubuntu-latest'}}
	run: \|
	df -h
	sudo rm -rf /usr/local/lib/android
	sudo rm -rf /usr/share/dotnet
	df -h
	- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
	with:
	submodules: true
	- uses: dtolnay/rust-toolchain@56f84321dbccf38fb67ce29ab63e4754056677e0
	with:
	toolchain: ${{ matrix.rust }}
	components: rustfmt
	- name: "Set rustup profile"
	run: rustup set profile minimal
	- uses: arduino/setup-protoc@c65c819552d16ad3c9b72d9dfd5ba5237b9c906b # v3.0.0
	with:
	repo-token: ${{ secrets.GITHUB_TOKEN }}
	- name: Test
	run: bash ./scripts/test.sh
	lint:
	runs-on: ubuntu-latest
	steps:
	- name: Harden the runner (Audit all outbound calls)
	uses: step-security/harden-runner@c6295a65d1254861815972266d5933fd6e532bdf # v2.11.1
	with:
	egress-policy: audit

	- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
	with:
	submodules: true
	- uses: dtolnay/rust-toolchain@fcf085fcb4b4b8f63f96906cd713eb52181b5ea4
	with:
	toolchain: stable
	components: rustfmt, clippy
	- uses: taiki-e/install-action@d4635f2de61c8b8104d59cd4aede2060638378cc # v2.49.45
	with:
	tool: cargo-hack
	- uses: arduino/setup-protoc@c65c819552d16ad3c9b72d9dfd5ba5237b9c906b # v3.0.0
	with:
	repo-token: ${{ secrets.GITHUB_TOKEN }}
	- name: Format
	run: cargo fmt --all -- --check
	- name: Lint
	run: bash ./scripts/lint.sh
	external-types:
	strategy:
	matrix:
	example: [opentelemetry, opentelemetry-sdk, opentelemetry-otlp, opentelemetry-zipkin]
	runs-on: ubuntu-latest # TODO: Check if this could be covered for Windows. The step used currently fails on Windows.
	steps:
	- name: Harden the runner (Audit all outbound calls)
	uses: step-security/harden-runner@c6295a65d1254861815972266d5933fd6e532bdf # v2.11.1
	with:
	egress-policy: audit

	- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
	- uses: dtolnay/rust-toolchain@a02741459ec5e501b9843ed30b535ca0a0376ae4
	with:
	toolchain: nightly-2024-06-30
	components: rustfmt
	- name: external-type-check
	run: \|
	cargo install [email protected]
	cd ${{ matrix.example }}
	cargo check-external-types --config allowed-external-types.toml
	msrv:
	strategy:
	matrix:
	os: [windows-latest, ubuntu-latest]
	rust: [1.75.0]
	runs-on: ${{ matrix.os }}
	continue-on-error: true
	steps:
	- name: Harden the runner (Audit all outbound calls)
	uses: step-security/harden-runner@c6295a65d1254861815972266d5933fd6e532bdf # v2.11.1
	with:
	egress-policy: audit

	- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
	with:
	submodules: true
	- name: Set up Rust ${{ matrix.rust }}
	uses: dtolnay/rust-toolchain@56f84321dbccf38fb67ce29ab63e4754056677e0
	with:
	toolchain: ${{ matrix.rust }}
	- name: Patch dependencies versions
	run: bash ./scripts/patch_dependencies.sh
	- name: Check MSRV for all crates
	run: bash ./scripts/msrv.sh ${{ matrix.rust }}
	cargo-deny:
	runs-on: ubuntu-latest # This uses the step `EmbarkStudios/cargo-deny-action@v1` which is only supported on Linux
	continue-on-error: true # Prevent sudden announcement of a new advisory from failing ci
	steps:
	- name: Harden the runner (Audit all outbound calls)
	uses: step-security/harden-runner@c6295a65d1254861815972266d5933fd6e532bdf # v2.11.1
	with:
	egress-policy: audit

	- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
	- uses: EmbarkStudios/cargo-deny-action@34899fc7ba81ca6268d5947a7a16b4649013fea1 # v2.0.11
	with:
	command: check advisories
	docs:
	continue-on-error: true
	runs-on: ubuntu-latest
	steps:
	- name: Harden the runner (Audit all outbound calls)
	uses: step-security/harden-runner@c6295a65d1254861815972266d5933fd6e532bdf # v2.11.1
	with:
	egress-policy: audit

	- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
	- uses: dtolnay/rust-toolchain@fcf085fcb4b4b8f63f96906cd713eb52181b5ea4
	with:
	toolchain: stable
	components: rustfmt
	- uses: arduino/setup-protoc@c65c819552d16ad3c9b72d9dfd5ba5237b9c906b # v3.0.0
	with:
	repo-token: ${{ secrets.GITHUB_TOKEN }}
	- name: doc
	run: cargo doc --no-deps --all-features
	env:
	CARGO_INCREMENTAL: '0'
	RUSTDOCFLAGS: -Dwarnings
	coverage:
	continue-on-error: true
	runs-on: ubuntu-latest
	if: ${{ ! contains(github.event.pull_request.labels.*.name, 'dependencies') }}
	steps:
	- name: Harden the runner (Audit all outbound calls)
	uses: step-security/harden-runner@c6295a65d1254861815972266d5933fd6e532bdf # v2.11.1
	with:
	egress-policy: audit

	- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
	with:
	submodules: true
	- uses: dtolnay/rust-toolchain@fcf085fcb4b4b8f63f96906cd713eb52181b5ea4
	with:
	toolchain: stable
	components: rustfmt,llvm-tools-preview
	- uses: arduino/setup-protoc@c65c819552d16ad3c9b72d9dfd5ba5237b9c906b # v3.0.0
	with:
	repo-token: ${{ secrets.GITHUB_TOKEN }}
	- name: cargo install cargo-llvm-cov
	uses: taiki-e/install-action@5075451c95db43b063f20f0c8fef04c04d5bf0ba # cargo-llvm-cov
	- name: cargo generate-lockfile
	if: hashFiles('Cargo.lock') == ''
	run: cargo generate-lockfile
	- name: cargo llvm-cov
	run: cargo llvm-cov --locked --all-features --workspace --lcov --lib --output-path lcov.info
	- name: Upload to codecov.io
	uses: codecov/codecov-action@b9fd7d16f6d7d1b5d2bec1a2887e65ceed900238 # v4.6.0
	env:
	CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
	with:
	fail_ci_if_error: true
	cargo-machete:
	continue-on-error: true
	runs-on: ubuntu-latest
	steps:
	- name: Harden the runner (Audit all outbound calls)
	uses: step-security/harden-runner@c6295a65d1254861815972266d5933fd6e532bdf # v2.11.1
	with:
	egress-policy: audit

	- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
	with:
	submodules: true
	- uses: dtolnay/rust-toolchain@56f84321dbccf38fb67ce29ab63e4754056677e0
	with:
	toolchain: stable
	- uses: taiki-e/install-action@d4635f2de61c8b8104d59cd4aede2060638378cc # v2.49.45
	with:
	tool: cargo-machete
	- name: cargo machete
	run: cargo machete

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

chore: Patch release prometheus to fix security vulnerability (#2927) #9

Workflow file

chore: Patch release prometheus to fix security vulnerability (#2927) #9

Uh oh!

Jobs

Run details

Workflow file for this run