name: CI
on:
push:
branches: [main]
pull_request:
branches: [main]
workflow_call:
inputs:
ref:
type: string
required: false
env:
CARGO_TERM_COLOR: always
permissions: {}
jobs:
lint:
name: Lint
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd with:
ref: ${{ inputs.ref || '' }}
persist-credentials: false
- uses: dtolnay/rust-toolchain@29eef336d9b2848a0b548edc03f92a220660cdb8 with:
components: rustfmt, clippy
- uses: Swatinem/rust-cache@c19371144df3bb44fab255c43d04cbc2ab54d1c4 - run: cargo update -p native-tls
- run: cargo fmt --all -- --check
- run: cargo clippy --workspace --all-targets --all-features -- -D warnings
- name: Pin pnpm for Tempo Lints
run: corepack prepare pnpm@10.28.1 --activate
- name: Run Tempo Lints
uses: tempoxyz/lints@03cac25d02c1aaa0c6ca87860183879069abb921 with:
language: rust
path: "."
post-comment: false
github-token: ${{ secrets.GITHUB_TOKEN }}
- name: Install ast-grep
uses: jaxxstorm/action-install-gh-release@25e24d2d23ae098373794ef1d6faecb48ee52da8 with:
repo: ast-grep/ast-grep
tag: "0.37.0"
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Run ast-grep lint
run: sg scan -c sgconfig.yml src/
- name: Run ast-grep tests
run: sg test -c sgconfig.yml
test:
name: Test
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd with:
ref: ${{ inputs.ref || '' }}
persist-credentials: false
- uses: dtolnay/rust-toolchain@29eef336d9b2848a0b548edc03f92a220660cdb8 - uses: Swatinem/rust-cache@c19371144df3bb44fab255c43d04cbc2ab54d1c4 - run: cargo update -p native-tls
- uses: taiki-e/install-action@dffee21ba64c128096855f01c56682d6f8a2bd29 - name: Tests
run: cargo test --features tempo,stripe,ws,server,client,axum,middleware,tower,utils,integration-stripe,integration-ws
env:
STRIPE_SECRET_KEY: ${{ secrets.STRIPE_SECRET_KEY }}
- run: cargo hack check --each-feature --no-dev-deps --skip integration,integration-stripe,integration-ws
- name: Check examples
run: cargo check --workspace --exclude mpp
integration:
name: Integration Test
runs-on: ubuntu-latest
permissions:
contents: read
packages: read
env:
TEMPO_TAG: latest
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd with:
ref: ${{ inputs.ref || '' }}
persist-credentials: false
- uses: dtolnay/rust-toolchain@29eef336d9b2848a0b548edc03f92a220660cdb8 - uses: Swatinem/rust-cache@c19371144df3bb44fab255c43d04cbc2ab54d1c4 - run: cargo update -p native-tls
- name: Resolve Tempo image digest
id: tempo-digest
run: |
digest=$(docker buildx imagetools inspect ghcr.io/tempoxyz/tempo:${TEMPO_TAG} --raw | sha256sum | cut -d' ' -f1)
echo "digest=${digest}" >> "$GITHUB_OUTPUT"
- name: Cache Tempo Docker image
uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 id: docker-cache
with:
path: /tmp/tempo-image.tar
key: tempo-image-${{ steps.tempo-digest.outputs.digest }}
- name: Load cached Tempo image
if: steps.docker-cache.outputs.cache-hit == 'true'
run: docker load -i /tmp/tempo-image.tar
- name: Pull and cache Tempo image
if: steps.docker-cache.outputs.cache-hit != 'true'
run: |
docker pull ghcr.io/tempoxyz/tempo:${TEMPO_TAG}
docker save ghcr.io/tempoxyz/tempo:${TEMPO_TAG} -o /tmp/tempo-image.tar
- name: Start Tempo devnet
run: docker compose up -d --wait
- name: Run integration tests
run: cargo test --features integration --test integration_charge -- --nocapture
- name: Stop Tempo devnet
if: always()
run: docker compose down
deny:
uses: tempoxyz/ci/.github/workflows/deny.yml@main
permissions:
contents: read
ci-gate:
name: CI Gate
if: always()
needs: [lint, test, integration, deny]
runs-on: ubuntu-latest
steps:
- run: |
if [[ "${{ contains(needs.*.result, 'failure') || contains(needs.*.result, 'cancelled') }}" == "true" ]]; then
echo "One or more required jobs failed or were cancelled"
exit 1
fi