From 8ba9218601a78cc3d8e4f02011c2a080644754a2 Mon Sep 17 00:00:00 2001 From: Johannes Date: Tue, 10 Sep 2024 19:38:24 +0200 Subject: [PATCH] Replace `actions-rs` with maintained alternatives (#133) * ci: Replace actions-rs with maintained alternatives * ci: Revert back cargo test to original cargo build * ci: NIT --- .github/workflows/daily_tests.yml | 22 +++----- .github/workflows/lints.yml | 20 +++---- .github/workflows/security_audit.yml | 39 +++++++------- .github/workflows/tests.yml | 80 ++++++++++++---------------- deny.toml | 19 +++++++ 5 files changed, 89 insertions(+), 91 deletions(-) create mode 100644 deny.toml diff --git a/.github/workflows/daily_tests.yml b/.github/workflows/daily_tests.yml index 5e0bdc5..69f3c20 100644 --- a/.github/workflows/daily_tests.yml +++ b/.github/workflows/daily_tests.yml @@ -3,7 +3,7 @@ permissions: contents: read on: schedule: - - cron: '0 0 * * *' # Midnight of each day + - cron: "0 0 * * *" # Midnight of each day jobs: tests: @@ -17,22 +17,16 @@ jobs: steps: - name: Checkout sources uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 + with: + persist-credentials: false - name: Install toolchain - uses: actions-rs/toolchain@16499b5e05bf2e26879000db0c1d13f7e13fa3af + uses: dtolnay/rust-toolchain@master with: - profile: minimal - toolchain: ${{ matrix.rust }} - override: true + toolchain: ${{ matrix.toolchain }} - name: Run cargo test - debug - uses: actions-rs/cargo@844f36862e911db73fe0815f00a4a2602c279505 - with: - command: test - args: --all-features - + run: cargo test --all-features + - name: Run cargo test - release - uses: actions-rs/cargo@844f36862e911db73fe0815f00a4a2602c279505 - with: - command: test - args: --release --all-features \ No newline at end of file + run: cargo test --release --all-features diff --git a/.github/workflows/lints.yml b/.github/workflows/lints.yml index c20246f..cc39b13 100644 --- a/.github/workflows/lints.yml +++ b/.github/workflows/lints.yml @@ -11,23 +11,19 @@ jobs: steps: - name: Checkout sources uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 + with: + persist-credentials: false - name: Install stable toolchain - uses: actions-rs/toolchain@16499b5e05bf2e26879000db0c1d13f7e13fa3af + uses: dtolnay/rust-toolchain@stable with: - profile: minimal - toolchain: stable - override: true components: rustfmt, clippy - name: Run cargo fmt - uses: actions-rs/cargo@844f36862e911db73fe0815f00a4a2602c279505 - with: - command: fmt - args: --all -- --check + run: cargo fmt --all -- --check - name: Run cargo clippy - uses: actions-rs/cargo@844f36862e911db73fe0815f00a4a2602c279505 - with: - command: clippy - args: --all-features --all-targets -- -D warnings \ No newline at end of file + run: cargo clippy -- -D warnings + + - name: Run cargo clippy on tests + run: cargo clippy --tests -- -D warnings diff --git a/.github/workflows/security_audit.yml b/.github/workflows/security_audit.yml index bad8c12..37fd14d 100644 --- a/.github/workflows/security_audit.yml +++ b/.github/workflows/security_audit.yml @@ -1,32 +1,31 @@ -name: Security Audit +name: Security Audit (advisories, sources) permissions: contents: read + issues: write + on: + push: + # Check immediately if dependencies are altered + paths: + - "**/Cargo.toml" + # Check also at midnight each day schedule: - - cron: '0 0 * * *' # Midnight of each day + - cron: "0 0 * * *" jobs: - security_audit: - name: Security Audit + cargo-deny: runs-on: ubuntu-latest + strategy: + matrix: + checks: + - advisories + - bans sources + steps: - - name: Checkout sources - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 with: persist-credentials: false - ref: master - - - name: Install stable toolchain - uses: actions-rs/toolchain@16499b5e05bf2e26879000db0c1d13f7e13fa3af - with: - toolchain: stable - override: true - - - name: Install cargo audit - run: cargo install cargo-audit - - name: Run cargo audit - uses: actions-rs/cargo@844f36862e911db73fe0815f00a4a2602c279505 + - uses: EmbarkStudios/cargo-deny-action@8371184bd11e21dcf8ac82ebf8c9c9f74ebf7268 with: - command: audit - args: --deny warnings \ No newline at end of file + command: check ${{ matrix.checks }} diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index