From 304b3c1fe2cc8a319d618c8be647d2441a168335 Mon Sep 17 00:00:00 2001 From: Brandon Weeks Date: Tue, 28 Nov 2023 20:13:34 -0800 Subject: [PATCH] Run Cippy on macOS and Windows; check rustfmt --- .github/workflows/ci.yaml | 18 +++++++++++++++--- native-pkcs11-keychain/src/bin/signedtest.rs | 10 +++++----- 2 files changed, 20 insertions(+), 8 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 6e4cf14..f5f9bb2 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -55,16 +55,28 @@ jobs: - uses: EmbarkStudios/cargo-deny-action@1e59595bed8fc55c969333d08d7817b36888f0c5 # v1.5.5 clippy: - name: clippy - runs-on: ubuntu-latest + strategy: + matrix: + os: [macos-latest, windows-latest] + runs-on: ${{ matrix.os }} steps: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v1.2.0 - uses: dtolnay/rust-toolchain@1482605bfc5719782e1267fd0c0cc350fe7646b8 with: toolchain: stable - components: rustfmt, clippy + components: clippy - run: cargo clippy -- -D warnings + rustfmt: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v1.2.0 + - uses: dtolnay/rust-toolchain@1482605bfc5719782e1267fd0c0cc350fe7646b8 + with: + toolchain: nightly + components: rustfmt + - run: cargo fmt -- --check + integration-macos-ssh: name: macos ssh runs-on: macos-latest diff --git a/native-pkcs11-keychain/src/bin/signedtest.rs b/native-pkcs11-keychain/src/bin/signedtest.rs index 75696db..d22e5d9 100644 --- a/native-pkcs11-keychain/src/bin/signedtest.rs +++ b/native-pkcs11-keychain/src/bin/signedtest.rs @@ -48,7 +48,7 @@ fn key_lifecycle() -> Result<(), native_pkcs11_keychain::Error> { let generated_key = apple_security_framework::key::SecKey::generate(args)?; if generated_key.external_representation().is_some() { - return Err("expected enclave key to not be exportable")?; + Err("expected enclave key to not be exportable")?; } let generated_pubkey = generated_key @@ -65,7 +65,7 @@ fn key_lifecycle() -> Result<(), native_pkcs11_keychain::Error> { .load_refs(true) .search()?; if results.is_empty() { - return Err("expected to find key, but no keys found")?; + Err("expected to find key, but no keys found")?; } let found_key = match results.get(0).ok_or("no key found")? { @@ -83,7 +83,7 @@ fn key_lifecycle() -> Result<(), native_pkcs11_keychain::Error> { .to_vec(); if generated_pubkey != found_pubkey { - return Err("pubkeys not equal")?; + Err("pubkeys not equal")?; } let test_payload = &random_label(); @@ -100,7 +100,7 @@ fn key_lifecycle() -> Result<(), native_pkcs11_keychain::Error> { &signature, )? { - return Err("signature verification failed")?; + Err("signature verification failed")?; } let cert = @@ -121,7 +121,7 @@ fn key_lifecycle() -> Result<(), native_pkcs11_keychain::Error> { } } if !found { - return Err("didn't find matching cert")?; + Err("didn't find matching cert")?; } cert.delete()?;