Replace actions-rs with maintained alternatives (#133)

* ci: Replace actions-rs with maintained alternatives * ci: Revert back cargo test to original cargo build * ci: NIT
brycx · Sep 10, 2024 · 8ba9218 · 8ba9218
1 parent e4e0556
commit 8ba9218
Show file tree

Hide file tree

Showing 5 changed files with 89 additions and 91 deletions.
diff --git a/.github/workflows/daily_tests.yml b/.github/workflows/daily_tests.yml
@@ -3,7 +3,7 @@ permissions:
   contents: read
 on:
   schedule:
-    - cron: '0 0 * * *' # Midnight of each day
+    - cron: "0 0 * * *" # Midnight of each day
 
 jobs:
   tests:
@@ -17,22 +17,16 @@ jobs:
     steps:
       - name: Checkout sources
         uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
+        with:
+          persist-credentials: false
 
       - name: Install toolchain
-        uses: actions-rs/toolchain@16499b5e05bf2e26879000db0c1d13f7e13fa3af
+        uses: dtolnay/rust-toolchain@master
         with:
-          profile: minimal
-          toolchain: ${{ matrix.rust }}
-          override: true
+          toolchain: ${{ matrix.toolchain }}
 
       - name: Run cargo test - debug
-        uses: actions-rs/cargo@844f36862e911db73fe0815f00a4a2602c279505
-        with:
-          command: test
-          args: --all-features
-
+        run: cargo test --all-features
+
       - name: Run cargo test - release
-        uses: actions-rs/cargo@844f36862e911db73fe0815f00a4a2602c279505
-        with:
-          command: test
-          args: --release --all-features
+        run: cargo test --release --all-features
diff --git a/.github/workflows/lints.yml b/.github/workflows/lints.yml
@@ -11,23 +11,19 @@ jobs:
     steps:
       - name: Checkout sources
         uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
+        with:
+          persist-credentials: false
 
       - name: Install stable toolchain
-        uses: actions-rs/toolchain@16499b5e05bf2e26879000db0c1d13f7e13fa3af
+        uses: dtolnay/rust-toolchain@stable
         with:
-          profile: minimal
-          toolchain: stable
-          override: true
           components: rustfmt, clippy
 
       - name: Run cargo fmt
-        uses: actions-rs/cargo@844f36862e911db73fe0815f00a4a2602c279505
-        with:
-          command: fmt
-          args: --all -- --check
+        run: cargo fmt --all -- --check
 
       - name: Run cargo clippy
-        uses: actions-rs/cargo@844f36862e911db73fe0815f00a4a2602c279505
-        with:
-          command: clippy
-          args: --all-features --all-targets -- -D warnings
+        run: cargo clippy -- -D warnings
+
+      - name: Run cargo clippy on tests
+        run: cargo clippy --tests -- -D warnings
diff --git a/.github/workflows/security_audit.yml b/.github/workflows/security_audit.yml
@@ -1,32 +1,31 @@
-name: Security Audit
+name: Security Audit (advisories, sources)
 permissions:
   contents: read
+  issues: write
+
 on:
+  push:
+    # Check immediately if dependencies are altered
+    paths:
+      - "**/Cargo.toml"
+    # Check also at midnight each day
   schedule:
-    - cron: '0 0 * * *' # Midnight of each day
+    - cron: "0 0 * * *"
 
 jobs:
-  security_audit:
-    name: Security Audit
+  cargo-deny:
     runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        checks:
+          - advisories
+          - bans sources
+
     steps:
-      - name: Checkout sources
-        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
+      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
         with:
           persist-credentials: false
-          ref: master
-
-      - name: Install stable toolchain
-        uses: actions-rs/toolchain@16499b5e05bf2e26879000db0c1d13f7e13fa3af
-        with:
-          toolchain: stable
-          override: true
-
-      - name: Install cargo audit
-        run: cargo install cargo-audit
 
-      - name: Run cargo audit
-        uses: actions-rs/cargo@844f36862e911db73fe0815f00a4a2602c279505
+      - uses: EmbarkStudios/cargo-deny-action@8371184bd11e21dcf8ac82ebf8c9c9f74ebf7268
         with:
-          command: audit
-          args: --deny warnings
+          command: check ${{ matrix.checks }}
diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
@@ -6,60 +6,44 @@ jobs:
   test:
     strategy:
       matrix:
-        rust:
+        toolchain:
           - stable
-          - 1.80.0 # MSRV
           - nightly
+          - 1.80.0 # MSRV
+        os:
+          - ubuntu-latest
+          - macos-latest
+          - windows-latest
 
