name: Rust CI
on:
push:
branches:
- main
tags:
- 'v*.*.*'
pull_request:
branches:
- main
env:
CARGO_TERM_COLOR: always
RUSTFLAGS: "-Dwarnings" RUSTDOCFLAGS: "-Dwarnings"
jobs:
check:
name: Check
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Install Rust toolchain
uses: dtolnay/rust-toolchain@stable
with:
components: rustfmt, clippy
- name: Rust Cache
uses: Swatinem/rust-cache@v2
- name: Install Terraform
uses: hashicorp/setup-terraform@v3
with:
terraform_version: "1.5.7"
terraform_wrapper: false
- name: Check formatting
run: cargo fmt --all -- --check
- name: Clippy
run: cargo clippy --all-targets --all-features -- -D warnings
- name: Run tests
run: cargo test --locked --all-features --verbose
- name: Build
run: cargo build --locked --all-features --verbose
test-platform:
name: Test on ${{ matrix.os }}
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
os: [ubuntu-latest, windows-latest, macos-latest]
steps:
- uses: actions/checkout@v4
- name: Install Rust toolchain
uses: dtolnay/rust-toolchain@stable
with:
components: rustfmt, clippy
- name: Rust Cache
uses: Swatinem/rust-cache@v2
- name: Install Terraform
uses: hashicorp/setup-terraform@v3
with:
terraform_version: "1.5.7"
terraform_wrapper: false
- name: Test
run: cargo test
security:
name: Security audit
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Install Rust toolchain
uses: dtolnay/rust-toolchain@stable
- name: Run security audit
run: |
# TODO: Re-enable when cargo-audit supports stable Rust again
# Current issue: cvss v2.1.0 requires edition2024 (Rust 1.85+)
echo "Security audit temporarily disabled due to cargo-audit requiring Rust 1.85+"
echo "Manual security review required until toolchain compatibility is resolved"
continue-on-error: true
coverage:
name: Code coverage
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Install Rust toolchain
uses: dtolnay/rust-toolchain@stable
with:
components: llvm-tools-preview
- name: Install cargo-llvm-cov
run: |
curl -LsSf https://github.com/taiki-e/cargo-llvm-cov/releases/latest/download/cargo-llvm-cov-x86_64-unknown-linux-gnu.tar.gz | tar xzf - -C ~/.cargo/bin
- name: Generate code coverage
run: cargo llvm-cov --lcov --output-path lcov.info
- name: Upload coverage to Codecov
uses: codecov/codecov-action@v4
with:
files: ./lcov.info
fail_ci_if_error: false
token: ${{ secrets.CODECOV_TOKEN }}
release:
name: Release
runs-on: ubuntu-latest
needs: [check, test-platform, security]
if: false && startsWith(github.ref, 'refs/tags/v')
steps:
- uses: actions/checkout@v4
- name: Install Rust toolchain
uses: dtolnay/rust-toolchain@stable
- name: Rust Cache
uses: Swatinem/rust-cache@v2
- name: Build release
run: cargo build --release --locked
- name: Create release
uses: softprops/action-gh-release@v1
with:
files: |
target/release/tfmcp
LICENSE
README.md
draft: false
prerelease: false