ci: simplify
This commit is contained in:
parent
62947a9ff1
commit
02cf98ee4b
8 changed files with 202 additions and 123 deletions
66
.github/workflows/check.yml
vendored
66
.github/workflows/check.yml
vendored
|
@ -1,66 +0,0 @@
|
|||
name: Check
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: ['main']
|
||||
pull_request:
|
||||
|
||||
jobs:
|
||||
rustfmt:
|
||||
name: Run rustfmt
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
|
||||
- name: Install Rust
|
||||
uses: dtolnay/rust-toolchain@stable
|
||||
with:
|
||||
toolchain: stable
|
||||
components: rustfmt
|
||||
|
||||
- name: Setup Rust cache
|
||||
uses: Swatinem/rust-cache@v2
|
||||
|
||||
- name: Run rustfmt
|
||||
run: cargo fmt --all -- --check
|
||||
|
||||
clippy:
|
||||
name: Run Clippy scan
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
permissions:
|
||||
security-events: write
|
||||
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
|
||||
- name: Install Rust
|
||||
uses: dtolnay/rust-toolchain@stable
|
||||
with:
|
||||
toolchain: stable
|
||||
components: clippy
|
||||
|
||||
- name: Setup Rust cache
|
||||
uses: Swatinem/rust-cache@v2
|
||||
|
||||
- name: Install SARIF tools
|
||||
run: cargo install clippy-sarif sarif-fmt
|
||||
|
||||
- name: Fetch Cargo deps
|
||||
run: cargo fetch --locked
|
||||
|
||||
- name: Run Clippy
|
||||
continue-on-error: true
|
||||
run: |
|
||||
cargo clippy \
|
||||
--all-features \
|
||||
--all-targets \
|
||||
--message-format=json \
|
||||
| clippy-sarif | tee /tmp/clippy.sarif | sarif-fmt
|
||||
|
||||
- name: Upload results
|
||||
uses: github/codeql-action/upload-sarif@v3
|
||||
with:
|
||||
sarif_file: /tmp/clippy.sarif
|
||||
wait-for-processing: true
|
79
.github/workflows/ci.yml
vendored
Normal file
79
.github/workflows/ci.yml
vendored
Normal file
|
@ -0,0 +1,79 @@
|
|||
name: CI
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: [main]
|
||||
pull_request:
|
||||
workflow_dispatch:
|
||||
|
||||
jobs:
|
||||
build:
|
||||
name: Build (${{ matrix.os }})
|
||||
|
||||
strategy:
|
||||
fail-fast: false
|
||||
matrix:
|
||||
include:
|
||||
- os: ubuntu-latest
|
||||
use-nix: true
|
||||
- os: windows-latest
|
||||
use-nix: false
|
||||
|
||||
runs-on: ${{ matrix.os }}
|
||||
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v4
|
||||
|
||||
- name: Install Rust
|
||||
if: ${{ !matrix.use-nix }}
|
||||
uses: actions-rust-lang/setup-rust-toolchain@v1
|
||||
|
||||
- name: Install Nix
|
||||
if: ${{ matrix.use-nix }}
|
||||
uses: DeterminateSystems/nix-installer-action@v15
|
||||
|
||||
- name: Setup Nix cache
|
||||
if: ${{ matrix.use-nix }}
|
||||
uses: DeterminateSystems/magic-nix-cache-action@v8
|
||||
|
||||
- name: Build
|
||||
if: ${{ !matrix.use-nix }}
|
||||
run: cargo build --locked
|
||||
|
||||
- name: Build
|
||||
if: ${{ matrix.use-nix }}
|
||||
run: nix build --print-build-logs .#refraction-debug
|
||||
|
||||
flake:
|
||||
name: Flake checks
|
||||
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v4
|
||||
|
||||
- name: Install Nix
|
||||
uses: DeterminateSystems/nix-installer-action@v15
|
||||
|
||||
- name: Setup Nix cache
|
||||
uses: DeterminateSystems/magic-nix-cache-action@v8
|
||||
|
||||
- name: Run checks
|
||||
run: |
|
||||
nix flake check --print-build-logs --show-trace
|
||||
|
||||
# Make sure all above jobs finished successfully
|
||||
release-gate:
|
||||
name: CI Release gate
|
||||
needs: [build, flake]
|
||||
|
||||
if: ${{ always() }}
|
||||
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
steps:
|
||||
- name: Exit with error
|
||||
if: ${{ contains(needs.*.result, 'failure') || contains(needs.*.result, 'cancelled') }}
|
||||
run: exit 1
|
47
.github/workflows/clippy.yml
vendored
Normal file
47
.github/workflows/clippy.yml
vendored
Normal file
|
@ -0,0 +1,47 @@
|
|||
name: Clippy
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: [main]
|
||||
paths:
|
||||
- 'Cargo.toml'
