Skip to content

action: infer compare base refs #3391

action: infer compare base refs

action: infer compare base refs #3391

Workflow file for this run

name: CI
on:
push:
branches: [ "main" ]
pull_request:
branches: [ "main" ]
concurrency:
group: ci-${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
cancel-in-progress: true
env:
CARGO_TERM_COLOR: always
CARGO_INCREMENTAL: 0
RUSTFLAGS: -C debuginfo=0
jobs:
msrv:
name: MSRV Check
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
- name: Set up Rust (MSRV)
uses: dtolnay/rust-toolchain@stable
with:
toolchain: 1.92
- uses: Swatinem/rust-cache@v2
- name: Check MSRV compatibility
run: cargo check --workspace --all-features
build:
name: Build & Test
runs-on: ${{ matrix.os }}
strategy:
matrix:
os: [ubuntu-latest, windows-latest]
steps:
- uses: actions/checkout@v6
- name: Set up Rust
uses: dtolnay/rust-toolchain@stable
- name: Use larger writable target dir on Linux
if: runner.os == 'Linux'
run: echo "CARGO_TARGET_DIR=${RUNNER_TEMP}/target" >> "$GITHUB_ENV"
- uses: Swatinem/rust-cache@v2
if: runner.os == 'Linux'
with:
cache-directories: ${{ runner.temp }}/target
- uses: Swatinem/rust-cache@v2
if: runner.os != 'Linux'
- name: Run tests
run: cargo test --all-features --verbose
env:
CI: true
build-macos:
name: Build & Test (macOS)
if: github.event_name == 'push'
runs-on: macos-latest
steps:
- uses: actions/checkout@v6
- name: Set up Rust
uses: dtolnay/rust-toolchain@stable
- uses: Swatinem/rust-cache@v2
- name: Run tests
run: cargo test --all-features --verbose
env:
CI: true
feature-boundaries:
name: Feature Boundaries
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
- uses: dtolnay/rust-toolchain@stable
- uses: Swatinem/rust-cache@v2
with:
cache-directories: ${{ runner.temp }}/target
- name: tokmd-analysis with all features
run: cargo test -p tokmd-analysis --all-features --verbose
env:
CI: true
- name: tokmd-analysis with no default features
run: cargo test -p tokmd-analysis --no-default-features --verbose
env:
CI: true
- name: Guard analysis microcrate boundaries
run: cargo xtask boundaries-check
wasm-compile:
name: Wasm Compile & Test
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
- uses: dtolnay/rust-toolchain@stable
with:
targets: wasm32-unknown-unknown
- uses: actions/setup-node@v6
- uses: taiki-e/install-action@v2
with:
tool: wasm-pack
- uses: Swatinem/rust-cache@v2
- name: Check tokmd-scan for wasm32
run: cargo check -p tokmd-scan --target wasm32-unknown-unknown
- name: Check tokmd-core analysis for wasm32
run: cargo check -p tokmd-core --features analysis --target wasm32-unknown-unknown
- name: Check tokmd-wasm core-only for wasm32
run: cargo check -p tokmd-wasm --no-default-features --target wasm32-unknown-unknown
- name: Check tokmd-wasm for wasm32
run: cargo check -p tokmd-wasm --features analysis --target wasm32-unknown-unknown
- name: Run tokmd-wasm core-only wasm tests
run: wasm-pack test --node crates/tokmd-wasm --no-default-features
- name: Run tokmd-wasm analysis wasm tests
run: wasm-pack test --node crates/tokmd-wasm --features analysis
- name: Build browser runner wasm bundle
run: npm --prefix web/runner run build:wasm
- name: Browser runner protocol and wasm boot smoke
run: npm --prefix web/runner test
- name: Browser runner syntax check
run: npm --prefix web/runner run check
gate:
name: Quality Gate
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
- uses: dtolnay/rust-toolchain@stable
with:
components: clippy, rustfmt
- name: Use larger writable target dir on Linux
if: runner.os == 'Linux'
run: echo "CARGO_TARGET_DIR=${RUNNER_TEMP}/target" >> "$GITHUB_ENV"
- uses: Swatinem/rust-cache@v2
- name: Run quality gate
run: cargo xtask gate --check
deny:
name: Cargo Deny
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
- uses: taiki-e/install-action@v2
with:
tool: cargo-deny@0.19.0
- name: Print cargo-deny version
run: cargo deny --version
- name: Check advisories and licenses
run: cargo deny --all-features check
typos:
name: Typos
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
- uses: crate-ci/typos@v1
proptest-smoke:
name: Proptest Smoke
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
