Typescript and rust clients #26
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Code Review - Rust | |
on: | |
push: | |
branches: ['main'] | |
pull_request: | |
branches: ['main'] | |
paths: | |
[ | |
'programs/**', | |
'lib', | |
'Cargo.toml', | |
'Cargo.lock', | |
] | |
workflow_dispatch: | |
env: | |
CARGO_TERM_COLOR: always | |
SOLANA_VERSION: '1.18.22' | |
RUST_TOOLCHAIN: '1.78.0' | |
jobs: | |
format: | |
name: Format | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Set Rust version | |
run: rustup toolchain install ${{ env.RUST_TOOLCHAIN }} --component rustfmt | |
- name: Run fmt | |
run: cargo fmt -- --check | |
clippy: | |
name: Clippy | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Cache dependencies | |
uses: Swatinem/rust-cache@v2 | |
- name: Set Rust version | |
run: rustup toolchain install ${{ env.RUST_TOOLCHAIN }} --component clippy | |
- name: Run clippy | |
run: cargo clippy --workspace --exclude fixed --exclude checked_math -- --no-deps --deny=warnings --allow=clippy::style --allow=clippy::complexity --allow=clippy::manual-retain --allow=clippy::crate-in-macro-def --allow=clippy::result-large-err --allow=clippy::derive_partial_eq_without_eq --allow=clippy::multiple-bound-locations | |
test: | |
name: Test | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Cache dependencies | |
uses: Swatinem/rust-cache@v2 | |
- name: Set Rust version | |
run: rustup toolchain install ${{ env.RUST_TOOLCHAIN }} | |
- name: Install Solana | |
run: | | |
sh -c "$(curl -sSfL https://release.solana.com/v${{ env.SOLANA_VERSION }}/install)" | |
echo "$HOME/.local/share/solana/install/active_release/bin" >> $GITHUB_PATH | |
export PATH="/home/runner/.local/share/solana/install/active_release/bin:$PATH" | |
solana --version | |
echo "Generating keypair..." | |
solana-keygen new -o "$HOME/.config/solana/id.json" --no-passphrase --silent | |
- name: Build all deps | |
run: | | |
cargo build-sbf | |
- name: Run sbf tests | |
run: cargo test-sbf | |
coverage: | |
name: Coverage | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Cache dependencies | |
uses: Swatinem/rust-cache@v2 | |
- name: Set Rust version | |
run: rustup toolchain install ${{ env.RUST_TOOLCHAIN }} | |
- name: Install Solana | |
run: | | |
sh -c "$(curl -sSfL https://release.solana.com/v${{ env.SOLANA_VERSION }}/install)" | |
echo "$HOME/.local/share/solana/install/active_release/bin" >> $GITHUB_PATH | |
export PATH="/home/runner/.local/share/solana/install/active_release/bin:$PATH" | |
solana --version | |
echo "Generating keypair..." | |
solana-keygen new -o "$HOME/.config/solana/id.json" --no-passphrase --silent | |
- name: Install cargo-llvm-cov | |
uses: taiki-e/install-action@cargo-llvm-cov | |
- name: Build all deps | |
run: | | |
cargo build-sbf --verbose | |
- name: Generate code coverage | |
run: cargo llvm-cov --lcov --output-path lcov.info --workspace -- --nocapture | |
- name: Upload coverage to Codecov | |
uses: codecov/codecov-action@v3 | |
with: | |
token: ${{ secrets.CODECOV_TOKEN }} | |
files: lcov.info | |
verbose: true | |
fail_ci_if_error: true | |
env: | |
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} | |
sca: | |
name: Dependency Scan | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
# Fail the job on critical vulnerabilities with fix available | |
- name: Fail on critical vulnerabilities | |
uses: aquasecurity/trivy-action@master | |
with: | |
scan-type: 'fs' | |
scan-ref: 'Cargo.lock' | |
ignore-unfixed: true | |
hide-progress: true | |
format: 'table' | |
severity: 'CRITICAL' | |
exit-code: '1' |