Bump the github-actions group with 12 updates #1383
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# SPDX-FileCopyrightText: 2023 MTRNord | |
# | |
# SPDX-License-Identifier: CC0-1.0 | |
on: [push, pull_request] | |
name: Continuous integration | |
permissions: | |
contents: read | |
jobs: | |
check: | |
name: Check | |
runs-on: ubuntu-latest | |
steps: | |
- name: Harden Runner | |
uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 | |
with: | |
egress-policy: block | |
allowed-endpoints: > | |
artifactcache.actions.githubusercontent.com:443 | |
frsnacprodeus2file1.blob.core.windows.net:443 | |
github.com:443 | |
api.github.com:443 | |
gitlab.com:443 | |
crates.io:443 | |
index.crates.io:443 | |
static.crates.io:443 | |
static.rust-lang.org:443 | |
- uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 | |
- uses: actions-rs/toolchain@16499b5e05bf2e26879000db0c1d13f7e13fa3af | |
with: | |
profile: minimal | |
toolchain: nightly | |
override: true | |
- uses: Swatinem/rust-cache@81d053bdb0871dcd3f10763c8cc60d0adc41762b | |
- uses: actions-rs/cargo@844f36862e911db73fe0815f00a4a2602c279505 | |
with: | |
command: check | |
test-pg: | |
continue-on-error: true | |
name: Coverage Postgres | |
runs-on: ubuntu-latest | |
container: | |
image: rust:latest | |
options: --user root | |
# Service containers to run with `runner-job` | |
services: | |
# Label used to access the service container | |
postgres: | |
# Docker Hub image | |
image: postgres | |
# Provide the password for postgres | |
env: | |
POSTGRES_PASSWORD: postgres | |
POSTGRES_DB: erooster | |
# Set health checks to wait until postgres has started | |
options: >- | |
--health-cmd pg_isready | |
--health-interval 10s | |
--health-timeout 5s | |
--health-retries 5 | |
ports: | |
# Maps tcp port 5432 on service container to the host | |
- 5432:5432 | |
steps: | |
- name: Harden Runner | |
uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 | |
with: | |
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs | |
- uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 | |
- name: Install Rust | |
run: rustup toolchain install nightly --component llvm-tools-preview | |
- uses: Swatinem/rust-cache@81d053bdb0871dcd3f10763c8cc60d0adc41762b | |
- name: Install opendkim | |
run: apt update && apt install -y opendkim-tools | |
- name: Generate dkim-key | |
run: | | |
mkdir -p /etc/erooster/keys | |
cd /etc/erooster/keys | |
opendkim-genkey --domain=example.com --subdomains --testmode | |
- name: Setup Config | |
run: | | |
mkdir -p /etc/erooster/tasks | |
echo 'task_folder: "/etc/erooster/tasks"' > /etc/erooster/config.yml | |
echo 'tls:' >> /etc/erooster/config.yml | |
echo ' key_path: ""' >> /etc/erooster/config.yml | |
echo ' cert_path: ""' >> /etc/erooster/config.yml | |
echo 'mail:' >> /etc/erooster/config.yml | |
echo ' maildir_folders: "./maildir"' >> /etc/erooster/config.yml | |
echo ' hostname: "localhost"' >> /etc/erooster/config.yml | |
echo ' displayname: Erooster' >> /etc/erooster/config.yml | |
echo ' dkim_key_path: /etc/erooster/keys/default.private' >> /etc/erooster/config.yml | |
echo ' dkim_key_selector: default' >> /etc/erooster/config.yml | |
echo 'database:' >> /etc/erooster/config.yml | |
echo ' url: "postgres://postgres:postgres@postgres/erooster"' >> /etc/erooster/config.yml | |
echo 'webserver:' >> /etc/erooster/config.yml | |
echo ' port: 80' >> /etc/erooster/config.yml | |
echo ' tls: false' >> /etc/erooster/config.yml | |
- name: Install cargo-llvm-cov | |
uses: taiki-e/install-action@cargo-llvm-cov | |
- name: Generate code coverage | |
run: | | |
cargo +nightly llvm-cov --no-report --workspace | |
cargo +nightly llvm-cov --no-report --features "jaeger" --workspace | |
cargo +nightly llvm-cov report --html | |
env: | |
RUST_BACKTRACE: "1" | |
- uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 | |
with: | |
name: coverage-report | |
path: target/llvm-cov/html/ | |
- name: Generate code coverage for codecov | |
run: | | |
cargo +nightly llvm-cov --no-report --workspace | |
