Huge refactor #1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: complex-code-spotter | |
| on: | |
| push: | |
| branches: | |
| - master | |
| paths: | |
| - 'src/**' | |
| - 'crates/**' | |
| - 'fuzz/**' | |
| - '.github/**' | |
| - 'Cargo.toml' | |
| - 'Cargo.lock' | |
| pull_request: | |
| branches: | |
| - master | |
| paths: | |
| - 'src/**' | |
| - 'crates/**' | |
| - 'fuzz/**' | |
| - '.github/**' | |
| - 'Cargo.toml' | |
| - 'Cargo.lock' | |
| jobs: | |
| ################################## LEGAL AND FORMAT LAYER ###################### | |
| reuse: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: REUSE Compliance Check | |
| uses: fsfe/reuse-action@v1 | |
| clippy-rustfmt: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Install Rust stable | |
| uses: dtolnay/rust-toolchain@stable | |
| with: | |
| toolchain: stable | |
| components: clippy, rustfmt | |
| - name: Run rustfmt | |
| run: | |
| cargo fmt --all -- --check --verbose | |
| - name: Run cargo clippy | |
| uses: giraffate/clippy-action@v1 | |
| with: | |
| github_token: ${{ secrets.GITHUB_TOKEN }} | |
| clippy_flags: --all-targets -- -D warnings | |
| reporter: github-pr-review | |
| static-code-analysis: | |
| env: | |
| RCA_LINK: https://github.com/mozilla/rust-code-analysis/releases/download | |
| RCA_VERSION: v0.0.25 | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Install rust-code-analysis on Ubuntu | |
| run: | | |
| mkdir -p $HOME/.local/bin | |
| curl -L "$RCA_LINK/$RCA_VERSION/rust-code-analysis-linux-cli-x86_64.tar.gz" | | |
| tar xz -C $HOME/.local/bin | |
| echo "$HOME/.local/bin" >> $GITHUB_PATH | |
| - name: Run rust-code-analysis | |
| run: | | |
| mkdir $HOME/rca-json | |
| rust-code-analysis-cli --metrics -O json --pr -o "$HOME/rca-json" -p $PWD | |
| - name: Upload rust-code-analysis json | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: rca-json-ubuntu | |
| path: ~/rca-json | |
| ################################## BUILD AND DOCS LAYER ######################## | |
| build: | |
| needs: [reuse, clippy-rustfmt, static-code-analysis] | |
| strategy: | |
| matrix: | |
| platform: [ubuntu-latest, macos-latest, windows-latest] | |
| runs-on: ${{ matrix.platform }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Install Rust stable | |
| uses: dtolnay/rust-toolchain@stable | |
| with: | |
| toolchain: stable | |
| - name: Build | |
| run: cargo build --verbose | |
| docs: | |
| needs: [reuse, clippy-rustfmt, static-code-analysis] | |
| strategy: | |
| matrix: | |
| platform: [ubuntu-latest, macos-latest, windows-latest] | |
| runs-on: ${{ matrix.platform }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Install Rust stable | |
| uses: dtolnay/rust-toolchain@stable | |
| with: | |
| toolchain: stable | |
| - name: Generate docs | |
| run: cargo doc --verbose --no-deps | |
| ################################## CODE COVERAGE LAYER ################################## | |
| code-coverage: | |
| needs: [build, docs] | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Install Rust stable | |
| uses: dtolnay/rust-toolchain@stable | |
| with: | |
| toolchain: stable | |
| - name: Install grcov | |
| env: | |
| GRCOV_LINK: https://github.com/mozilla/grcov/releases/download | |
| GRCOV_VERSION: v0.8.13 | |
| run: | | |
| curl -L "$GRCOV_LINK/$GRCOV_VERSION/grcov-x86_64-unknown-linux-musl.tar.bz2" | | |
| tar xj -C $HOME/.cargo/bin | |
| - name: Install llvm-tools-preview | |
| run: | | |
| rustup component add llvm-tools-preview | |
| # Not necessary on a newly created image, but strictly advised | |
| - name: Run cargo clean | |
| run: | | |
| cargo clean | |
| - name: Run tests | |
| env: | |
| RUSTFLAGS: "-Cinstrument-coverage" | |
| LLVM_PROFILE_FILE: "complex-code-spotter-%p-%m.profraw" | |
