Skip to content

add dependabot

add dependabot #27

name: manifest-producer
on:
push:
branches:
- main
pull_request:
branches:
- main
env:
GRCOV_VERSION: "0.8.13"
WCC_VERSION: "0.2.0"
UDEPS_VERSION: "0.1.35"
CAREFUL_VERSION: "0.3.4"
DENY_VERSION: "0.13.7"
jobs:
############################### LEGAL AND FORMAT LAYER ###############################
clippy-rustfmt:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Install Rust stable
uses: dtolnay/rust-toolchain@stable
with:
components: clippy, rustfmt
- name: Run rustfmt
run:
cargo fmt --all -- --check --verbose
- name: Run cargo clippy
uses: giraffate/clippy-action@v1
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
clippy_flags: --all-targets -- -D warnings
reporter: github-pr-check
############################### BUILD AND DOCS LAYER ###############################
build:
needs: clippy-rustfmt
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Install Rust stable
uses: dtolnay/rust-toolchain@stable
- name: Build
run: cargo build --verbose
docs:
needs: clippy-rustfmt
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Install Rust stable
uses: dtolnay/rust-toolchain@stable
- name: Generate docs
run: cargo doc --verbose --no-deps
############################### CODE COVERAGE LAYER ###############################
code-coverage:
needs: [build, docs]
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Install Rust stable
uses: dtolnay/rust-toolchain@stable
with:
components: llvm-tools-preview
- name: Install grcov
env:
GRCOV_LINK: https://github.com/mozilla/grcov/releases/download
run: |
curl -L "$GRCOV_LINK/v$GRCOV_VERSION/grcov-x86_64-unknown-linux-musl.tar.bz2" |
tar xj -C $HOME/.cargo/bin
- name: Run tests
env:
RUSTFLAGS: "-Cinstrument-coverage"
LLVM_PROFILE_FILE: "manifest-producer-%p-%m.profraw"
run: |
cargo test --verbose
- name: Get coverage data for codecov
run: |
grcov . --binary-path ./target/debug/ -s . -t lcov --branch \
--ignore-not-existing --ignore "/*" --ignore "../*" \
--ignore "src/bin/*" -o lcov.info
- name: Codecov upload
uses: codecov/codecov-action@v4
with:
files: lcov.info
token: ${{ secrets.CODECOV_TOKEN }}
############################### DEPENDENCY LAYER ###############################
audit:
needs: code-coverage
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Check dependencies changes
uses: dorny/paths-filter@v3
id: changes
with:
filters: |
cargo:
- 'Cargo.toml'
- 'Cargo.lock'
- name: Run cargo-audit
if: steps.changes.outputs.cargo == 'true'
uses: actions-rs/audit-check@v1
with:
token: ${{ secrets.GITHUB_TOKEN }}
deny:
needs: code-coverage
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Check dependencies changes
uses: dorny/paths-filter@v3
id: changes
with:
filters: |
cargo:
- 'Cargo.toml'
- 'Cargo.lock'
- name: Install Rust stable
if: steps.changes.outputs.cargo == 'true'
uses: dtolnay/rust-toolchain@stable
with:
toolchain: stable
- name: Install cargo-deny
if: steps.changes.outputs.cargo == 'true'
env:
DENY_LINK: https://github.com/EmbarkStudios/cargo-deny/releases/download
run: |
curl -L "$DENY_LINK/$DENY_VERSION/cargo-deny-$DENY_VERSION-x86_64-unknown-linux-musl.tar.gz" |
tar xz -C $HOME/.cargo/bin --strip-components 1
- name: Run cargo-deny
if: steps.changes.outputs.cargo == 'true'
run: |
cargo deny init
cargo deny check bans
udeps:
needs: code-coverage
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Check dependencies changes
uses: dorny/paths-filter@v3
id: changes
with:
filters: |
cargo:
- 'Cargo.toml'
- 'Cargo.lock'
- name: Install Rust nightly
if: steps.changes.outputs.cargo == 'true'
uses: dtolnay/rust-toolchain@nightly
with:
toolchain: nightly
- name: Install cargo-udeps
if: steps.changes.outputs.cargo == 'true'
env:
UDEPS_LINK: https://github.com/est31/cargo-udeps/releases/download
run: |
curl -L "$UDEPS_LINK/v$UDEPS_VERSION/cargo-udeps-v$UDEPS_VERSION-x86_64-unknown-linux-gnu.tar.gz" |
tar xz -C $HOME/.cargo/bin --strip-components 2
- name: Run cargo-udeps
if: steps.changes.outputs.cargo == 'true'
run: |
cargo +nightly udeps --all-targets
############################### UNSAFE CHECKS LEVEL ###############################
valgrind:
needs: [audit, deny, udeps]
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Install valgrind
run: |
sudo apt-get update
sudo apt-get install valgrind
- name: Run cargo-valgrind
env:
CARGO_TARGET_X86_64_UNKNOWN_LINUX_GNU_RUNNER: "valgrind -s --leak-check=full --show-leak-kinds=all --error-exitcode=1"
run: |
cargo test
careful:
needs: [audit, deny, udeps]
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Install Rust nightly
uses: dtolnay/rust-toolchain@nightly
with:
toolchain: nightly
components: rust-src
- name: Install cargo-careful
env:
CAREFUL_LINK: https://github.com/RalfJung/cargo-careful/releases/download
run: |
curl -L "$CAREFUL_LINK/v$CAREFUL_VERSION/cargo-careful.x86_64-unknown-linux-musl" \
--output $HOME/.cargo/bin/cargo-careful
chmod +x $HOME/.cargo/bin/cargo-careful
- name: Run cargo-careful
run: |
cargo +nightly careful test
address-sanitizer:
needs: [audit, deny, udeps]
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Install Rust nightly
uses: dtolnay/rust-toolchain@nightly
with:
toolchain: nightly
components: rust-src
- name: Run AddressSanitizer
env:
RUSTFLAGS: -Zsanitizer=address -Copt-level=3
RUSTDOCFLAGS: -Zsanitizer=address
run: cargo test -Zbuild-std --target x86_64-unknown-linux-gnu