name: Continuous Integration
on:
workflow_dispatch:
push:
branches:
- main
pull_request:
merge_group:
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
env:
CARGO_TERM_COLOR: always
jobs:
lint:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Install Rust stable
uses: dtolnay/rust-toolchain@stable
with:
components: rustfmt
- name: Cache Cargo dependencies
uses: Swatinem/rust-cache@v2
- name: Check typos
uses: crate-ci/typos@master
- name: Lint dependencies
uses: EmbarkStudios/cargo-deny-action@v1
clippy:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Install Rust stable
uses: dtolnay/rust-toolchain@stable
with:
components: clippy,rustfmt
- name: Install native dependencies
run: |
sudo apt-get update -y
sudo apt-get install -y libelf-dev zlib1g-dev build-essential
- name: Cache Cargo dependencies
uses: Swatinem/rust-cache@v2
- name: Run clippy
run: cargo clippy -- -D warnings
check_and_test:
strategy:
fail-fast: false
matrix:
include:
- os: ubuntu-24.04
os-arch: amd64
target: x86_64-unknown-linux-gnu
arch: x86_64
libpath: usr/lib/x86_64-linux-gnu
no-default-features: false
- os: ubuntu-24.04
os-arch: amd64
target: x86_64-unknown-linux-gnu
arch: x86_64
libpath: usr/lib/x86_64-linux-gnu
no-default-features: true
args: '-F seccomp-bpf'
- os: ubuntu-24.04
os-arch: amd64
target: x86_64-unknown-linux-gnu
arch: x86_64
libpath: usr/lib/x86_64-linux-gnu
no-default-features: false
args: '-F static,vendored'
rust_flags: -C target-feature=+crt-static
static_libseccomp: true
- os: ubuntu-24.04
os-arch: arm64
target: aarch64-unknown-linux-gnu
arch: aarch64
libpath: usr/lib/aarch64-linux-gnu
no-default-features: false
- os: ubuntu-24.04
os-arch: arm64
target: aarch64-unknown-linux-gnu
arch: aarch64
libpath: usr/lib/aarch64-linux-gnu
no-default-features: false
args: '-F static,vendored'
rust_flags: -C target-feature=+crt-static
static_libseccomp: true
- os: ubuntu-24.04
os-arch: riscv64
target: riscv64gc-unknown-linux-gnu
arch: riscv64
libpath: usr/lib/riscv64-linux-gnu
args: '-F ebpf,vendored-libbpf'
no-default-features: true
- os: ubuntu-24.04
os-arch: riscv64
target: riscv64gc-unknown-linux-gnu
arch: riscv64
libpath: usr/lib/riscv64-linux-gnu
args: '-F ebpf,static,vendored'
no-default-features: true
rust_flags: -C target-feature=+crt-static
static_libseccomp: true
runs-on: ${{ matrix.os }}
env:
RUSTFLAGS: ${{ matrix.rust_flags }}
LIBSECCOMP_LINK_TYPE: ${{ matrix.static_libseccomp && 'static' || 'dylib' }}
LIBSECCOMP_LIB_PATH: ${{ matrix.static_libseccomp && format('/{0}', matrix.libpath) || '/this/path/does/not/exist' }}
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Install Rust
uses: dtolnay/rust-toolchain@master
with:
toolchain: "1.82"
targets: ${{ matrix.target }}
components: rustfmt
- name: Install cross-compilation tools
uses: taiki-e/setup-cross-toolchain-action@v1
with:
target: ${{ matrix.target }}
- name: Add apt sources for ${{ matrix.os-arch }}
if: matrix.os-arch != 'amd64'
run: |
dpkg --add-architecture ${{ matrix.os-arch }}
release=$(. /etc/os-release && echo "$UBUNTU_CODENAME")
sed -i '/Types: deb/aArchitectures: amd64' /etc/apt/sources.list.d/ubuntu.sources
printf 'deb [arch=${{ matrix.os-arch }}] http://ports.ubuntu.com/ %s main restricted\n' \
$release $release-updates $release-security \
>> /etc/apt/sources.list
shell: sudo sh -e {0}
- name: Install build dependencies
run: |
sudo apt-get update -y
sudo apt-get install -y build-essential autopoint gettext libelf-dev zlib1g-dev \
libelf-dev:${{ matrix.os-arch }} zlib1g-dev:${{ matrix.os-arch }}
sudo apt-get install -y libseccomp-dev:${{ matrix.os-arch }}
if ! [ "${{ matrix.static_libseccomp }}" = "true" ]; then
sudo apt-get install -y libseccomp2:${{ matrix.os-arch }}
fi
- name: Cache Cargo dependencies
uses: Swatinem/rust-cache@v2
- name: Run cargo build with default features
run: cargo build --bins --tests --target ${{ matrix.target }} ${{ matrix.args }}
- name: Run cargo check with default features
run: cargo check --target ${{ matrix.target }} ${{ matrix.args }}
env:
RUST_BACKTRACE: full
- name: Run cargo test with default features
if: matrix.target == 'x86_64-unknown-linux-gnu' || matrix.target == 'x86_64-unknown-linux-musl'
run: cargo test --target ${{ matrix.target }} ${{ matrix.args }}
env:
RUST_BACKTRACE: full