Update CI.

This commit is contained in:
Luca Palmieri 2023-02-18 16:24:47 +00:00
parent 1a4da5b2db
commit 35b3436795
5 changed files with 61 additions and 152 deletions

View file

@ -1,14 +0,0 @@
name: Security audit
on:
push:
paths:
- '**/Cargo.toml'
- '**/Cargo.lock'
jobs:
security_audit:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- uses: actions-rs/audit-check@v1
with:
token: ${{ secrets.GITHUB_TOKEN }}

16
.github/workflows/audit.yml vendored Normal file
View file

@ -0,0 +1,16 @@
name: Security audit
on:
schedule:
- cron: '0 0 * * *'
push:
paths:
- '**/Cargo.toml'
- '**/Cargo.lock'
jobs:
security_audit:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: taiki-e/install-action@cargo-deny
- name: Scan for vulnerabilities
run: cargo deny check advisories

View file

@ -14,6 +14,8 @@ on:
env:
CARGO_TERM_COLOR: always
SQLX_VERSION: 0.6.2
SQLX_FEATURES: "rustls,postgres"
jobs:
test:
@ -21,195 +23,112 @@ jobs:
runs-on: ubuntu-latest
services:
postgres:
image: postgres:12
image: postgres:15
env:
POSTGRES_USER: postgres
POSTGRES_PASSWORD: password
POSTGRES_DB: postgres
ports:
- 5432:5432
env:
SQLX_VERSION: 0.6.2
SQLX_FEATURES: "rustls,postgres"
steps:
- name: Checkout repository
uses: actions/checkout@v2
- name: Cache dependencies
id: cache-dependencies
uses: actions/cache@v2
- uses: actions/checkout@v3
- uses: dtolnay/rust-toolchain@stable
- uses: Swatinem/rust-cache@v2
with:
path: |
~/.cargo/registry
~/.cargo/git
target
key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
- name: Install stable toolchain
uses: actions-rs/toolchain@v1
with:
profile: minimal
toolchain: stable
override: true
- name: Cache sqlx-cli
uses: actions/cache@v2
id: cache-sqlx
with:
path: |
~/.cargo/bin/sqlx
~/.cargo/bin/cargo-sqlx
key: ${{ runner.os }}-sqlx-${{ env.SQLX_VERSION }}
key: sqlx-${{ env.SQLX_VERSION }}
- name: Install sqlx-cli
uses: actions-rs/cargo@v1
if: steps.cache-sqlx.outputs.cache-hit == false
with:
command: install
args: >
sqlx-cli
--force
run:
cargo install sqlx-cli
--version=${{ env.SQLX_VERSION }}
--features ${{ env.SQLX_FEATURES }}
--no-default-features
--locked
- name: Migrate database
run: |
sudo apt-get install libpq-dev -y
SKIP_DOCKER=true ./scripts/init_db.sh
- name: Check sqlx-data.json is up-to-date
run: |
cargo sqlx prepare --check -- --bin zero2prod
- name: Run cargo test
uses: actions-rs/cargo@v1
with:
command: test
- name: Run tests
run: cargo test
fmt:
name: Rustfmt
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: actions-rs/toolchain@v1
- uses: actions/checkout@v3
- uses: dtolnay/rust-toolchain@stable
with:
toolchain: stable
override: true
components: rustfmt
- uses: actions-rs/cargo@v1
with:
command: fmt
args: --all -- --check
- name: Enforce formatting
run: cargo fmt --check
clippy:
name: Clippy
runs-on: ubuntu-latest
services:
postgres:
image: postgres:12
image: postgres:15
env:
POSTGRES_USER: postgres
POSTGRES_PASSWORD: password
POSTGRES_DB: postgres
ports:
- 5432:5432
env:
SQLX_VERSION: 0.6.2
SQLX_FEATURES: "rustls,postgres"
