From 0eb022f9d180773f19d1bd95a1c295f05440d494 Mon Sep 17 00:00:00 2001 From: Jaco Malan Date: Thu, 25 May 2023 12:37:44 +0200 Subject: [PATCH 1/3] Added CI from jonhoo/rust-ci-conf --- .github/codecov.yml | 21 ++++++++ .github/dependabot.yml | 17 ++++++ .github/workflows/check.yml | 93 +++++++++++++++++++++++++++++++++ .github/workflows/safety.yml | 78 +++++++++++++++++++++++++++ .github/workflows/scheduled.yml | 52 ++++++++++++++++++ .github/workflows/test.yml | 92 ++++++++++++++++++++++++++++++++ 6 files changed, 353 insertions(+) create mode 100644 .github/codecov.yml create mode 100644 .github/dependabot.yml create mode 100644 .github/workflows/check.yml create mode 100644 .github/workflows/safety.yml create mode 100644 .github/workflows/scheduled.yml create mode 100644 .github/workflows/test.yml diff --git a/.github/codecov.yml b/.github/codecov.yml new file mode 100644 index 0000000..ff4f571 --- /dev/null +++ b/.github/codecov.yml @@ -0,0 +1,21 @@ +# ref: https://docs.codecov.com/docs/codecovyml-reference +coverage: + # Hold ourselves to a high bar + range: 85..100 + round: down + precision: 1 + status: + # ref: https://docs.codecov.com/docs/commit-status + project: + default: + # Avoid false negatives + threshold: 1% + +# Test files aren't important for coverage +ignore: + - "tests" + +# Make comments less noisy +comment: + layout: "files" + require_changes: yes diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..8139a93 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,17 @@ +version: 2 +updates: + - package-ecosystem: github-actions + directory: / + schedule: + interval: daily + - package-ecosystem: cargo + directory: / + schedule: + interval: daily + ignore: + - dependency-name: "*" + # patch and minor updates don't matter for libraries + # remove this ignore rule if your package has binaries + update-types: + - "version-update:semver-patch" + - "version-update:semver-minor" diff --git a/.github/workflows/check.yml b/.github/workflows/check.yml new file mode 100644 index 0000000..3fb97ad --- /dev/null +++ b/.github/workflows/check.yml @@ -0,0 +1,93 @@ +permissions: + contents: read +on: + push: + branches: [main] + pull_request: +# Spend CI time only on latest ref: https://github.com/jonhoo/rust-ci-conf/pull/5 +concurrency: + group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }} + cancel-in-progress: true +name: check +jobs: + fmt: + runs-on: ubuntu-latest + name: stable / fmt + steps: + - uses: actions/checkout@v3 + with: + submodules: true + - name: Install stable + uses: dtolnay/rust-toolchain@stable + with: + components: rustfmt + - name: cargo fmt --check + run: cargo fmt --check + clippy: + runs-on: ubuntu-latest + name: ${{ matrix.toolchain }} / clippy + permissions: + contents: read + checks: write + strategy: + fail-fast: false + matrix: + toolchain: [stable, beta] + steps: + - uses: actions/checkout@v3 + with: + submodules: true + - name: Install ${{ matrix.toolchain }} + uses: dtolnay/rust-toolchain@master + with: + toolchain: ${{ matrix.toolchain }} + components: clippy + - name: cargo clippy + uses: actions-rs/clippy-check@v1 + with: + token: ${{ secrets.GITHUB_TOKEN }} + doc: + runs-on: ubuntu-latest + name: nightly / doc + steps: + - uses: actions/checkout@v3 + with: + submodules: true + - name: Install nightly + uses: dtolnay/rust-toolchain@nightly + - name: cargo doc + run: cargo doc --no-deps --all-features + env: + RUSTDOCFLAGS: --cfg docsrs + hack: + runs-on: ubuntu-latest + name: ubuntu / stable / features + steps: + - uses: actions/checkout@v3 + with: + submodules: true + - name: Install stable + uses: dtolnay/rust-toolchain@stable + - name: cargo install cargo-hack + uses: taiki-e/install-action@cargo-hack + # intentionally no target specifier; see https://github.com/jonhoo/rust-ci-conf/pull/4 + - name: cargo hack + run: cargo hack --feature-powerset check + msrv: + runs-on: ubuntu-latest + # we use a matrix here just because env can't be used in job names + # https://docs.github.com/en/actions/learn-github-actions/contexts#context-availability + strategy: + matrix: + msrv: [1.56.1] # 2021 edition requires 1.56 + name: ubuntu / ${{ matrix.msrv }} + steps: + - uses: actions/checkout@v3 + with: + submodules: true + - name: Install ${{ matrix.msrv }} + uses: dtolnay/rust-toolchain@master + with: + toolchain: ${{ matrix.msrv }} + - name: cargo +${{ matrix.msrv }} check + run: cargo check diff --git a/.github/workflows/safety.yml b/.github/workflows/safety.yml new file mode 100644 index 0000000..eb5a5d6 --- /dev/null +++ b/.github/workflows/safety.yml @@ -0,0 +1,78 @@ +permissions: + contents: read +on: + push: + branches: [main] + pull_request: +# Spend CI time only on latest ref: https://github.com/jonhoo/rust-ci-conf/pull/5 +concurrency: + group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }} + cancel-in-progress: true +name: safety +jobs: + sanitizers: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + with: + submodules: true + - name: Install nightly + uses: dtolnay/rust-toolchain@nightly + - run: | + # to get the symbolizer for debug symbol resolution + sudo apt install llvm + # to fix buggy leak analyzer: + # https://github.com/japaric/rust-san#unrealiable-leaksanitizer + # ensure there's a profile.dev section + if ! grep -qE '^[ \t]*[profile.dev]' Cargo.toml; then + echo >> Cargo.toml + echo '[profile.dev]' >> Cargo.toml + fi + # remove pre-existing opt-levels in profile.dev + sed -i '/^\s*\[profile.dev\]/,/^\s*\[/ {/^\s*opt-level/d}' Cargo.toml + # now set opt-level to 1 + sed -i '/^\s*\[profile.dev\]/a opt-level = 1' Cargo.toml + cat Cargo.toml + name: Enable debug symbols + - name: cargo test -Zsanitizer=address + # only --lib --tests b/c of https://github.com/rust-lang/rust/issues/53945 + run: cargo test --lib --tests --all-features --target x86_64-unknown-linux-gnu + env: + ASAN_OPTIONS: "detect_odr_violation=0:detect_leaks=0" + RUSTFLAGS: "-Z sanitizer=address" + - name: cargo test -Zsanitizer=leak + if: always() + run: cargo test --all-features --target x86_64-unknown-linux-gnu + env: + LSAN_OPTIONS: "suppressions=lsan-suppressions.txt" + RUSTFLAGS: "-Z sanitizer=leak" + miri: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + with: + submodules: true + - run: | + echo "NIGHTLY=nightly-$(curl -s https://rust-lang.github.io/rustup-components-history/x86_64-unknown-linux-gnu/miri)" >> $GITHUB_ENV + - name: Install ${{ env.NIGHTLY }} + uses: dtolnay/rust-toolchain@master + with: + toolchain: ${{ env.NIGHTLY }} + components: miri + - name: cargo miri test + run: cargo miri test + env: + MIRIFLAGS: "" + loom: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + with: + submodules: true + - name: Install stable + uses: dtolnay/rust-toolchain@stable + - name: cargo test --test loom + run: cargo test --release --test loom + env: + LOOM_MAX_PREEMPTIONS: 2 + RUSTFLAGS: "--cfg loom" diff --git a/.github/workflows/scheduled.yml b/.github/workflows/scheduled.yml new file mode 100644 index 0000000..d4e19dd --- /dev/null +++ b/.github/workflows/scheduled.yml @@ -0,0 +1,52 @@ +permissions: + contents: read +on: + push: + branches: [main] + pull_request: + schedule: + - cron: '7 7 * * *' +# Spend CI time only on latest ref: https://github.com/jonhoo/rust-ci-conf/pull/5 +concurrency: + group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }} + cancel-in-progress: true +name: rolling +jobs: + # https://twitter.com/mycoliza/status/1571295690063753218 + nightly: + runs-on: ubuntu-latest + name: ubuntu / nightly + steps: + - uses: actions/checkout@v3 + with: + submodules: true + - name: Install nightly + uses: dtolnay/rust-toolchain@nightly + - name: cargo generate-lockfile + if: hashFiles('Cargo.lock') == '' + run: cargo generate-lockfile + - name: cargo test --locked + run: cargo test --locked --all-features --all-targets + # https://twitter.com/alcuadrado/status/1571291687837732873 + update: + runs-on: ubuntu-latest + name: ubuntu / beta / updated + # There's no point running this if no Cargo.lock was checked in in the + # first place, since we'd just redo what happened in the regular test job. + # Unfortunately, hashFiles only works in if on steps, so we reepeat it. + # if: hashFiles('Cargo.lock') != '' + steps: + - uses: actions/checkout@v3 + with: + submodules: true + - name: Install beta + if: hashFiles('Cargo.lock') != '' + uses: dtolnay/rust-toolchain@beta + - name: cargo update + if: hashFiles('Cargo.lock') != '' + run: cargo update + - name: cargo test + if: hashFiles('Cargo.lock') != '' + run: cargo test --locked --all-features --all-targets + env: + RUSTFLAGS: -D deprecated diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml new file mode 100644 index 0000000..4d0417c --- /dev/null +++ b/.github/workflows/test.yml @@ -0,0 +1,92 @@ +permissions: + contents: read +on: + push: + branches: [main] + pull_request: +# Spend CI time only on latest ref: https://github.com/jonhoo/rust-ci-conf/pull/5 +concurrency: + group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }} + cancel-in-progress: true +name: test +jobs: + required: + runs-on: ubuntu-latest + name: ubuntu / ${{ matrix.toolchain }} + strategy: + matrix: + toolchain: [stable, beta] + steps: + - uses: actions/checkout@v3 + with: + submodules: true + - name: Install ${{ matrix.toolchain }} + uses: dtolnay/rust-toolchain@master + with: + toolchain: ${{ matrix.toolchain }} + - name: cargo generate-lockfile + if: hashFiles('Cargo.lock') == '' + run: cargo generate-lockfile + # https://twitter.com/jonhoo/status/1571290371124260865 + - name: cargo test --locked + run: cargo test --locked --all-features --all-targets + # https://github.com/rust-lang/cargo/issues/6669 + - name: cargo test --doc + run: cargo test --locked --all-features --doc + minimal: + runs-on: ubuntu-latest + name: ubuntu / stable / minimal-versions + steps: + - uses: actions/checkout@v3 + with: + submodules: true + - name: Install stable + uses: dtolnay/rust-toolchain@stable + - name: Install nightly for -Zminimal-versions + uses: dtolnay/rust-toolchain@nightly + - name: rustup default stable + run: rustup default stable + - name: cargo update -Zminimal-versions + run: cargo +nightly update -Zminimal-versions + - name: cargo test + run: cargo test --locked --all-features --all-targets + os-check: + runs-on: ${{ matrix.os }} + name: ${{ matrix.os }} / stable + strategy: + fail-fast: false + matrix: + os: [macos-latest, windows-latest] + steps: + - uses: actions/checkout@v3 + with: + submodules: true + - name: Install stable + uses: dtolnay/rust-toolchain@stable + - name: cargo generate-lockfile + if: hashFiles('Cargo.lock') == '' + run: cargo generate-lockfile + - name: cargo test + run: cargo test --locked --all-features --all-targets + coverage: + runs-on: ubuntu-latest + name: ubuntu / stable / coverage + steps: + - uses: actions/checkout@v3 + with: + submodules: true + - name: Install stable + uses: dtolnay/rust-toolchain@stable + with: + components: llvm-tools-preview + - name: cargo install cargo-llvm-cov + uses: taiki-e/install-action@cargo-llvm-cov + - name: cargo generate-lockfile + if: hashFiles('Cargo.lock') == '' + run: cargo generate-lockfile + - name: cargo llvm-cov + run: cargo llvm-cov --locked --all-features --lcov --output-path lcov.info + - name: Upload to codecov.io + uses: codecov/codecov-action@v3 + with: + fail_ci_if_error: true From 19802ed63e120b583ca56759b56609ce07ab080c Mon Sep 17 00:00:00 2001 From: Jaco Malan Date: Thu, 25 May 2023 12:40:34 +0200 Subject: [PATCH 2/3] Remove feature 'use-pkg-config' from libsodium-sys --- Cargo.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Cargo.toml b/Cargo.toml index 933956b..644fddb 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -10,7 +10,7 @@ repository = "https://github.com/JacoMalan1/tablesalt" # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html [dependencies] -libsodium-sys = { version = "0.2.7", features = ["use-pkg-config"] } +libsodium-sys = { version = "0.2.7" } [dev-dependencies] hex = "0.4.3" From 151e26aad5d128cb9f060f1da5695c681f015e10 Mon Sep 17 00:00:00 2001 From: Jaco Malan Date: Thu, 25 May 2023 12:48:21 +0200 Subject: [PATCH 3/3] Removed some workflows from .github --- .github/workflows/safety.yml | 30 ------------------------------ .github/workflows/test.yml | 17 ----------------- 2 files changed, 47 deletions(-) diff --git a/.github/workflows/safety.yml b/.github/workflows/safety.yml index eb5a5d6..937d759 100644 --- a/.github/workflows/safety.yml +++ b/.github/workflows/safety.yml @@ -46,33 +46,3 @@ jobs: env: LSAN_OPTIONS: "suppressions=lsan-suppressions.txt" RUSTFLAGS: "-Z sanitizer=leak" - miri: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - with: - submodules: true - - run: | - echo "NIGHTLY=nightly-$(curl -s https://rust-lang.github.io/rustup-components-history/x86_64-unknown-linux-gnu/miri)" >> $GITHUB_ENV - - name: Install ${{ env.NIGHTLY }} - uses: dtolnay/rust-toolchain@master - with: - toolchain: ${{ env.NIGHTLY }} - components: miri - - name: cargo miri test - run: cargo miri test - env: - MIRIFLAGS: "" - loom: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - with: - submodules: true - - name: Install stable - uses: dtolnay/rust-toolchain@stable - - name: cargo test --test loom - run: cargo test --release --test loom - env: - LOOM_MAX_PREEMPTIONS: 2 - RUSTFLAGS: "--cfg loom" diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 4d0417c..adac611 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -33,23 +33,6 @@ jobs: # https://github.com/rust-lang/cargo/issues/6669 - name: cargo test --doc run: cargo test --locked --all-features --doc - minimal: - runs-on: ubuntu-latest - name: ubuntu / stable / minimal-versions - steps: - - uses: actions/checkout@v3 - with: - submodules: true - - name: Install stable - uses: dtolnay/rust-toolchain@stable - - name: Install nightly for -Zminimal-versions - uses: dtolnay/rust-toolchain@nightly - - name: rustup default stable - run: rustup default stable - - name: cargo update -Zminimal-versions - run: cargo +nightly update -Zminimal-versions - - name: cargo test - run: cargo test --locked --all-features --all-targets os-check: runs-on: ${{ matrix.os }} name: ${{ matrix.os }} / stable