Bump EmbarkStudios/cargo-deny-action from 1 to 2 #32
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
on: | |
push: | |
branches: | |
- main | |
pull_request: | |
schedule: | |
- cron: "32 4 * * 5" | |
permissions: | |
contents: read | |
pages: write | |
id-token: write | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.ref }} | |
cancel-in-progress: true | |
jobs: | |
Fmt: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Install rust | |
uses: dtolnay/rust-toolchain@master | |
with: | |
toolchain: nightly | |
components: rustfmt | |
- name: fmt | |
run: cargo fmt -- --check | |
CargoSort: | |
name: Check order in Cargo.toml | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: taiki-e/install-action@v2 | |
with: | |
tool: cargo-sort | |
- run: cargo sort --workspace --grouped --check --check-format | |
Build: | |
needs: | |
- Fmt | |
- CargoSort | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Install rust | |
uses: dtolnay/rust-toolchain@master | |
with: | |
toolchain: stable | |
- uses: Swatinem/rust-cache@v2 | |
- name: Compile project | |
run: cargo build --bench template-benchmark --release | |
Clippy: | |
needs: | |
- Fmt | |
- CargoSort | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Install rust | |
uses: dtolnay/rust-toolchain@master | |
with: | |
toolchain: stable | |
components: clippy | |
- uses: Swatinem/rust-cache@v2 | |
- name: clippy | |
run: cargo clippy -- -D warnings | |
Audit: | |
needs: | |
- Fmt | |
- CargoSort | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: EmbarkStudios/cargo-deny-action@v2 | |
DevSkim: | |
needs: | |
- Fmt | |
- CargoSort | |
runs-on: ubuntu-20.04 | |
permissions: | |
actions: read | |
contents: read | |
security-events: write | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Run DevSkim scanner | |
uses: microsoft/DevSkim-Action@v1 | |
- name: Upload DevSkim scan results to GitHub Security tab | |
uses: github/codeql-action/upload-sarif@v3 | |
with: | |
sarif_file: devskim-results.sarif | |
deploy: | |
if: github.ref == 'refs/heads/main' | |
needs: | |
- Build | |
- Clippy | |
- Audit | |
- DevSkim | |
environment: | |
name: github-pages | |
url: ${{ steps.deployment.outputs.page_url }} | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Install dependencies | |
run: sudo apt install -y gnuplot inkscape scour wkhtmltopdf xvfb | |
- name: Install rust | |
uses: dtolnay/rust-toolchain@master | |
with: | |
toolchain: stable | |
- uses: Swatinem/rust-cache@v2 | |
- name: Remove any stale results | |
run: rm -rf target/criterion | |
- name: Build benchmarks | |
run: cargo build --release --bench template-benchmark | |
- name: Run benchmarks | |
# Pin to one CPU, skipping the first core, to hopefully get fewer outliers. | |
run: taskset --cpu-list "$(( $RANDOM % ($(nproc) - 2) + 2 ))" cargo bench --bench template-benchmark | |
- name: Fixup paths | |
run: sed -e 's,href="../,href=",' < target/criterion/report/index.html > target/criterion/index.html | |
- name: Generate table | |
run: ./generate-table.py | |
- name: Upload artifact | |
uses: actions/upload-pages-artifact@v3 | |
with: | |
path: 'target/criterion' | |
- name: Deploy to GitHub Pages | |
id: deployment | |
uses: actions/deploy-pages@v4 |