1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
# TriviumDB CI/CD 管线
#
# 包含:
# 1. 编译检查(stable)
# 2. 全量测试(跨平台 stable)
# 3. AddressSanitizer 内存安全检测(nightly, Linux)
# 4. 代码格式检查 & Clippy 静态分析
# 5. 基准测试(手动触发)
name: CI
on:
push:
branches:
pull_request:
branches:
workflow_dispatch: # 支持手动触发(用于 benchmark)
env:
CARGO_TERM_COLOR: always
jobs:
# ═══════════════════════════════════════════
# Job 1: 编译检查(快速门禁)
# ═══════════════════════════════════════════
check:
name: Compile Check
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: dtolnay/rust-toolchain@stable
- uses: Swatinem/rust-cache@v2
- name: 编译检查 (默认特性)
run: cargo check --all-targets
# ═══════════════════════════════════════════
# Job 2: 全量测试(跨平台)
# ═══════════════════════════════════════════
test:
name: Test (${{ matrix.os }})
runs-on: ${{ matrix.os }}
needs: check
strategy:
fail-fast: false
matrix:
os:
steps:
- uses: actions/checkout@v4
- uses: dtolnay/rust-toolchain@stable
- uses: Swatinem/rust-cache@v2
- name: 运行全量测试
run: cargo test --lib --tests -- --test-threads=1
- name: 运行文档测试
run: cargo test --doc
# ═══════════════════════════════════════════
# Job 3: AddressSanitizer 内存安全检测
#
# 使用 nightly + -Z sanitizer=address 检测:
# - 堆缓冲区溢出 (heap-buffer-overflow)
# - 释放后使用 (use-after-free)
# - 栈缓冲区溢出 (stack-buffer-overflow)
# - 内存泄漏 (memory leak)
#
# 主要覆盖 TriviumDB 中的 unsafe 区域:
# mmap 零拷贝、SIMD 指令、bytemuck 转换
# ═══════════════════════════════════════════
asan:
name: AddressSanitizer
runs-on: ubuntu-latest
needs: check
steps:
- uses: actions/checkout@v4
- uses: dtolnay/rust-toolchain@nightly
with:
components: rust-src # ASan 需要从源码编译 std
- uses: Swatinem/rust-cache@v2
with:
key: asan
- name: 运行测试 (ASan 模式)
env:
RUSTFLAGS: "-Z sanitizer=address"
# ASan 运行时选项:检测泄漏 + 首次错误即停止
ASAN_OPTIONS: "detect_leaks=1:halt_on_error=1"
run: |
cargo +nightly test --lib --tests \
-Z build-std \
--target x86_64-unknown-linux-gnu \
-- --test-threads=1
# ═══════════════════════════════════════════
# Job 4: 代码质量检查
# ═══════════════════════════════════════════
lint:
name: Lint & Format
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: dtolnay/rust-toolchain@stable
with:
components: rustfmt, clippy
- uses: Swatinem/rust-cache@v2
- name: 格式检查 (rustfmt)
run: cargo fmt --all -- --check
- name: 静态分析 (Clippy)
run: cargo clippy --all-targets -- -D warnings
# ═══════════════════════════════════════════
# Job 5: 基准测试(仅手动触发)
# ═══════════════════════════════════════════
bench:
name: Benchmark (Manual)
runs-on: ubuntu-latest
if: github.event_name == 'workflow_dispatch'
steps:
- uses: actions/checkout@v4
- uses: dtolnay/rust-toolchain@stable
- uses: Swatinem/rust-cache@v2
- name: 运行基准测试
run: cargo bench --workspace
- name: 上传基准测试结果
uses: actions/upload-artifact@v4
with:
name: benchmark-results
path: target/criterion/