feat: add secret lifetime field #3226
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
name: Stackable Build Pipeline | |
on: | |
push: | |
branches: | |
- main | |
- staging | |
- trying | |
- "renovate/**" | |
tags: | |
- "*" | |
pull_request: | |
merge_group: | |
env: | |
CARGO_TERM_COLOR: always | |
CARGO_INCREMENTAL: '0' | |
CARGO_PROFILE_DEV_DEBUG: '0' | |
RUST_TOOLCHAIN_VERSION: "1.81.0" | |
RUSTFLAGS: "-D warnings" | |
RUSTDOCFLAGS: "-D warnings" | |
RUST_LOG: "info" | |
jobs: | |
# Identify unused dependencies | |
run_udeps: | |
name: Run Cargo Udeps | |
runs-on: ubuntu-latest | |
env: | |
RUSTC_BOOTSTRAP: 1 | |
steps: | |
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 | |
- uses: dtolnay/rust-toolchain@master | |
with: | |
toolchain: ${{ env.RUST_TOOLCHAIN_VERSION }} | |
- uses: Swatinem/rust-cache@82a92a6e8fbeee089604da2575dc567ae9ddeaab # v2.7.5 | |
with: | |
key: udeps | |
- run: cargo install --locked [email protected] | |
- run: cargo udeps --all-targets --all-features | |
run_cargodeny: | |
name: Run Cargo Deny | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
checks: | |
- advisories | |
- bans licenses sources | |
# Prevent sudden announcement of a new advisory from failing ci: | |
continue-on-error: ${{ matrix.checks == 'advisories' }} | |
steps: | |
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 | |
- uses: EmbarkStudios/cargo-deny-action@3f4a782664881cf5725d0ffd23969fcce89fd868 # v1.6.3 | |
with: | |
command: check ${{ matrix.checks }} | |
run_rustfmt: | |
name: Run Rustfmt | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 | |
- uses: dtolnay/rust-toolchain@master | |
with: | |
toolchain: ${{ env.RUST_TOOLCHAIN_VERSION }} | |
components: rustfmt | |
- uses: Swatinem/rust-cache@82a92a6e8fbeee089604da2575dc567ae9ddeaab # v2.7.5 | |
with: | |
key: fmt | |
- run: cargo fmt --all -- --check | |
run_clippy: | |
name: Run Clippy | |
runs-on: ubuntu-latest | |
steps: | |
- name: Install host dependencies | |
run: | | |
sudo apt-get update | |
sudo apt-get install protobuf-compiler krb5-user libkrb5-dev libclang-dev liblzma-dev libssl-dev pkg-config | |
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 | |
with: | |
submodules: recursive | |
- uses: dtolnay/rust-toolchain@master | |
with: | |
toolchain: ${{ env.RUST_TOOLCHAIN_VERSION }} | |
components: clippy | |
- uses: Swatinem/rust-cache@82a92a6e8fbeee089604da2575dc567ae9ddeaab # v2.7.5 | |
with: | |
key: clippy | |
- name: Run clippy action to produce annotations | |
# NOTE (@Techassi): This action might get a new release sonn, because it | |
# currently uses Node 16, which is deprecated in the next few months by | |
# GitHub. See https://github.com/giraffate/clippy-action/pull/87 | |
uses: giraffate/clippy-action@13b9d32482f25d29ead141b79e7e04e7900281e0 # v1.0.1 | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
if: env.GITHUB_TOKEN != null && github.event.pull_request.draft == false | |
with: | |
clippy_flags: --all-targets -- -D warnings | |
reporter: 'github-pr-review' | |
github_token: ${{ secrets.GITHUB_TOKEN }} | |
- name: Run clippy manually without annotations | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
if: env.GITHUB_TOKEN == null | |
run: cargo clippy --color never -q --all-targets -- -D warnings | |
run_rustdoc: | |
name: Run RustDoc | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 | |
- uses: dtolnay/rust-toolchain@master | |
with: | |
toolchain: ${{ env.RUST_TOOLCHAIN_VERSION }} | |
components: rustfmt | |
- uses: Swatinem/rust-cache@82a92a6e8fbeee089604da2575dc567ae9ddeaab # v2.7.5 | |
with: | |
key: doc | |
- run: cargo doc --document-private-items | |
run_tests: | |
name: Run Cargo Tests | |
needs: | |
- run_cargodeny | |
- run_clippy | |
- run_rustfmt | |
- run_rustdoc | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 | |
- uses: dtolnay/rust-toolchain@master | |
with: | |
toolchain: ${{ env.RUST_TOOLCHAIN_VERSION }} | |
# rust-src is required for trybuild stderr output comparison to work | |
# for our cases. | |
# See: https://github.com/dtolnay/trybuild/issues/236#issuecomment-1620950759 | |
components: rust-src | |
- uses: Swatinem/rust-cache@82a92a6e8fbeee089604da2575dc567ae9ddeaab # v2.7.5 | |
with: | |
key: test | |
- run: cargo test --all-features | |
tests_passed: | |
name: All tests passed | |
needs: | |
- run_udeps | |
- run_tests | |
runs-on: ubuntu-latest | |
steps: | |
- name: log | |
run: echo All tests have passed! |