name: {{ name }} on: push: branches: - {{ branch }} paths: - 'src/**' - 'crates/**' - 'fuzz/**' - '.github/**' - 'Cargo.toml' - 'Cargo.lock' pull_request: branches: - {{ branch }} paths: - 'src/**' - 'crates/**' - 'fuzz/**' - '.github/**' - 'Cargo.toml' - 'Cargo.lock' jobs: ################################## LEGAL AND FORMAT LAYER ###################### reuse: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - name: REUSE Compliance Check uses: fsfe/reuse-action@v1 clippy-rustfmt: strategy: matrix: platform: [ubuntu-latest, macos-latest, windows-latest] runs-on: {{ '${{ matrix.platform }}' }} steps: - uses: actions/checkout@v4 - name: Install Rust stable uses: dtolnay/rust-toolchain@stable with: toolchain: stable components: clippy, rustfmt - name: Run rustfmt run: cargo fmt --all -- --check --verbose - name: Run cargo clippy uses: giraffate/clippy-action@v1 with: github_token: {{ '${{ secrets.GITHUB_TOKEN }}' }} clippy_flags: --all-targets -- -D warnings reporter: github-pr-review static-code-analysis: env: RCA_LINK: https://github.com/mozilla/rust-code-analysis/releases/download RCA_VERSION: v0.0.25 strategy: matrix: conf: - ubuntu - windows include: - conf: ubuntu platform: ubuntu-latest dir: $PWD - conf: windows platform: windows-latest dir: src/ # FIXME Broken on Windows with absolute paths, so using src/ as path for now runs-on: {{ '${{ matrix.platform }}' }} steps: - uses: actions/checkout@v4 - name: Install rust-code-analysis on Ubuntu if: matrix.conf == 'ubuntu' run: | mkdir -p $HOME/.local/bin curl -L "$RCA_LINK/$RCA_VERSION/rust-code-analysis-linux-cli-x86_64.tar.gz" | tar xz -C $HOME/.local/bin echo "$HOME/.local/bin" >> $GITHUB_PATH - name: Install rust-code-analysis on Windows if: matrix.conf == 'windows' run: | mkdir -p $HOME/bin curl -LO "$Env:RCA_LINK/$env:RCA_VERSION/rust-code-analysis-win-cli-x86_64.zip" 7z e -y "rust-code-analysis-win-cli-x86_64.zip" -o"$HOME/bin" echo "$HOME/bin" | Out-File -FilePath $env:GITHUB_PATH -Encoding utf8 -Append - name: Run rust-code-analysis run: | mkdir $HOME/rca-json rust-code-analysis-cli --metrics -O json --pr -o "$HOME/rca-json" -p {{ '${{ matrix.dir }}' }} - name: Upload rust-code-analysis json uses: actions/upload-artifact@v3 with: name: rca-json-{{ '${{ matrix.conf }}' }} path: ~/rca-json ################################## BUILD AND DOCS LAYER ######################## build: needs: [reuse, clippy-rustfmt, static-code-analysis] strategy: matrix: platform: [ubuntu-latest, macos-latest, windows-latest] runs-on: {{ '${{ matrix.platform }}' }} steps: - uses: actions/checkout@v4 - name: Install Rust stable uses: dtolnay/rust-toolchain@stable with: toolchain: stable - name: Build run: cargo build --verbose docs: needs: [reuse, clippy-rustfmt, static-code-analysis] strategy: matrix: platform: [ubuntu-latest, macos-latest, windows-latest] runs-on: {{ '${{ matrix.platform }}' }} steps: - uses: actions/checkout@v4 - name: Install Rust stable uses: dtolnay/rust-toolchain@stable with: toolchain: stable - name: Generate docs run: cargo doc --verbose --no-deps ################################## CODE COVERAGE LAYER ################################## code-coverage-ubuntu: needs: [build, docs] runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - name: Install Rust stable uses: dtolnay/rust-toolchain@stable with: toolchain: stable - name: Install grcov env: GRCOV_LINK: https://github.com/mozilla/grcov/releases/download GRCOV_VERSION: v0.8.13 run: | curl -L "$GRCOV_LINK/$GRCOV_VERSION/grcov-x86_64-unknown-linux-musl.tar.bz2" | tar xj -C $HOME/.cargo/bin - name: Install llvm-tools-preview run: | rustup component add llvm-tools-preview # Not necessary on a newly created image, but strictly advised - name: Run cargo clean run: | cargo clean - name: Run tests env: RUSTFLAGS: "-Cinstrument-coverage" LLVM_PROFILE_FILE: "{{ name }}-%p-%m.profraw" run: | cargo test --verbose - name: Get coverage data for codecov run: | grcov . --binary-path ./target/debug/ -s . -t lcov --branch \ --ignore-not-existing --ignore "/*" --ignore "../*" -o lcov.info - name: Codecov upload uses: codecov/codecov-action@v3 with: files: lcov.info - name: Get total coverage run: | # Remove lcov.info file to avoid function duplications rm -rf lcov.info grcov . --binary-path ./target/debug/ -s . -t covdir --branch \ --token YOUR_COVDIR_TOKEN --ignore-not-existing --ignore "/*" \ --ignore "../*" -o covdir.json - name: Evaluate code coverage value shell: bash run: | # Retrieve code coverage associated to the repository FLOAT_COVERAGE=$(jq '.coveragePercent' covdir.json) # Round the float value to the nearest value COVERAGE_OUTPUT=$(printf "%.0f" $FLOAT_COVERAGE) # If code coverage >= 80, green traffic light if [ $COVERAGE_OUTPUT -ge 80 ] then echo "$COVERAGE_OUTPUT > 80 --> Green" # If code coverage is >=60 but < 80, orange traffic light elif [ $COVERAGE_OUTPUT -ge 60 ] then echo "60 <= $COVERAGE_OUTPUT < 80 --> Orange" # Otherwise, red traffic light else echo "$COVERAGE_OUTPUT < 60 --> Red" exit 1 fi code-coverage-macos: needs: [build, docs] runs-on: macos-latest steps: - uses: actions/checkout@v4 - name: Install Rust stable uses: dtolnay/rust-toolchain@stable with: toolchain: stable - name: Install grcov env: GRCOV_LINK: https://github.com/mozilla/grcov/releases/download GRCOV_VERSION: v0.8.13 run: | curl -L "$GRCOV_LINK/$GRCOV_VERSION/grcov-x86_64-apple-darwin.tar.bz2" | tar xj -C $HOME/.cargo/bin - name: Install llvm-tools-preview run: | rustup component add llvm-tools-preview # Not necessary on a newly created image, but strictly advised - name: Run cargo clean run: | cargo clean - name: Run tests env: RUSTFLAGS: "-Cinstrument-coverage" LLVM_PROFILE_FILE: "{{ name }}-%p-%m.profraw" run: | cargo test --verbose - name: Get coverage data for codecov run: | grcov . --binary-path ./target/debug/ -s . -t lcov --branch \ --ignore-not-existing --ignore "/*" --ignore "../*" -o lcov.info - name: Codecov upload uses: codecov/codecov-action@v3 with: files: lcov.info - name: Get total coverage run: | # Remove lcov.info file to avoid function duplications rm -rf lcov.info grcov . --binary-path ./target/debug/ -s . -t covdir --branch \ --token YOUR_COVDIR_TOKEN --ignore-not-existing --ignore "/*" \ --ignore "../*" -o covdir.json - name: Evaluate code coverage value shell: bash run: | # Retrieve code coverage associated to the repository FLOAT_COVERAGE=$(jq '.coveragePercent' covdir.json) # Round the float value to the nearest value COVERAGE_OUTPUT=$(printf "%.0f" $FLOAT_COVERAGE) # If code coverage >= 80, green traffic light if [ $COVERAGE_OUTPUT -ge 80 ] then echo "$COVERAGE_OUTPUT > 80 --> Green" # If code coverage is >=60 but < 80, orange traffic light elif [ $COVERAGE_OUTPUT -ge 60 ] then echo "60 <= $COVERAGE_OUTPUT < 80 --> Orange" # Otherwise, red traffic light else echo "$COVERAGE_OUTPUT < 60 --> Red" exit 1 fi code-coverage-windows: needs: [build, docs] runs-on: windows-latest steps: - uses: actions/checkout@v4 - name: Install Rust stable uses: dtolnay/rust-toolchain@stable with: toolchain: stable - name: Install grcov env: GRCOV_LINK: https://github.com/mozilla/grcov/releases/download