Supply the token more directly (#1553) #609
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
on: | |
push: | |
branches: ["main"] | |
paths-ignore: ["*.md", "*.png", "*.svg", "LICENSE-*"] | |
pull_request: | |
branches: ["main"] | |
paths-ignore: ["*.md", "*.png", "*.svg", "LICENSE-*"] | |
env: | |
CARGO_TERM_COLOR: always | |
RUST_BACKTRACE: 1 | |
jobs: | |
check: | |
name: Build & test | |
strategy: | |
fail-fast: false | |
matrix: | |
os: [ubuntu-latest, macos-13, windows-latest] | |
rust-toolchain: [1.70.0, stable, beta] | |
runs-on: ${{ matrix.os }} | |
defaults: | |
run: | |
shell: bash | |
steps: | |
- name: Install Rust | |
uses: dtolnay/rust-toolchain@master | |
with: | |
toolchain: ${{ matrix.rust-toolchain }} | |
components: rustfmt, clippy, llvm-tools-preview | |
- name: Install dependencies (Linux) | |
if: runner.os == 'Linux' | |
env: | |
DEBIAN_FRONTEND: noninteractive | |
run: | | |
sudo apt-get install -y --no-install-recommends gyp mercurial ninja-build | |
curl -L --proto '=https' --tlsv1.2 -sSf https://raw.githubusercontent.com/cargo-bins/cargo-binstall/main/install-from-binstall-release.sh | bash | |
# In addition to installing dependencies, first make sure System Integrity Protection (SIP) | |
# is disabled on this MacOS runner. This is needed to allow the NSS libraries to be loaded | |
# from the build directory and avoid various other test failures. This seems to always be | |
# the case on any macos-13 runner, but not consistently on macos-latest (which is currently | |
# macos-12, FWIW). | |
- name: Install dependencies (MacOS) | |
if: runner.os == 'MacOS' | |
run: | | |
csrutil status | grep disabled | |
brew install ninja mercurial cargo-binstall | |
# python3 -m pip install gyp-next | |
# Above does not work, since pypi only has gyp 0.15.0, which is too old | |
# for the homebrew python3. Install from source instead. | |
python3 -m pip install git+https://github.com/nodejs/gyp-next | |
python3 -m pip install packaging | |
echo "$(python3 -m site --user-base)/bin" >> "$GITHUB_PATH" | |
- name: Install dependencies (Windows) | |
if: runner.os == 'Windows' | |
shell: pwsh | |
run: Set-ExecutionPolicy Unrestricted -Scope Process; iex (iwr "https://raw.githubusercontent.com/cargo-bins/cargo-binstall/main/install-from-binstall-release.ps1").Content | |
- name: Use MSYS2 environment and install more dependencies (Windows) | |
if: runner.os == 'Windows' | |
run: | | |
echo "C:\\msys64\\usr\\bin" >> "$GITHUB_PATH" | |
echo "C:\\msys64\\mingw64\\bin" >> "$GITHUB_PATH" | |
/c/msys64/usr/bin/pacman -S --noconfirm nsinstall | |
python3 -m pip install git+https://github.com/nodejs/gyp-next | |
echo "$(python3 -m site --user-base)/bin" >> "$GITHUB_PATH" | |
- name: Set up MSVC build environment (Windows) | |
if: runner.os == 'Windows' | |
uses: ilammy/msvc-dev-cmd@v1 | |
- name: Install Rust tools | |
run: cargo +${{ matrix.rust-toolchain }} binstall --no-confirm cargo-llvm-cov cargo-nextest | |
- name: Checkout | |
uses: actions/checkout@v4 | |
# This step might be removed if the distro included a recent enough | |
# version of NSS. Ubuntu 20.04 only has 3.49, which is far too old. | |
# (neqo-crypto/build.rs would also need to query pkg-config to get the | |
# right build flags rather than building NSS.) | |
- name: Fetch NSS and NSPR | |
run: | | |
hg clone https://hg.mozilla.org/projects/nspr "$NSPR_DIR" | |
git clone --depth=1 https://github.com/nss-dev/nss "$NSS_DIR" | |
echo "NSS_DIR=$NSS_DIR" >> "$GITHUB_ENV" | |
echo "NSPR_DIR=$NSPR_DIR" >> "$GITHUB_ENV" | |
env: | |
NSS_DIR: ${{ github.workspace }}/nss | |
NSPR_DIR: ${{ github.workspace }}/nspr | |
- name: Set up NSS/NSPR build environment (Windows) | |
if: runner.os == 'Windows' | |
run: | | |
echo "GYP_MSVS_OVERRIDE_PATH=$VSINSTALLDIR" >> "$GITHUB_ENV" | |
echo "GYP_MSVS_VERSION=2022" >> "$GITHUB_ENV" | |
echo "BASH=$SHELL" >> "$GITHUB_ENV" | |
# See https://github.com/ilammy/msvc-dev-cmd#name-conflicts-with-shell-bash | |
rm /usr/bin/link.exe | |
- name: Build | |
run: | | |
cargo +${{ matrix.rust-toolchain }} build -v --all-targets | |
echo "LD_LIBRARY_PATH=${{ github.workspace }}/dist/Debug/lib" >> "$GITHUB_ENV" | |
echo "DYLD_FALLBACK_LIBRARY_PATH=${{ github.workspace }}/dist/Debug/lib" >> "$GITHUB_ENV" | |
echo "${{ github.workspace }}/dist/Debug/lib" >> "$GITHUB_PATH" | |
- name: Run tests and determine coverage | |
run: cargo +${{ matrix.rust-toolchain }} llvm-cov nextest --features ci --all-targets --no-fail-fast --lcov --output-path lcov.info | |
- name: Check formatting | |
run: cargo +${{ matrix.rust-toolchain }} fmt --all -- --check | |
if: success() || failure() | |
- name: Clippy | |
run: cargo +${{ matrix.rust-toolchain }} clippy -v --tests -- -D warnings | |
if: success() || failure() | |
continue-on-error: ${{ matrix.rust-toolchain == 'beta' }} | |
- name: Upload coverage reports to Codecov | |
uses: codecov/codecov-action@v3 | |
with: | |
file: lcov.info | |
fail_ci_if_error: false | |
token: ${{ secrets.CODECOV_TOKEN }} |