diff options
| author | zaidoon <[email protected]> | 2024-03-11 18:43:05 -0400 |
|---|---|---|
| committer | Yuchen Wu <[email protected]> | 2024-03-22 10:50:10 -0700 |
| commit | b9d4428809385b8d72d74176e92941a0eddb4829 (patch) | |
| tree | 85bafdef4ed5bb36f7e322205d15216fff3c594a | |
| parent | 8a84b24ad061c40583b7d90b38296805fbb1b1ef (diff) | |
| download | pingora-b9d4428809385b8d72d74176e92941a0eddb4829.tar.gz pingora-b9d4428809385b8d72d74176e92941a0eddb4829.zip | |
modernize ci
| -rw-r--r-- | .github/workflows/audit.yml | 29 | ||||
| -rw-r--r-- | .github/workflows/build.yml | 30 | ||||
| -rw-r--r-- | .github/workflows/docs.yml | 16 |
3 files changed, 40 insertions, 35 deletions
diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml new file mode 100644 index 0000000..b943e5d --- /dev/null +++ b/.github/workflows/audit.yml @@ -0,0 +1,29 @@ +name: Security Audit + +on: + push: + branches: + - master + paths: + - "**/Cargo.toml" + schedule: + - cron: "0 2 * * *" # run at 2 AM UTC + +permissions: + contents: read + +jobs: + security-audit: + permissions: + checks: write # for rustsec/audit-check to create check + contents: read # for actions/checkout to fetch code + issues: write # for rustsec/audit-check to create issues + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + + - name: Audit Check + # https://github.com/rustsec/audit-check/issues/2 + uses: rustsec/audit-check@master + with: + token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 6e91352..21a0e69 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -8,16 +8,15 @@ jobs: matrix: # TODO: add nightly toolchain: [stable] - profile: [minimal, default] runs-on: ubuntu-latest # Only run on "pull_request" event for external PRs. This is to avoid # duplicate builds for PRs created from internal branches. if: github.event_name == 'push' || github.event.pull_request.head.repo.full_name != github.repository steps: - name: Checkout sources - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: - submodules: 'recursive' + submodules: "recursive" - name: Install build dependencies run: | @@ -30,39 +29,24 @@ jobs: sudo apt install -y openresty --no-install-recommends - name: Install toolchain - uses: actions-rs/toolchain@v1 + uses: dtolnay/rust-toolchain@master with: toolchain: ${{ matrix.toolchain }} - profile: ${{ matrix.profile }} components: rustfmt, clippy - override: true - default: true - name: Run cargo fmt - uses: actions-rs/cargo@v1 - with: - command: fmt - args: -- --check + run: cargo fmt --all -- --check - name: Run cargo test - uses: actions-rs/cargo@v1 - with: - command: test - args: --verbose --lib --bins --tests --no-fail-fast + run: cargo test --verbose --lib --bins --tests --no-fail-fast # Need to run doc tests separately. # (https://github.com/rust-lang/cargo/issues/6669) - name: Run cargo doc test - uses: actions-rs/cargo@v1 - with: - command: test - args: --verbose --doc + run: cargo test --verbose --doc - name: Run cargo clippy - uses: actions-rs/cargo@v1 - with: - command: clippy - args: --all-targets --all -- --deny=warnings + run: cargo clippy --all-targets --all -- --deny=warnings - name: Run cargo audit uses: actions-rust-lang/audit@v1 diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml index 32d1fac..59e85be 100644 --- a/.github/workflows/docs.yml +++ b/.github/workflows/docs.yml @@ -10,9 +10,9 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout sources - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: - submodules: 'recursive' + submodules: "recursive" - name: Install build dependencies run: | @@ -20,15 +20,7 @@ jobs: sudo apt install -y cmake libclang-dev - name: Install stable toolchain - uses: actions-rs/toolchain@v1 - with: - profile: minimal - toolchain: stable - override: true - default: true + uses: dtolnay/rust-toolchain@stable - name: Run cargo doc - uses: actions-rs/cargo@v1 - with: - command: doc - args: --no-deps --all-features + run: cargo doc --no-deps --all-features |