GRCOV_VERSION: v0.8.13 GRCOV_BINARY: grcov-x86_64-pc-windows-msvc.zip run: | curl -LO "$Env:GRCOV_LINK/$Env:GRCOV_VERSION/$Env:GRCOV_BINARY" 7z e -y "$Env:GRCOV_BINARY" -o"${env:USERPROFILE}\.cargo\bin" - name: Install llvm-tools-preview run: | rustup component add llvm-tools-preview # Not necessary on a newly created image, but strictly advised - name: Run cargo clean run: | cargo clean - name: Run tests env: RUSTFLAGS: "-Cinstrument-coverage" LLVM_PROFILE_FILE: "{{ name }}-%p-%m.profraw" run: | cargo test --verbose - name: Get coverage data for codecov run: | grcov . --binary-path ./target/debug/ -s . -t lcov --branch ` --ignore-not-existing --ignore "/*" --ignore "../*" -o lcov.info - name: Codecov upload uses: codecov/codecov-action@v3 with: files: lcov.info - name: Get total coverage run: | # Remove lcov.info file to avoid function duplications Remove-Item -fo lcov.info grcov . --binary-path ./target/debug/ -s . -t covdir --branch ` --token YOUR_COVDIR_TOKEN --ignore-not-existing --ignore "/*" ` --ignore "../*" -o covdir.json - name: Evaluate code coverage value shell: bash run: | # Retrieve code coverage associated to the repository FLOAT_COVERAGE=$(jq '.coveragePercent' covdir.json) # Round the float value to the nearest value COVERAGE_OUTPUT=$(printf "%.0f" $FLOAT_COVERAGE) # If code coverage >= 80, green traffic light if [ $COVERAGE_OUTPUT -ge 80 ] then echo "$COVERAGE_OUTPUT > 80 --> Green" # If code coverage is >=60 but < 80, orange traffic light elif [ $COVERAGE_OUTPUT -ge 60 ] then echo "60 <= $COVERAGE_OUTPUT < 80 --> Orange" # Otherwise, red traffic light else echo "$COVERAGE_OUTPUT < 60 --> Red" exit 1 fi weighted-code-coverage-ubuntu: needs: [build, docs] runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - name: Install Rust stable uses: dtolnay/rust-toolchain@stable with: toolchain: stable - name: Install grcov env: GRCOV_LINK: https://github.com/mozilla/grcov/releases/download GRCOV_VERSION: v0.8.13 GRCOV_BINARY: grcov-x86_64-unknown-linux-musl.tar.bz2 run: | curl -L "$GRCOV_LINK/$GRCOV_VERSION/$GRCOV_BINARY" | tar xj -C $HOME/.cargo/bin - name: Install weighted-code-coverage env: WCC_LINK: https://github.com/SoftengPoliTo/weighted-code-coverage/releases/download WCC_VERSION: v0.2.0 WCC_BINARY: weighted-code-coverage-0.2.0-x86_64-unknown-linux-gnu.tar.gz run: | curl -L "$WCC_LINK/$WCC_VERSION/$WCC_BINARY" | tar xz -C $HOME/.cargo/bin - name: Install llvm-tools-preview run: | rustup component add llvm-tools-preview # Not necessary on a newly created image, but strictly advised - name: Run cargo clean run: | cargo clean - name: Run tests env: RUSTFLAGS: "-Cinstrument-coverage" LLVM_PROFILE_FILE: "{{ name }}-%p-%m.profraw" run: | cargo test --verbose - name: Run grcov run: | grcov . --binary-path ./target/debug/ -t coveralls -s . --token YOUR_COVERALLS_TOKEN -o coveralls.json - name: Run weighted-code-coverage run: | mkdir $HOME/wcc-output weighted-code-coverage -p src/ -j coveralls.json -c cyclomatic --json $HOME/wcc-output/out.json - name: Upload weighted-code-coverage data uses: actions/upload-artifact@v3 with: name: weighted-code-coverage-ubuntu path: ~/wcc-output/out.json weighted-code-coverage-macos: needs: [build, docs] runs-on: macos-latest steps: - uses: actions/checkout@v4 - name: Install Rust stable uses: dtolnay/rust-toolchain@stable with: toolchain: stable - name: Install grcov env: GRCOV_LINK: https://github.com/mozilla/grcov/releases/download GRCOV_VERSION: v0.8.13 GRCOV_BINARY: grcov-x86_64-apple-darwin.tar.bz2 run: | curl -L "$GRCOV_LINK/$GRCOV_VERSION/$GRCOV_BINARY" | tar