Skip to content

Update supply chain files #6297

Update supply chain files

Update supply chain files #6297

Workflow file for this run

name: CI
on:
merge_group:
pull_request:
schedule:
- cron: "0 3 * * tue"
workflow_dispatch:
concurrency:
group: ci-${{ github.ref }}
cancel-in-progress: true
env:
CARGO_TERM_COLOR: always
jobs:
maybe-expedite:
outputs:
value: ${{ steps.expedite.outputs.value }}
runs-on: ubuntu-latest
steps:
- name: Log github refs
run: |
{
echo '```'
echo 'github.ref: ${{ github.ref }}'
echo 'github.sha: ${{ github.sha }}'
echo '```'
} >> "$GITHUB_STEP_SUMMARY"
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Check if merging an up-to-date branch
if: ${{ github.event_name == 'merge_group' }}
id: expedite
run: |
N="$(expr "${{ github.ref }}" : '.*-\([0-9]\+\)-[^-]*$')"
BASE_SHA="$(gh api /repos/${{ github.repository }}/pulls/"$N" | jq -r '.base.sha')"
if git diff --quiet ${{ github.event.merge_group.base_sha }} "$BASE_SHA"; then
echo "value=1" >> "$GITHUB_OUTPUT"
fi
env:
GH_TOKEN: ${{ github.token }}
lint:
needs: [maybe-expedite]
if: ${{ ! needs.maybe-expedite.outputs.value }}
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/cache@v4
with:
path: |
~/.cargo/bin/
~/.cargo/registry/index/
~/.cargo/registry/cache/
~/.cargo/git/db/
~/.dylint_drivers/
~/.rustup/toolchains/
key: ${{ runner.os }}-drivers-${{ hashFiles('driver/**') }}
- name: Install dylint-link
run: cargo install --path ./dylint-link --force
- name: Install tools
run: |
# smoelius: Prettier is still needed for scripts/update_example_READMEs.sh.
npm install -g prettier
rm -f "$HOME"/.cargo/bin/cargo-fmt
rm -f "$HOME"/.cargo/bin/rustfmt
rustup install nightly
rustup component add rustfmt --toolchain nightly
- name: Format
run: ./scripts/format.sh && git diff --exit-code
- name: Format example READMEs
run: ./scripts/update_example_READMEs.sh && git diff --exit-code
- name: Lint
run: ./scripts/lint.sh
test:
needs: [maybe-expedite]
if: ${{ ! needs.maybe-expedite.outputs.value }}
strategy:
fail-fast: ${{ github.event_name == 'merge_group' }}
matrix:
environment: [ubuntu-latest, macos-latest, windows-latest]
package:
[
cargo-dylint,
cargo-dylint-cargo-lib,
dylint_examples,
expensive-alpine,
expensive-boundary_toolchains,
expensive-custom_toolchain,
other,
]
include:
- environment: ubuntu-latest
package: cargo-dylint-ci
runs-on: ${{ matrix.environment }}
defaults:
run:
shell: bash
steps:
- uses: actions/checkout@v4
# smoelius: The `nightly_toolchain` test makes sense only if the nightly driver is cached.
- uses: actions/cache@v4
with:
path: |
~/.cargo/bin/
~/.cargo/registry/index/
~/.cargo/registry/cache/
~/.cargo/git/db/
~/.dylint_drivers/
~/.rustup/toolchains/
key: ${{ runner.os }}-drivers-${{ hashFiles('driver/**') }}
- name: Rustup
run: rustup update
- name: Install dylint-link
run: cargo install --path ./dylint-link --force
- name: Install tools
run: |
npm install -g prettier
rustup install nightly
# smoelius: This list will grow: https://github.com/trailofbits/dylint/issues/636
- name: Install CI tools
if: ${{ matrix.package == 'cargo-dylint-ci' }}
run: |
