name: Tier 3 - Quality Verification
on:
push:
branches: [ main, release/* ]
pull_request:
branches: [ main ]
env:
CARGO_TERM_COLOR: always
RUST_BACKTRACE: 1
RUST_LOG: info
jobs:
quality-gate:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Install toolchain
uses: dtolnay/rust-toolchain@stable
with:
components: llvm-tools-preview, rustfmt, clippy
target: x86_64-unknown-linux-gnu
- name: Install cargo tools
run: |
cargo install cargo-llvm-cov cargo-semver-checks cargo-udeps cargo-outdated cargo-deny
- name: Check formatting
run: cargo fmt --check --all
- name: Lint (clippy)
run: cargo clippy --all-targets --all-features -- -D warnings
- name: Tier 1 - Clippy lints
run: |
cargo clippy --all-targets --all-features \
-D clippy::dbg_macro -D clippy::todo \
-D clippy::wildcard_imports -D clippy::panic_in_result_fn \
-D clippy::missing_const_for_fn -D clippy::large_enum_variant
- name: Tier 2 - Supply chain
run: cargo deny check licenses advisories bans
- name: Build
run: cargo build --all-features --verbose
- name: Test
run: cargo test --all-features
- name: Coverage
run: |
cargo llvm-cov --all-features --workspace --lcov --output-path lcov.info
cargo llvm-cov --all-features --workspace --summary-only
- name: Outdated deps
run: cargo outdated --exit-code 1
- name: Upload coverage
if: github.event_name == 'push' && github.ref == 'refs/heads/main'
uses: codecov/codecov-action@v4
with:
files: lcov.info
fail_ci_if_error: true
- name: Deny report
if: always()
run: cargo deny check licenses advisories bans --output json > deny-report.json || true