xj -C $HOME/.cargo/bin - name: Install weighted-code-coverage env: WCC_LINK: https://github.com/SoftengPoliTo/weighted-code-coverage/releases/download WCC_VERSION: v0.2.0 WCC_BINARY: weighted-code-coverage-0.2.0-x86_64-apple-darwin.tar.gz run: | curl -L "$WCC_LINK/$WCC_VERSION/$WCC_BINARY" | tar xz -C $HOME/.cargo/bin - name: Install llvm-tools-preview run: | rustup component add llvm-tools-preview # Not necessary on a newly created image, but strictly advised - name: Run cargo clean run: | cargo clean - name: Run tests env: RUSTFLAGS: "-Cinstrument-coverage" LLVM_PROFILE_FILE: "{{ name }}-%p-%m.profraw" run: | cargo test --verbose - name: Run grcov run: | grcov . --binary-path ./target/debug/ -t coveralls -s . --token YOUR_COVERALLS_TOKEN -o coveralls.json - name: Run weighted-code-coverage run: | mkdir $HOME/wcc-output weighted-code-coverage -p src/ -j coveralls.json -c cyclomatic --json $HOME/wcc-output/out.json - name: Upload weighted-code-coverage data uses: actions/upload-artifact@v3 with: name: weighted-code-coverage-macos path: ~/wcc-output/out.json weighted-code-coverage-windows: needs: [build, docs] runs-on: windows-latest steps: - uses: actions/checkout@v4 - name: Install Rust stable uses: dtolnay/rust-toolchain@stable with: toolchain: stable - name: Install grcov env: GRCOV_LINK: https://github.com/mozilla/grcov/releases/download GRCOV_VERSION: v0.8.13 GRCOV_BINARY: grcov-x86_64-pc-windows-msvc.zip run: | curl -LO "$Env:GRCOV_LINK/$Env:GRCOV_VERSION/$Env:GRCOV_BINARY" 7z e -y "$Env:GRCOV_BINARY" -o"${env:USERPROFILE}\.cargo\bin" - name: Install weighted-code-coverage env: WCC_LINK: https://github.com/SoftengPoliTo/weighted-code-coverage/releases/download WCC_VERSION: v0.2.0 WCC_BINARY: weighted-code-coverage-0.2.0-x86_64-pc-windows-msvc.zip run: | curl -LO "$Env:WCC_LINK/$Env:WCC_VERSION/$Env:WCC_BINARY" 7z e -y "$Env:WCC_BINARY" -o"${env:USERPROFILE}\.cargo\bin" - name: Install llvm-tools-preview run: | rustup component add llvm-tools-preview # Not necessary on a newly created image, but strictly advised - name: Run cargo clean run: | cargo clean - name: Run tests env: RUSTFLAGS: "-Cinstrument-coverage" LLVM_PROFILE_FILE: "{{ name }}-%p-%m.profraw" run: | cargo test --verbose - name: Run grcov run: | grcov . --binary-path ./target/debug/ -t coveralls -s . --token YOUR_COVERALLS_TOKEN -o coveralls.json - name: Run weighted-code-coverage run: | mkdir $HOME/wcc-output weighted-code-coverage -p src/ -j coveralls.json -c cyclomatic --json $HOME/wcc-output/out.json - name: Upload weighted-code-coverage data uses: actions/upload-artifact@v3 with: name: weighted-code-coverage-windows path: ~/wcc-output/out.json ################################## DEPENDENCY LAYER ########################### audit-ubuntu: needs: [code-coverage-ubuntu, weighted-code-coverage-ubuntu] runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - name: Check dependencies changes uses: dorny/paths-filter@v2 id: changes with: filters: | cargo: - 'Cargo.toml' - 'Cargo.lock' - name: Run cargo-audit if: steps.changes.outputs.cargo == 'true' uses: actions-rs/audit-check@v1 with: token: {{ '${{ secrets.GITHUB_TOKEN }}' }} deny-ubuntu: needs: [code-coverage-ubuntu, weighted-code-coverage-ubuntu] runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - name: Check dependencies changes uses: dorny/paths-filter@v2 id: changes with: filters: | cargo: - 'Cargo.toml' - 'Cargo.lock' - name: Install Rust stable if: steps.changes.outputs.cargo == 'true' uses: dtolnay/rust-toolchain@stable with: toolchain: stable - name: Install