mirror of
https://github.com/LukeMathWalker/zero-to-production.git
synced 2024-12-18 05:56:35 +00:00
Update CI.
This commit is contained in:
parent
7cdcdb8e0d
commit
0924a7069c
5 changed files with 63 additions and 156 deletions
14
.github/workflows/audit-on-push.yml
vendored
14
.github/workflows/audit-on-push.yml
vendored
|
@ -1,14 +0,0 @@
|
|||
name: Security audit
|
||||
on:
|
||||
push:
|
||||
paths:
|
||||
- '**/Cargo.toml'
|
||||
- '**/Cargo.lock'
|
||||
jobs:
|
||||
security_audit:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v1
|
||||
- uses: actions-rs/audit-check@v1
|
||||
with:
|
||||
token: ${{ secrets.GITHUB_TOKEN }}
|
16
.github/workflows/audit.yml
vendored
Normal file
16
.github/workflows/audit.yml
vendored
Normal file
|
@ -0,0 +1,16 @@
|
|||
name: Security audit
|
||||
on:
|
||||
schedule:
|
||||
- cron: '0 0 * * *'
|
||||
push:
|
||||
paths:
|
||||
- '**/Cargo.toml'
|
||||
- '**/Cargo.lock'
|
||||
jobs:
|
||||
security_audit:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
- uses: taiki-e/install-action@cargo-deny
|
||||
- name: Scan for vulnerabilities
|
||||
run: cargo deny check advisories
|
175
.github/workflows/general.yml
vendored
175
.github/workflows/general.yml
vendored
|
@ -14,6 +14,8 @@ on:
|
|||
|
||||
env:
|
||||
CARGO_TERM_COLOR: always
|
||||
SQLX_VERSION: 0.6.2
|
||||
SQLX_FEATURES: "rustls,postgres"
|
||||
|
||||
jobs:
|
||||
test:
|
||||
|
@ -21,7 +23,7 @@ jobs:
|
|||
runs-on: ubuntu-latest
|
||||
services:
|
||||
postgres:
|
||||
image: postgres:12
|
||||
image: postgres:15
|
||||
env:
|
||||
POSTGRES_USER: postgres
|
||||
POSTGRES_PASSWORD: password
|
||||
|
@ -29,147 +31,83 @@ jobs:
|
|||
ports:
|
||||
- 5432:5432
|
||||
redis:
|
||||
image: redis:6
|
||||
image: redis:7
|
||||
ports:
|
||||
- 6379:6379
|
||||
env:
|
||||
SQLX_VERSION: 0.6.2
|
||||
SQLX_FEATURES: "rustls,postgres"
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v2
|
||||
|
||||
- name: Cache dependencies
|
||||
id: cache-dependencies
|
||||
uses: actions/cache@v2
|
||||
- uses: actions/checkout@v3
|
||||
- uses: dtolnay/rust-toolchain@stable
|
||||
- uses: Swatinem/rust-cache@v2
|
||||
with:
|
||||
path: |
|
||||
~/.cargo/registry
|
||||
~/.cargo/git
|
||||
target
|
||||
key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
|
||||
|
||||
- name: Install stable toolchain
|
||||
uses: actions-rs/toolchain@v1
|
||||
with:
|
||||
profile: minimal
|
||||
toolchain: stable
|
||||
override: true
|
||||
|
||||
- name: Cache sqlx-cli
|
||||
uses: actions/cache@v2
|
||||
id: cache-sqlx
|
||||
with:
|
||||
path: |
|
||||
~/.cargo/bin/sqlx
|
||||
~/.cargo/bin/cargo-sqlx
|
||||
key: ${{ runner.os }}-sqlx-${{ env.SQLX_VERSION }}
|
||||
key: sqlx-${{ env.SQLX_VERSION }}
|
||||
- name: Install sqlx-cli
|
||||
uses: actions-rs/cargo@v1
|
||||
if: steps.cache-sqlx.outputs.cache-hit == false
|
||||
with:
|
||||
command: install
|
||||
args: >
|