| run: | | |
| cargo test --verbose | |
| - name: Get coverage data for codecov | |
| run: | | |
| grcov . --binary-path ./target/debug/ -s . -t lcov --branch \ | |
| --ignore-not-existing --ignore "/*" --ignore "../*" -o lcov.info | |
| - name: Codecov upload | |
| uses: codecov/codecov-action@v3 | |
| with: | |
| files: lcov.info | |
| weighted-code-coverage: | |
| needs: [build, docs] | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Install Rust stable | |
| uses: dtolnay/rust-toolchain@stable | |
| with: | |
| toolchain: stable | |
| - name: Install grcov | |
| env: | |
| GRCOV_LINK: https://github.com/mozilla/grcov/releases/download | |
| GRCOV_VERSION: v0.8.13 | |
| GRCOV_BINARY: grcov-x86_64-unknown-linux-musl.tar.bz2 | |
| run: | | |
| curl -L "$GRCOV_LINK/$GRCOV_VERSION/$GRCOV_BINARY" | | |
| tar xj -C $HOME/.cargo/bin | |
| - name: Install weighted-code-coverage | |
| env: | |
| WCC_LINK: https://github.com/SoftengPoliTo/weighted-code-coverage/releases/download | |
| WCC_VERSION: v0.2.0 | |
| WCC_BINARY: weighted-code-coverage-0.2.0-x86_64-unknown-linux-gnu.tar.gz | |
| run: | | |
| curl -L "$WCC_LINK/$WCC_VERSION/$WCC_BINARY" | | |
| tar xz -C $HOME/.cargo/bin | |
| - name: Install llvm-tools-preview | |
| run: | | |
| rustup component add llvm-tools-preview | |
| # Not necessary on a newly created image, but strictly advised | |
| - name: Run cargo clean | |
| run: | | |
| cargo clean | |
| - name: Run tests | |
| env: | |
| RUSTFLAGS: "-Cinstrument-coverage" | |
| LLVM_PROFILE_FILE: "complex-code-spotter-%p-%m.profraw" | |
| run: | | |
| cargo test --verbose | |
| - name: Run grcov | |
| run: | | |
| grcov . --binary-path ./target/debug/ -t coveralls -s . --token YOUR_COVERALLS_TOKEN > coveralls.json | |
| - name: Run weighted-code-coverage | |
| run: | | |
| mkdir $HOME/wcc-output | |
| weighted-code-coverage -p src/ -j coveralls.json -c cyclomatic --json $HOME/wcc-output/out.json | |
| - name: Upload weighted-code-coverage data | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: weighted-code-coverage-ubuntu | |
| path: ~/wcc-output/out.json | |
| ################################## DEPENDENCY LAYER ########################### | |
| audit: | |
| needs: [code-coverage, weighted-code-coverage] | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Check dependencies changes | |
| uses: dorny/paths-filter@v2 | |
| id: changes | |
| with: | |
| filters: | | |
| cargo: | |
| - 'Cargo.toml' | |
| - 'Cargo.lock' | |
| - name: Run cargo-audit | |
| if: steps.changes.outputs.cargo == 'true' | |
| uses: actions-rs/audit-check@v1 | |
| with: | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| deny: | |
| needs: [code-coverage, weighted-code-coverage] | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Check dependencies changes | |
| uses: dorny/paths-filter@v2 | |
| id: changes | |
| with: | |
| filters: | | |
| cargo: | |
| - 'Cargo.toml' | |
| - 'Cargo.lock' | |
| - name: Install Rust stable | |
| if: steps.changes.outputs.cargo == 'true' | |
| uses: dtolnay/rust-toolchain@stable | |
| with: | |
| toolchain: stable | |
| - name: Install cargo-deny | |
| if: steps.changes.outputs.cargo == 'true' | |
| env: | |
| DENY_LINK: https://github.com/EmbarkStudios/cargo-deny/releases/download | |
| DENY_VERSION: 0.13.7 | |
| run: | | |
| curl -L "$DENY_LINK/$DENY_VERSION/cargo-deny-$DENY_VERSION-x86_64-unknown-linux-musl.tar.gz" | | |
| tar xz -C $HOME/.cargo/bin --strip-components 1 | |
| - name: Run cargo-deny | |
| if: steps.changes.outputs.cargo == 'true' | |
| run: | | |
| cargo deny init | |
| cargo deny check bans | |
| # cargo deny check licenses | |
| udeps: | |
| needs: [code-coverage, weighted-code-coverage] | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Check dependencies changes | |
