Skip to content

Instantly share code, notes, and snippets.

@LukeMathWalker

LukeMathWalker/audit-on-push.yml

Last active Feb 26, 2021
Star
Embed
What would you like to do?
Learn more about clone URLs
Download ZIP
GitHub Actions - Rust setup
Raw
audit-on-push.yml
name: Security audit
on:
push:
paths:
- '**/Cargo.toml'
- '**/Cargo.lock'
jobs:
security_audit:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- uses: actions-rs/audit-check@v1
with:
token: ${{ secrets.GITHUB_TOKEN }}
Raw
general.yml
name: Rust
on: [push, pull_request]
env:
CARGO_TERM_COLOR: always
jobs:
test:
name: Test
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: actions-rs/toolchain@v1
with:
profile: minimal
toolchain: stable
override: true
- uses: actions-rs/cargo@v1
with:
command: test
fmt:
name: Rustfmt
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: actions-rs/toolchain@v1
with:
toolchain: stable
override: true
components: rustfmt
- uses: actions-rs/cargo@v1
with:
command: fmt
args: --all -- --check
clippy:
name: Clippy
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: actions-rs/toolchain@v1
with:
toolchain: stable
override: true
components: clippy
- uses: actions-rs/clippy-check@v1
with:
token: ${{ secrets.GITHUB_TOKEN }}
args: -- -D warnings
coverage:
name: Code coverage
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v2
- name: Install stable toolchain
uses: actions-rs/toolchain@v1
with:
toolchain: stable
override: true
- name: Run cargo-tarpaulin
uses: actions-rs/tarpaulin@v0.1
with:
args: '--ignore-tests'
Raw
scheduled-audit.yml
name: Security audit
on:
schedule:
- cron: '0 0 * * *'
jobs:
audit:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- uses: actions-rs/audit-check@v1
with:
token: ${{ secrets.GITHUB_TOKEN }}
@steelx

This comment has been minimized.

Sign in to view
Copy link

@steelx steelx commented Sep 25, 2020

can you also add build step with GCP
@steelx

This comment has been minimized.

Sign in to view
Copy link

@steelx steelx commented Sep 25, 2020

This is mine, can you review please -> https://gist.github.com/steelx/3d863ceff5ebe0a147b632ff93069991
@LukeMathWalker

This comment has been minimized.

Sign in to view
Copy link
Owner Author

@LukeMathWalker LukeMathWalker commented Sep 25, 2020

Deployment is out of scope for this pipeline.
@cardoe

This comment has been minimized.

Sign in to view
Copy link

@cardoe cardoe commented Jan 9, 2021

Any reason not to use:

      - uses: actions-rs/toolchain@v1
        with:
          profile: minimal
          toolchain: stable
          override: true
          components: rustfmt
``` vs the separate call to install rustfmt?
@LukeMathWalker

This comment has been minimized.

Sign in to view
Copy link
Owner Author

@LukeMathWalker LukeMathWalker commented Jan 10, 2021

Not really! I'll amend it in the next release 😁
@00-matt

This comment has been minimized.

Sign in to view
Copy link

@00-matt 00-matt commented Jan 22, 2021

Instead of running clippy manually, you can use actions-rs/clippy-check, it can annotate the commit or pull request like this:

Screenshot of clippy-check

The job would look something like this:

jobs:
  clippy:
    name: Clippy
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v1
      - uses: actions-rs/toolchain@v1
        with:
            toolchain: stable
            components: clippy
            override: true
      - uses: actions-rs/clippy-check@v1
        with:
          token: ${{ secrets.GITHUB_TOKEN }}
@LukeMathWalker

This comment has been minimized.

Sign in to view
Copy link
Owner Author

@LukeMathWalker LukeMathWalker commented Jan 23, 2021

Updated both, thank you!
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment