flake.lock: Update #91
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# SPDX-FileCopyrightText: 2025 Joost van der Laan <[email protected]> | |
# | |
# SPDX-License-Identifier: AGPL-3.0-only | |
name: CI | |
on: | |
push: | |
jobs: | |
test: | |
name: Run unit tests | |
strategy: | |
matrix: | |
os: [ubuntu-latest] | |
runs-on: ${{ matrix.os }} | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/checkout@v4 | |
- uses: DeterminateSystems/nix-installer-action@main | |
- uses: DeterminateSystems/magic-nix-cache-action@main | |
- uses: DeterminateSystems/flake-checker-action@main | |
- name: Run unit tests with coverage | |
run: | | |
nix \ | |
--extra-experimental-features "nix-command flakes" \ | |
develop \ | |
--command bash -c "cargo install cargo-tarpaulin && cargo tarpaulin --out lcov --output-dir coverage" | |
- name: Upload coverage to Codecov | |
uses: codecov/codecov-action@v5 | |
with: | |
token: ${{ secrets.CODECOV_TOKEN }} | |
files: coverage/lcov.info | |
fail_ci_if_error: true | |
- name: Run unit tests | |
run: | | |
# Retry logic for nix develop | |
max_attempts=3 | |
attempt=1 | |
while [ $attempt -le $max_attempts ]; do | |
if nix \ | |
--extra-experimental-features "nix-command flakes" \ | |
develop \ | |
--command bash -c "cargo test"; then | |
break | |
fi | |
echo "Attempt $attempt failed. Waiting before retry..." | |
sleep 30 | |
attempt=$((attempt + 1)) | |
done | |
if [ $attempt -gt $max_attempts ]; then | |
echo "All attempts failed" | |
exit 1 | |
fi | |
check: | |
name: 'Static Analysis: cargo check' | |
strategy: | |
matrix: | |
os: [ubuntu-latest] | |
runs-on: ${{ matrix.os }} | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/checkout@v4 | |
- uses: DeterminateSystems/nix-installer-action@main | |
- uses: DeterminateSystems/magic-nix-cache-action@main | |
- uses: DeterminateSystems/flake-checker-action@main | |
- name: Run cargo check | |
run: | | |
nix \ | |
--extra-experimental-features "nix-command flakes" \ | |
develop \ | |
--command bash -c "cargo check" | |
lints: | |
name: 'Static Analysis: cargo fmt & clippy' | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
- name: Install stable toolchain | |
uses: actions-rs/toolchain@v1 | |
with: | |
profile: minimal | |
toolchain: stable | |
override: true | |
components: rustfmt, clippy | |
- uses: Swatinem/rust-cache@v2 | |
- name: Install extra dependencies | |
run: cargo install clippy-sarif sarif-fmt | |
- name: Check code styling with cargo fmt | |
uses: actions-rs/cargo@v1 | |
with: | |
command: fmt | |
args: --all -- --check | |
- name: Run cargo clippy | |
run: | |
cargo clippy | |
--message-format=json | |
-- -D warnings | clippy-sarif | tee rust-clippy-results.sarif | sarif-fmt | |
continue-on-error: true | |
- name: Upload analysis results to GitHub | |
uses: github/codeql-action/upload-sarif@v3 | |
with: | |
sarif_file: rust-clippy-results.sarif | |
wait-for-processing: true | |
category: cargo-clippy | |
# based on https://github.com/actions-rs/example | |
coverage: | |
name: Test Coverage | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
- name: Install stable toolchain | |
uses: actions-rs/toolchain@v1 | |
with: | |
profile: minimal | |
toolchain: stable | |
override: true | |
- uses: Swatinem/rust-cache@v2 | |
- name: Run cargo-tarpaulin | |
uses: actions-rs/[email protected] | |
continue-on-error: true | |
with: | |
version: '0.15.0' | |
args: '-- --test-threads 4' | |
- uses: codecov/codecov-action@v3 | |
with: | |
fail_ci_if_error: True | |
verbose: true | |
- name: Archive code coverage results | |