cargo-deny if: steps.changes.outputs.cargo == 'true' env: DENY_LINK: https://github.com/EmbarkStudios/cargo-deny/releases/download DENY_VERSION: 0.13.7 run: | curl -L "$DENY_LINK/$DENY_VERSION/cargo-deny-$DENY_VERSION-x86_64-unknown-linux-musl.tar.gz" | tar xz -C $HOME/.cargo/bin --strip-components 1 - name: Run cargo-deny if: steps.changes.outputs.cargo == 'true' run: | cargo deny init cargo deny check bans # cargo deny check licenses udeps-ubuntu: needs: [code-coverage-ubuntu, weighted-code-coverage-ubuntu] runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - name: Check dependencies changes uses: dorny/paths-filter@v2 id: changes with: filters: | cargo: - 'Cargo.toml' - 'Cargo.lock' - name: Install Rust nightly if: steps.changes.outputs.cargo == 'true' uses: dtolnay/rust-toolchain@nightly with: toolchain: nightly - name: Install cargo-udeps if: steps.changes.outputs.cargo == 'true' env: UDEPS_LINK: https://github.com/est31/cargo-udeps/releases/download UDEPS_VERSION: v0.1.35 run: | curl -L "$UDEPS_LINK/$UDEPS_VERSION/cargo-udeps-$UDEPS_VERSION-x86_64-unknown-linux-gnu.tar.gz" | tar xz -C $HOME/.cargo/bin --strip-components 2 - name: Run cargo-udeps if: steps.changes.outputs.cargo == 'true' run: | cargo +nightly udeps --all-targets audit-macos: needs: [code-coverage-macos, weighted-code-coverage-macos] runs-on: macos-latest steps: - uses: actions/checkout@v4 - name: Check dependencies changes uses: dorny/paths-filter@v2 id: changes with: filters: | cargo: - 'Cargo.toml' - 'Cargo.lock' - name: Run cargo-audit if: steps.changes.outputs.cargo == 'true' uses: actions-rs/audit-check@v1 with: token: {{ '${{ secrets.GITHUB_TOKEN }}' }} deny-macos: needs: [code-coverage-macos, weighted-code-coverage-macos] runs-on: macos-latest steps: - uses: actions/checkout@v4 - name: Check dependencies changes uses: dorny/paths-filter@v2 id: changes with: filters: | cargo: - 'Cargo.toml' - 'Cargo.lock' - name: Install Rust stable if: steps.changes.outputs.cargo == 'true' uses: dtolnay/rust-toolchain@stable with: toolchain: stable - name: Install cargo-deny if: steps.changes.outputs.cargo == 'true' env: DENY_LINK: https://github.com/EmbarkStudios/cargo-deny/releases/download DENY_VERSION: 0.13.7 run: | curl -L "$DENY_LINK/$DENY_VERSION/cargo-deny-$DENY_VERSION-x86_64-apple-darwin.tar.gz" | tar xz -C $HOME/.cargo/bin --strip-components 1 - name: Run cargo-deny if: steps.changes.outputs.cargo == 'true' run: | cargo deny init cargo deny check bans # cargo deny check licenses udeps-macos: needs: [code-coverage-macos, weighted-code-coverage-macos] runs-on: macos-latest steps: - uses: actions/checkout@v4 - name: Check dependencies changes uses: dorny/paths-filter@v2 id: changes with: filters: | cargo: - 'Cargo.toml' - 'Cargo.lock' - name: Install Rust nightly if: steps.changes.outputs.cargo == 'true' uses: dtolnay/rust-toolchain@nightly with: toolchain: nightly - name: Install cargo-udeps if: steps.changes.outputs.cargo == 'true' env: UDEPS_LINK: https://github.com/est31/cargo-udeps/releases/download UDEPS_VERSION: v0.1.35 run: | curl -L "$UDEPS_LINK/$UDEPS_VERSION/cargo-udeps-$UDEPS_VERSION-x86_64-apple-darwin.tar.gz" | tar xz -C $HOME/.cargo/bin --strip-components 2 - name: Run cargo-udeps if: steps.changes.outputs.cargo == 'true' run: | cargo +nightly udeps --all-targets audit-windows: needs: [code-coverage-windows, weighted-code-coverage-windows] runs-on: windows-latest steps: - uses: actions/checkout@v4 - name: Check dependencies changes uses: dorny/paths-filter@v2 id: changes with: filters: | cargo: - 'Cargo.toml' - 