||||
sqlx-cli
|
||||
--force
|
||||
run:
|
||||
cargo install sqlx-cli
|
||||
--version=${{ env.SQLX_VERSION }}
|
||||
--features ${{ env.SQLX_FEATURES }}
|
||||
--no-default-features
|
||||
--locked
|
||||
|
||||
- name: Migrate database
|
||||
run: |
|
||||
sudo apt-get install libpq-dev -y
|
||||
SKIP_DOCKER=true ./scripts/init_db.sh
|
||||
|
||||
- name: Check sqlx-data.json is up-to-date
|
||||
run: |
|
||||
cargo sqlx prepare --check -- --bin zero2prod
|
||||
|
||||
- name: Run cargo test
|
||||
uses: actions-rs/cargo@v1
|
||||
with:
|
||||
command: test
|
||||
- name: Run tests
|
||||
run: cargo test
|
||||
|
||||
fmt:
|
||||
name: Rustfmt
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
- uses: actions-rs/toolchain@v1
|
||||
- uses: actions/checkout@v3
|
||||
- uses: dtolnay/rust-toolchain@stable
|
||||
with:
|
||||
toolchain: stable
|
||||
override: true
|
||||
components: rustfmt
|
||||
- uses: actions-rs/cargo@v1
|
||||
with:
|
||||
command: fmt
|
||||
args: --all -- --check
|
||||
- name: Enforce formatting
|
||||
run: cargo fmt --check
|
||||
|
||||
clippy:
|
||||
name: Clippy
|
||||
runs-on: ubuntu-latest
|
||||
services:
|
||||
postgres:
|
||||
image: postgres:12
|
||||
image: postgres:15
|
||||
env:
|
||||
POSTGRES_USER: postgres
|
||||
POSTGRES_PASSWORD: password
|
||||
POSTGRES_DB: postgres
|
||||
ports:
|
||||
- 5432:5432
|
||||
env:
|
||||
SQLX_VERSION: 0.6.2
|
||||
SQLX_FEATURES: "rustls,postgres"
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v2
|
||||
|
||||
- name: Install stable toolchain
|
||||
uses: actions-rs/toolchain@v1
|
||||
- uses: actions/checkout@v3
|
||||
- uses: dtolnay/rust-toolchain@stable
|
||||
with:
|
||||
toolchain: stable
|
||||
components: clippy
|
||||
override: true
|
||||
|
||||
- name: Cache sqlx-cli
|
||||
uses: actions/cache@v2
|
||||
id: cache-sqlx
|
||||
- uses: Swatinem/rust-cache@v2
|
||||
with:
|
||||
path: |
|
||||
~/.cargo/bin/sqlx
|
||||
key: ${{ runner.os }}-sqlx-${{ env.SQLX_VERSION }}
|
||||
|
||||
- name: Install sqlx-cli
|
||||
uses: actions-rs/cargo@v1
|
||||
if: steps.cache-sqlx.outputs.cache-hit == false
|
||||
with:
|
||||
command: install
|
||||
args: >
|
||||
sqlx-cli
|
||||
--force
|
||||
key: sqlx-${{ env.SQLX_VERSION }}
|
||||
- name: Install sqlx-cli
|
||||
run:
|
||||
cargo install sqlx-cli
|
||||
--version=${{ env.SQLX_VERSION }}
|
||||
--features ${{ env.SQLX_FEATURES }}
|
||||
--no-default-features
|
||||
--locked
|
||||
|
||||
- name: Migrate database
|
||||
run: |
|
||||
sudo apt-get install libpq-dev -y
|
||||
SKIP_DOCKER=true ./scripts/init_db.sh
|
||||
|
||||
- name: Run clippy
|
||||
uses: actions-rs/clippy-check@v1
|
||||
with:
|
||||
token: ${{ secrets.GITHUB_TOKEN }}
|
||||
args: -- -D warnings
|
||||
- name: Linting
|
||||
run: cargo clippy -- -D warnings
|
||||
|
||||
coverage:
|
||||
name: Code coverage
|
||||
runs-on: ubuntu-latest
|
||||
services:
