Skip to content

CI

CI #877

Workflow file for this run

name: CI
permissions:
contents: read
on:
pull_request:
branches: [main]
push:
branches: [main]
schedule:
- cron: '0 15 * * 0,4' # Every Monday and Friday at 00:00 JST
workflow_dispatch:
env:
CARGO_INCREMENTAL: 0
CARGO_NET_GIT_FETCH_WITH_CLI: true
CARGO_NET_RETRY: 10
CARGO_TERM_COLOR: always
RUST_BACKTRACE: 1
RUSTDOCFLAGS: -D warnings
RUSTFLAGS: -D warnings
RUSTUP_MAX_RETRIES: 10
defaults:
run:
shell: bash
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }}
cancel-in-progress: true
jobs:
test:
runs-on: ubuntu-latest
timeout-minutes: 60
steps:
- uses: actions/checkout@v4
- uses: dtolnay/rust-toolchain@stable
- run: cargo test --workspace --all-features --exclude example
features:
runs-on: ubuntu-latest
timeout-minutes: 60
steps:
- uses: actions/checkout@v4
- uses: dtolnay/rust-toolchain@stable
- name: Install cargo-hack
uses: taiki-e/install-action@cargo-hack
- run: cargo hack build --workspace --no-private --feature-powerset
- run: cargo hack build --workspace --no-private --feature-powerset --rust-version
fmt:
runs-on: ubuntu-latest
timeout-minutes: 60
steps:
- uses: actions/checkout@v4
- uses: dtolnay/rust-toolchain@stable
- run: cargo fmt --all --check
clippy:
runs-on: ubuntu-latest
timeout-minutes: 60
steps:
- uses: actions/checkout@v4
- uses: dtolnay/rust-toolchain@stable
- run: cargo clippy --workspace --all-features --all-targets
docs:
runs-on: ubuntu-latest
timeout-minutes: 60
steps:
- uses: actions/checkout@v4
- uses: dtolnay/rust-toolchain@stable
- run: cargo doc --workspace --all-features
fuzz:
env:
FUZZ_MAX_TOTAL_TIME: 60 # 1 minute
runs-on: ubuntu-latest
timeout-minutes: 60
steps:
- uses: actions/checkout@v4
- uses: dtolnay/rust-toolchain@nightly
- uses: taiki-e/cache-cargo-install-action@v2
with:
tool: cargo-fuzz
# We cannot use cache for cargo-afl because afl.rs requires the cargo-afl binary and afl library to be built with the same compiler version.
- run: cargo install cargo-afl --debug --locked
- run: cargo fuzz build --features libfuzzer
- run: cargo afl build --release --features afl
working-directory: fuzz
# On scheduled job, run fuzzer $FUZZ_MAX_TOTAL_TIME seconds per target.
# TODO: This is currently skipped for libfuzzer due to https://github.com/rust-fuzz/cargo-fuzz/issues/270.
- name: Cache AFL++ output
uses: actions/cache@v4
with:
path: fuzz/out
key: afl-out-${{ github.run_id }}
restore-keys: afl-out-
if: github.event_name == 'schedule'
- name: Fuzzing with AFL++
run: |
set -eEuxo pipefail
echo 'core' | sudo tee /proc/sys/kernel/core_pattern
for target in $(ls | grep '.*\.rs$' | sed 's/\.rs$//'); do
cargo afl fuzz -i "seeds/${target}" -o "out/${target}" -V "${FUZZ_MAX_TOTAL_TIME}" "target/release/${target}"
rmdir "out/${target}"/default/crashes &>/dev/null || true
rmdir "out/${target}"/default/hangs &>/dev/null || true
if [[ -d "out/${target}"/default/crashes ]] || [[ -d "out/${target}"/default/hangs ]]; then
exit 1
fi
done
working-directory: fuzz
if: github.event_name == 'schedule'
- name: Archive artifacts
run: |
set -eEuxo pipefail
if [[ -d out ]]; then
tar acvf ../afl-artifacts.tar.gz out
fi
working-directory: fuzz
if: failure() && github.event_name == 'schedule'
- name: Upload artifacts
uses: actions/upload-artifact@v4
with:
name: fuzz-artifacts
path: afl-artifacts.tar.gz
if: failure() && github.event_name == 'schedule'
spell-check:
runs-on: ubuntu-latest
timeout-minutes: 60
permissions:
contents: read
pull-requests: write # for gh pr edit --add-assignee
repository-projects: read # for gh pr edit --add-assignee
steps:
- uses: actions/checkout@v4
- run: echo "REMOVE_UNUSED_WORDS=1" >>"${GITHUB_ENV}"
if: github.repository_owner == 'openrr' && (github.event_name == 'schedule' || github.event_name == 'push' && github.ref == 'refs/heads/main')
- run: tools/spell-check.sh
- id: diff
run: |
set -euo pipefail
git config user.name "Taiki Endo"
git config user.email "[email protected]"
project_dictionary=.github/.cspell/project-dictionary.txt
git add -N "${project_dictionary}"
if ! git diff --exit-code -- "${project_dictionary}"; then
git add "${project_dictionary}"
git commit -m "Remove unused words from cspell dictionary"
echo 'success=false' >>"${GITHUB_OUTPUT}"
fi
if: github.repository_owner == 'openrr' && (github.event_name == 'schedule' || github.event_name == 'push' && github.ref == 'refs/heads/main')
- id: create-pull-request
uses: peter-evans/create-pull-request@v7
with:
title: Remove unused words from cspell dictionary
body: |
Auto-generated by CI using [create-pull-request](https://github.com/peter-evans/create-pull-request).
branch: remove-unused-words-from-cspell-dictionary
token: ${{ secrets.CREATE_PR_TOKEN }}
if: github.repository_owner == 'openrr' && (github.event_name == 'schedule' || github.event_name == 'push' && github.ref == 'refs/heads/main') && steps.diff.outputs.success == 'false'
- name: Notify PR author by assigning PR
run: gh pr edit --add-assignee taiki-e "${PR_NUMBER:?}"
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
PR_NUMBER: ${{ steps.create-pull-request.outputs.pull-request-number }}
if: github.repository_owner == 'openrr' && (github.event_name == 'schedule' || github.event_name == 'push' && github.ref == 'refs/heads/main') && steps.diff.outputs.success == 'false'