-    runs-on: ubuntu-latest
+    runs-on: ${{ matrix.os }}
     steps:
       - name: Checkout sources
         uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
         with:
           persist-credentials: false
 
       - name: Install toolchain
-        uses: actions-rs/toolchain@16499b5e05bf2e26879000db0c1d13f7e13fa3af
+        uses: dtolnay/rust-toolchain@master
         with:
-          profile: minimal
-          toolchain: ${{ matrix.rust }}
-          override: true
+          toolchain: ${{ matrix.toolchain }}
 
       - name: Test debug-mode
-        uses: actions-rs/cargo@844f36862e911db73fe0815f00a4a2602c279505
-        with:
-          command: test
-          args: --all-features
+        run: cargo test --all-features
 
       - name: Test release-mode
-        uses: actions-rs/cargo@844f36862e911db73fe0815f00a4a2602c279505
-        with:
-          command: test
-          args: --release --all-features
+        run: cargo test --release --all-features
 
       - name: Test no_std
-        uses: actions-rs/cargo@844f36862e911db73fe0815f00a4a2602c279505
-        with:
-          command: build
-          args: --no-default-features --features v2,v3,v4
+        run: cargo build --no-default-features --features v2,v3,v4
 
       - name: Test only v2-full
-        uses: actions-rs/cargo@844f36862e911db73fe0815f00a4a2602c279505
-        with:
-          command: test
-          args: --no-default-features --tests --features v2,std,paserk
+        run: cargo test --no-default-features --tests --features v2,std,paserk
 
       - name: Test only v3-full
-        uses: actions-rs/cargo@844f36862e911db73fe0815f00a4a2602c279505
-        with:
-          command: test
-          args: --no-default-features --tests --features v3,std,paserk
+        run: cargo test --no-default-features --tests --features v3,std,paserk
 
       - name: Test only v4-full
-        uses: actions-rs/cargo@844f36862e911db73fe0815f00a4a2602c279505
-        with:
-          command: test
-          args: --no-default-features --tests --features v4,std,paserk
+        run: cargo test --no-default-features --tests --features v4,std,paserk
 
   # https://rustwasm.github.io/docs/book/reference/add-wasm-support-to-crate.html#maintaining-ongoing-support-for-webassembly
   web_assembly:
@@ -73,15 +57,13 @@ jobs:
       - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
         with:
           persist-credentials: false
-      - uses: actions-rs/toolchain@16499b5e05bf2e26879000db0c1d13f7e13fa3af
+
+      - uses: dtolnay/rust-toolchain@master
         with:
           toolchain: stable
-          target: ${{ matrix.arch }}
-          override: true
-      - uses: actions-rs/cargo@844f36862e911db73fe0815f00a4a2602c279505
-        with:
-          command: check
-          args: --no-default-features --features v2,v3,v4 --target ${{ matrix.arch }}
+          targets: ${{ matrix.arch }}
+
+      - run: cargo check --no-default-features --features v2,v3,v4 --target ${{ matrix.arch }}
 
   cross_compilation:
     name: Linux/ARM/Big-Endian/32-Bit - Release tests
@@ -96,13 +78,21 @@ jobs:
       - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
         with:
           persist-credentials: false
-      - uses: actions-rs/toolchain@16499b5e05bf2e26879000db0c1d13f7e13fa3af
+
+      - uses: houseabsolute/actions-rust-cross@ad283b2fc65ad1f3a04fb8bf8b2b829aad4a9318
         with:
-          toolchain: stable
+          command: test
           target: ${{ matrix.arch }}
-          override: true
-      - uses: actions-rs/cargo@844f36862e911db73fe0815f00a4a2602c279505
+          args: "--release --all-features"
+
+  docs:
+    name: Build documentation
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
         with:
-          use-cross: true
-          command: test
-          args: --release --all-features --target ${{ matrix.arch }}
+          persist-credentials: false
+
+      - uses: dtolnay/rust-toolchain@stable
+
+      - run: cargo doc --no-deps --all-features
diff --git a/deny.toml b/deny.toml
@@ -0,0 +1,19 @@
+[graph]
+targets = [
+    "x86_64-unknown-linux-gnu",
+    "x86_64-unknown-linux-musl",
+    "x86_64-apple-darwin",
+    "x86_64-pc-windows-msvc",
+]
+
+[advisories]
+yanked = "deny"
+ignore = []
+
+[bans]
+multiple-versions = "allow" # We don't maintain Cargo lockfile, so this isn't really feasible to deny
+wildcards = "deny"          # Dependencies should not have be specified with '*'
+
+[sources]
+unknown-registry = "deny" # crates.io is allowed and a known register by default
+unknown-git = "deny"