-
Notifications
You must be signed in to change notification settings - Fork 2
133 lines (124 loc) · 4.02 KB
/
ci.yml
File metadata and controls
133 lines (124 loc) · 4.02 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
name: CI
on:
pull_request:
push:
branches:
- main
env:
CARGO_TERM_COLOR: always
jobs:
version:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v5
with:
fetch-depth: 0
- name: Verify Cargo version is not behind tags
run: python3 .github/scripts/check_version_sync.py
lint:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v5
- name: Lint GitHub Actions
uses: raven-actions/actionlint@v2
- uses: actions/setup-node@v5
with:
node-version: '20'
- name: Build frontend
run: cd web && npm ci && npm run build
- uses: dtolnay/rust-toolchain@1.88.0
with:
components: rustfmt, clippy
- uses: Swatinem/rust-cache@v2
- name: Format
run: cargo fmt -- --check
- name: Clippy
run: cargo clippy --all-targets -- -D warnings
security:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v5
- uses: dtolnay/rust-toolchain@1.88.0
- uses: Swatinem/rust-cache@v2
- name: Install cargo-audit
run: cargo install cargo-audit --locked
- name: Audit dependencies
run: cargo audit
cargo-deny:
name: cargo-deny (advisories + licenses)
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v5
- uses: dtolnay/rust-toolchain@1.88.0
- uses: Swatinem/rust-cache@v2
- name: Install cargo-deny
run: cargo install cargo-deny --locked
- name: Check advisories and licenses
run: cargo deny check advisories licenses
test:
runs-on: ${{ matrix.os }}
strategy:
matrix:
os: [ubuntu-latest, macos-latest, windows-latest]
steps:
- uses: actions/checkout@v5
- uses: actions/setup-node@v5
with:
node-version: '20'
- name: Build frontend
run: cd web && npm ci && npm run build
- uses: dtolnay/rust-toolchain@1.88.0
- uses: Swatinem/rust-cache@v2
- name: Install cargo-nextest
uses: taiki-e/install-action@cargo-nextest
- name: Test
run: cargo nextest run
coverage:
name: Coverage (llvm-cov)
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v5
- uses: actions/setup-node@v5
with:
node-version: '20'
- name: Build frontend
run: cd web && npm ci && npm run build
- uses: dtolnay/rust-toolchain@1.88.0
with:
components: llvm-tools-preview
- uses: Swatinem/rust-cache@v2
- name: Install cargo-llvm-cov
uses: taiki-e/install-action@cargo-llvm-cov
- name: Generate coverage
run: cargo llvm-cov test --no-fail-fast --lcov --output-path lcov.info
- name: Upload to Codecov
uses: codecov/codecov-action@v4
with:
files: lcov.info
fail_ci_if_error: false
env:
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
mutation:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v5
- uses: dtolnay/rust-toolchain@1.88.0
- uses: Swatinem/rust-cache@v2
- name: Install cargo-mutants
run: cargo install cargo-mutants --locked
- name: Mutation test (storage_json)
run: |
timeout 900 cargo mutants -f '*storage_json*' 2>&1 | tee mutation.log || true
# Extract the missed count (e.g. "14 mutants ... 2 missed, 9 caught" -> 2), not the total
MISSED=$(grep -E '[0-9]+ missed' mutation.log | tail -1 | sed -n 's/.* \([0-9][0-9]*\) missed.*/\1/p' | head -1 || echo "0")
echo "missed=$MISSED" >> "$GITHUB_OUTPUT"
id: mutation
- name: Check mutation baseline
run: |
MISSED="${{ steps.mutation.outputs.missed }}"
BASELINE=15
if [ -n "$MISSED" ] && [ "$MISSED" -gt "$BASELINE" ]; then
echo "Mutation missed count $MISSED exceeds baseline $BASELINE. Update docs/mutation-testing.md and this baseline if intentional."
exit 1
fi
if: always() && steps.mutation.outputs.missed != ''