name: CI
on:
push:
branches: [ "*" ]
schedule:
- cron: '30 4 * * 6'
env:
CARGO_TERM_COLOR: always
permissions:
contents: read
jobs:
build:
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
os: [ubuntu-24.04, ubuntu-22.04, macos-26, macos-15, macos-14]
steps:
- name: Harden Runner
uses: step-security/harden-runner@8d3c67de8e2fe68ef647c8db1e6a09f647780f40 with:
egress-policy: audit
- name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd - name: Update Rust Toolchain
run: rustup update
- name: Install dependencies (macOS)
run: brew install shunit2 shellcheck shfmt
if: runner.os == 'macOS'
- name: Install dependencies (Linux)
run: |
sudo apt-get update
sudo apt-get -y install libacl1-dev acl shunit2 shellcheck
if: runner.os == 'Linux'
- name: Fetch
run: cargo fetch
- name: Build (no-serde)
run: cargo build
- name: Build (serde)
run: cargo build --features serde
- name: Unit Test (no-serde)
run: cargo test
- name: Unit Test (serde)
run: RUST_LOG=debug cargo test --features serde
- name: Run integration tests
run: ./tests/run_tests.sh
- name: Run memory tests (Linux)
run: |
sudo NEEDRESTART_MODE=l apt-get install -y valgrind
./tests/run_tests.sh memcheck
if: runner.os == 'Linux'
- name: Run TMPFS tests (Linux)
run: |
mkdir /run/user/$UID/exacl
export TMPDIR=/run/user/$UID/exacl
RUST_LOG=debug cargo test --features serde
./tests/run_tests.sh
if: runner.os == 'Linux'
- name: Code coverage
env:
CODECOV_TOKEN: ${{ secrets.EXACL_CODECOV_TOKEN }}
run: ./ci/coverage.sh codecov
- name: Lint Check
run: ./ci/lint.sh
- name: Format Check
run: ./ci/format.sh
- name: Docs Check
run: ./ci/docs.sh
- name: Bindgen Check
run: ./ci/bindgen.sh
build-ubuntu-26-04:
runs-on: ubuntu-latest
container:
image: ubuntu:26.04
steps:
- name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd - name: Install dependencies (Linux)
run: |
apt-get update
apt-get -y install curl build-essential libacl1-dev libclang-dev acl shunit2 shellcheck
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y
echo "$HOME/.cargo/bin" >> $GITHUB_PATH
- name: Fetch
run: cargo fetch
- name: Build (no-serde)
run: cargo build
- name: Build (serde)
run: cargo build --features serde
- name: Unit Test (no-serde)
run: RUST_LOG=debug cargo test
- name: Unit Test (serde)
run: RUST_LOG=debug cargo test --features serde
- name: Run integration tests
run: setpriv --reuid=1001 --regid=1001 --clear-groups ./tests/run_tests.sh
- name: Lint Check
run: ./ci/lint.sh
- name: Format Check
run: ./ci/format.sh
- name: Docs Check
run: ./ci/docs.sh
- name: Bindgen Check
run: ./ci/bindgen.sh
build-freebsd:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
release: ["15.0", "14.4"]
steps:
- name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd - name: Run Tests
uses: vmactions/freebsd-vm@d1e65811565151536c0c894fff74f06351ed26e6 with:
release: "${{matrix.release}}"
usesh: true
copyback: false
prepare: |
# Record info about the test environment.
mount
df -h
sysctl hw.model hw.ncpu hw.physmem
freebsd-version
# Create a 5 MB memory based FS with acls enabled and
# mount it to a sub-directory of /tmp (where it won't
# interfere with other uses of /tmp.)
mkdir /tmp/exacl_acls /tmp/exacl_nfsv4acls
mdmfs -o acls -s 5m md /tmp/exacl_acls
mdmfs -o nfsv4acls -s 5m md /tmp/exacl_nfsv4acls
mount
env
# Install Rust.
pkg install -y bash curl llvm15
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y
# Install shunit2.
mkdir -p /tmp/bin
curl https://raw.githubusercontent.com/kward/shunit2/master/shunit2 -sSf --output /tmp/bin/shunit2
chmod ugo+x /tmp/bin/shunit2
run: |
. $HOME/.cargo/env
# Set up path for shunit2.
export PATH="$PATH:/tmp/bin"
cargo fetch
cargo build # Build no-serde
cargo build --features serde # Build with serde
cargo test --no-run --features serde # Compile only
# Run tests on our mem-based FS with acls.
export TMPDIR=/tmp/exacl_acls
cargo test --features serde
export TMPDIR=/tmp/exacl_nfsv4acls
cargo test --features serde
./tests/run_tests.sh
export TMPDIR=/tmp
./ci/bindgen.sh
./ci/lint.sh