chore: add cargo-deny to codebase #245
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Check codebase | |
| on: | |
| pull_request: | |
| push: | |
| branches: | |
| - develop | |
| - master | |
| - 'refs/tags/[0-9]+.[0-9]+.[0-9]+*' | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| get-commit-head: | |
| name: Get HEAD commit message | |
| runs-on: ubuntu-latest | |
| outputs: | |
| headCommitMsg: ${{ steps.get-head-commit-message.outputs.headCommitMsg }} | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| with: | |
| # We use different payloads depending on whether this is a `push` or a `pull_request` event | |
| ref: ${{ github.event.head_commit.id || github.event.pull_request.head.sha }} | |
| - name: Get HEAD commit message | |
| id: get-head-commit-message | |
| run: echo "headCommitMsg=$(git show -s --format=%s)" >> "$GITHUB_OUTPUT" | |
| cargo-clippy: | |
| name: Run Clippy checks | |
| runs-on: ubuntu-latest | |
| container: | |
| image: paritytech/ci-unified:bullseye-1.74.0 | |
| env: | |
| # Configured by the Docker image. We can't change this unless the image does it. | |
| CARGO_HOME: /usr/local/cargo | |
| RUSTFLAGS: -D warnings | |
| SKIP_WASM_BUILD: 1 | |
| needs: get-commit-head | |
| if: ${{ !contains(needs.get-commit-head.outputs.headCommitMsg, 'ci-skip-rust') }} | |
| strategy: | |
| matrix: | |
| features: | |
| - | |
| - --all-features | |
| fail-fast: false | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Free Disk Space | |
| uses: jlumbroso/free-disk-space@main | |
| with: | |
| tool-cache: true | |
| - name: Set up Cargo cache | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| ${{ env.CARGO_HOME }}/bin/ | |
| ${{ env.CARGO_HOME }}/registry/index/ | |
| ${{ env.CARGO_HOME }}/registry/cache/ | |
| ${{ env.CARGO_HOME }}/git/db/ | |
| key: ${{ github.job }}-${{ github.ref }}-${{ matrix.features }}-${{ hashFiles('**/Cargo.lock') }} | |
| save-always: true | |
| - name: Run `cargo clippy` | |
| run: cargo clippy --all-targets --locked ${{ matrix.features }} | |
| cargo-fmt: | |
| name: Check formatting | |
| runs-on: ubuntu-latest | |
| container: | |
| image: paritytech/ci-unified:bullseye-1.74.0 | |
| env: | |
| # Configured by the Docker image. We can't change this unless the image does it. | |
| CARGO_HOME: /usr/local/cargo | |
| # Latest nightly version matching the base rustc version (1.74.0). | |
| RUSTUP_NIGHTLY_VERSION: nightly-2023-10-02 | |
| needs: get-commit-head | |
| if: ${{ !contains(needs.get-commit-head.outputs.headCommitMsg, 'ci-skip-rust') }} | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Set up Cargo cache | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| ${{ env.CARGO_HOME }}/bin/ | |
| ${{ env.CARGO_HOME }}/registry/index/ | |
| ${{ env.CARGO_HOME }}/registry/cache/ | |
| ${{ env.CARGO_HOME }}/git/db/ | |
| key: ${{ github.job }}-${{ github.ref }}-${{ hashFiles('**/Cargo.lock') }} | |
| save-always: true | |
| - name: Install nightly toolchain | |
| run: rustup toolchain add ${{ env.RUSTUP_NIGHTLY_VERSION }} | |
| - name: Run `cargo fmt` | |
| run: cargo +${{ env.RUSTUP_NIGHTLY_VERSION }} fmt -- --check | |
| - name: Run `taplo` | |
| run: taplo fmt --check | |
| cargo-deny: | |
| name: Check cargo-deny rules | |
| runs-on: ubuntu-latest | |
| needs: get-commit-head | |
| if: ${{ !contains(needs.get-commit-head.outputs.headCommitMsg, 'ci-skip-rust') }} | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Run `cargo deny` | |
| uses: EmbarkStudios/cargo-deny-action@v2 | |
| with: | |
| # All is set in the config file | |
| arguments: | |
| command-arguments: "--hide-inclusion-graph -c .cargo-deny.toml --show-stats -D warnings" | |
| integration-tests: | |
| name: Run Chopsticks tests | |
| runs-on: ubuntu-latest | |
| env: | |
| working-dir: ./integration-tests/chopsticks | |
| CI: true | |
| PEREGRINE_WASM_OVERRIDE: ../../target/debug/wbuild/peregrine-runtime/peregrine_runtime.wasm | |
| defaults: | |
| run: | |
| working-directory: ${{ env.working-dir }} | |
| needs: get-commit-head | |
| if: ${{ !contains(needs.get-commit-head.outputs.headCommitMsg, 'ci-skip-integration-tests') }} | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Free Disk Space | |
| uses: jlumbroso/free-disk-space@main | |
| with: | |
| tool-cache: true | |
| - name: Setup environment | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version-file: "${{ env.working-dir }}/.nvmrc" | |
| - name: Install dependencies | |
| run: yarn --immutable | |
| - name: Check TS | |
| run: yarn ts-check | |
| - name: Check lints | |
| run: yarn lint | |
| - name: Set up Cargo cache | |
| uses: actions/cache@v4 | |
| with: | |
| # Not executed in a container, so we cache the local paths as on the GH worker. | |
| path: | | |
| ${HOME}/.cargo/bin/ | |
