Add cargo audit, lychee to workflow.
Rename / tweak some workflow jobs. Signed-off-by: Jason Volk <jason@zemos.net>
This commit is contained in:
Jason Volk
26
docker/Dockerfile.cargo.audit
Normal file
26
docker/Dockerfile.cargo.audit
Normal file
@@ -0,0 +1,26 @@
|
||||
# syntax = docker/dockerfile:1.11-labs
|
||||
|
||||
FROM input AS audit
|
||||
ARG sys_target
|
||||
ARG rust_toolchain="nightly"
|
||||
ARG RUSTUP_HOME
|
||||
ARG CARGO_HOME
|
||||
ARG audit_args=""
|
||||
|
||||
WORKDIR /usr/src/tuwunel
|
||||
RUN \
|
||||
--mount=type=cache,dst=${RUSTUP_HOME},sharing=locked \
|
||||
--mount=type=cache,dst=${CARGO_HOME},sharing=locked \
|
||||
<<EOF
|
||||
env
|
||||
set -eux
|
||||
rustup run ${rust_toolchain} \
|
||||
cargo audit \
|
||||
--stale \
|
||||
--deny yanked \
|
||||
--deny unsound \
|
||||
--deny unmaintained \
|
||||
--deny warnings \
|
||||
--color=always \
|
||||
${audit_args}
|
||||
EOF
|
||||
@@ -1,6 +1,6 @@
|
||||
# syntax = docker/dockerfile:1.11-labs
|
||||
|
||||
FROM input AS cargo
|
||||
FROM input AS fmt
|
||||
ARG sys_target
|
||||
ARG rust_toolchain="nightly"
|
||||
ARG RUSTUP_HOME
|
||||
|
||||
30
docker/Dockerfile.cargo.lychee
Normal file
30
docker/Dockerfile.cargo.lychee
Normal file
@@ -0,0 +1,30 @@
|
||||
# syntax = docker/dockerfile:1.11-labs
|
||||
|
||||
FROM input AS lychee
|
||||
ARG sys_target
|
||||
ARG rust_toolchain="nightly"
|
||||
ARG RUSTUP_HOME
|
||||
ARG CARGO_HOME
|
||||
ARG lychee_cache_age="7d"
|
||||
ARG lychee_mode="color"
|
||||
ARG lychee_args="docs *.md"
|
||||
|
||||
WORKDIR /usr/src/tuwunel
|
||||
RUN \
|
||||
--mount=type=cache,dst=${RUSTUP_HOME},sharing=locked \
|
||||
--mount=type=cache,dst=${CARGO_HOME},sharing=locked \
|
||||
<<EOF
|
||||
env
|
||||
set -eux
|
||||
rustup run ${rust_toolchain} \
|
||||
lychee \
|
||||
--verbose \
|
||||
--cache \
|
||||
--offline \
|
||||
--max-cache-age ${lychee_cache_age} \
|
||||
--mode ${lychee_mode} \
|
||||
--exclude development.md \
|
||||
--exclude contributing.md \
|
||||
--exclude testing.md \
|
||||
${lychee_args}
|
||||
EOF
|
||||
@@ -39,7 +39,9 @@ RUN \
|
||||
rustup component add \
|
||||
--toolchain ${rust_toolchain} \
|
||||
--target ${CARGO_TARGET} \
|
||||
clippy rustfmt
|
||||
clippy \
|
||||
rustfmt \
|
||||
;
|
||||
EOF
|
||||
|
||||
|
||||
@@ -59,5 +61,9 @@ RUN \
|
||||
cargo install \
|
||||
--locked \
|
||||
--target ${CARGO_TARGET} \
|
||||
cargo-chef
|
||||
cargo-chef \
|
||||
cargo-audit \
|
||||
cargo-deb \
|
||||
lychee \
|
||||
;
|
||||
EOF
|
||||
|
||||
@@ -14,6 +14,7 @@ cmake \
|
||||
curl \
|
||||
git \
|
||||
libc6-dev \
|
||||
libssl-dev \
|
||||
make \
|
||||
pkg-config \
|
||||
pkgconf \
|
||||
|
||||
@@ -123,8 +123,12 @@ group "default" {
|
||||
|
||||
group "lints" {
|
||||
targets = [
|
||||
"audit",
|
||||
"check",
|
||||
"clippy",
|
||||
"docs",
|
||||
"fmt",
|
||||
"lychee",
|
||||
]
|
||||
}
|
||||
|
||||
@@ -208,6 +212,7 @@ target "complement-testee-valgrind" {
|
||||
]
|
||||
contexts = {
|
||||
input = elem("target:smoketest-valgrind", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target])
|
||||
complement-tester = elem("target:complement-tester-valgrind", [feat_set, sys_name, sys_version, sys_target])
|
||||
}
|
||||
}
|
||||
|
||||
@@ -229,6 +234,7 @@ target "complement-testee" {
|
||||
]
|
||||
contexts = {
|
||||
input = elem("target:install", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target])
|
||||
complement-tester = elem("target:complement-tester", [feat_set, sys_name, sys_version, sys_target])
|
||||
complement-config = elem("target:complement-config", [feat_set, sys_name, sys_version, sys_target])
|
||||
}
|
||||
args = {
|
||||
@@ -680,11 +686,46 @@ target "check" {
|
||||
}
|
||||
}
|
||||
|
||||
target "lychee" {
|
||||