uses: actions/upload-artifact@v4 | |
with: | |
name: code-coverage-report | |
path: cobertura.xml | |
dependencies: | |
name: Check Dependencies | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
- uses: Swatinem/rust-cache@v2 | |
- name: Run cargo deny | |
uses: EmbarkStudios/cargo-deny-action@v2 | |
with: | |
log-level: warn | |
command: check | |
arguments: --all-features | |
license_reuse: | |
name: Code License | |
strategy: | |
matrix: | |
os: [ubuntu-latest] | |
runs-on: ${{ matrix.os }} | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/checkout@v4 | |
- uses: DeterminateSystems/nix-installer-action@main | |
- uses: DeterminateSystems/magic-nix-cache-action@main | |
- uses: DeterminateSystems/flake-checker-action@main | |
- name: Check files license compliance with REUSE | |
run: | | |
nix \ | |
--extra-experimental-features "nix-command flakes" \ | |
develop \ | |
--command bash -c "reuse lint" | |
# benchmark: | |
# name: Benchmark | |
# runs-on: ubuntu-latest | |
# steps: | |
# - name: Checkout repository | |
# uses: actions/checkout@v4 | |
# - name: Install stable toolchain | |
# uses: actions-rs/toolchain@v1 | |
# with: | |
# profile: minimal | |
# toolchain: nightly | |
# override: true | |
# - uses: Swatinem/rust-cache@v2 | |
# - name: Run cargo bench | |
# # note that we explictly have to mention which benches to run, because | |
# # otherwise | |
# run: | |
# cargo +nightly bench | |
# --bench shuffle | |
# --bench encrypt | |
# -- --output-format bencher | tee output.txt | |
# - name: Download previous benchmark data | |
# uses: actions/cache@v3 | |
# with: | |
# path: ./cache | |
# key: cargo-bench | |
# - name: Store benchmark result | |
# uses: benchmark-action/github-action-benchmark@v1 | |
# with: | |
# name: cargo-bench | |
# tool: 'cargo' | |
# output-file-path: ./output.txt | |
# github-token: ${{ secrets.GITHUB_TOKEN }} | |
# external-data-json-path: ./cache/benchmark-data.json | |
# alert-threshold: '150%' | |
# comment-on-alert: true | |
# fail-on-alert: false | |
nix_flake_info: | |
name: Register Nix Flake Information | |
strategy: | |
matrix: | |
os: [ubuntu-latest] | |
runs-on: ${{ matrix.os }} | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: DeterminateSystems/nix-installer-action@main | |
- uses: DeterminateSystems/magic-nix-cache-action@main | |
- uses: DeterminateSystems/flake-checker-action@main | |
# not running this command in https://github.com/nektos/act | |
# why? because it doesn't work for some reason | |
- name: Print nixpkgs version | |
if: ${{ !env.ACT }} | |
run: nix-instantiate --eval -E '(import <nixpkgs> {}).lib.version' | |
- name: Show flake | |
run: nix --extra-experimental-features "nix-command flakes" flake show | |
# in all these nix command we add again the --extra-experimental-features | |
# because apparently otherwise it doesn't work with | |
# https://github.com/nektos/act | |
- name: Show flake metadata | |
run: nix --extra-experimental-features "nix-command flakes" flake metadata | |
- name: Run flake check | |
run: nix --extra-experimental-features "nix-command flakes" flake check | |
nix_flake_build: | |
name: Build Nix Flake | |
strategy: | |
matrix: | |
os: [ubuntu-latest] | |
runs-on: ${{ matrix.os }} | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/checkout@v4 | |
- uses: DeterminateSystems/nix-installer-action@main | |
- uses: DeterminateSystems/magic-nix-cache-action@main | |
- uses: DeterminateSystems/flake-checker-action@main | |
- name: Build the flake | |
run: nix --extra-experimental-features "nix-command flakes" build -L |