pinentry 0.8.0

name: CI checks

on: [push, pull_request]

jobs:
  test-msrv:
    name: Test MSRV on ${{ matrix.os }}
    runs-on: ${{ matrix.os }}
    strategy:
      matrix:
        os: [ubuntu-latest, windows-latest, macos-14]
    steps:
      - uses: actions/checkout@v6
        with:
          persist-credentials: false
      - name: Run tests
        run: cargo test --verbose
      - name: Verify working directory is clean
        run: git diff --exit-code

  test-latest:
    name: Test latest on ${{ matrix.os }}
    runs-on: ${{ matrix.os }}
    strategy:
      matrix:
        os: [ubuntu-latest, windows-latest, macos-latest]
    steps:
      - uses: actions/checkout@v6
        with:
          persist-credentials: false
      - uses: dtolnay/rust-toolchain@stable
        id: toolchain
      - run: rustup override set "${TOOLCHAIN}"
        shell: sh
        env:
          TOOLCHAIN: ${{steps.toolchain.outputs.name}}
      - name: Remove lockfile to build with latest dependencies
        run: rm Cargo.lock
      - name: Run tests
        run: cargo test --verbose
      - name: Verify working directory is clean (excluding lockfile)
        run: git diff --exit-code ':!Cargo.lock'

  clippy:
    name: Clippy (MSRV)
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v6
        with:
          persist-credentials: false
      - name: Clippy check
        uses: auguwu/clippy-action@94a9ff2f6920180b89e5c03d121d0af04a9d3e03 # 1.4.0
        with:
          token: ${{ secrets.GITHUB_TOKEN }}
          check-args: >
            --all-features
            --all-targets
          args: >
            -D warnings

  codecov:
    name: Code coverage
    runs-on: ubuntu-latest
    container:
      image: xd009642/tarpaulin:develop-nightly
      options: --security-opt seccomp=unconfined

    steps:
      - uses: actions/checkout@v6
        with:
          persist-credentials: false
      - uses: dtolnay/rust-toolchain@stable
        id: toolchain
      - run: rustup override set "${TOOLCHAIN}"
        shell: sh
        env:
          TOOLCHAIN: ${{steps.toolchain.outputs.name}}
      - name: Generate coverage report
        run: >
          cargo tarpaulin
          --engine llvm
          --release
          --timeout 180
          --out xml
      - name: Upload coverage to Codecov
        uses: codecov/codecov-action@v4.5.0
        with:
          token: ${{ secrets.CODECOV_TOKEN }}

  doc-links:
    name: Intra-doc links
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v6
        with:
          persist-credentials: false
      - uses: dtolnay/rust-toolchain@nightly
        id: toolchain
      - run: rustup override set "${TOOLCHAIN}"
        env:
          TOOLCHAIN: ${{steps.toolchain.outputs.name}}
      - run: cargo fetch
      # Requires #![deny(intra_doc_link_resolution_failure)] in crates.
      - name: Check intra-doc links
        run: cargo doc --document-private-items

  fmt:
    name: Rustfmt
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v6
        with:
          persist-credentials: false
      - name: Check formatting
        run: cargo fmt -- --check