starship/.github/workflows/workflow.yml
Thomas O'Donnell 4f481e0a7d
ci: refactor GitHub Actions workflow file (#1249)
* Clean up the workflow file

This removes the trailing whitespace from the workflow, removes an
unused step and fixes up some yaml formatting.

* Make the caching more aggressive

This makes the caching more aggressive by allowing for partial
restoration of the cached data and use the cache for more jobs.

* Run all the tests in parallel

Have stopped the testsuites from requiring the compile checks, Github
Actions doesn't mind that we are running multiple tests in parallel and
this does over a bit of a speed up.

* Separate Security Audit into a separate workflow

Have moved the Cargo Audit check into it's own workflow and switched it
to use the `actions-rs/audit-check` to simplify the setup. Have also
added in a daily security scan.
2020-05-24 20:45:47 -04:00

342 lines
11 KiB
YAML

---
name: Main workflow
on:
push:
paths-ignore:
- "docs/**"
- "**.md"
pull_request:
paths-ignore:
- "docs/**"
- "**.md"
jobs:
# Run the `rustfmt` code formatter
rustfmt:
name: Rustfmt [Formatter]
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: actions-rs/toolchain@v1
with:
profile: minimal
toolchain: stable
components: rustfmt
override: true
- uses: actions-rs/cargo@v1
with:
command: fmt
args: --all -- --check
# Run the `clippy` linting tool
clippy:
name: Clippy [Linter]
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: actions-rs/toolchain@v1
with:
profile: minimal
toolchain: stable
components: clippy
override: true
- uses: actions-rs/clippy-check@v1
with:
token: ${{ secrets.GITHUB_TOKEN }}
args: --all-targets --all-features -- -D clippy::all
# Ensure that the project could be successfully compiled
cargo_check:
name: Compile
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Cache cargo registry
uses: actions/cache@v1
with:
path: ~/.cargo/registry
key: ${{ runner.os }}-cargo-registry-${{ hashFiles('**/Cargo.lock') }}
restore-keys: |
${{ runner.os }}-cargo-registry-
- name: Cache cargo index
uses: actions/cache@v1
with:
path: ~/.cargo/git
key: ${{ runner.os }}-cargo-index-${{ hashFiles('**/Cargo.lock') }}
restore-keys: |
${{ runner.os }}-cargo-index-
- name: Cache cargo build
uses: actions/cache@v1
with:
path: target
key: ${{ runner.os }}-cargo-build-target-${{ hashFiles('**/Cargo.lock') }}
- uses: actions-rs/toolchain@v1
with:
profile: minimal
toolchain: stable
override: true
- uses: actions-rs/cargo@v1
with:
command: check
args: --all
# Run tests on Linux, macOS, and Windows
# On both Rust stable and Rust nightly
test:
name: Test Suite
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
os: [ubuntu-latest, macOS-latest, windows-latest]
rust: [stable, nightly]
steps:
# Checkout the branch being tested
- uses: actions/checkout@v2
# Cache files between builds
- name: Cache cargo registry
uses: actions/cache@v1
with:
path: ~/.cargo/registry
key: ${{ runner.os }}-cargo-registry-${{ hashFiles('**/Cargo.lock') }}
restore-keys: |
${{ runner.os }}-cargo-registry-
- name: Cache cargo index
uses: actions/cache@v1
with:
path: ~/.cargo/git
key: ${{ runner.os }}-cargo-index-${{ hashFiles('**/Cargo.lock') }}
restore-keys: |
${{ runner.os }}-cargo-index-
- name: Cache cargo build
uses: actions/cache@v1
with:
path: target
key: ${{ runner.os }}-cargo-build-target-${{ hashFiles('**/Cargo.lock') }}
# Install all the required dependencies for testing
- uses: actions-rs/toolchain@v1
with:
profile: minimal
toolchain: stable
override: true
# Install Python at a fixed version
- uses: actions/setup-python@v1
with:
python-version: "3.7.7"
# Install dotnet at a fixed version
- uses: actions/setup-dotnet@v1
with:
dotnet-version: "2.2.402"
# Install Mercurial (pre-installed on Linux and windows)
- name: Install Mercurial (macos)
if: matrix.os == 'macOS-latest'
env:
HGPYTHON3: 1
run: pip install mercurial
# Install Terraform at a fixed version
- uses: volcano-coffee-company/setup-terraform@v1
with:
version: "0.12.14"
# Run the ignored tests that expect the above setup
- name: Run all tests
uses: actions-rs/cargo@v1
with:
command: test
args: -- -Z unstable-options --include-ignored
# Publish starship to Crates.io
cargo_publish:
if: startsWith(github.ref, 'refs/tags/v')
name: Publish Cargo Package
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: actions-rs/toolchain@v1
with:
profile: minimal
toolchain: stable
override: true
- run: cargo login $CRATES_IO_TOKEN
- run: cargo publish
env:
CRATES_IO_TOKEN: ${{ secrets.CRATES_IO_TOKEN }}
update_brew_formula:
if: startsWith(github.ref, 'refs/tags/v')
name: Update Brew Formula
runs-on: macos-latest
steps:
- uses: actions/checkout@v2
- run: |
echo "https://matchai:$HOMEBREW_GITHUB_API_TOKEN@github.com" > ~/.git-credentials
git config --global credential.helper store
git config --global user.name "Matan Kushner"
git config --global user.email "hello@matchai.dev"
cd $(brew --repo homebrew/core)
git fetch origin
sudo git reset --hard origin/master
cd -
brew bump-formula-pr --url=https://github.com/starship/starship/archive/$(git describe --tags).tar.gz --message="Automated release pull request using continuous integration." --no-browse -v starship --force
env:
HOMEBREW_GITHUB_API_TOKEN: ${{ secrets.HOMEBREW_GITHUB_API_TOKEN }}
# Build sources for every OS
github_build:
if: startsWith(github.ref, 'refs/tags/v')
name: Build release binaries
strategy:
fail-fast: false
matrix:
target:
- x86_64-unknown-linux-gnu
- x86_64-unknown-linux-musl
- x86_64-apple-darwin
- x86_64-pc-windows-msvc
include:
- target: x86_64-unknown-linux-gnu
os: ubuntu-latest
name: starship-x86_64-unknown-linux-gnu.tar.gz
- target: x86_64-unknown-linux-musl
os: ubuntu-latest
name: starship-x86_64-unknown-linux-musl.tar.gz
- target: x86_64-apple-darwin
os: macOS-latest
name: starship-x86_64-apple-darwin.tar.gz
- target: x86_64-pc-windows-msvc
os: windows-latest
name: starship-x86_64-pc-windows-msvc.zip
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v2
- name: Cache cargo registry
uses: actions/cache@v1
with:
path: ~/.cargo/registry
key: ${{ runner.os }}-cargo-registry-${{ hashFiles('**/Cargo.lock') }}
restore-keys: |
${{ runner.os }}-cargo-registry-
- name: Cache cargo index
uses: actions/cache@v1
with:
path: ~/.cargo/git
key: ${{ runner.os }}-cargo-index-${{ hashFiles('**/Cargo.lock') }}
restore-keys: |
${{ runner.os }}-cargo-index-
- name: Install Rust toolchain
uses: actions-rs/toolchain@v1
with:
profile: minimal
toolchain: stable
override: true
target: ${{ matrix.target }}
- name: Install musl tools
if: matrix.target == 'x86_64-unknown-linux-musl'
run: sudo apt-get install -y musl-tools
- name: Build target
if: matrix.target != 'x86_64-unknown-linux-musl'
uses: actions-rs/cargo@v1
with:
command: build
args: --release --target ${{ matrix.target }}
- name: Build target (musl)
if: matrix.target == 'x86_64-unknown-linux-musl'
uses: actions-rs/cargo@v1
with:
command: build
args: --release --features tls-vendored --target ${{ matrix.target }}
- name: Prepare build artifacts [Windows]
if: matrix.os == 'windows-latest'
run: |
cd target/${{ matrix.target }}/release
strip starship.exe
7z a ../../../${{ matrix.name }} starship.exe
cd -
- name: Prepare build artifacts [-nix]
if: matrix.os != 'windows-latest'
run: |
cd target/${{ matrix.target }}/release
strip starship
tar czvf ../../../${{ matrix.name }} starship
cd -
- name: Upload build artifact
uses: actions/upload-artifact@v1
with:
name: ${{ matrix.name }}
path: ${{ matrix.name }}
# Create GitHub release with Rust build targets and release notes
github_release:
if: startsWith(github.ref, 'refs/tags/v')
name: Create GitHub Release
needs: github_build
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
# These can be squashed when https://github.com/actions/download-artifact/issues/6 is closed
- name: Download releases from github_build
uses: actions/download-artifact@v1
with:
name: starship-x86_64-unknown-linux-gnu.tar.gz
path: .
- name: Download releases from github_build
uses: actions/download-artifact@v1
with:
name: starship-x86_64-unknown-linux-musl.tar.gz
path: .
- name: Download releases from github_build
uses: actions/download-artifact@v1
with:
name: starship-x86_64-apple-darwin.tar.gz
path: .
- name: Download releases from github_build
uses: actions/download-artifact@v1
with:
name: starship-x86_64-pc-windows-msvc.zip
path: .
- name: Generate checksums
run: for file in starship-*; do openssl dgst -sha256 -r "$file" | awk '{print $1}' > "${file}.sha256"; done
- name: Generate release notes
run: |
# Temporary fix for https://github.com/actions/setup-go/issues/14
export PATH=$PATH:$(go env GOPATH)/bin
go get -u github.com/git-chglog/git-chglog/cmd/git-chglog
git-chglog -c .github/chglog/release.yml $(git describe --tags) > RELEASE.md
- name: Create GitHub release ${{ matrix.target }}
uses: softprops/action-gh-release@v1
with:
files: |
starship-x86_64-unknown-linux-gnu.tar.gz
starship-x86_64-unknown-linux-gnu.tar.gz.sha256
starship-x86_64-unknown-linux-musl.tar.gz
starship-x86_64-unknown-linux-musl.tar.gz.sha256
starship-x86_64-apple-darwin.tar.gz
starship-x86_64-apple-darwin.tar.gz.sha256
starship-x86_64-pc-windows-msvc.zip
starship-x86_64-pc-windows-msvc.zip.sha256
body_path: RELEASE.md
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}