Skip to content
CI

release-plz: don't set CARGO_REGISTRY_TOKEN #133

Sign in to view logs

release-plz: don't set CARGO_REGISTRY_TOKEN

release-plz: don't set CARGO_REGISTRY_TOKEN #133

Workflow file for this run

.github/workflows/rust-ci.yml at ba9ad15
on:
push:
branches:
- main
pull_request:
# Cancel PR actions on new commits
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
name: CI
jobs:
lint:
name: Lint
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v4
with:
submodules: true
- uses: dtolnay/rust-toolchain@stable
with:
components: clippy, rustfmt
- name: cargo fetch --locked
run: cargo fetch --locked
# make sure all code has been formatted with rustfmt
- name: check rustfmt
run: cargo fmt -- --check --color always
# run clippy to verify we have no warnings
- name: cargo clippy
run: cargo clippy --all-targets --all-features -- -D warnings
test:
name: Test
strategy:
fail-fast: false
matrix:
os: [ ubuntu-latest, macOS-latest ]
cxx: [ g++, clang++ ]
cxxflags: [ '-Werror' ]
include:
- os: windows-latest
target: x86_64-pc-windows-msvc
# msvc's `-Werror` is `/WX`
cxxflags: '/WX'
- os: windows-2022
target: x86_64-pc-windows-msvc
cxx: clang++
cxxflags: '-Werror'
- os: windows-2022
target: x86_64-pc-windows-gnu
cxxflags: '-Werror'
runs-on: ${{ matrix.os }}
env:
CXX: ${{ matrix.cxx }}
# error on compiler warnings in CI
CXXFLAGS: ${{ matrix.cxxflags }}
steps:
- uses: actions/checkout@v4
with:
submodules: true
- name: Install Vulkan SDK
uses: humbletim/[email protected]
with:
version: 1.4.309.0
cache: true
# just need a random command that forces the installation of rust-toolchain
# figure out native target triple while we're at it
- name: install rust-toolchain
run: echo "TARGET=$(rustc --print host-tuple)" >> "$GITHUB_ENV"
- name: overwrite target
if: ${{ matrix.target != '' }}
run: echo "TARGET=${{ matrix.target }}" >> "$GITHUB_ENV"
# Fetch dependencies in a separate step to clearly show how long each part
# of the testing takes
- name: cargo fetch --locked
run: cargo fetch --locked --target $TARGET
- run: cargo fetch --locked
- name: cargo test build
run: cargo build --tests --release --all-features --target $TARGET
- name: cargo test
run: cargo test --release --all-features --target $TARGET
deny-check:
name: cargo-deny
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v4
with:
submodules: true
- uses: EmbarkStudios/cargo-deny-action@v2
release-plz-dry-run:
name: Release-plz dry-run
runs-on: ubuntu-latest
permissions: {}
steps:
- uses: actions/checkout@v6
with:
ref: ${{ github.head_ref }}
fetch-depth: 0
persist-credentials: false
submodules: true
- name: Run release-plz
uses: release-plz/[email protected]
with:
dry_run: true
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# This allows us to have a single job we can branch protect on, rather than needing
# to update the branch protection rules when the test matrix changes
test_success:
runs-on: ubuntu-24.04
needs: [lint, test, deny-check, release-plz-dry-run]
# Hack for buggy GitHub Actions behavior with skipped checks: https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/collaborating-on-repositories-with-code-quality-features/troubleshooting-required-status-checks#handling-skipped-but-required-checks
if: ${{ always() }}
steps:
# Another hack is to actually check the status of the dependencies or else it'll fall through
- run: |
echo "Checking statuses..."
[[ "${{ needs.lint.result }}" == "success" ]] || exit 1
[[ "${{ needs.test.result }}" == "success" ]] || exit 1
[[ "${{ needs.deny-check.result }}" == "success" ]] || exit 1
[[ "${{ needs.release-plz-dry-run.result }}" == "success" ]] || exit 1
defaults:
run:
shell: bash