ci.yml

name: Continuous integration

on:
  pull_request:
    branches-ignore:
      - release
  push:
    branches:
      - master

permissions:
  contents: write

jobs:
  build-and-test:
    name: build and test
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4

      - name: Install Rust toolchain
        uses: actions-rs/toolchain@v1
        with:
          profile: minimal
          toolchain: stable
          override: true
          components: clippy, rustfmt

      - uses: Swatinem/rust-cache@v2.7.5

      - uses: actions-rs/cargo@v1
        with:
          command: fmt
          args: --all -- --check

      - uses: actions-rs/cargo@v1
        with:
          command: check

      - uses: actions-rs/cargo@v1
        with:
          command: clippy
          args: --all-targets --all-features --workspace --bins --examples --tests --benches -- -D warnings

      - uses: actions-rs/cargo@v1
        with:
          command: test

      - name: cargo build
        run: cargo build

      - name: Check that we didn't introduce native ssl
        run: '! ldd ../target/debug/svanill-vault-cli | grep -q libssl'

      - uses: actions-rs/cargo@v1
        with:
          command: test
          args: --workspace --bins --examples --tests --benches

  dependabot:
    needs: build-and-test
    runs-on: ubuntu-latest
    if: ${{ github.actor == 'dependabot[bot]' }}
    steps:
      - name: Dependabot metadata
        id: metadata
        uses: dependabot/fetch-metadata@v2.2.0
        with:
          github-token: '${{ secrets.GITHUB_TOKEN }}'
      - name: Enable auto-merge for Dependabot PRs
        if: ${{steps.metadata.outputs.update-type != 'version-update:semver-major'}}
        run: gh pr merge --auto --rebase "$PR_URL"
        env:
          PR_URL: ${{github.event.pull_request.html_url}}
          GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}