diff --git a/.github/workflows/check.yml b/.github/workflows/check.yml index 01522e9..6b3703e 100644 --- a/.github/workflows/check.yml +++ b/.github/workflows/check.yml @@ -1,14 +1,20 @@ +permissions: + contents: read on: push: branches: [main] pull_request: +# Spend CI time only on latest ref: https://github.com/jonhoo/rust-ci-conf/pull/5 +concurrency: + group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }} + cancel-in-progress: true name: check jobs: fmt: runs-on: ubuntu-latest name: stable / fmt steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: submodules: true - name: Install stable @@ -16,19 +22,19 @@ jobs: with: components: rustfmt - name: cargo fmt --check - uses: actions-rs/cargo@v1 - with: - command: fmt - args: --check + run: cargo fmt --check clippy: runs-on: ubuntu-latest name: ${{ matrix.toolchain }} / clippy + permissions: + contents: read + checks: write strategy: fail-fast: false matrix: toolchain: [stable, beta] steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: submodules: true - name: Install ${{ matrix.toolchain }} @@ -44,44 +50,39 @@ jobs: runs-on: ubuntu-latest name: nightly / doc steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: submodules: true - name: Install nightly uses: dtolnay/rust-toolchain@nightly - name: cargo doc - uses: actions-rs/cargo@v1 - with: - command: doc - args: --no-deps --all-features + run: cargo doc --no-deps --all-features env: RUSTDOCFLAGS: --cfg docsrs hack: runs-on: ubuntu-latest name: ubuntu / stable / features steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: submodules: true - name: Install stable uses: dtolnay/rust-toolchain@stable - name: cargo install cargo-hack uses: taiki-e/install-action@cargo-hack + # intentionally no target specifier; see https://github.com/jonhoo/rust-ci-conf/pull/4 - name: cargo hack - uses: actions-rs/cargo@v1 - with: - command: hack - args: --feature-powerset check --lib --tests + run: cargo hack --feature-powerset check msrv: runs-on: ubuntu-latest # we use a matrix here just because env can't be used in job names # https://docs.github.com/en/actions/learn-github-actions/contexts#context-availability strategy: matrix: - msrv: [1.40.0] + msrv: ["1.40.0"] name: ubuntu / ${{ matrix.msrv }} steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: submodules: true - name: Install ${{ matrix.msrv }} @@ -89,6 +90,4 @@ jobs: with: toolchain: ${{ matrix.msrv }} - name: cargo +${{ matrix.msrv }} check - uses: actions-rs/cargo@v1 - with: - command: check + run: cargo check diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml index 591476c..2e45b90 100644 --- a/.github/workflows/coverage.yml +++ b/.github/workflows/coverage.yml @@ -10,10 +10,10 @@ jobs: image: xd009642/tarpaulin:develop-nightly options: --security-opt seccomp=unconfined steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Generate code coverage run: | - cargo +nightly tarpaulin --verbose --all-features --workspace --timeout 120 --run-types Doctests --run-types Tests --out Xml + cargo +nightly tarpaulin --verbose --all-features --workspace --timeout 120 --run-types doctests --run-types lib --run-types tests --out xml - name: Upload to codecov.io uses: codecov/codecov-action@v3 with: diff --git a/.github/workflows/safety.yml b/.github/workflows/safety.yml index fa7ffe3..b5fa1b9 100644 --- a/.github/workflows/safety.yml +++ b/.github/workflows/safety.yml @@ -1,13 +1,19 @@ +permissions: + contents: read on: push: branches: [main] pull_request: +# Spend CI time only on latest ref: https://github.com/jonhoo/rust-ci-conf/pull/5 +concurrency: + group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }} + cancel-in-progress: true name: safety jobs: sanitizers: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: submodules: true - name: Install nightly @@ -17,32 +23,33 @@ jobs: sudo apt install llvm # to fix buggy leak analyzer: # https://github.com/japaric/rust-san#unrealiable-leaksanitizer - sed -i '/\[features\]/i [profile.dev]' Cargo.toml - sed -i '/profile.dev/a opt-level = 1' Cargo.toml + # ensure there's a profile.dev section + if ! grep -qE '^[ \t]*[profile.dev]' Cargo.toml; then + echo >> Cargo.toml + echo '[profile.dev]' >> Cargo.toml + fi + # remove pre-existing opt-levels in profile.dev + sed -i '/^\s*\[profile.dev\]/,/^\s*\[/ {/^\s*opt-level/d}' Cargo.toml + # now set opt-level to 1 + sed -i '/^\s*\[profile.dev\]/a opt-level = 1' Cargo.toml cat Cargo.toml name: Enable debug symbols - name: cargo test -Zsanitizer=address - uses: actions-rs/cargo@v1 - with: - command: test - # only --lib --tests b/c of https://github.com/rust-lang/rust/issues/53945 - args: --lib --tests --all-features --target x86_64-unknown-linux-gnu + # only --lib --tests b/c of https://github.com/rust-lang/rust/issues/53945 + run: cargo test --lib --tests --all-features --target x86_64-unknown-linux-gnu env: ASAN_OPTIONS: "detect_odr_violation=0:detect_leaks=0" RUSTFLAGS: "-Z sanitizer=address" - name: cargo test -Zsanitizer=leak if: always() - uses: actions-rs/cargo@v1 - with: - command: test - args: --all-features --target x86_64-unknown-linux-gnu + run: cargo test --all-features --target x86_64-unknown-linux-gnu env: LSAN_OPTIONS: "suppressions=lsan-suppressions.txt" RUSTFLAGS: "-Z sanitizer=leak" miri: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: submodules: true - run: | @@ -53,25 +60,19 @@ jobs: toolchain: ${{ env.NIGHTLY }} components: miri - name: cargo miri test - uses: actions-rs/cargo@v1 - with: - command: miri - args: test + run: cargo miri test env: - MIRIFLAGS: "-Zmiri-tag-raw-pointers" + MIRIFLAGS: "" loom: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: submodules: true - name: Install stable uses: dtolnay/rust-toolchain@stable - name: cargo test --test loom - uses: actions-rs/cargo@v1 - with: - command: test - args: --release --test loom + run: cargo test --release --test loom env: LOOM_MAX_PREEMPTIONS: 3 RUSTFLAGS: "--cfg loom" diff --git a/.github/workflows/scheduled.yml b/.github/workflows/scheduled.yml index e341e9b..4607f3e 100644 --- a/.github/workflows/scheduled.yml +++ b/.github/workflows/scheduled.yml @@ -1,9 +1,15 @@ +permissions: + contents: read on: push: branches: [main] pull_request: schedule: - cron: '7 7 * * *' +# Spend CI time only on latest ref: https://github.com/jonhoo/rust-ci-conf/pull/5 +concurrency: + group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }} + cancel-in-progress: true name: rolling jobs: # https://twitter.com/mycoliza/status/1571295690063753218 @@ -11,21 +17,16 @@ jobs: runs-on: ubuntu-latest name: ubuntu / nightly steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: submodules: true - name: Install nightly uses: dtolnay/rust-toolchain@nightly - name: cargo generate-lockfile if: hashFiles('Cargo.lock') == '' - uses: actions-rs/cargo@v1 - with: - command: generate-lockfile + run: cargo generate-lockfile - name: cargo test --locked - uses: actions-rs/cargo@v1 - with: - command: test - args: --locked --all-features --all-targets + run: cargo test --locked --all-features --all-targets # https://twitter.com/alcuadrado/status/1571291687837732873 update: runs-on: ubuntu-latest @@ -35,7 +36,7 @@ jobs: # Unfortunately, hashFiles only works in if on steps, so we reepeat it. # if: hashFiles('Cargo.lock') != '' steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: submodules: true - name: Install beta @@ -43,14 +44,9 @@ jobs: uses: dtolnay/rust-toolchain@beta - name: cargo update if: hashFiles('Cargo.lock') != '' - uses: actions-rs/cargo@v1 - with: - command: update + run: cargo update - name: cargo test if: hashFiles('Cargo.lock') != '' - uses: actions-rs/cargo@v1 - with: - command: test - args: --locked --all-features --all-targets + run: cargo test --locked --all-features --all-targets env: RUSTFLAGS: -D deprecated diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index bd04939..5cb4003 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -1,7 +1,13 @@ +permissions: + contents: read on: push: branches: [main] pull_request: +# Spend CI time only on latest ref: https://github.com/jonhoo/rust-ci-conf/pull/5 +concurrency: + group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }} + cancel-in-progress: true name: test jobs: required: @@ -11,7 +17,7 @@ jobs: matrix: toolchain: [stable, beta] steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: submodules: true - name: Install ${{ matrix.toolchain }} @@ -20,20 +26,18 @@ jobs: toolchain: ${{ matrix.toolchain }} - name: cargo generate-lockfile if: hashFiles('Cargo.lock') == '' - uses: actions-rs/cargo@v1 - with: - command: generate-lockfile + run: cargo generate-lockfile # https://twitter.com/jonhoo/status/1571290371124260865 - name: cargo test --locked - uses: actions-rs/cargo@v1 - with: - command: test - args: --locked --all-features --all-targets + run: cargo test --locked --all-features --all-targets + # https://github.com/rust-lang/cargo/issues/6669 + - name: cargo test --doc + run: cargo test --locked --all-features --doc minimal: runs-on: ubuntu-latest name: ubuntu / stable / minimal-versions steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: submodules: true - name: Install stable @@ -43,16 +47,9 @@ jobs: - name: rustup default stable run: rustup default stable - name: cargo update -Zminimal-versions - uses: actions-rs/cargo@v1 - with: - command: update - toolchain: nightly - args: -Zminimal-versions + run: cargo +nightly update -Zminimal-versions - name: cargo test - uses: actions-rs/cargo@v1 - with: - command: test - args: --locked --all-features --all-targets + run: cargo test --locked --all-features --all-targets os-check: runs-on: ${{ matrix.os }} name: ${{ matrix.os }} / stable @@ -61,20 +58,21 @@ jobs: matrix: os: [macos-latest, windows-latest] steps: - - uses: actions/checkout@v3 + # if your project needs OpenSSL, uncommment this to fix Windows builds. + # it's commented out by default as tthe install command takes 5-10m. + # - run: echo "VCPKG_ROOT=$env:VCPKG_INSTALLATION_ROOT" | Out-File -FilePath $env:GITHUB_ENV -Append + # if: runner.os == 'Windows' + # - run: vcpkg install openssl:x64-windows-static-md + # if: runner.os == 'Windows' + - uses: actions/checkout@v4 with: submodules: true - name: Install stable uses: dtolnay/rust-toolchain@stable - name: cargo generate-lockfile if: hashFiles('Cargo.lock') == '' - uses: actions-rs/cargo@v1 - with: - command: generate-lockfile + run: cargo generate-lockfile - name: cargo test - uses: actions-rs/cargo@v1 - with: - command: test - args: --locked --all-features --all-targets + run: cargo test --locked --all-features --all-targets # continue using our own coverage.yml for now to get doctest checking # https://github.com/taiki-e/cargo-llvm-cov/issues/2