Skip to content

address cargo audit errors and warnings #464

address cargo audit errors and warnings

address cargo audit errors and warnings #464

Workflow file for this run

name: cargo-build
on:
push:
pull_request:
env:
CARGO_TERM_COLOR: always
RUST_BACKTRACE: full
jobs:
# First stage: these are quick jobs that give immediate feedback on a PR.
check:
name: check-${{ matrix.os }}
runs-on: ${{ matrix.os }}
strategy:
matrix:
os: [ ubuntu-latest, macos-12 ]
steps:
- uses: actions/checkout@v3
- uses: ./.github/actions/setup-rust
- uses: Swatinem/rust-cache@v2
with:
shared-key: check-${{ matrix.os }}
- name: cargo check
run: |
cargo check --all-targets
clippy:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: ./.github/actions/setup-rust
- uses: Swatinem/rust-cache@v2
- uses: taiki-e/install-action@v2
with:
tool: clippy-sarif,sarif-fmt
- name: run clippy
run: |
cargo clippy --all-targets --all-features --message-format json \
| clippy-sarif \
| tee clippy.sarif \
| sarif-fmt
shell: bash
continue-on-error: true
- uses: actions/upload-artifact@v3
with:
name: clippy-sarif
path: clippy.sarif
clippy-upload:
runs-on: ubuntu-latest
needs: [ clippy ]
permissions:
security-events: write
steps:
- uses: actions/checkout@v3
- uses: actions/download-artifact@v3
with:
name: clippy-sarif
- uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: clippy.sarif
audit:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: Swatinem/rust-cache@v2
with:
shared-key: check-ubuntu-latest
save-if: false
- uses: baptiste0928/cargo-install@v1
with:
crate: cargo-audit
args: --locked
- run: |
cargo audit
rustfmt:
name: rustfmt
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: dtolnay/rust-toolchain@stable
- name: cargo fmt
shell: bash
run: |
cargo fmt --all -- --check
# Second group of checks: These are more expensive than the first set so we
# gate them on the check action succeeding.
build:
name: build-${{ matrix.os }}-${{ matrix.profile }}
runs-on: ${{ matrix.os }}
strategy:
matrix:
os: [ ubuntu-latest, macos-12 ]
profile: [ release, debug ]
steps:
- uses: actions/checkout@v3
- uses: ./.github/actions/setup-rust
- uses: Swatinem/rust-cache@v2
with:
shared-key: build-${{ matrix.os }}-${{ matrix.profile }}
- name: Update cargo flags
if: ${{ matrix.profile == 'release' }}
run: echo 'FLAGS=--release' >> $GITHUB_ENV
shell: bash
- name: Update cargo flags
if: ${{ matrix.profile == 'debug' }}
run: echo 'FLAGS=' >> $GITHUB_ENV
shell: bash
- name: build
shell: bash
run: |
cargo build --workspace --all-features --all-targets --locked ${{ env.FLAGS }}
- name: test
shell: bash
run: |
cargo test --workspace --all-features --tests --lib --bins --examples --locked ${{ env.FLAGS }}
- name: doctests
if: ${{ matrix.profile == 'debug' }}
shell: bash
run: |
cargo test --workspace --all-features --doc --locked -- --test-threads 16
- name: generate bin artifact
if: ${{ matrix.profile == 'release' && matrix.os == 'ubuntu-latest' }}
shell: bash
run: |
mkdir install
cp target/release/pelikan_pingserver_rs install
cp target/release/pelikan_pingproxy_rs install
- uses: actions/upload-artifact@v3
if: ${{ matrix.profile == 'release' && matrix.os == 'ubuntu-latest' }}
with:
name: binaries
path: install
check-success:
name: verify all tests pass
runs-on: ubuntu-latest
needs:
- build
- check
- rustfmt
- clippy
- clippy-upload
- audit
steps:
- name: no-op
run: |
echo "All checks passed!"