mirror of https://github.com/briansmith/webpki
264 lines
7.2 KiB
YAML
264 lines
7.2 KiB
YAML
name: ci
|
|
permissions:
|
|
contents: read
|
|
on:
|
|
pull_request:
|
|
push:
|
|
jobs:
|
|
rustfmt:
|
|
runs-on: ubuntu-22.04
|
|
|
|
steps:
|
|
- run: rustup --version
|
|
|
|
- uses: briansmith/actions-checkout@v4
|
|
with:
|
|
persist-credentials: false
|
|
|
|
- run: cargo fmt --all -- --check
|
|
|
|
clippy:
|
|
runs-on: ubuntu-22.04
|
|
|
|
steps:
|
|
- run: rustup --version
|
|
|
|
- uses: briansmith/actions-checkout@v4
|
|
with:
|
|
persist-credentials: false
|
|
|
|
- run: mk/clippy.sh
|
|
|
|
audit:
|
|
runs-on: ubuntu-22.04
|
|
|
|
steps:
|
|
- run: rustup --version
|
|
|
|
- uses: briansmith/actions-cache@v3
|
|
with:
|
|
path: |
|
|
~/.cargo/bin/cargo-audit
|
|
~/.cargo/.crates.toml
|
|
~/.cargo/.crates2.json
|
|
key: ${{ runner.os }}-v2-cargo-audit-locked-0.18.3
|
|
|
|
- run: cargo install cargo-audit --locked --vers "0.18.3"
|
|
|
|
- uses: briansmith/actions-checkout@v4
|
|
with:
|
|
persist-credentials: false
|
|
|
|
- run: cargo generate-lockfile
|
|
|
|
- run: cargo audit --deny warnings
|
|
|
|
deny:
|
|
runs-on: ubuntu-22.04
|
|
|
|
steps:
|
|
- run: rustup --version
|
|
|
|
- uses: briansmith/actions-cache@v3
|
|
with:
|
|
path: |
|
|
~/.cargo/bin/cargo-deny
|
|
~/.cargo/.crates.toml
|
|
~/.cargo/.crates2.json
|
|
key: ${{ runner.os }}-v2-cargo-deny-locked-0.14.3
|
|
|
|
- run: cargo install cargo-deny --locked --vers "0.14.3"
|
|
|
|
- uses: briansmith/actions-checkout@v4
|
|
with:
|
|
persist-credentials: false
|
|
|
|
- run: cargo deny check
|
|
|
|
# Verify that documentation builds.
|
|
rustdoc:
|
|
runs-on: ubuntu-22.04
|
|
|
|
steps:
|
|
- run: rustup --version
|
|
|
|
- uses: briansmith/actions-checkout@v4
|
|
with:
|
|
persist-credentials: false
|
|
|
|
- run: |
|
|
cargo doc --all-features
|
|
|
|
package:
|
|
runs-on: ubuntu-22.04
|
|
|
|
steps:
|
|
- run: rustup --version
|
|
|
|
- uses: briansmith/actions-checkout@v4
|
|
with:
|
|
persist-credentials: false
|
|
|
|
- run: cargo package
|
|
|
|
|
|
test:
|
|
runs-on: ${{ matrix.host_os }}
|
|
|
|
strategy:
|
|
matrix:
|
|
features:
|
|
- # Default
|
|
- --features=alloc
|
|
- --all-features
|
|
|
|
target:
|
|
# There is no platform-specific code in webpki. Choose a handful of
|
|
# platforms mostly to smoketest that the build machinery in mk/ is
|
|
# portable.
|
|
# Specifically choose `aarch64-pc-windows-msvc` since it was new in
|
|
# *ring* 0.17.
|
|
- aarch64-apple-darwin
|
|
- aarch64-pc-windows-msvc
|
|
- arm-unknown-linux-gnueabihf
|
|
- i686-pc-windows-msvc
|
|
- riscv64gc-unknown-linux-gnu
|
|
- wasm32-wasi
|
|
- x86_64-unknown-linux-musl
|
|
- x86_64-unknown-linux-gnu
|
|
|
|
mode:
|
|
- # debug
|
|
- --release
|
|
|
|
rust_channel:
|
|
- stable
|
|
- nightly
|
|
|
|
- 1.61.0
|
|
|
|
- beta
|
|
|
|
include:
|
|
- target: aarch64-apple-darwin
|
|
host_os: macos-14
|
|
|
|
- target: aarch64-pc-windows-msvc
|
|
host_os: windows-latest
|
|
# GitHub Actions doesn't have a way to run this target yet.
|
|
cargo_options: --no-run
|
|
|
|
- target: arm-unknown-linux-gnueabihf
|
|
host_os: ubuntu-22.04
|
|
|
|
- target: i686-pc-windows-msvc
|
|
host_os: windows-latest
|
|
|
|
- target: riscv64gc-unknown-linux-gnu
|
|
host_os: ubuntu-22.04
|
|
|
|
- target: wasm32-wasi
|
|
host_os: ubuntu-22.04
|
|
|
|
- target: x86_64-unknown-linux-musl
|
|
host_os: ubuntu-22.04
|
|
|
|
- target: x86_64-unknown-linux-gnu
|
|
host_os: ubuntu-22.04
|
|
|
|
# rcgen requires *ring* 0.16 which doesn't support this target.
|
|
- target: aarch64-pc-windows-msvc
|
|
skip_rcgen: true
|
|
- target: riscv64gc-unknown-linux-gnu
|
|
skip_rcgen: true
|
|
- target: wasm32-wasi
|
|
skip_rcgen: true
|
|
|
|
- rust_channel: 1.61.0
|
|
# rcgen requires Rust 1.67.
|
|
skip_rcgen: true
|
|
|
|
steps:
|
|
- if: ${{ contains(matrix.host_os, 'ubuntu') }}
|
|
run: sudo apt-get update -y
|
|
|
|
- uses: briansmith/actions-checkout@v4
|
|
with:
|
|
persist-credentials: false
|
|
|
|
- run: rustup toolchain add --profile=minimal ${{ matrix.rust_channel }}
|
|
- run: rustup target add --toolchain=${{ matrix.rust_channel }} ${{ matrix.target }}
|
|
|
|
- if: ${{ !contains(matrix.host_os, 'windows') }}
|
|
run: mk/install-build-tools.sh --target=${{ matrix.target }} ${{ matrix.features }}
|
|
|
|
- if: ${{ matrix.target == 'aarch64-pc-windows-msvc' }}
|
|
run: |
|
|
echo "C:\Program Files (x86)\Microsoft Visual Studio\2022\Enterprise\VC\Tools\Llvm\x64\bin" >> $GITHUB_PATH
|
|
shell: bash
|
|
|
|
- if: ${{ !contains(matrix.host_os, 'windows') }}
|
|
run: |
|
|
mk/cargo.sh +${{ matrix.rust_channel }} test -vv --target=${{ matrix.target }} ${{ matrix.cargo_options }} ${{ matrix.features }} ${{ matrix.mode }}
|
|
|
|
- if: ${{ contains(matrix.host_os, 'windows') }}
|
|
run: |
|
|
cargo +${{ matrix.rust_channel }} test -vv --target=${{ matrix.target }} ${{ matrix.cargo_options }} ${{ matrix.features }} ${{ matrix.mode }}
|
|
|
|
- if: ${{ !contains(matrix.host_os, 'windows') && !contains(matrix.skip_rcgen, 'true') }}
|
|
run: |
|
|
mk/cargo.sh +${{ matrix.rust_channel }} test -p rcgen-tests -vv --target=${{ matrix.target }} ${{ matrix.cargo_options }} ${{ matrix.features }} ${{ matrix.mode }}
|
|
|
|
# rcgen-based tests require Rust 1.67, and uses *ring* 0.16 which doesn't build for aarch64-pc-windows-msvc.
|
|
- if: ${{ contains(matrix.host_os, 'windows') && !contains(matrix.skip_rcgen, 'true') }}
|
|
run: |
|
|
cargo +${{ matrix.rust_channel }} test -vv -p rcgen-tests --target=${{ matrix.target }} ${{ matrix.cargo_options }} ${{ matrix.features }} ${{ matrix.mode }}
|
|
|
|
coverage:
|
|
runs-on: ${{ matrix.host_os }}
|
|
|
|
strategy:
|
|
matrix:
|
|
features:
|
|
- --all-features
|
|
|
|
# TODO: targets
|
|
target:
|
|
- x86_64-unknown-linux-musl
|
|
|
|
mode:
|
|
- # debug
|
|
|
|
# Coverage collection is Nightly-only
|
|
rust_channel:
|
|
- nightly
|
|
|
|
# TODO: targets
|
|
include:
|
|
- target: x86_64-unknown-linux-musl
|
|
host_os: ubuntu-22.04
|
|
|
|
steps:
|
|
- if: ${{ contains(matrix.host_os, 'ubuntu') }}
|
|
run: sudo apt-get update -y
|
|
|
|
- uses: briansmith/actions-checkout@v4
|
|
with:
|
|
persist-credentials: false
|
|
|
|
- run: rustup toolchain add --profile=minimal ${{ matrix.rust_channel }}
|
|
- run: rustup target add --toolchain=${{ matrix.rust_channel }} ${{ matrix.target }}
|
|
|
|
- if: ${{ !contains(matrix.host_os, 'windows') }}
|
|
run: RING_COVERAGE=1 mk/install-build-tools.sh --target=${{ matrix.target }} ${{ matrix.features }}
|
|
|
|
- if: ${{ !contains(matrix.host_os, 'windows') }}
|
|
run: |
|
|
RING_COVERAGE=1 mk/cargo.sh +${{ matrix.rust_channel }} test --workspace -vv --target=${{ matrix.target }} ${{ matrix.cargo_options }} ${{ matrix.features }} ${{ matrix.mode }}
|
|
|
|
- uses: briansmith/codecov-codecov-action@v3
|
|
with:
|
|
directory: ./target/${{ matrix.target }}/debug/coverage/reports
|
|
fail_ci_if_error: true
|
|
verbose: true
|