'Cargo.lock' - name: Run cargo-audit if: steps.changes.outputs.cargo == 'true' uses: actions-rs/audit-check@v1 with: token: {{ '${{ secrets.GITHUB_TOKEN }}' }} deny-windows: needs: [code-coverage-windows, weighted-code-coverage-windows] runs-on: windows-latest steps: - uses: actions/checkout@v4 - name: Check dependencies changes uses: dorny/paths-filter@v2 id: changes with: filters: | cargo: - 'Cargo.toml' - 'Cargo.lock' - name: Install Rust stable if: steps.changes.outputs.cargo == 'true' uses: dtolnay/rust-toolchain@stable with: toolchain: stable - name: Install cargo-deny if: steps.changes.outputs.cargo == 'true' env: DENY_LINK: https://github.com/EmbarkStudios/cargo-deny/releases/download DENY_VERSION: 0.13.7 run: | $DENY_BINARY = "cargo-deny-$Env:DENY_VERSION-x86_64-pc-windows-msvc.tar.gz" curl -LO "$Env:DENY_LINK/$Env:DENY_VERSION/$DENY_BINARY" tar xz -C "${env:USERPROFILE}\.cargo\bin" -f $DENY_BINARY --strip-components 1 - name: Run cargo-deny if: steps.changes.outputs.cargo == 'true' run: | cargo deny init cargo deny check bans # cargo deny check licenses udeps-windows: needs: [code-coverage-windows, weighted-code-coverage-windows] runs-on: windows-latest steps: - uses: actions/checkout@v4 - name: Check dependencies changes uses: dorny/paths-filter@v2 id: changes with: filters: | cargo: - 'Cargo.toml' - 'Cargo.lock' - name: Install Rust nightly if: steps.changes.outputs.cargo == 'true' uses: dtolnay/rust-toolchain@nightly with: toolchain: nightly - name: Install cargo-udeps if: steps.changes.outputs.cargo == 'true' env: UDEPS_LINK: https://github.com/est31/cargo-udeps/releases/download UDEPS_VERSION: v0.1.35 run: | $UDEPS_BINARY = "cargo-udeps-$Env:UDEPS_VERSION-x86_64-pc-windows-msvc.zip" curl -LO "$Env:UDEPS_LINK/$Env:UDEPS_VERSION/$UDEPS_BINARY" 7z e -y "$UDEPS_BINARY" -o"${env:USERPROFILE}\.cargo\bin" - name: Run cargo-udeps if: steps.changes.outputs.cargo == 'true' run: | cargo +nightly udeps --all-targets ################################## UNSAFE CHECKS LAYER ######################### valgrind-ubuntu: needs: [audit-ubuntu, deny-ubuntu, udeps-ubuntu] runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - name: Install valgrind run: | sudo apt-get install valgrind - name: Install cargo-valgrind env: VALGRIND_LINK: https://github.com/jfrimmel/cargo-valgrind/releases/download VALGRIND_VERSION: 2.1.0 run: | curl -L "$VALGRIND_LINK/v$VALGRIND_VERSION/cargo-valgrind-$VALGRIND_VERSION-x86_64-unknown-linux-musl.tar.gz" | tar xz -C $HOME/.cargo/bin # Usage of the `help` command as base command, please replace it # with the effective command that valgrind has to analyze - name: Run cargo-valgrind run: | cargo valgrind run -- --help # cargo valgrind test careful-ubuntu: needs: [audit-ubuntu, deny-ubuntu, udeps-ubuntu] runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - name: Install Rust nightly uses: dtolnay/rust-toolchain@nightly with: toolchain: nightly components: rust-src - name: Install cargo-careful env: CAREFUL_LINK: https://github.com/RalfJung/cargo-careful/releases/download CAREFUL_VERSION: 0.3.4 run: | curl -L "$CAREFUL_LINK/v$CAREFUL_VERSION/cargo-careful.x86_64-unknown-linux-musl" \ --output $HOME/.cargo/bin/cargo-careful chmod +x $HOME/.cargo/bin/cargo-careful - name: Run cargo-careful run: | cargo +nightly careful test # cargo +nightly careful run address-sanitizer-ubuntu: needs: [audit-ubuntu, deny-ubuntu, udeps-ubuntu] runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - name: Install Rust nightly uses: dtolnay/rust-toolchain@nightly with: toolchain: nightly components: rust-src - name: Run AddressSanitizer env: RUSTFLAGS: -Zsanitizer=address -Copt-level=3 RUSTDOCFLAGS: -Zsanitizer=address run: cargo test -Zbuild-std --target x86_64-unknown-linux-gnu # Use `cargo run` for the analysis of a binary. # Usage of the `help` command as base command, please replace it # with the effective command that AddressSanitizer has to analyze # run: cargo run -Zbuild-std --target x86_64-unknown-linux-gnu -- --help careful-macos: needs: [audit-macos, deny-macos, udeps-macos] runs-on: macos-latest steps: - uses: actions/checkout@v4 - name: Install Rust nightly uses: dtolnay/rust-toolchain@nightly with: toolchain: nightly components: rust-src - name: Install cargo-careful env: CAREFUL_LINK: https://github.com/RalfJung/cargo-careful/releases/download CAREFUL_VERSION: 0.3.4 run: | curl -L "$CAREFUL_LINK/v$CAREFUL_VERSION/cargo-careful.x86_64-apple-darwin" \ --output $HOME/.cargo/bin/cargo-careful chmod +x $HOME/.cargo/bin/cargo-careful - name: Run cargo-careful run: | cargo +nightly careful test # cargo +nightly careful run address-sanitizer-macos: needs: [audit-macos, deny-macos, udeps-macos] runs-on: macos-latest steps: - uses: actions/checkout@v4 - name: Install Rust nightly uses: dtolnay/rust-toolchain@nightly with: toolchain: nightly components: rust-src # Usage of the `help` command as base command, please replace it # with the effective command that AddressSanitizer has to analyze - name: Run AddressSanitizer env: RUSTFLAGS: -Zsanitizer=address -Copt-level=3 RUSTDOCFLAGS: -Zsanitizer=address run: cargo test -Zbuild-std --target x86_64-apple-darwin # Use `cargo run` for the analysis of a binary. # Usage of the `help` command as base command, please replace it # with the effective command that AddressSanitizer has to analyze # run: cargo run -Zbuild-std --target x86_64-apple-darwin -- --help careful-windows: needs: [audit-windows, deny-windows, udeps-windows] runs-on: windows-latest steps: - uses: actions/checkout@v4 - name: Install Rust nightly uses: dtolnay/rust-toolchain@nightly with: toolchain: nightly components: rust-src - name: Install cargo-careful env: CAREFUL_LINK: https://github.com/RalfJung/cargo-careful/releases/download CAREFUL_VERSION: 0.3.4 run: | curl -LO "$Env:CAREFUL_LINK/v$Env:CAREFUL_VERSION/cargo-careful.exe" ` --output-dir "${env:USERPROFILE}\.cargo\bin" - name: Run cargo-careful run: | cargo +nightly careful test # cargo +nightly careful run ################################## FUZZING LAYER ############################### fuzzing-ubuntu: needs: [valgrind-ubuntu, careful-ubuntu, address-sanitizer-ubuntu] runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - name: Install Rust nightly uses: dtolnay/rust-toolchain@nightly with: toolchain: nightly - name: Install cargo-fuzz env: FUZZ_LINK: https://github.com/rust-fuzz/cargo-fuzz/releases/download FUZZ_VERSION: 0.11.2 run: | curl -L "$FUZZ_LINK/$FUZZ_VERSION/cargo-fuzz-$FUZZ_VERSION-x86_64-unknown-linux-musl.tar.gz" | tar xz -C $HOME/.cargo/bin - name: Run cargo-fuzz run: cargo fuzz build --target x86_64-unknown-linux-gnu fuzzing-macos: needs: [careful-macos, address-sanitizer-macos] runs-on: macos-latest steps: - uses: actions/checkout@v4 - name: Install Rust nightly uses: dtolnay/rust-toolchain@nightly with: toolchain: nightly - name: Install cargo-fuzz env: FUZZ_LINK: https://github.com/rust-fuzz/cargo-fuzz/releases/download FUZZ_VERSION: 0.11.2 run: | curl -L "$FUZZ_LINK/$FUZZ_VERSION/cargo-fuzz-$FUZZ_VERSION-x86_64-apple-darwin.tar.gz" | tar xz -C $HOME/.cargo/bin - name: Run cargo-fuzz run: cargo fuzz build