name: CI
on:
push:
branches: [ main ]
pull_request:
branches: [ main ]
env:
CARGO_TERM_COLOR: always
RUST_BACKTRACE: 1
jobs:
pr-title:
name: PR Title Validation
if: github.event_name == 'pull_request'
runs-on: ubuntu-latest
steps:
- name: Validate PR title
env:
PR_TITLE: ${{ github.event.pull_request.title }}
run: |
echo "PR title: '$PR_TITLE'"
if [[ ! "$PR_TITLE" =~ ^(PATCH|MINOR|MAJOR) ]]; then
echo "❌ PR title must start with PATCH, MINOR, or MAJOR"
exit 1
fi
echo "✅ PR title format is correct"
test:
name: Test
runs-on: ${{ matrix.os }}
strategy:
matrix:
os: [ubuntu-latest]
rust: [stable, beta]
steps:
- uses: actions/checkout@v4
- name: Install Python
uses: actions/setup-python@v5
with:
python-version: '3.x'
- name: Setup Python aliases on Windows
if: runner.os == 'Windows'
shell: pwsh
run: |
# Ensure both python and python3 work on Windows
$pythonPath = (Get-Command python).Source
$pythonDir = Split-Path $pythonPath
$python3Path = Join-Path $pythonDir "python3.exe"
# Create python3.exe as a copy of python.exe if it doesn't exist
if (-not (Test-Path $python3Path)) {
Copy-Item $pythonPath $python3Path
Write-Host "Created python3.exe alias"
}
# Verify both work
python --version
python3 --version
- name: Install PowerShell Core on Linux
if: runner.os == 'Linux'
shell: bash
run: |
# Install PowerShell Core on Ubuntu
# Update package list
sudo apt-get update
# Install prerequisites
sudo apt-get install -y wget apt-transport-https software-properties-common
# Download Microsoft repository GPG keys
wget -q "https://packages.microsoft.com/config/ubuntu/$(lsb_release -rs)/packages-microsoft-prod.deb"
# Register the Microsoft repository GPG keys
sudo dpkg -i packages-microsoft-prod.deb
# Delete the Microsoft repository GPG keys file
rm packages-microsoft-prod.deb
# Update package list
sudo apt-get update
# Install PowerShell
sudo apt-get install -y powershell
# Verify installation
pwsh --version
- name: Install PowerShell Core on macOS
if: runner.os == 'macOS'
shell: bash
run: |
# Install PowerShell Core on macOS using Homebrew
brew install --cask powershell
# Verify installation
pwsh --version
- name: Install Rust
uses: dtolnay/rust-toolchain@master
with:
toolchain: ${{ matrix.rust }}
- name: Cache cargo registry
uses: actions/cache@v4
with:
path: ~/.cargo/registry
key: ${{ runner.os }}-cargo-registry-${{ hashFiles('**/Cargo.lock') }}
- name: Cache cargo index
uses: actions/cache@v4
with:
path: ~/.cargo/git
key: ${{ runner.os }}-cargo-index-${{ hashFiles('**/Cargo.lock') }}
- name: Cache cargo build
uses: actions/cache@v4
with:
path: target
key: ${{ runner.os }}-cargo-build-target-${{ hashFiles('**/Cargo.lock') }}
- name: Run tests
run: cargo test --workspace --all-features --verbose
fmt:
name: Formatting
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Install Rust
uses: dtolnay/rust-toolchain@stable
with:
components: rustfmt
- name: Check formatting
run: cargo fmt --all -- --check
clippy:
name: Clippy
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Install Rust
uses: dtolnay/rust-toolchain@stable
with:
components: clippy
- name: Run clippy
run: cargo clippy --workspace --all-features -- -D warnings
coverage:
name: Code Coverage
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Install Rust
uses: dtolnay/rust-toolchain@stable
- name: Install tarpaulin
run: cargo install cargo-tarpaulin
- name: Generate coverage
run: cargo tarpaulin --timeout 240 --workspace --lib --out Xml --output-dir ./coverage
- name: Upload coverage to Codecov
uses: codecov/codecov-action@v4
with:
files: ./coverage/cobertura.xml
fail_ci_if_error: false
security-audit:
name: Security Audit
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Install Rust
uses: dtolnay/rust-toolchain@stable
- name: Install cargo-audit
run: cargo install cargo-audit
- name: Run security audit
run: |
cargo audit
echo "✅ Security audit passed"