Skip to content

ci: Use "v2.0.0" branch for security check #106

ci: Use "v2.0.0" branch for security check

ci: Use "v2.0.0" branch for security check #106

Workflow file for this run

name: CI
permissions:
contents: read
on:
pull_request:
push:
branches:
- main
schedule:
- cron: '0 2 * * 0'
env:
CARGO_INCREMENTAL: 0
CARGO_NET_GIT_FETCH_WITH_CLI: true
CARGO_NET_RETRY: 10
CARGO_TERM_COLOR: always
RUST_BACKTRACE: 1
RUSTFLAGS: -D warnings
RUSTDOCFLAGS: -D warnings
RUSTUP_MAX_RETRIES: 10
defaults:
run:
shell: bash
jobs:
test:
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
os: [ubuntu-latest, windows-latest, macos-latest]
rust: [nightly, beta, stable]
steps:
- uses: actions/checkout@v4
- name: Install Rust
# --no-self-update is necessary because the windows environment cannot self-update rustup.exe.
run: rustup update ${{ matrix.rust }} --no-self-update && rustup default ${{ matrix.rust }}
- run: rustup target add thumbv7m-none-eabi
if: startsWith(matrix.os, 'ubuntu')
- name: Run cargo check
run: cargo check --all --all-features --all-targets
if: startsWith(matrix.rust, 'nightly')
- name: Run cargo check (without dev-dependencies to catch missing feature flags)
if: startsWith(matrix.rust, 'nightly')
run: cargo check -Z features=dev_dep
- run: cargo test
- name: Build with no default features
# Use no-std target to ensure we don't link to std.
run: cargo build --no-default-features --target thumbv7m-none-eabi
if: startsWith(matrix.os, 'ubuntu')
- name: Build with no default features and alloc
# Use no-std target to ensure we don't link to std.
run: cargo build --no-default-features --features alloc --target thumbv7m-none-eabi
if: startsWith(matrix.os, 'ubuntu')
- run: cargo bench
if: startsWith(matrix.rust, 'nightly')
wasi:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Install Rust
run: rustup update stable
- uses: taiki-e/setup-cross-toolchain-action@v1
with:
target: wasm32-wasi
- run: cargo test --target wasm32-wasi
msrv:
runs-on: ubuntu-latest
strategy:
matrix:
# When updating this, the reminder to update the minimum supported
# Rust version in Cargo.toml.
rust: ['1.43.0']
steps:
- uses: actions/checkout@v4
- name: Install Rust
run: rustup update ${{ matrix.rust }} && rustup default ${{ matrix.rust }}
- run: cargo build
clippy:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Install Rust
run: rustup update stable
- run: cargo clippy --all-features --tests --examples
fmt:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Install Rust
run: rustup update stable
- run: cargo fmt --all --check
security_audit:
permissions:
checks: write
contents: read
issues: write
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
# rustsec/audit-check used to do this automatically
- name: Generate Cargo.lock
run: cargo generate-lockfile
# https://github.com/rustsec/audit-check/issues/2
- uses: rustsec/audit-check@v2.0.0
with:
token: ${{ secrets.GITHUB_TOKEN }}