|
||||
postgres:
|
||||
image: postgres:12
|
||||
image: postgres:15
|
||||
env:
|
||||
POSTGRES_USER: postgres
|
||||
POSTGRES_PASSWORD: password
|
||||
|
@ -177,49 +115,28 @@ jobs:
|
|||
ports:
|
||||
- 5432:5432
|
||||
redis:
|
||||
image: redis:6
|
||||
image: redis:7
|
||||
ports:
|
||||
- 6379:6379
|
||||
env:
|
||||
SQLX_VERSION: 0.6.2
|
||||
SQLX_FEATURES: "rustls,postgres"
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v2
|
||||
|
||||
- name: Install stable toolchain
|
||||
uses: actions-rs/toolchain@v1
|
||||
uses: actions/checkout@v3
|
||||
- uses: dtolnay/rust-toolchain@stable
|
||||
- name: Install libpq
|
||||
run: sudo apt-get update && sudo apt-get install postgresql-client -y
|
||||
- uses: Swatinem/rust-cache@v2
|
||||
with:
|
||||
toolchain: stable
|
||||
override: true
|
||||
|
||||
- name: Cache sqlx-cli
|
||||
uses: actions/cache@v2
|
||||
id: cache-sqlx
|
||||
with:
|
||||
path: |
|
||||
~/.cargo/bin/sqlx
|
||||
key: ${{ runner.os }}-sqlx-${{ env.SQLX_VERSION }}
|
||||
|
||||
- name: Install sqlx-cli
|
||||
uses: actions-rs/cargo@v1
|
||||
if: steps.cache-sqlx.outputs.cache-hit == false
|
||||
with:
|
||||
command: install
|
||||
args: >
|
||||
sqlx-cli
|
||||
--force
|
||||
--version=${{ env.SQLX_VERSION }}
|
||||
--features ${{ env.SQLX_FEATURES }}
|
||||
--no-default-features
|
||||
--locked
|
||||
|
||||
key: sqlx-${{ env.SQLX_VERSION }}
|
||||
- name: Install tarpaulin
|
||||
run: cargo install cargo-tarpaulin
|
||||
- name: Install sqlx-cli
|
||||
run:
|
||||
cargo install sqlx-cli
|
||||
--version=${{ env.SQLX_VERSION }}
|
||||
--features ${{ env.SQLX_FEATURES }}
|
||||
--no-default-features
|
||||
--locked
|
||||
- name: Migrate database
|
||||
run: |
|
||||
sudo apt-get install libpq-dev -y
|
||||
SKIP_DOCKER=true ./scripts/init_db.sh
|
||||
|
||||
- name: Run cargo-tarpaulin
|
||||
uses: actions-rs/tarpaulin@v0.1
|
||||
with:
|
||||
args: '--ignore-tests --avoid-cfg-tarpaulin'
|
||||
run: SKIP_DOCKER=true ./scripts/init_db.sh
|
||||
- name: Generate code coverage
|
||||
run: cargo tarpaulin --verbose --workspace
|
||||
|
|
12
.github/workflows/scheduled-audit.yml
vendored
12
.github/workflows/scheduled-audit.yml
vendored
|
@ -1,12 +0,0 @@
|
|||
name: Security audit
|
||||
on:
|
||||
schedule:
|
||||
- cron: '0 0 * * *'
|
||||
jobs:
|
||||
audit:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v1
|
||||
- uses: actions-rs/audit-check@v1
|
||||
with:
|
||||
token: ${{ secrets.GITHUB_TOKEN }}
|
|
@ -56,7 +56,7 @@ done
|
|||
|
||||
>&2 echo "Postgres is up and running on port ${DB_PORT} - running migrations now!"
|
||||
|
||||
export DATABASE_URL=postgres://${DB_USER}:${DB_PASSWORD}@localhost:${DB_PORT}/${DB_NAME}
|
||||
export DATABASE_URL=postgres://${DB_USER}:${DB_PASSWORD}@${DB_HOST}:${DB_PORT}/${DB_NAME}
|
||||
sqlx database create
|
||||
sqlx migrate run
|
||||
|
||||
|
|
Loading…
Reference in a new issue