cargo +nightly llvm-cov --no-report --features "jaeger" --workspace | |
cargo +nightly llvm-cov report --lcov --output-path lcov.info | |
- name: Upload coverage to Codecov | |
uses: codecov/codecov-action@v4 | |
with: | |
token: ${{ secrets.CODECOV_TOKEN }} | |
files: lcov.info | |
fail_ci_if_error: false | |
test-sqlite: | |
name: Coverage Sqlite | |
runs-on: ubuntu-latest | |
container: | |
image: rust:latest | |
options: --user root | |
steps: | |
- name: Harden Runner | |
uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 | |
with: | |
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs | |
- uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 | |
- name: Install Rust | |
run: rustup toolchain install nightly --component llvm-tools-preview | |
- uses: Swatinem/rust-cache@81d053bdb0871dcd3f10763c8cc60d0adc41762b | |
- name: Install opendkim and sqlite | |
run: apt update && apt install -y opendkim-tools sqlite3 | |
- name: Generate dkim-key | |
run: | | |
mkdir -p /etc/erooster/keys | |
cd /etc/erooster/keys | |
opendkim-genkey --domain=example.com --subdomains --testmode | |
- name: Setup Config | |
run: | | |
mkdir -p /etc/erooster/tasks | |
echo 'task_folder: "/etc/erooster/tasks"' > /etc/erooster/config.yml | |
echo 'tls:' >> /etc/erooster/config.yml | |
echo ' key_path: ""' >> /etc/erooster/config.yml | |
echo ' cert_path: ""' >> /etc/erooster/config.yml | |
echo 'mail:' >> /etc/erooster/config.yml | |
echo ' maildir_folders: "./maildir"' >> /etc/erooster/config.yml | |
echo ' hostname: "localhost"' >> /etc/erooster/config.yml | |
echo ' displayname: Erooster' >> /etc/erooster/config.yml | |
echo ' dkim_key_path: /etc/erooster/keys/default.private' >> /etc/erooster/config.yml | |
echo ' dkim_key_selector: default' >> /etc/erooster/config.yml | |
echo 'database:' >> /etc/erooster/config.yml | |
echo ' url: "sqlite://:memory:' >> /etc/erooster/config.yml | |
echo 'webserver:' >> /etc/erooster/config.yml | |
echo ' port: 80' >> /etc/erooster/config.yml | |
echo ' tls: false' >> /etc/erooster/config.yml | |
- name: Install cargo-llvm-cov | |
uses: taiki-e/install-action@cargo-llvm-cov | |
- name: Generate code coverage | |
run: | | |
cargo +nightly llvm-cov --no-report --workspace --features sqlite --no-default-features | |
cargo +nightly llvm-cov --no-report --features "jaeger" --workspace --features sqlite --no-default-features | |
cargo +nightly llvm-cov report --html | |
env: | |
RUST_BACKTRACE: "1" | |
- uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 | |
with: | |
name: coverage-report | |
path: target/llvm-cov/html/ | |
- name: Generate code coverage for codecov | |
run: | | |
cargo +nightly llvm-cov --no-report --workspace --features sqlite --no-default-features | |
cargo +nightly llvm-cov --no-report --features "jaeger" --workspace --features sqlite --no-default-features | |
cargo +nightly llvm-cov report --lcov --output-path lcov.info | |
- name: Upload coverage to Codecov | |
uses: codecov/codecov-action@v4 | |
with: | |
token: ${{ secrets.CODECOV_TOKEN }} | |
files: lcov.info | |
fail_ci_if_error: false | |
fmt: | |
name: Rustfmt | |
runs-on: ubuntu-latest | |
steps: | |
- name: Harden Runner | |
uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 | |
with: | |
egress-policy: block | |
allowed-endpoints: > | |
artifactcache.actions.githubusercontent.com:443 | |
frsnacprodeus2file1.blob.core.windows.net:443 | |
github.com:443 | |
static.rust-lang.org:443 | |
api.github.com:443 | |
gitlab.com:443 | |
crates.io:443 | |
index.crates.io:443 | |
static.crates.io:443 | |
- uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 | |
- uses: actions-rs/toolchain@16499b5e05bf2e26879000db0c1d13f7e13fa3af | |
with: | |
profile: minimal | |
toolchain: nightly | |
override: true | |
- run: rustup component add rustfmt | |
- uses: Swatinem/rust-cache@81d053bdb0871dcd3f10763c8cc60d0adc41762b | |
- uses: actions-rs/cargo@844f36862e911db73fe0815f00a4a2602c279505 | |
with: | |
command: fmt | |
args: --all -- --check |