| ${HOME}/.cargo/registry/index/ | |
| ${HOME}/.cargo/registry/cache/ | |
| ${HOME}/.cargo/git/db/ | |
| key: ${{ github.job }}-${{ github.ref }}-${{ hashFiles('**/Cargo.lock') }} | |
| save-always: true | |
| - name: Build Peregrine runtime | |
| run: cargo build -p peregrine-runtime | |
| - name: Run Chopsticks tests | |
| run: yarn test:CI | |
| cargo-test: | |
| name: Run Cargo tests | |
| runs-on: ubuntu-latest | |
| env: | |
| # Configured by the Docker image. We can't change this unless the image does it. | |
| CARGO_HOME: /usr/local/cargo | |
| needs: cargo-clippy | |
| strategy: | |
| matrix: | |
| features: | |
| - | |
| - --all-features | |
| fail-fast: false | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Free Disk Space | |
| uses: jlumbroso/free-disk-space@main | |
| with: | |
| tool-cache: true | |
| - name: Set up Cargo cache | |
| uses: actions/cache@v4 | |
| with: | |
| # These paths are mounted inside the Docker container. | |
| # We cannot mount the `.cargo/bin` folder since the container already contains binaries, and overriding with an empty one breaks compilation. | |
| path: | | |
| ~/.cargo/registry/index | |
| ~/.cargo/registry/cache | |
| ~/.cargo/git/db | |
| key: ${{ github.job }}-${{ github.ref }}-${{ matrix.features }}-${{ hashFiles('**/Cargo.lock') }} | |
| save-always: true | |
| - name: Run `cargo test` | |
| # We cannot use the default `container:` component because it runs out of memory, so we resort to using this solution instead. | |
| # Maybe re-evaluate this job if anything changes GH side. | |
| run: | | |
| docker run --rm \ | |
| -v "${GITHUB_WORKSPACE}:/workspace" \ | |
| -v "${HOME}/.cargo/registry/index:${{ env.CARGO_HOME }}/registry/index" \ | |
| -v "${HOME}/.cargo/registry/cache:${{ env.CARGO_HOME }}/registry/cache" \ | |
| -v "${HOME}/.cargo/git/db:${{ env.CARGO_HOME }}/git/db" \ | |
| -w /workspace \ | |
| paritytech/ci-unified:bullseye-1.74.0 \ | |
| bash -c "cargo test --all-targets --locked ${{ matrix.features }}" | |
| cargo-doc: | |
| name: Check Rustdoc | |
| runs-on: ubuntu-latest | |
| container: | |
| image: paritytech/ci-unified:bullseye-1.74.0 | |
| env: | |
| # Configured by the Docker image. We can't change this unless the image does it. | |
| CARGO_HOME: /usr/local/cargo | |
| SKIP_WASM_BUILD: 1 | |
| RUSTDOCFLAGS: -D warnings | |
| needs: cargo-clippy | |
| strategy: | |
| matrix: | |
| features: | |
| - | |
| - --all-features | |
| fail-fast: false | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Free Disk Space | |
| uses: jlumbroso/free-disk-space@main | |
| with: | |
| tool-cache: true | |
| - name: Set up Cargo cache | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| ${{ env.CARGO_HOME }}/bin/ | |
| ${{ env.CARGO_HOME }}/registry/index/ | |
| ${{ env.CARGO_HOME }}/registry/cache/ | |
| ${{ env.CARGO_HOME }}/git/db/ | |
| key: ${{ github.job }}-${{ github.ref }}-${{ matrix.features }}-${{ hashFiles('**/Cargo.lock') }} | |
| save-always: true | |
| - name: Run `cargo doc` | |
| run: cargo doc --no-deps --locked ${{ matrix.features }} | |
| try-runtime: | |
| name: Run try-runtime | |
| runs-on: ubuntu-latest | |
| container: | |
| image: paritytech/ci-unified:bullseye-1.74.0 | |
| env: | |
| # Configured by the Docker image. We can't change this unless the image does it. | |
| CARGO_HOME: /usr/local/cargo | |
| TRY_RUNTIME_CLI_VERSION_TAG: v0.7.0 | |
| needs: cargo-clippy | |
| strategy: | |
| matrix: | |
| runtime: | |
| - peregrine | |
| - spiritnet | |
| fail-fast: false | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Free Disk Space | |
| uses: jlumbroso/free-disk-space@main | |
| with: | |
| tool-cache: true | |
| - name: Set up Cargo cache | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| ${{ env.CARGO_HOME }}/bin/ | |
| ${{ env.CARGO_HOME }}/registry/index/ | |
| ${{ env.CARGO_HOME }}/registry/cache/ | |
| ${{ env.CARGO_HOME }}/git/db/ | |
| key: ${{ github.job }}-${{ github.ref }}-${{ matrix.runtime }}-${{ hashFiles('**/Cargo.lock') }} | |
| save-always: true | |
| - name: Install try-runtime | |
| run: | | |
| curl -sL https://github.com/paritytech/try-runtime-cli/releases/download/${{ env.TRY_RUNTIME_CLI_VERSION_TAG }}/try-runtime-x86_64-unknown-linux-musl -o try-runtime | |
| chmod +x ./try-runtime | |
| ./try-runtime --version | |
| - name: Build runtime | |
| run: cargo build --release --locked -p ${{ matrix.runtime }}-runtime --features try-runtime | |
| - name: Run `try-runtime` | |
| run: | | |
| ./try-runtime \ | |
| --runtime=./target/release/wbuild/${{ matrix.runtime }}-runtime/${{ matrix.runtime }}_runtime.compact.compressed.wasm \ | |
| on-runtime-upgrade \ | |
| --disable-spec-version-check \ | |
| --checks=all \ | |
| live \ | |
| --uri=wss://${{ matrix.runtime }}.kilt.io |