Skip to content

ci(deps): bump softprops/action-gh-release from 2 to 3 #76

ci(deps): bump softprops/action-gh-release from 2 to 3

ci(deps): bump softprops/action-gh-release from 2 to 3 #76

Workflow file for this run

name: CI
on:
push:
branches: [main]
tags: ["v*"]
pull_request:
branches: [main]
workflow_dispatch:
permissions:
contents: read
env:
CARGO_TERM_COLOR: always
RUST_BACKTRACE: "1"
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
# ── 1. Formatting ───────────────────────────────────────────────────
fmt:
name: Format (rustfmt)
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: dtolnay/rust-toolchain@stable
with:
components: rustfmt
- run: cargo fmt --all --check
# ── 2. Lint ─────────────────────────────────────────────────────────
clippy:
name: Lint (clippy, -D warnings)
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: dtolnay/rust-toolchain@stable
with:
components: clippy
- uses: Swatinem/rust-cache@v2
- run: cargo clippy --all-features --all-targets -- -D warnings
# ── 3. Spelling ─────────────────────────────────────────────────────
typos:
name: Spelling (typos)
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: crate-ci/typos@master
# ── 4. Tests, stable ────────────────────────────────────────────────
test:
name: Test (stable)
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: dtolnay/rust-toolchain@stable
- uses: Swatinem/rust-cache@v2
- name: All features
run: cargo test --all-features --verbose
- name: No default features (no_std surface)
run: cargo test --no-default-features --verbose
# ── 5. Tests, beta (early warning for upcoming toolchains) ──────────
test-beta:
name: Test (beta)
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: dtolnay/rust-toolchain@beta
- uses: Swatinem/rust-cache@v2
- run: cargo +beta test --all-features --verbose
# ── 6. Minimum supported Rust version ───────────────────────────────
msrv:
name: MSRV (1.75.0)
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: dtolnay/rust-toolchain@master
with:
toolchain: 1.75.0
- uses: Swatinem/rust-cache@v2
- run: cargo +1.75.0 test --all-features --verbose
# ── 7. Doctests ─────────────────────────────────────────────────────
doctests:
name: Doctests
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: dtolnay/rust-toolchain@stable
- uses: Swatinem/rust-cache@v2
- run: cargo test --doc --all-features --verbose
# ── 8. Documentation builds clean ───────────────────────────────────
docs:
name: Documentation (rustdoc, -D warnings)
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: dtolnay/rust-toolchain@stable
- uses: Swatinem/rust-cache@v2
- name: cargo doc
env:
RUSTDOCFLAGS: -D warnings
run: cargo doc --no-deps --all-features
# ── 9. Bare-metal build, Cortex-M4F (ARMv7E-M) ──────────────────────
build-cortex-m4f:
name: Bare-metal build (Cortex-M4F)
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: dtolnay/rust-toolchain@stable
with:
targets: thumbv7em-none-eabihf
- uses: Swatinem/rust-cache@v2
- run: cargo build --target thumbv7em-none-eabihf --no-default-features --release
# ── 10. Bare-metal build, Cortex-M33 (ARMv8-M, the AxonOS target) ───
build-cortex-m33:
name: Bare-metal build (Cortex-M33)
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: dtolnay/rust-toolchain@stable
with:
targets: thumbv8m.main-none-eabihf
- uses: Swatinem/rust-cache@v2
- run: cargo build --target thumbv8m.main-none-eabihf --no-default-features --release
# ── 11. Undefined-behaviour check (Miri) ────────────────────────────
miri:
name: Miri (UB detection)
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: dtolnay/rust-toolchain@nightly
with:
components: miri
- uses: Swatinem/rust-cache@v2
- name: cargo miri test
run: cargo +nightly miri test --all-features
env:
MIRIFLAGS: -Zmiri-strict-provenance
# ── 12. Fuzz targets build and smoke-run ────────────────────────────
fuzz:
name: Fuzz (build + smoke)
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: dtolnay/rust-toolchain@nightly
- uses: Swatinem/rust-cache@v2
- uses: taiki-e/install-action@v2
with:
tool: cargo-fuzz
- name: Build targets
run: |
cargo +nightly fuzz build wire_decode --target x86_64-unknown-linux-gnu
cargo +nightly fuzz build roundtrip --target x86_64-unknown-linux-gnu
cargo +nightly fuzz build fsm_sequence --target x86_64-unknown-linux-gnu
- name: Smoke-run targets
run: |
cargo +nightly fuzz run wire_decode --target x86_64-unknown-linux-gnu -- -runs=512
cargo +nightly fuzz run roundtrip --target x86_64-unknown-linux-gnu -- -runs=512
cargo +nightly fuzz run fsm_sequence --target x86_64-unknown-linux-gnu -- -runs=512
# ── 13. Supply-chain and licence policy (cargo-deny) ────────────────
deny:
name: Supply chain (cargo-deny)
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: EmbarkStudios/cargo-deny-action@v2
with:
command: check all
# ── 14. Coverage report (cargo-llvm-cov) ────────────────────────────
coverage:
name: Coverage (llvm-cov)
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: dtolnay/rust-toolchain@stable
with:
components: llvm-tools-preview
- uses: Swatinem/rust-cache@v2
- uses: taiki-e/install-action@cargo-llvm-cov
- name: Generate coverage summary
run: cargo llvm-cov --all-features --summary-only
# ── 15. Packaging sanity (publishable to crates.io) ─────────────────
package:
name: Package (publish dry-run)
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: dtolnay/rust-toolchain@stable
- uses: Swatinem/rust-cache@v2
- run: cargo publish --dry-run
# ── 16. Repository integrity (licences, SPDX, vectors) ──────────────
integrity:
name: Repository integrity
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Licence files present
run: |
test -f LICENSE
test -f LICENSE-APACHE
test -f LICENSE-MIT
test -f LICENSE-CC-BY-SA
test -f vectors/LICENSE
echo "all licence files present"
- name: SPDX identifiers present
run: |
grep -q 'SPDX-License-Identifier: Apache-2.0 OR MIT' LICENSE
grep -q 'SPDX-License-Identifier: CC-BY-SA-4.0' LICENSE-CC-BY-SA
grep -q 'SPDX-License-Identifier: CC0-1.0' vectors/LICENSE
echo "SPDX identifiers present"
- name: Conformance vectors present
run: |
test -d vectors
test -f vectors/README.md
echo "conformance vectors present"
# ── 17. Aggregate gate (branch-protection target) ──────────────────
ci:
name: CI
runs-on: ubuntu-latest
if: always()
needs:
- fmt
- clippy
- typos
- test
- test-beta
- msrv
- doctests
- docs
- build-cortex-m4f
- build-cortex-m33
- miri
- fuzz
- deny
- coverage
- package
- integrity
steps:
- name: Verify all jobs succeeded
run: |
if [ "${{ contains(needs.*.result, 'failure') }}" = "true" ] || \
[ "${{ contains(needs.*.result, 'cancelled') }}" = "true" ]; then
echo "one or more required jobs failed"
exit 1
fi
echo "all required CI jobs passed"