diff --git a/.github/.github/dependabot.yml b/.github/.github/dependabot.yml new file mode 100644 index 0000000..6f78dd4 --- /dev/null +++ b/.github/.github/dependabot.yml @@ -0,0 +1,11 @@ +# To get started with Dependabot version updates, you'll need to specify which +# package ecosystems to update and where the package manifests are located. +# Please see the documentation for all configuration options: +# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates + +version: 2 +updates: + - package-ecosystem: "cargo" # See documentation for possible values + directory: "/Cargo.toml" # Location of package manifests + schedule: + interval: "weekly" diff --git a/.github/.github/workflows/Publish.yml b/.github/.github/workflows/Publish.yml new file mode 100644 index 0000000..a98b577 --- /dev/null +++ b/.github/.github/workflows/Publish.yml @@ -0,0 +1,31 @@ +name: Publish to Crates.io on Main Branch Merge + +on: + push: + branches: + - main + +jobs: + build: + runs-on: ubuntu-latest + + steps: + - name: Checkout code + uses: actions/checkout@v2 + + - name: Set up Rust + uses: actions-rs/toolchain@v1 + with: + toolchain: stable + + - name: Build and Test + run: | + cargo build --release --verbose + cargo test --verbose + + - name: Publish to Crates.io + if: github.event_name == 'push' && github.ref == 'refs/heads/main' + run: | + echo "Publishing to Crates.io..." + cargo login ${{ secrets.CRATESIO }} + cargo publish diff --git a/.github/.github/workflows/audit.yml b/.github/.github/workflows/audit.yml new file mode 100644 index 0000000..22103ee --- /dev/null +++ b/.github/.github/workflows/audit.yml @@ -0,0 +1,25 @@ +name: Security Audit + +on: + push: + branches-ignore: + - main + pull_request: + branches: + - main + +jobs: + security_audit: + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v2 + - name: Set up Rust + uses: actions-rs/toolchain@v1 + with: + toolchain: stable + - name: Install cargo-audit + run: cargo install cargo-audit + - name: Run security audit + run: cargo audit + diff --git a/.github/.github/workflows/main.yml b/.github/.github/workflows/main.yml new file mode 100644 index 0000000..04071ff --- /dev/null +++ b/.github/.github/workflows/main.yml @@ -0,0 +1,38 @@ +name: Rust Code Coverage + +on: + pull_request: + branches: + - main + push: + branches-ignore: + - main + +jobs: + coverage: + name: Generate and Upload Code Coverage + runs-on: ubuntu-latest + + steps: + - name: Checkout Repository + uses: actions/checkout@v2 + + - name: Install Rust + uses: actions-rs/toolchain@v1 + with: + toolchain: stable + override: true + + - name: Install tarpaulin + run: cargo install cargo-tarpaulin + + - name: Build and Test with Coverage + run: | + # Run tests with coverage using tarpaulin + cargo tarpaulin --out xml --exclude-files none --ignore-tests + + - name: Upload Code Coverage to Codecov + uses: codecov/codecov-action@v3 + with: + token: ${{ secrets.CODECOV_TOKEN }} + diff --git a/.github/.github/workflows/rust-clippy.yml b/.github/.github/workflows/rust-clippy.yml new file mode 100644 index 0000000..0d201cc --- /dev/null +++ b/.github/.github/workflows/rust-clippy.yml @@ -0,0 +1,55 @@ +# This workflow uses actions that are not certified by GitHub. +# They are provided by a third-party and are governed by +# separate terms of service, privacy policy, and support +# documentation. +# rust-clippy is a tool that runs a bunch of lints to catch common +# mistakes in your Rust code and help improve your Rust code. +# More details at https://github.com/rust-lang/rust-clippy +# and https://rust-lang.github.io/rust-clippy/ + +name: rust-clippy analyze + +on: + push: + branches: [ "main" ] + pull_request: + # The branches below must be a subset of the branches above + branches: [ "main" ] + schedule: + - cron: '41 4 * * 4' + +jobs: + rust-clippy-analyze: + name: Run rust-clippy analyzing + runs-on: ubuntu-latest + permissions: + contents: read + security-events: write + actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status + steps: + - name: Checkout code + uses: actions/checkout@v2 + + - name: Install Rust toolchain + uses: actions-rs/toolchain@16499b5e05bf2e26879000db0c1d13f7e13fa3af #@v1 + with: + profile: minimal + toolchain: stable + components: clippy + override: true + + - name: Install required cargo + run: cargo install clippy-sarif sarif-fmt + + - name: Run rust-clippy + run: + cargo clippy + --all-features + --message-format=json | clippy-sarif | tee rust-clippy-results.sarif | sarif-fmt + continue-on-error: true + + - name: Upload analysis results to GitHub + uses: github/codeql-action/upload-sarif@v1 + with: + sarif_file: rust-clippy-results.sarif + wait-for-processing: true diff --git a/.github/workflows/Publish.yml b/.github/workflows/Publish.yml index 0ca1f98..a98b577 100644 --- a/.github/workflows/Publish.yml +++ b/.github/workflows/Publish.yml @@ -27,5 +27,5 @@ jobs: if: github.event_name == 'push' && github.ref == 'refs/heads/main' run: | echo "Publishing to Crates.io..." - cargo login --token ${{ secrets.CRATESIO }} + cargo login ${{ secrets.CRATESIO }} cargo publish diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml index 77ee92e..22103ee 100644 --- a/.github/workflows/audit.yml +++ b/.github/workflows/audit.yml @@ -2,8 +2,8 @@ name: Security Audit on: push: - branches: - - main + branches-ignore: + - main pull_request: branches: - main @@ -22,3 +22,4 @@ jobs: run: cargo install cargo-audit - name: Run security audit run: cargo audit + diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index de0f815..04071ff 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -5,7 +5,7 @@ on: branches: - main push: - branches: + branches-ignore: - main jobs: @@ -35,3 +35,4 @@ jobs: uses: codecov/codecov-action@v3 with: token: ${{ secrets.CODECOV_TOKEN }} +