Skip to content

Commit

Permalink
ci: setup
Browse files Browse the repository at this point in the history
Merge another codecov

Merge another codecov

Merge another codecov

Merge another codecov

Place codecov config under .github

Add (only) ASAN workflow

Add first coverage workflow

Merge another coverage.yml

Merge another coverage.yml

Add first features workflow

Merge another features workflow

Merge another features workflow

Merge another features workflow

Add (only) loom workflow

Add (only) LSAN workflow

Add first minial workflow

Add (only) miri workflow

Add first msrv workflow

Merge another msrv workflow

Merge another msrv workflow

Merge another msrv workflow

Add (only) no-std workflow

Add first os-check workflow

Merge another os-check workflow

Add first style workflow

Merge another style workflow

Merge another style workflow

Add first test workflow

Merge another test workflow

Merge another test workflow

Merge another test workflow

Make everything use checkout@v3

Standardize on 'main' as branch name

Missed a submodule checkout

Add TODOs from twitter thread

Practice what you preach

mv github .github

This should make it possible to have rust-ci-conf as a remote you merge
from.

Merge safety workflows

Catch upcoming deprecations

More concise name for scheduled jobs

Allow examples and binaries to require features

Use dependabot, but only for major versions

ignore is a list

Notify if actions themselves are outdated

Bump codecov/codecov-action from 2 to 3

Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 2 to 3.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](codecov/codecov-action@v2...v3)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Move to maintained rust installer

See actions-rs/toolchain#216

Fix install message for msrv

Get rid of most actions-rs bits

Given that that project is unmaintained.

actions-rs/toolchain#216

Minimal token permissions

See tokio-rs/tokio#5072

Remove -Zmiri-tag-raw-pointers as it's now default

Unbreak cargo hack for non-libraries (#4)

Add action to run doctest. (#3)

`cargo test --all-features` does not run doc-tests. For more information
see rust-lang/cargo#6669.

chore: automatically cancel superseded Actions runs (#5)

[sanity] More robust injection of opt-level 1 (#9)

Fixes #8

Quote MSRV version to avoid float parsing (#11)

Put 1.70 in there (for instance if you want to pin against OnceLock stabilizing) and it will actually test 1.7 as it appears github auto converts this to a float?

Putting in quotes seems to do the right thing here

Install Openssl for Windows (#12)

Don't install OpenSSL on Windows by default

Bump actions/checkout from 3 to 4 (#13)

Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v3...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

docs: Add documentation based on the youtube video (#10)

Nit: Selecting direct minimal versions flag is -Zdirect-minimal-versions (#16)

chore: fix typos (#17)

Remove stray trailing whitespace

replace actions-rs/clippy-check with giraffate/clippy-action (#19)

Co-authored-by: rtkay123 <dev@kanjala.com>

Semi-breaking: update codecov action

Note: this requires adding `CODECOV_TOKEN` to your GitHub repository's
secrets! See associated comment in the commit content.

Uniform capitalization
  • Loading branch information
jonhoo authored and wfxr committed Mar 26, 2024
1 parent f345461 commit 43bccb6
Show file tree
Hide file tree
Showing 8 changed files with 504 additions and 0 deletions.
23 changes: 23 additions & 0 deletions .github/DOCS.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
# Github config and workflows

In this folder there is configuration for codecoverage, dependabot, and ci
workflows that check the library more deeply than the default configurations.

This folder can be or was merged using a --allow-unrelated-histories merge
strategy from <https://github.com/jonhoo/rust-ci-conf/> which provides a
reasonably sensible base for writing your own ci on. By using this strategy
the history of the CI repo is included in your repo, and future updates to
the CI can be merged later.

To perform this merge run:

```shell
git remote add ci https://github.com/jonhoo/rust-ci-conf.git
git fetch ci
git merge --allow-unrelated-histories ci/main
```

An overview of the files in this project is available at:
<https://www.youtube.com/watch?v=xUH-4y92jPg&t=491s>, which contains some
rationale for decisions and runs through an example of solving minimal version
and OpenSSL issues.
21 changes: 21 additions & 0 deletions .github/codecov.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
# ref: https://docs.codecov.com/docs/codecovyml-reference
coverage:
# Hold ourselves to a high bar
range: 85..100
round: down
precision: 1
status:
# ref: https://docs.codecov.com/docs/commit-status
project:
default:
# Avoid false negatives
threshold: 1%

# Test files aren't important for coverage
ignore:
- "tests"

# Make comments less noisy
comment:
layout: "files"
require_changes: true
19 changes: 19 additions & 0 deletions .github/dependabot.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
version: 2
updates:
- package-ecosystem: github-actions
directory: /
schedule:
interval: daily
- package-ecosystem: cargo
directory: /
schedule:
interval: daily
ignore:
- dependency-name: "*"
# patch and minor updates don't matter for libraries as consumers of this library build
# with their own lockfile, rather than the version specified in this library's lockfile
# remove this ignore rule if your package has binaries to ensure that the binaries are
# built with the exact set of dependencies and those are up to date.
update-types:
- "version-update:semver-patch"
- "version-update:semver-minor"
113 changes: 113 additions & 0 deletions .github/workflows/check.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,113 @@
# This workflow runs whenever a PR is opened or updated, or a commit is pushed to main. It runs
# several checks:
# - fmt: checks that the code is formatted according to rustfmt
# - clippy: checks that the code does not contain any clippy warnings
# - doc: checks that the code can be documented without errors
# - hack: check combinations of feature flags
# - msrv: check that the msrv specified in the crate is correct
permissions:
contents: read
# This configuration allows maintainers of this repo to create a branch and pull request based on
# the new branch. Restricting the push trigger to the main branch ensures that the PR only gets
# built once.
on:
push:
branches: [main]
pull_request:
# If new code is pushed to a PR branch, then cancel in progress workflows for that PR. Ensures that
# we don't waste CI time, and returns results quicker https://github.com/jonhoo/rust-ci-conf/pull/5
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
name: check
jobs:
fmt:
runs-on: ubuntu-latest
name: stable / fmt
steps:
- uses: actions/checkout@v4
with:
submodules: true
- name: Install stable
uses: dtolnay/rust-toolchain@stable
with:
components: rustfmt
- name: cargo fmt --check
run: cargo fmt --check
clippy:
runs-on: ubuntu-latest
name: ${{ matrix.toolchain }} / clippy
permissions:
contents: read
checks: write
strategy:
fail-fast: false
matrix:
# Get early warning of new lints which are regularly introduced in beta channels.
toolchain: [stable, beta]
steps:
- uses: actions/checkout@v4
with:
submodules: true
- name: Install ${{ matrix.toolchain }}
uses: dtolnay/rust-toolchain@master
with:
toolchain: ${{ matrix.toolchain }}
components: clippy
- name: cargo clippy
uses: giraffate/clippy-action@v1
with:
reporter: 'github-pr-check'
github_token: ${{ secrets.GITHUB_TOKEN }}
doc:
# run docs generation on nightly rather than stable. This enables features like
# https://doc.rust-lang.org/beta/unstable-book/language-features/doc-cfg.html which allows an
# API be documented as only available in some specific platforms.
runs-on: ubuntu-latest
name: nightly / doc
steps:
- uses: actions/checkout@v4
with:
submodules: true
- name: Install nightly
uses: dtolnay/rust-toolchain@nightly
- name: cargo doc
run: cargo doc --no-deps --all-features
env:
RUSTDOCFLAGS: --cfg docsrs
hack:
# cargo-hack checks combinations of feature flags to ensure that features are all additive
# which is required for feature unification
runs-on: ubuntu-latest
name: ubuntu / stable / features
steps:
- uses: actions/checkout@v4
with:
submodules: true
- name: Install stable
uses: dtolnay/rust-toolchain@stable
- name: cargo install cargo-hack
uses: taiki-e/install-action@cargo-hack
# intentionally no target specifier; see https://github.com/jonhoo/rust-ci-conf/pull/4
# --feature-powerset runs for every combination of features
- name: cargo hack
run: cargo hack --feature-powerset check
msrv:
# check that we can build using the minimal rust version that is specified by this crate
runs-on: ubuntu-latest
# we use a matrix here just because env can't be used in job names
# https://docs.github.com/en/actions/learn-github-actions/contexts#context-availability
strategy:
matrix:
msrv: ["1.56.1"] # 2021 edition requires 1.56
name: ubuntu / ${{ matrix.msrv }}
steps:
- uses: actions/checkout@v4
with:
submodules: true
- name: Install ${{ matrix.msrv }}
uses: dtolnay/rust-toolchain@master
with:
toolchain: ${{ matrix.msrv }}
- name: cargo +${{ matrix.msrv }} check
run: cargo check
30 changes: 30 additions & 0 deletions .github/workflows/nostd.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
# This workflow checks whether the library is able to run without the std library (e.g., embedded).
# This entire file should be removed if this crate does not support no-std. See check.yml for
# information about how the concurrency cancellation and workflow triggering works
permissions:
contents: read
on:
push:
branches: [main]
pull_request:
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
name: no-std
jobs:
nostd:
runs-on: ubuntu-latest
name: ${{ matrix.target }}
strategy:
matrix:
target: [thumbv7m-none-eabi, aarch64-unknown-none]
steps:
- uses: actions/checkout@v4
with:
submodules: true
- name: Install stable
uses: dtolnay/rust-toolchain@stable
- name: rustup target add ${{ matrix.target }}
run: rustup target add ${{ matrix.target }}
- name: cargo check
run: cargo check --target ${{ matrix.target }} --no-default-features
84 changes: 84 additions & 0 deletions .github/workflows/safety.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,84 @@
# This workflow runs checks for unsafe code. In crates that don't have any unsafe code, this can be
# removed. Runs:
# - miri - detects undefined behavior and memory leaks
# - address sanitizer - detects memory errors
# - leak sanitizer - detects memory leaks
# - loom - Permutation testing for concurrent code https://crates.io/crates/loom
# See check.yml for information about how the concurrency cancellation and workflow triggering works
permissions:
contents: read
on:
push:
branches: [main]
pull_request:
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
name: safety
jobs:
sanitizers:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
submodules: true
- name: Install nightly
uses: dtolnay/rust-toolchain@nightly
- run: |
# to get the symbolizer for debug symbol resolution
sudo apt install llvm
# to fix buggy leak analyzer:
# https://github.com/japaric/rust-san#unrealiable-leaksanitizer
# ensure there's a profile.dev section
if ! grep -qE '^[ \t]*[profile.dev]' Cargo.toml; then
echo >> Cargo.toml
echo '[profile.dev]' >> Cargo.toml
fi
# remove pre-existing opt-levels in profile.dev
sed -i '/^\s*\[profile.dev\]/,/^\s*\[/ {/^\s*opt-level/d}' Cargo.toml
# now set opt-level to 1
sed -i '/^\s*\[profile.dev\]/a opt-level = 1' Cargo.toml
cat Cargo.toml
name: Enable debug symbols
- name: cargo test -Zsanitizer=address
# only --lib --tests b/c of https://github.com/rust-lang/rust/issues/53945
run: cargo test --lib --tests --all-features --target x86_64-unknown-linux-gnu
env:
ASAN_OPTIONS: "detect_odr_violation=0:detect_leaks=0"
RUSTFLAGS: "-Z sanitizer=address"
- name: cargo test -Zsanitizer=leak
if: always()
run: cargo test --all-features --target x86_64-unknown-linux-gnu
env:
LSAN_OPTIONS: "suppressions=lsan-suppressions.txt"
RUSTFLAGS: "-Z sanitizer=leak"
miri:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
submodules: true
- run: |
echo "NIGHTLY=nightly-$(curl -s https://rust-lang.github.io/rustup-components-history/x86_64-unknown-linux-gnu/miri)" >> $GITHUB_ENV
- name: Install ${{ env.NIGHTLY }}
uses: dtolnay/rust-toolchain@master
with:
toolchain: ${{ env.NIGHTLY }}
components: miri
- name: cargo miri test
run: cargo miri test
env:
MIRIFLAGS: ""
loom:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
submodules: true
- name: Install stable
uses: dtolnay/rust-toolchain@stable
- name: cargo test --test loom
run: cargo test --release --test loom
env:
LOOM_MAX_PREEMPTIONS: 2
RUSTFLAGS: "--cfg loom"
58 changes: 58 additions & 0 deletions .github/workflows/scheduled.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,58 @@
# Run scheduled (rolling) jobs on a nightly basis, as your crate may break independently of any
# given PR. E.g., updates to rust nightly and updates to this crates dependencies. See check.yml for
# information about how the concurrency cancellation and workflow triggering works
permissions:
contents: read
on:
push:
branches: [main]
pull_request:
schedule:
- cron: '7 7 * * *'
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
name: rolling
jobs:
# https://twitter.com/mycoliza/status/1571295690063753218
nightly:
runs-on: ubuntu-latest
name: ubuntu / nightly
steps:
- uses: actions/checkout@v4
with:
submodules: true
- name: Install nightly
uses: dtolnay/rust-toolchain@nightly
- name: cargo generate-lockfile
if: hashFiles('Cargo.lock') == ''
run: cargo generate-lockfile
- name: cargo test --locked
run: cargo test --locked --all-features --all-targets
# https://twitter.com/alcuadrado/status/1571291687837732873
update:
# This action checks that updating the dependencies of this crate to the latest available that
# satisfy the versions in Cargo.toml does not break this crate. This is important as consumers
# of this crate will generally use the latest available crates. This is subject to the standard
# Cargo semver rules (i.e cargo does not update to a new major version unless explicitly told
# to).
runs-on: ubuntu-latest
name: ubuntu / beta / updated
# There's no point running this if no Cargo.lock was checked in in the first place, since we'd
# just redo what happened in the regular test job. Unfortunately, hashFiles only works in if on
# steps, so we repeat it.
steps:
- uses: actions/checkout@v4
with:
submodules: true
- name: Install beta
if: hashFiles('Cargo.lock') != ''
uses: dtolnay/rust-toolchain@beta
- name: cargo update
if: hashFiles('Cargo.lock') != ''
run: cargo update
- name: cargo test
if: hashFiles('Cargo.lock') != ''
run: cargo test --locked --all-features --all-targets
env:
RUSTFLAGS: -D deprecated
Loading

0 comments on commit 43bccb6

Please sign in to comment.