| uses: dorny/paths-filter@v2 | |
| id: changes | |
| with: | |
| filters: | | |
| cargo: | |
| - 'Cargo.toml' | |
| - 'Cargo.lock' | |
| - name: Install Rust nightly | |
| if: steps.changes.outputs.cargo == 'true' | |
| uses: dtolnay/rust-toolchain@nightly | |
| with: | |
| toolchain: nightly | |
| - name: Install cargo-udeps | |
| if: steps.changes.outputs.cargo == 'true' | |
| env: | |
| UDEPS_LINK: https://github.com/est31/cargo-udeps/releases/download | |
| UDEPS_VERSION: v0.1.35 | |
| run: | | |
| curl -L "$UDEPS_LINK/$UDEPS_VERSION/cargo-udeps-$UDEPS_VERSION-x86_64-unknown-linux-gnu.tar.gz" | | |
| tar xz -C $HOME/.cargo/bin --strip-components 2 | |
| - name: Run cargo-udeps | |
| if: steps.changes.outputs.cargo == 'true' | |
| run: | | |
| cargo +nightly udeps --all-targets | |
| ################################## UNSAFE CHECKS LEVEL ######################### | |
| valgrind: | |
| needs: [audit, deny, udeps] | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Install valgrind | |
| run: | | |
| sudo apt-get install valgrind | |
| - name: Install cargo-valgrind | |
| env: | |
| VALGRIND_LINK: https://github.com/jfrimmel/cargo-valgrind/releases/download | |
| VALGRIND_VERSION: 2.1.0 | |
| run: | | |
| curl -L "$VALGRIND_LINK/v$VALGRIND_VERSION/cargo-valgrind-$VALGRIND_VERSION-x86_64-unknown-linux-musl.tar.gz" | | |
| tar xz -C $HOME/.cargo/bin | |
| # Usage of the `help` command as base command, please replace it | |
| # with the effective command that valgrind has to analyze | |
| - name: Run cargo-valgrind | |
| run: | | |
| cargo valgrind run -- --help | |
| # cargo valgrind test | |
| careful: | |
| needs: [audit, deny, udeps] | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Install Rust nightly | |
| uses: dtolnay/rust-toolchain@nightly | |
| with: | |
| toolchain: nightly | |
| components: rust-src | |
| - name: Install cargo-careful | |
| env: | |
| CAREFUL_LINK: https://github.com/RalfJung/cargo-careful/releases/download | |
| CAREFUL_VERSION: 0.3.4 | |
| run: | | |
| curl -L "$CAREFUL_LINK/v$CAREFUL_VERSION/cargo-careful.x86_64-unknown-linux-musl" \ | |
| --output $HOME/.cargo/bin/cargo-careful | |
| chmod +x $HOME/.cargo/bin/cargo-careful | |
| - name: Run cargo-careful | |
| run: | | |
| cargo +nightly careful test | |
| # cargo +nightly careful run | |
| address-sanitizer: | |
| needs: [audit, deny, udeps] | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Install Rust nightly | |
| uses: dtolnay/rust-toolchain@nightly | |
| with: | |
| toolchain: nightly | |
| components: rust-src | |
| - name: Run AddressSanitizer | |
| env: | |
| RUSTFLAGS: -Zsanitizer=address -Copt-level=3 | |
| RUSTDOCFLAGS: -Zsanitizer=address | |
| run: cargo test -Zbuild-std --target x86_64-unknown-linux-gnu | |
| # Use `cargo run` for the analysis of a binary. | |
| # Usage of the `help` command as base command, please replace it | |
| # with the effective command that AddressSanitizer has to analyze | |
| # run: cargo run -Zbuild-std --target x86_64-unknown-linux-gnu -- --help | |
| ################################## FUZZING LEVEL ################################# | |
| fuzzing-ubuntu: | |
| needs: [valgrind, careful, address-sanitizer] | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Install Rust nightly | |
| uses: dtolnay/rust-toolchain@nightly | |
| with: | |
| toolchain: nightly | |
| - name: Install cargo-fuzz | |
| env: | |
| FUZZ_LINK: https://github.com/rust-fuzz/cargo-fuzz/releases/download | |
| FUZZ_VERSION: 0.11.2 | |
| run: | | |
| curl -L "$FUZZ_LINK/$FUZZ_VERSION/cargo-fuzz-$FUZZ_VERSION-x86_64-unknown-linux-musl.tar.gz" | | |
| tar xz -C $HOME/.cargo/bin | |
| - name: Run cargo-fuzz | |
| run: cargo fuzz build --target x86_64-unknown-linux-gnu |