Skip to content

Update Rust crate secrecy to v0.10.2 #19660

Update Rust crate secrecy to v0.10.2

Update Rust crate secrecy to v0.10.2 #19660

Workflow file for this run

name: CI
on:
push:
branches:
- main
- master
pull_request:
concurrency:
group: ci-${{ github.head_ref || github.ref }}
cancel-in-progress: true
env:
CARGO_TERM_COLOR: always
# renovate: datasource=crate depName=cargo-deny versioning=semver
CARGO_DENY_VERSION: 0.16.1
# renovate: datasource=crate depName=grcov versioning=semver
GRCOV_VERSION: 0.8.19
# renovate: datasource=npm depName=pnpm
PNPM_VERSION: 9.10.0
# renovate: datasource=docker depName=postgres
POSTGRES_VERSION: 16
jobs:
changed-files:
name: Changed Files
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- uses: tj-actions/changed-files@e9772d140489982e0e3704fea5ee93d536f1e275 # v45.0.1
id: changed-files-non-js
with:
files_ignore: |
app/**
mirage/**
public/**
tests/**
.eslintrc
.template-lintrc.js
ember-cli-build.js
package.json
pnpm-lock.yaml
testem.js
- uses: tj-actions/changed-files@e9772d140489982e0e3704fea5ee93d536f1e275 # v45.0.1
id: changed-files-non-rust
with:
files_ignore: |
crates/**
migrations/**
src/**
build.rs
Cargo.lock
Cargo.toml
rust-toolchain.toml
- uses: tj-actions/changed-files@e9772d140489982e0e3704fea5ee93d536f1e275 # v45.0.1
id: changed-files-rust-lockfile
with:
files: Cargo.lock
outputs:
non-js: ${{ steps.changed-files-non-js.outputs.any_modified }}
non-rust: ${{ steps.changed-files-non-rust.outputs.any_modified }}
rust-lockfile: ${{ steps.changed-files-rust-lockfile.outputs.any_modified }}
percy-nonce:
name: Frontend / Percy Nonce
runs-on: ubuntu-latest
needs: changed-files
if: needs.changed-files.outputs.non-rust == 'true'
# persist job results to other jobs in the workflow
outputs:
nonce: ${{ steps.percy-nonce.outputs.nonce }}
steps:
# persist step results to other steps in the job
- id: percy-nonce
# adding a timestamp makes the nonce more unique for re-runs
run: echo "nonce=${{ github.run_id }}-$(date +%s)" >> $GITHUB_OUTPUT
backend-lint:
name: Backend / Lint
runs-on: ubuntu-22.04
needs: changed-files
if: needs.changed-files.outputs.non-js == 'true'
env:
RUSTFLAGS: "-D warnings"
RUSTDOCFLAGS: "-D warnings"
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- run: rustup component add rustfmt
- run: rustup component add clippy
- uses: Swatinem/rust-cache@23bce251a8cd2ffc3c1075eaa2367cf899916d84 # v2.7.3
- run: cargo fmt --check --all
- run: cargo clippy --all-targets --all-features --workspace
- run: cargo doc --no-deps --document-private-items
backend-cargo-deny:
name: Backend / cargo-deny
runs-on: ubuntu-22.04
needs: changed-files
if: github.event_name != 'pull_request' || needs.changed-files.outputs.rust-lockfile == 'true'
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- uses: Swatinem/rust-cache@23bce251a8cd2ffc3c1075eaa2367cf899916d84 # v2.7.3
- run: cargo install cargo-deny --vers ${{ env.CARGO_DENY_VERSION }}
- run: cargo deny check
backend-test:
name: Backend / Test
runs-on: ubuntu-22.04
needs: changed-files
if: needs.changed-files.outputs.non-js == 'true'
env:
RUST_BACKTRACE: 1
TEST_DATABASE_URL: postgres://postgres:postgres@localhost/postgres
RUSTFLAGS: "-D warnings -Cinstrument-coverage"
MALLOC_CONF: "background_thread:true,abort_conf:true,abort:true,junk:true"
CARGO_TARGET_DIR: /mnt/target
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- uses: Swatinem/rust-cache@23bce251a8cd2ffc3c1075eaa2367cf899916d84 # v2.7.3
with:
# Ensure that we cache from the right target directory. (See below
# for the details of how and when this gets created.)
workspaces: '. -> ${{ env.CARGO_TARGET_DIR }}'