|
||||
- 'Cargo.lock'
|
||||
- '**.rs'
|
||||
pull_request:
|
||||
paths:
|
||||
- 'Cargo.toml'
|
||||
- 'Cargo.lock'
|
||||
- '**.rs'
|
||||
workflow_dispatch:
|
||||
|
||||
jobs:
|
||||
clippy:
|
||||
name: Run scan
|
||||
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
permissions:
|
||||
security-events: write
|
||||
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v4
|
||||
|
||||
- name: Install Nix
|
||||
uses: DeterminateSystems/nix-installer-action@v13
|
||||
|
||||
- name: Setup Nix cache
|
||||
uses: DeterminateSystems/magic-nix-cache-action@v7
|
||||
|
||||
- name: Generate sarif report
|
||||
id: clippy-run
|
||||
run: |
|
||||
nix build --print-build-logs .#clippy-report
|
||||
[ -L result ] || exit 1
|
||||
echo "sarif-file=$(readlink -f result)" >> "$GITHUB_OUTPUT"
|
||||
|
||||
- name: Upload results
|
||||
uses: github/codeql-action/upload-sarif@v3
|
||||
with:
|
||||
sarif_file: ${{ steps.clippy-run.outputs.sarif-file }}
|
||||
wait-for-processing: true
|
20
.github/workflows/docker.yml
vendored
20
.github/workflows/docker.yml
vendored
|
@ -2,7 +2,7 @@ name: Docker
|
|||
|
||||
on:
|
||||
push:
|
||||
branches: [ main ]
|
||||
branches: [main]
|
||||
pull_request:
|
||||
workflow_dispatch:
|
||||
|
||||
|
@ -13,7 +13,7 @@ jobs:
|
|||
strategy:
|
||||
fail-fast: false
|
||||
matrix:
|
||||
arch: [ amd64, arm64 ]
|
||||
arch: [amd64, arm64]
|
||||
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
|
@ -44,11 +44,25 @@ jobs:
|
|||
if-no-files-found: error
|
||||
retention-days: 3
|
||||
|
||||
# Make sure all above jobs finished successfully
|
||||
release-gate:
|
||||
name: Docker Release gate
|
||||
needs: [build]
|
||||
|
||||
if: ${{ always() }}
|
||||
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
steps:
|
||||
- name: Exit with error
|
||||
if: ${{ contains(needs.*.result, 'failure') || contains(needs.*.result, 'cancelled') }}
|
||||
run: exit 1
|
||||
|
||||
push:
|
||||
name: Push image
|
||||
needs: build
|
||||
|
||||
if: github.event_name == 'push'
|
||||
if: ${{ github.event_name == 'push' }}
|
||||
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
|
|
52
.github/workflows/nix.yml
vendored
52
.github/workflows/nix.yml
vendored
|
@ -1,52 +0,0 @@
|
|||
name: Nix
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: ['main']
|
||||
pull_request:
|
||||
workflow_dispatch:
|
||||
|
||||
jobs:
|
||||
build:
|
||||
name: Build
|
||||
strategy:
|
||||
matrix:
|
||||
os: [ubuntu-latest, macos-latest]
|
||||
|
||||
runs-on: ${{ matrix.os }}
|
||||
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v4
|
||||
|
||||
- name: Install Nix
|
||||
uses: DeterminateSystems/nix-installer-action@v15
|
||||
|
||||
- name: Setup Nix cache
|
||||
uses: DeterminateSystems/magic-nix-cache-action@v8
|
||||
|
||||
- name: Build refraction
|
||||
run: nix build --fallback --print-build-logs
|
||||
|
||||
check:
|
||||
name: Check flake
|
||||
|
||||
strategy:
|
||||
matrix:
|
||||
os: [ubuntu-latest, macos-latest]
|
||||
|
||||
runs-on: ${{ matrix.os }}
|
||||
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v4
|
||||
|
||||
- name: Install Nix
|
||||
uses: DeterminateSystems/nix-installer-action@v15
|
||||
|
||||
- name: Setup Nix cache
|
||||
uses: DeterminateSystems/magic-nix-cache-action@v8
|
||||
|
||||
- name: Run checks
|
||||
run: |
|
||||
nix flake check --print-build-logs --show-trace
|
4
.github/workflows/update-flake.yml
vendored
4
.github/workflows/update-flake.yml
vendored
|
@ -24,9 +24,9 @@ jobs:
|
|||
|
||||
- name: Update flake.lock
|
||||
id: update
|
||||
uses: DeterminateSystems/update-flake-lock@main
|
||||
uses: DeterminateSystems/update-flake-lock@v23
|
||||
with:
|
||||
pr-title: "nix: update flake.lock"
|
||||
pr-title: 'nix: update flake.lock'
|
||||
|
||||
- name: Enable Pull Request Automerge
|
||||
uses: peter-evans/enable-pull-request-automerge@v3
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue