name: ๐ Gatewarden CI
on:
push:
branches: [master, main, develop]
pull_request:
branches: [master, main]
env:
CARGO_TERM_COLOR: always
RUST_BACKTRACE: 1
jobs:
test:
name: Test (${{ matrix.os }})
runs-on: ${{ matrix.os }}
strategy:
matrix:
os: [ubuntu-latest, windows-latest, macos-latest]
rust: [stable]
include:
- os: ubuntu-latest
rust: beta
steps:
- name: ๐ฆ Checkout code
uses: actions/checkout@v4
- name: ๐ฆ Setup Rust toolchain
uses: dtolnay/rust-toolchain@master
with:
toolchain: ${{ matrix.rust }}
components: rustfmt, clippy
- name: ๐พ Cache cargo registry
uses: actions/cache@v4
with:
path: |
~/.cargo/registry
~/.cargo/git
target
key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
- name: ๐จ Check formatting
run: cargo fmt --all -- --check
- name: ๐ Run clippy (deny warnings)
run: cargo clippy --all-features -- -D warnings
- name: ๐งช Run tests
run: cargo test --all-features --verbose
security-audit:
name: Security Audit
runs-on: ubuntu-latest
steps:
- name: ๐ฆ Checkout code
uses: actions/checkout@v4
- name: ๐ฆ Setup Rust toolchain
uses: dtolnay/rust-toolchain@stable
- name: ๐ Run security audit
uses: actions-rs/audit-check@v1
with:
token: ${{ secrets.GITHUB_TOKEN }}
publish-check:
name: Publish Readiness Check
runs-on: ubuntu-latest
needs: [test, security-audit]
if: github.ref == 'refs/heads/master'
steps:
- name: ๐ฆ Checkout code
uses: actions/checkout@v4
- name: ๐ฆ Setup Rust toolchain
uses: dtolnay/rust-toolchain@stable
- name: ๐ฏ Test publish (dry run)
run: cargo publish --dry-run
- name: ๐ Summary
if: success()
run: |
echo "## ๐ Gatewarden Release Ready" >> $GITHUB_STEP_SUMMARY
echo "โ
All tests passing (ubuntu/windows/macos)" >> $GITHUB_STEP_SUMMARY
echo "โ
Security audit clean" >> $GITHUB_STEP_SUMMARY
echo "โ
Crate publish ready" >> $GITHUB_STEP_SUMMARY