name = elem("lychee", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target])
|
||||
tags = [
|
||||
elem_tag("lychee", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target], "latest"),
|
||||
]
|
||||
target = "lychee"
|
||||
dockerfile = "docker/Dockerfile.cargo.lychee"
|
||||
matrix = cargo_rust_feat_sys
|
||||
inherits = [
|
||||
elem("deps-base", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target]),
|
||||
elem("cargo", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target]),
|
||||
]
|
||||
contexts = {
|
||||
input = elem("target:ingredients", [rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target])
|
||||
}
|
||||
}
|
||||
|
||||
target "audit" {
|
||||
name = elem("audit", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target])
|
||||
tags = [
|
||||
elem_tag("audit", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target], "latest"),
|
||||
]
|
||||
target = "audit"
|
||||
dockerfile = "docker/Dockerfile.cargo.audit"
|
||||
matrix = cargo_rust_feat_sys
|
||||
inherits = [
|
||||
elem("deps-base", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target]),
|
||||
elem("cargo", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target]),
|
||||
]
|
||||
contexts = {
|
||||
input = elem("target:ingredients", [rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target])
|
||||
}
|
||||
}
|
||||
|
||||
target "fmt" {
|
||||
name = elem("fmt", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target])
|
||||
tags = [
|
||||
elem_tag("fmt", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target], "latest"),
|
||||
]
|
||||
target = "fmt"
|
||||
dockerfile = "docker/Dockerfile.cargo.fmt"
|
||||
matrix = cargo_rust_feat_sys
|
||||
inherits = [
|
||||
@@ -721,11 +762,11 @@ target "cargo" {
|
||||
|
||||
group "deps" {
|
||||
targets = [
|
||||
#"deps-check",
|
||||
"deps-check",
|
||||
"deps-clippy",
|
||||
#"deps-build",
|
||||
"deps-build",
|
||||
"deps-build-tests",
|
||||
#"deps-build-bench",
|
||||
"deps-build-bench",
|
||||
"deps-build-bins",
|
||||
]
|
||||
}
|
||||
|
||||
@@ -1,11 +1,6 @@
|
||||
#!/bin/bash
|
||||
set -eo pipefail
|
||||
|
||||
default_docker_id="jevolk/tuwunel"
|
||||
docker_id=${docker_id:=$default_docker_id}
|
||||
docker_acct=${docker_acct:=$(echo $docker_id | cut -d"/" -f1)}
|
||||
docker_repo=${docker_repo:=$(echo $docker_id | cut -d"/" -f2)}
|
||||
|
||||
CI="${CI:-true}"
|
||||
BASEDIR=$(dirname "$0")
|
||||
|
||||
@@ -75,7 +70,6 @@ set +a
|
||||
export DOCKER_BUILDKIT=1
|
||||
if test "$CI" = "true"; then
|
||||
export BUILDKIT_PROGRESS="plain"
|
||||
echo "plain"
|
||||
fi
|
||||
|
||||
uwu_docker_build_args=""
|
||||
@@ -101,7 +95,6 @@ date
|
||||
|
||||
arg="$args -f $BASEDIR/bake.hcl"
|
||||
if test "$BUILDKIT_PROGRESS" = "plain"; then
|
||||
echo "PRINTING"
|
||||
docker buildx bake --print $arg $bake_target
|
||||
fi
|
||||
|
||||
@@ -115,4 +108,4 @@ set -ux
|
||||
docker buildx bake $arg $bake_target
|
||||
|
||||
set +x
|
||||
echo -e "\033[1;42;37mPASS\033[0m"
|
||||
echo -e "\033[1;42;30mPASS\033[0m"
|
||||
|
||||
@@ -1,11 +1,6 @@
|
||||
#!/bin/bash
|
||||
set -eo pipefail
|
||||
|
||||
default_docker_id="jevolk/tuwunel"
|
||||
docker_id=${docker_id:=$default_docker_id}
|
||||
docker_acct=${docker_acct:=$(echo $docker_id | cut -d"/" -f1)}
|
||||
docker_repo=${docker_repo:=$(echo $docker_id | cut -d"/" -f2)}
|
||||
|
||||
CI="${CI:-true}"
|
||||
BASEDIR=$(dirname "$0")
|
||||
|
||||
@@ -46,4 +41,4 @@ cid=$(docker run -d $arg)
|
||||
set +x
|
||||
trap 'docker container stop $cid; set +x; date; echo -e "\033[1;41;37mFAIL\033[0m"' INT
|
||||
docker wait "$cid" 2>/dev/null
|
||||
echo -e "\033[1;42;37mPASS\033[0m"
|
||||
echo -e "\033[1;42;30mPASS\033[0m"
|
||||
|
||||
Reference in New Issue
Block a user