name: Rust
on:
push:
branches: [ "main" ]
pull_request:
branches: [ "main" ]
schedule:
- cron: '0 9 * * 1'
env:
CARGO_TERM_COLOR: always
jobs:
build:
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v4
- name: Set up cargo cache
uses: actions/cache@v4
with:
path: |
~/.cargo/bin/
~/.cargo/registry/index/
~/.cargo/registry/cache/
~/.cargo/git/db/
target/
key: ${{ runner.os }}-cargo-release-${{ hashFiles('**/Cargo.lock') }}
restore-keys: ${{ runner.os }}-cargo-release-
- name: Install dependencies (apt)
run: sudo apt-get install libpcsclite-dev
- name: Build
run: cargo build --release --verbose
- name: Upload binary
uses: actions/upload-artifact@v4
with:
name: bin
path: target/release/sh4d0wup
build-macos:
runs-on: macos-latest
steps:
- uses: actions/checkout@v4
- name: Set up cargo cache
uses: actions/cache@v4
with:
path: |
~/.cargo/bin/
~/.cargo/registry/index/
~/.cargo/registry/cache/
~/.cargo/git/db/
target/
key: ${{ runner.os }}-cargo-release-${{ hashFiles('**/Cargo.lock') }}
restore-keys: ${{ runner.os }}-cargo-release-
- name: Build
run: cargo build --release --verbose --no-default-features -F vendored
build-windows:
runs-on: windows-latest
steps:
- uses: actions/checkout@v4
- name: Set up cargo cache
uses: actions/cache@v4
with:
path: |
~/.cargo/bin/
~/.cargo/registry/index/
~/.cargo/registry/cache/
~/.cargo/git/db/
target/
key: ${{ runner.os }}-cargo-release-${{ hashFiles('**/Cargo.lock') }}
restore-keys: ${{ runner.os }}-cargo-release-
- name: Build
run: cargo build --release --verbose --no-default-features -F vendored
env:
AWS_LC_SYS_PREBUILT_NASM: 1
build-static:
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@v4
- name: Set up cargo cache
uses: actions/cache@v4
with:
path: |
~/.cargo/bin/
~/.cargo/registry/index/
~/.cargo/registry/cache/
~/.cargo/git/db/
target/
key: ${{ runner.os }}-cargo-musl-${{ hashFiles('**/Cargo.lock') }}
restore-keys: ${{ runner.os }}-cargo-musl-
- name: Install dependencies (apt)
run: sudo apt-get install repro-env
- name: Build
run: make build
- name: Print sha256 of binary
run: sha256sum target/x86_64-unknown-linux-musl/release/sh4d0wup
- name: Upload binary
uses: actions/upload-artifact@v4
with:
name: sh4d0wup-static-x86_64
path: target/x86_64-unknown-linux-musl/release/sh4d0wup
integration-test:
needs: build
strategy:
fail-fast: false
matrix:
plot:
- path: contrib/plot-alpine.yaml
- path: contrib/plot-archlinux-lsign.yaml
- path: contrib/plot-archlinux.yaml
- path: contrib/plot-curl-sh.yaml
- path: contrib/plot-debian.yaml
- path: contrib/plot-elf-galore.yaml
setup: |
rustup target add x86_64-unknown-linux-musl
- path: contrib/plot-git.yaml
- path: contrib/plot-git-tags.yaml
- path: contrib/plot-helm.yaml
- path: contrib/plot-httpbin.yaml
- path: contrib/plot-linuxbrew.yaml
args: '-B 0.0.0.0:443'
sudo: 'sudo'
- path: contrib/plot-podman-cgr.yaml
- path: contrib/plot-podman-ecr.yaml
- path: contrib/plot-podman-gcr.yaml
- path: contrib/plot-podman-ghcr.yaml
- path: contrib/plot-rustup.yaml
- path: contrib/plot-signal-desktop.yaml
- path: contrib/plot-terraform.yaml
- path: contrib/plot-curl-ipfs.yaml
name: ${{ matrix.plot.path }}
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v4
- uses: actions/download-artifact@v4
with:
name: bin
- name: Install dependencies (apt)
run: sudo apt-get install libpcsclite-dev
- name: Setup environment
run: ${{ matrix.plot.setup }}
if: ${{ matrix.plot.setup }}
- name: 🦝 Run a plot
run: chmod +x ./sh4d0wup && ${{ matrix.plot.sudo }} ./sh4d0wup check ${{ matrix.plot.path }} ${{ matrix.plot.args }}
make-plots:
needs: build
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v4
- uses: actions/download-artifact@v4
with:
name: bin
- name: Install dependencies (apt)
run: sudo apt-get install libpcsclite-dev
- name: Setup rust for musl target
run: rustup target add x86_64-unknown-linux-musl
- name: Compile all plots
run: chmod +x ./sh4d0wup && make sh4d0wup=./sh4d0wup -j8
unit-test:
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v4
- name: Set up cargo cache
uses: actions/cache@v4
with:
path: |
~/.cargo/bin/
~/.cargo/registry/index/
~/.cargo/registry/cache/
~/.cargo/git/db/
target/
key: ${{ runner.os }}-cargo-debug-${{ hashFiles('**/Cargo.lock') }}
restore-keys: ${{ runner.os }}-cargo-debug-
- name: Install dependencies (apt)
run: sudo apt-get install libpcsclite-dev sq
- name: Run clippy
run: cargo clippy -- -D warnings
- name: Run tests
run: cargo test --verbose
deny:
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@v4
- name: Run cargo deny
run: |
docker run --rm -v "$PWD:/src" -w /src alpine:edge sh -c '
set -e
apk add cargo cargo-deny
exec cargo deny check
'
fmt:
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v4
- name: Run cargo fmt
run: cargo fmt --all -- --check