# Update `pg_dump` to the same version as the running PostgreSQL server
- run: sudo /usr/share/postgresql-common/pgdg/apt.postgresql.org.sh -v ${{ env.POSTGRES_VERSION }} -i -p
- run: sudo systemctl start postgresql.service
- run: sudo -u postgres psql -c "ALTER USER postgres WITH PASSWORD 'postgres'"
# Create a working directory on /mnt, which is a larger temporary
# filesystem than /, that we can then point our later commands to.
- run: |
sudo mkdir ${{ env.CARGO_TARGET_DIR }}
sudo chown $(id -u):$(id -g) ${{ env.CARGO_TARGET_DIR }}
- run: cargo build --tests --workspace
- run: cargo test --workspace
- run: curl -sL https://github.com/mozilla/grcov/releases/download/v${{ env.GRCOV_VERSION }}/grcov-x86_64-unknown-linux-gnu.tar.bz2 | tar xjf -
- run: rustup component add llvm-tools
- run: ./grcov . --binary-path ${{ env.CARGO_TARGET_DIR }}/debug/ -s . -t lcov --branch --ignore-not-existing --ignore "/*" --ignore "${{ env.CARGO_TARGET_DIR }}/debug/build/**" -o ${{ env.CARGO_TARGET_DIR }}/coverage.lcov
- uses: codecov/codecov-action@e28ff129e5465c2c0dcc6f003fc735cb6ae0c673 # v4.5.0
with:
files: ${{ env.CARGO_TARGET_DIR }}/coverage.lcov
env:
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
frontend-lint:
name: Frontend / Lint
runs-on: ubuntu-22.04
needs: changed-files
if: needs.changed-files.outputs.non-rust == 'true'
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- uses: pnpm/action-setup@fe02b34f77f8bc703788d5817da081398fad5dd2 # v4.0.0
with:
version: ${{ env.PNPM_VERSION }}
- uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4
with:
cache: pnpm
node-version-file: package.json
- run: pnpm install
- run: pnpm lint:hbs
- run: pnpm lint:js
- run: pnpm lint:deps
- run: pnpm prettier:check
frontend-test:
name: Frontend / Test
runs-on: ubuntu-22.04
needs: [changed-files, percy-nonce]
if: needs.changed-files.outputs.non-rust == 'true'
env:
JOBS: 1 # See https://git.io/vdao3 for details.
# Percy secrets are included here to enable Percy's GitHub integration
# on community-submitted PRs
PERCY_TOKEN: web_0a783d8086b6f996809f3e751d032dd6d156782082bcd1423b9b860113c75054
PERCY_PARALLEL_NONCE: ${{ needs.percy-nonce.outputs.nonce }}
PERCY_PARALLEL_TOTAL: 2
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- uses: pnpm/action-setup@fe02b34f77f8bc703788d5817da081398fad5dd2 # v4.0.0
with:
version: ${{ env.PNPM_VERSION }}
- uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4
with:
cache: pnpm
node-version-file: package.json
- run: pnpm install
- if: github.repository == 'rust-lang/crates.io'
run: pnpm percy exec --parallel -- pnpm test-coverage
- if: github.repository != 'rust-lang/crates.io'
run: pnpm test-coverage
e2e-test:
name: Frontend / Test (playwright)
runs-on: ubuntu-22.04
needs: [changed-files, percy-nonce]
timeout-minutes: 60
if: needs.changed-files.outputs.non-rust == 'true'
env:
JOBS: 1 # See https://git.io/vdao3 for details.
# Percy secrets are included here to enable Percy's GitHub integration
# on community-submitted PRs
PERCY_TOKEN: web_0a783d8086b6f996809f3e751d032dd6d156782082bcd1423b9b860113c75054
PERCY_PARALLEL_NONCE: ${{ needs.percy-nonce.outputs.nonce }}
PERCY_PARALLEL_TOTAL: 2
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- uses: pnpm/action-setup@fe02b34f77f8bc703788d5817da081398fad5dd2 # v4.0.0
with:
version: ${{ env.PNPM_VERSION }}
- uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4
with:
cache: pnpm
node-version-file: package.json
- run: pnpm install
- run: pnpm playwright install chromium
- if: github.repository == 'rust-lang/crates.io'
run: pnpm percy exec --parallel -- pnpm e2e
- uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4
if: ${{ !cancelled() }}
with:
name: playwright-report
path: playwright-report/
retention-days: 14