a927268..006e483 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -6,12 +6,16 @@ jobs: test: strategy: matrix: - rust: + toolchain: - stable - - 1.80.0 # MSRV - nightly + - 1.80.0 # MSRV + os: + - ubuntu-latest + - macos-latest + - windows-latest - runs-on: ubuntu-latest + runs-on: ${{ matrix.os }} steps: - name: Checkout sources uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 @@ -19,47 +23,27 @@ jobs: persist-credentials: false - name: Install toolchain - uses: actions-rs/toolchain@16499b5e05bf2e26879000db0c1d13f7e13fa3af + uses: dtolnay/rust-toolchain@master with: - profile: minimal - toolchain: ${{ matrix.rust }} - override: true + toolchain: ${{ matrix.toolchain }} - name: Test debug-mode - uses: actions-rs/cargo@844f36862e911db73fe0815f00a4a2602c279505 - with: - command: test - args: --all-features + run: cargo test --all-features - name: Test release-mode - uses: actions-rs/cargo@844f36862e911db73fe0815f00a4a2602c279505 - with: - command: test - args: --release --all-features + run: cargo test --release --all-features - name: Test no_std - uses: actions-rs/cargo@844f36862e911db73fe0815f00a4a2602c279505 - with: - command: build - args: --no-default-features --features v2,v3,v4 + run: cargo build --no-default-features --features v2,v3,v4 - name: Test only v2-full - uses: actions-rs/cargo@844f36862e911db73fe0815f00a4a2602c279505 - with: - command: test - args: --no-default-features --tests --features v2,std,paserk + run: cargo test --no-default-features --tests --features v2,std,paserk - name: Test only v3-full - uses: actions-rs/cargo@844f36862e911db73fe0815f00a4a2602c279505 - with: - command: test - args: --no-default-features --tests --features v3,std,paserk + run: cargo test --no-default-features --tests --features v3,std,paserk - name: Test only v4-full - uses: actions-rs/cargo@844f36862e911db73fe0815f00a4a2602c279505 - with: - command: test - args: --no-default-features --tests --features v4,std,paserk + run: cargo test --no-default-features --tests --features v4,std,paserk # https://rustwasm.github.io/docs/book/reference/add-wasm-support-to-crate.html#maintaining-ongoing-support-for-webassembly web_assembly: @@ -73,15 +57,13 @@ jobs: - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 with: persist-credentials: false - - uses: actions-rs/toolchain@16499b5e05bf2e26879000db0c1d13f7e13fa3af + + - uses: dtolnay/rust-toolchain@master with: toolchain: stable - target: ${{ matrix.arch }} - override: true - - uses: actions-rs/cargo@844f36862e911db73fe0815f00a4a2602c279505 - with: - command: check - args: --no-default-features --features v2,v3,v4 --target ${{ matrix.arch }} + targets: ${{ matrix.arch }} + + - run: cargo check --no-default-features --features v2,v3,v4 --target ${{ matrix.arch }} cross_compilation: name: Linux/ARM/Big-Endian/32-Bit - Release tests @@ -96,13 +78,21 @@ jobs: - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 with: persist-credentials: false - - uses: actions-rs/toolchain@16499b5e05bf2e26879000db0c1d13f7e13fa3af + + - uses: houseabsolute/actions-rust-cross@ad283b2fc65ad1f3a04fb8bf8b2b829aad4a9318 with: - toolchain: stable + command: test target: ${{ matrix.arch }} - override: true - - uses: actions-rs/cargo@844f36862e911db73fe0815f00a4a2602c279505 + args: "--release --all-features" + + docs: + name: Build documentation + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 with: - use-cross: true - command: test - args: --release --all-features --target ${{ matrix.arch }} + persist-credentials: false + + - uses: dtolnay/rust-toolchain@stable + + - run: cargo doc --no-deps --all-features diff --git a/deny.toml b/deny.toml new file mode 100644 index 0000000..9cd6f92 --- /dev/null +++ b/deny.toml @@ -0,0 +1,19 @@ +[graph] +targets = [ + "x86_64-unknown-linux-gnu", + "x86_64-unknown-linux-musl", + "x86_64-apple-darwin", + "x86_64-pc-windows-msvc", +] + +[advisories] +yanked = "deny" +ignore = [] + +[bans] +multiple-versions = "allow" # We don't maintain Cargo lockfile, so this isn't really feasible to deny +wildcards = "deny" # Dependencies should not have be specified with '*' + +[sources] +unknown-registry = "deny" # crates.io is allowed and a known register by default +unknown-git = "deny"