steps:
- name: Checkout repository
uses: actions/checkout@v2
- name: Install stable toolchain
uses: actions-rs/toolchain@v1
- uses: actions/checkout@v3
- uses: dtolnay/rust-toolchain@stable
with:
toolchain: stable
components: clippy
override: true
- name: Cache sqlx-cli
uses: actions/cache@v2
id: cache-sqlx
- uses: Swatinem/rust-cache@v2
with:
path: |
~/.cargo/bin/sqlx
key: ${{ runner.os }}-sqlx-${{ env.SQLX_VERSION }}
key: sqlx-${{ env.SQLX_VERSION }}
- name: Install sqlx-cli
uses: actions-rs/cargo@v1
if: steps.cache-sqlx.outputs.cache-hit == false
with:
command: install
args: >
sqlx-cli
--force
run:
cargo install sqlx-cli
--version=${{ env.SQLX_VERSION }}
--features ${{ env.SQLX_FEATURES }}
--no-default-features
--locked
- name: Migrate database
run: |
sudo apt-get install libpq-dev -y
SKIP_DOCKER=true ./scripts/init_db.sh
- name: Run clippy
uses: actions-rs/clippy-check@v1
with:
token: ${{ secrets.GITHUB_TOKEN }}
args: -- -D warnings
- name: Linting
run: cargo clippy -- -D warnings
coverage:
name: Code coverage
runs-on: ubuntu-latest
services:
postgres:
image: postgres:12
image: postgres:15
env:
POSTGRES_USER: postgres
POSTGRES_PASSWORD: password
POSTGRES_DB: postgres
ports:
- 5432:5432
env:
SQLX_VERSION: 0.6.2
SQLX_FEATURES: "rustls,postgres"
steps:
- name: Checkout repository
uses: actions/checkout@v2
- name: Install stable toolchain
uses: actions-rs/toolchain@v1
uses: actions/checkout@v3
- uses: dtolnay/rust-toolchain@stable
- name: Install libpq
run: sudo apt-get update && sudo apt-get install postgresql-client -y
- uses: Swatinem/rust-cache@v2
with:
toolchain: stable
override: true
- name: Cache sqlx-cli
uses: actions/cache@v2
id: cache-sqlx
with:
path: |
~/.cargo/bin/sqlx
key: ${{ runner.os }}-sqlx-${{ env.SQLX_VERSION }}
key: sqlx-${{ env.SQLX_VERSION }}
- name: Install tarpaulin
run: cargo install cargo-tarpaulin
- name: Install sqlx-cli
uses: actions-rs/cargo@v1
if: steps.cache-sqlx.outputs.cache-hit == false
with:
command: install
args: >
sqlx-cli
--force
run:
cargo install sqlx-cli
--version=${{ env.SQLX_VERSION }}
--features ${{ env.SQLX_FEATURES }}
--no-default-features
--locked
- name: Migrate database
run: |
sudo apt-get install libpq-dev -y
SKIP_DOCKER=true ./scripts/init_db.sh
- name: Run cargo-tarpaulin
uses: actions-rs/tarpaulin@v0.1
with:
args: '--ignore-tests --avoid-cfg-tarpaulin'
run: SKIP_DOCKER=true ./scripts/init_db.sh
- name: Generate code coverage
run: cargo tarpaulin --verbose --workspace

View file

@ -1,12 +0,0 @@
name: Security audit
on:
schedule:
- cron: '0 0 * * *'
jobs:
audit:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- uses: actions-rs/audit-check@v1
with:
token: ${{ secrets.GITHUB_TOKEN }}

View file

@ -56,7 +56,7 @@ done
>&2 echo "Postgres is up and running on port ${DB_PORT} - running migrations now!"
export DATABASE_URL=postgres://${DB_USER}:${DB_PASSWORD}@localhost:${DB_PORT}/${DB_NAME}
export DATABASE_URL=postgres://${DB_USER}:${DB_PASSWORD}@${DB_HOST}:${DB_PORT}/${DB_NAME}
sqlx database create
sqlx migrate run