- uses: dtolnay/rust-toolchain@stable
- uses: Swatinem/rust-cache@v2
- name: Run property tests (reduced iterations)
run: |
PROPTEST_CASES=50 cargo test -p tokmd-model --test properties --all-features --verbose
PROPTEST_CASES=50 cargo test -p tokmd-types --test properties --all-features --verbose
PROPTEST_CASES=50 cargo test -p tokmd --test properties --all-features --verbose
env:
CI: true
publish-plan:
name: Publish Surface
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
- uses: dtolnay/rust-toolchain@stable
- uses: Swatinem/rust-cache@v2
- name: Verify publish surface and dry-run checks
run: cargo xtask publish-surface --json --verify-publish
env:
CI: true
version-consistency:
name: Version consistency
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
- uses: dtolnay/rust-toolchain@stable
- name: Check release metadata alignment
run: cargo xtask version-consistency
docs-check:
name: Docs Check
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
- uses: dtolnay/rust-toolchain@stable
- uses: Swatinem/rust-cache@v2
- name: Check documentation drift
run: cargo xtask docs --check
env:
CI: true
nix-pr:
name: Nix PR Package Gate
runs-on: ubuntu-latest
timeout-minutes: 60
permissions:
contents: read
env:
FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: true
steps:
- uses: actions/checkout@v6
- name: Install Nix
uses: DeterminateSystems/nix-installer-action@v22
- name: Setup Nix cache
continue-on-error: true
uses: DeterminateSystems/magic-nix-cache-action@v13
with:
use-flakehub: false
use-gha-cache: enabled
- name: Check flake
run: nix flake check --no-build --accept-flake-config
- name: Build package
run: nix build -L .#tokmd
mutation:
name: Mutation Testing (Required)
runs-on: ubuntu-latest
if: github.event_name == 'pull_request'
steps:
- uses: actions/checkout@v6
with:
fetch-depth: 0
- uses: dtolnay/rust-toolchain@stable
- name: Install cargo-mutants
run: cargo install cargo-mutants --version 26.1.2 --locked
- name: Get changed Rust files
id: changed
run: |
set -euo pipefail
git fetch origin "${{ github.base_ref }}":"refs/remotes/origin/${{ github.base_ref }}" || true
git diff --name-only "origin/${{ github.base_ref }}...HEAD" -- '*.rs' \
| grep -v '/tests/' \
| grep -v '_test\.rs$' \
| grep -v '^fuzz/' \
| grep -v '/fuzz/' \
> changed_files.txt || true
COUNT="$(wc -l < changed_files.txt | tr -d ' ')"
echo "count=$COUNT" >> "$GITHUB_OUTPUT"
echo "files<<EOF" >> "$GITHUB_OUTPUT"
cat changed_files.txt >> "$GITHUB_OUTPUT"
echo "EOF" >> "$GITHUB_OUTPUT"
- name: Mutation Testing
if: steps.changed.outputs.count != '0'
env:
CI: true
run: |
set -euo pipefail
echo "Running mutation testing on ${{ steps.changed.outputs.count }} changed file(s)..."
while IFS= read -r file; do
[ -z "$file" ] && continue
[ -f "$file" ] || continue
# Microcrate dividend: run from crate dir when possible
crate_dir=""
if [[ "$file" == crates/*/* ]]; then
crate_dir="$(echo "$file" | cut -d/ -f1-2)"
fi
echo "::group::Mutants: $file"
if [[ -n "$crate_dir" && -f "$crate_dir/Cargo.toml" ]]; then
rel="${file#$crate_dir/}"
(cd "$crate_dir" && cargo mutants --file "$rel" --timeout 300)
else
cargo mutants --file "$file" --timeout 300
fi
echo "::endgroup::"
done < changed_files.txt
echo "✓ All mutations caught or unviable (0 MISSED)"
- name: Skip notice
if: steps.changed.outputs.count == '0'
run: echo "No production Rust files changed - skipping mutation testing"
- name: Upload mutants report
if: always()
uses: actions/upload-artifact@v7
with:
name: mutants-report
path: |
mutants.out/
crates/**/mutants.out/
if-no-files-found: ignore
retention-days: 14
ci-required:
name: CI (Required)
runs-on: ubuntu-latest
if: always()
needs:
- msrv
- build
- build-macos
- gate
- deny
- wasm-compile
- typos
- proptest-smoke
- publish-plan
- version-consistency
- docs-check
- nix-pr
- mutation
- feature-boundaries
steps:
- name: Check overall status
run: |
# If any needed job failed or was cancelled, fail this job
if [[ "${{ contains(needs.*.result, 'failure') || contains(needs.*.result, 'cancelled') }}" == "true" ]]; then
echo "One or more required jobs failed or were cancelled."
exit 1
fi
echo "All required jobs passed (or were skipped)."