Container Generator #3736
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Continuous integration | |
on: | |
pull_request: | |
push: | |
branches: | |
- main | |
jobs: | |
rust_actions: | |
name: Rust Actions (Check/Fmt/Clippy) | |
runs-on: ${{ matrix.os }} | |
strategy: | |
fail-fast: false | |
matrix: | |
os: [ubuntu-latest, macos-latest] | |
include: | |
- tool: check | |
protobuf: true | |
fuse: true | |
components: "" | |
command: cargo check --all-features | |
- tool: fmt | |
protobuf: true | |
fuse: true | |
components: "rustfmt" | |
command: cargo fmt --all -- --check --all-features | |
- tool: clippy | |
protobuf: true | |
fuse: true | |
components: "clippy" | |
command: cargo clippy --all-features | |
steps: | |
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
- uses: actions-rust-lang/setup-rust-toolchain@11df97af8e8102fd60b60a77dfbf58d40cd843b8 # v1.10 | |
with: | |
components: ${{matrix.components}} | |
- name: Install Protobuf | |
if: matrix.protobuf | |
uses: ./.github/actions/install-protobuf | |
- name: Install FUSE | |
if: matrix.fuse | |
uses: ./.github/actions/install-fuse | |
- name: Run ${{ matrix.tool }} | |
run: ${{ matrix.command }} | |
cargo-deny: # only runs on Linux | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
- uses: EmbarkStudios/cargo-deny-action@e2f4ede4a4e60ea15ff31bc0647485d80c66cfba # v2.0.4 | |
test: | |
name: Test Suite | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
- uses: actions-rust-lang/setup-rust-toolchain@11df97af8e8102fd60b60a77dfbf58d40cd843b8 # v1.10 | |
- name: Install Protobuf | |
uses: ./.github/actions/install-protobuf | |
- name: Install FUSE | |
uses: ./.github/actions/install-fuse | |
- name: Install nextest | |
uses: taiki-e/install-action@49be99c627fae102cb8c86414e9605869641782a # nextest | |
- run: cargo nextest run --all-features | |
integration-test: | |
name: Integration Tests | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
- uses: actions-rust-lang/setup-rust-toolchain@11df97af8e8102fd60b60a77dfbf58d40cd843b8 # v1.10 | |
- name: Install Protobuf | |
uses: ./.github/actions/install-protobuf | |
- name: Install FUSE | |
uses: ./.github/actions/install-fuse | |
- run: cargo test -p sheepdog | |
timeout-minutes: 30 | |
kani: | |
name: Kani Proofs | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
crate: [lading_throttle, lading_payload] | |
steps: | |
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
- uses: actions-rust-lang/setup-rust-toolchain@11df97af8e8102fd60b60a77dfbf58d40cd843b8 # v1.10 | |
- name: Install Protobuf | |
uses: ./.github/actions/install-protobuf | |
- name: Install FUSE | |
uses: ./.github/actions/install-fuse | |
- name: Install kani | |
run: cargo install kani-verifier | |
- run: cargo kani --solver cadical | |
working-directory: ${{ matrix.crate }} | |
timeout-minutes: 30 | |
loom: | |
name: Loom Proofs | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
crate: [lading_signal] | |
steps: | |
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
- uses: actions-rust-lang/setup-rust-toolchain@11df97af8e8102fd60b60a77dfbf58d40cd843b8 # v1.10 | |
- name: Install Protobuf | |
uses: ./.github/actions/install-protobuf | |
- name: Install FUSE | |
uses: ./.github/actions/install-fuse | |
- name: Install nextest | |
uses: taiki-e/install-action@49be99c627fae102cb8c86414e9605869641782a # nextest | |
- run: RUSTFLAGS="--cfg loom" cargo nextest run --release | |
working-directory: ${{ matrix.crate }} | |
timeout-minutes: 30 | |
buf: | |
runs-on: ubuntu-latest | |
steps: | |
# Check our protobufs for lint cleanliness and for lack of breaking | |
# changes | |
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
- name: buf-setup | |
uses: bufbuild/buf-setup-action@9672cee01808979ea1249f81d6d321217b9a10f6 # v1.47.2 | |
- name: buf-lint | |
uses: bufbuild/buf-lint-action@06f9dd823d873146471cfaaf108a993fe00e5325 # v1.1.1 | |
- name: buf-breaking | |
uses: bufbuild/buf-breaking-action@c57b3d842a5c3f3b454756ef65305a50a587c5ba # v1.1.4 | |
with: | |
against: 'https://github.com/datadog/lading.git#branch=main' | |
actionlint: | |
runs-on: ubuntu-latest | |
steps: | |
- name: set actionlint version & checksum | |
id: version | |
run: | | |
export ACTIONLINT="1.7.3" | |
export ACTIONLINT_CHECKSUM="37252b4d440b56374b0fc1726e05fd7452d30d6d774f6e9b52e65bb64475f9db" | |
echo "actionlint version: ${ACTIONLINT}" | |
echo "actionlint checksum: ${ACTIONLINT_CHECKSUM}" | |
echo "ACTIONLINT=${ACTIONLINT}" >> $GITHUB_OUTPUT | |
echo "ACTIONLINT_CHECKSUM=${ACTIONLINT_CHECKSUM}" >> $GITHUB_OUTPUT | |
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
- name: Download actionlint | |
shell: bash | |
run: | | |
wget https://github.com/rhysd/actionlint/releases/download/v${{ steps.version.outputs.ACTIONLINT }}/actionlint_${{ steps.version.outputs.ACTIONLINT }}_linux_amd64.tar.gz | |
echo "${{ steps.version.outputs.ACTIONLINT_CHECKSUM }} actionlint_${{ steps.version.outputs.ACTIONLINT }}_linux_amd64.tar.gz" >> CHECKSUMS | |
sha256sum -c CHECKSUMS | |
tar -xvf actionlint_${{ steps.version.outputs.ACTIONLINT }}_linux_amd64.tar.gz | |
- name: Check workflow files | |
shell: bash | |
run: | | |
./actionlint -color \ | |
-ignore 'Double quote to prevent globbing and word splitting' \ | |
-ignore 'Consider using { cmd1; cmd2; } >> file instead of individual redirects' \ | |
-ignore 'Declare and assign separately to avoid masking return values' | |
action-sha-pin-check: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Check out branch | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
- name: Check all GitHub Actions in ".github/workflows" are pinned to SHAs | |
uses: stacklok/frizbee-action@a0f3391cbe93a54e2a68cfaca2283f8cf3fd72ea # v0.0.2 | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
with: | |
actions: ".github/workflows" | |
dockerfiles: "" | |
fail_on_unpinned: true | |
open_pr: false | |
- name: Check all GitHub Actions in ".github/actions" are pinned to SHAs | |
uses: stacklok/frizbee-action@a0f3391cbe93a54e2a68cfaca2283f8cf3fd72ea # v0.0.2 | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
with: | |
actions: ".github/actions" | |
dockerfiles: "" | |
fail_on_unpinned: true | |
open_pr: false |