Monthly Security Audit #8
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # https://github.com/actions-rs/audit-check#scheduled-audit | |
| name: Monthly Security Audit | |
| on: | |
| schedule: | |
| - cron: '3 2 1 * *' | |
| workflow_dispatch: | |
| inputs: | |
| branch_commit_or_ref: | |
| description: 'Run this workflow in what branch/commit?' | |
| required: true | |
| type: string | |
| default: master | |
| jobs: | |
| audit: | |
| runs-on: ubuntu-latest | |
| strategy: | |
| fail-fast: true | |
| matrix: | |
| channel: [ stable ] | |
| steps: | |
| # region Environment setup | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ inputs.branch_commit_or_ref || '' }} | |
| - name: Update Rust toolchain from channel ${{ matrix.channel }} | |
| shell: bash | |
| run: | | |
| rustup self update | |
| rustup update ${{ matrix.channel }} | |
| rustup default ${{ matrix.channel }} | |
| - name: Check Rust ${{ matrix.channel }} toolchain versions | |
| shell: bash | |
| run: | | |
| rustup --version | |
| cargo --version | |
| rustc --version | |
| rustup show | |
| # endregion | |
| # region Run security audit | |
| - name: Intall cargo-audit from channel ${{ matrix.channel }} | |
| shell: bash | |
| run: cargo install cargo-auditable cargo-audit | |
| - name: Build with dependency lists embedded in the binaries | |
| shell: bash | |
| run: cargo auditable build --release | |
| - name: Run security audit | |
| shell: bash | |
| run: cargo audit bin target/release/solrcopy | |
| # endregion | |
| # THE END # |