cargo install cargo-hack || true
cargo install cargo-license || true
cargo install cargo-msrv || true
cargo install cargo-rdme || true
cargo install cargo-sort || true
cargo install cargo-supply-chain || true
cargo install cargo-udeps --locked || true
cargo install cargo-unmaintained || true
- name: Free up space on Ubuntu
if: ${{ matrix.environment == 'ubuntu-latest' }}
run: |
# https://github.com/actions/runner-images/issues/2606#issuecomment-772683150
sudo rm -rf /usr/local/lib/android
sudo rm -rf /usr/share/dotnet
sudo rm -rf /usr/share/swift
# du -sh /usr/*/* 2>/dev/null | sort -h || true
- name: Free up space on macOS
if: ${{ matrix.environment == 'macos-latest' }}
run: |
# https://github.com/actions/runner-images/issues/2840#issuecomment-2334584217
echo /Applications/Xcode* | sort | head -n1 | xargs rm -rf
# du -sh /*/* 2>/dev/null | sort -h || true
- name: Preinstall toolchains
run: cargo run -p dylint_internal --bin preinstall-toolchains
- name: Test
run: |
if [[ '${{ matrix.package }}' =~ ^cargo-dylint ]]; then
case '${{ matrix.package }}' in
cargo-dylint)
cargo test -p cargo-dylint --no-default-features --features=cargo-cli -- --nocapture
;;
cargo-dylint-cargo-lib)
# smoelius: The next line is useful for debugging.
# sed -i 's/^.*\<fs_extra\>/# &/' dylint/Cargo.toml
git diff
cargo test -p cargo-dylint --no-default-features --features=cargo-lib -- --nocapture
;;
cargo-dylint-ci)
cargo test -p cargo-dylint --test ci
;;
*)
exit 1
;;
esac
elif [[ '${{ matrix.package }}' != 'other' ]]; then
PACKAGE=''
TEST=''
if [[ '${{ matrix.package }}' =~ ^expensive- ]]; then
if [[ '${{ github.event_name }}' != 'schedule' && '${{ github.event_name }}' != 'workflow_dispatch' ]]; then
exit
fi
PACKAGE='expensive'
TEST='${{ matrix.package }}'
TEST="--test=${TEST#'expensive-'}"
else
PACKAGE='${{ matrix.package }}'
fi
cargo test -p "$PACKAGE" "$TEST" -- --nocapture
else
cargo test --all-features --workspace --exclude cargo-dylint --exclude dylint_examples --exclude expensive -- --nocapture
pushd driver
cargo test --all-features -- --nocapture
popd
pushd utils/linting
cargo test --all-features -- --nocapture
popd
# smoelius: The `cdylib` -> `lib` trick is due to @MinerSebas.
for X in examples/*/*; do
if [[ ! -d "$X" ]]; then
continue
fi
if [[ "$(basename "$X")" = '.cargo' || "$(basename "$X")" = 'src' ]]; then
continue
fi
pushd "$X"
sed -i.bak 's/"cdylib"/"lib"/g' Cargo.toml
# smoelius: `RUSTUP_WINDOWS_PATH_ADD_BIN=1` is needed for the `redundant_reference`
# doc tests to pass on Windows.
RUSTUP_WINDOWS_PATH_ADD_BIN=1 cargo test --doc
popd
done
fi
env:
CARGO_INCREMENTAL: 0
all-checks:
needs: [lint, test]
# smoelius: From "Defining prerequisite jobs"
# (https://docs.github.com/en/actions/using-jobs/using-jobs-in-a-workflow#defining-prerequisite-jobs):
# > If you would like a job to run even if a job it is dependent on did not succeed, use the
# > `always()` conditional expression in `jobs.<job_id>.if`.
if: ${{ always() }}
runs-on: ubuntu-latest
steps:
- name: Check results
if: ${{ contains(needs.*.result, 'failure') || contains(needs.*.result, 'cancelled') }}
run: exit 1