Skip to content

CI

CI #1106

Workflow file for this run

name: CI
# Controls when the workflow will run
on:
# Triggers the workflow on push or pull request events but only for the main branch
push: {}
pull_request: {}
schedule:
# Run daily to catch breakages in new Rust versions as well as new cargo audit findings.
- cron: '0 16 * * *'
# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:
env:
CARGO_TERM_COLOR: always
# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
# This workflow contains a single job called "build"
test:
# The type of runner that the job will run on
runs-on: ${{ matrix.rust_os.os }}
strategy:
fail-fast: false
matrix:
rust_os:
- { rust: 1.65.0, os: ubuntu-22.04 }
- { rust: stable, os: ubuntu-22.04 }
- { rust: beta, os: ubuntu-22.04 }
- { rust: nightly, os: ubuntu-22.04 }
env:
CARGO_NET_GIT_FETCH_WITH_CLI: "true"
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
- uses: actions/checkout@v2
- name: Print git branch name
run: git rev-parse --abbrev-ref HEAD
- run: git show-ref | grep $(git rev-parse HEAD)
- name: Install Rust toolchain
uses: actions-rs/toolchain@v1
with:
toolchain: ${{ matrix.rust_os.rust }}
override: true
components: clippy, rustfmt
target: wasm32-unknown-unknown
# Newer dependency versions may not support rustc 1.65, so we use a Cargo.lock file for those
# builds.
- name: Use Rust 1.65 lockfile
if: ${{ matrix.rust_os.rust == '1.65.0' }}
run: |
cp Cargo-1.65.lock Cargo.lock
echo "CARGO_LOCKED=--locked" >> $GITHUB_ENV
- name: Run tests
run: cargo ${CARGO_LOCKED} test --tests --examples
- name: Doc tests
run: cargo ${CARGO_LOCKED} test --doc
- name: Test with all features enabled
run: cargo ${CARGO_LOCKED} test --all-features
- name: Check fmt
if: ${{ matrix.rust_os.rust == '1.65.0' }}
run: cargo ${CARGO_LOCKED} fmt --all -- --check
- name: Clippy
if: ${{ matrix.rust_os.rust == '1.65.0' }}
run: cargo ${CARGO_LOCKED} clippy --all --all-features -- --deny warnings
- name: Audit
if: ${{ matrix.rust_os.rust == 'stable' }}
run: |
cargo install --force cargo-audit
# The chrono thread safety issue doesn't affect this crate since the crate does not rely
# on the system's local time zone, only UTC. See:
# https://github.com/chronotope/chrono/issues/499#issuecomment-946388161
# FIXME(ramosbugs/openidconnect-rs#140): upgrade `rsa` once fix for RUSTSEC-2023-0071 is
# available.
cargo ${CARGO_LOCKED} audit \
--ignore RUSTSEC-2020-0159 \
--ignore RUSTSEC-2023-0071
- name: Check WASM build
run: cargo ${CARGO_LOCKED} check --target wasm32-unknown-unknown
coverage:
runs-on: ubuntu-latest
container:
image: xd009642/tarpaulin:0.26.0
options: --security-opt seccomp=unconfined
steps:
- uses: actions/checkout@v2
- name: Generate code coverage
run: |
cargo ${CARGO_LOCKED} tarpaulin --verbose --all-features --timeout 120 --out Xml
- name: Upload to codecov.io
uses: codecov/codecov-action@v3
with:
fail_ci_if_error: false