CI #44

Workflow file for this run

	name: CI
	on:
	pull_request:
	branches: ["main"]
	merge_group:
	workflow_dispatch:

	env:
	CARGO_TERM_COLOR: always
	RUST_BACKTRACE: 1
	RUST_TEST_TIME_UNIT: 10,30
	RUST_TEST_TIME_INTEGRATION: 10,30
	RUST_TEST_TIME_DOCTEST: 10,30

	concurrency:
	group: ${{ github.workflow }}-${{ github.event.pull_request.number \|\| github.ref }}
	cancel-in-progress: true

	permissions:
	contents: read

	defaults:
	run:
	shell: bash

	jobs:
	toolchains:
	name: Determine toolchains
	runs-on: ubuntu-24.04
	outputs:
	toolchains: ${{ steps.toolchains.outputs.toolchains }}
	steps:
	- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
	with:
	persist-credentials: false

	- id: toolchains
	uses: ./.github/actions/toolchains

	check:
	name: Run checks
	needs: toolchains
	strategy:
	fail-fast: false
	matrix:
	os: [ubuntu-24.04, ubuntu-24.04-arm, macos-15, windows-2025]
	rust-toolchain: ${{ fromJSON(needs.toolchains.outputs.toolchains) }}
	type: [debug]
	# Include some dynamically-linked release builds, to check that that works on all platforms.
	include:
	- os: ubuntu-24.04
	rust-toolchain: stable
	type: release
	- os: macos-15
	rust-toolchain: stable
	type: release
	- os: windows-2025
	rust-toolchain: stable
	type: release
	# Also do some debug builds on the oldest OS versions.
	- os: ubuntu-22.04
	rust-toolchain: stable
	type: debug
	- os: macos-14
	rust-toolchain: stable
	type: debug
	- os: windows-2022
	rust-toolchain: stable
	type: debug
	env:
	BUILD_TYPE: ${{ matrix.type == 'release' && '--release' \|\| '' }}
	runs-on: ${{ matrix.os }}

	steps:
	- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
	with:
	persist-credentials: false

	- uses: ./.github/actions/rust
	with:
	version: ${{ matrix.rust-toolchain }}
	components: ${{ matrix.rust-toolchain == 'stable' && 'llvm-tools' \|\| '' }} ${{ matrix.rust-toolchain == 'nightly' && startsWith(matrix.os, 'ubuntu') && !endsWith(matrix.os, 'arm') && 'rust-src ' \|\| '' }}
	tools: ${{ matrix.rust-toolchain == 'stable' && 'cargo-llvm-cov' \|\| '' }} ${{ matrix.rust-toolchain == 'nightly' && startsWith(matrix.os, 'ubuntu') && !endsWith(matrix.os, 'arm') && 'cargo-careful ' \|\| '' }}
	token: ${{ secrets.GITHUB_TOKEN }}

	- id: nss-version
	run: echo "minimum=$(cat min_version.txt)" >> "$GITHUB_OUTPUT"

	- uses: ./.github/actions/nss
	with:
	minimum-version: ${{ steps.nss-version.outputs.minimum }}

	- name: Check
	run: \|
	# shellcheck disable=SC2086
	cargo check $BUILD_TYPE --locked --all-targets

	- name: Run tests and determine coverage
	env:
	RUST_LOG: trace
	RUST_BACKTRACE: 1
	RUST_TEST_TIME_UNIT: 10,30
	RUST_TEST_TIME_INTEGRATION: 10,30
	RUST_TEST_TIME_DOCTEST: 10,30
	TOOLCHAIN: ${{ matrix.rust-toolchain }}
	# FIXME: cargo-careful at the moment only works on amd64 Ubuntu
	CAREFUL: ${{ matrix.rust-toolchain == 'nightly' && startsWith(matrix.os, 'ubuntu') && !endsWith(matrix.os, 'arm') && 'careful' \|\| '' }}
	run: \|
	DUMP_SIMULATION_SEEDS="$(pwd)/simulation-seeds"
	export DUMP_SIMULATION_SEEDS
	# shellcheck disable=SC2086
	if [ "$TOOLCHAIN" == "stable" ]; then
	cargo llvm-cov test $BUILD_TYPE --locked --include-ffi --codecov --output-path codecov.json
	else
	if [ -n "$CAREFUL" ]; then
	TRIPLE="--target $(rustc --print host-tuple)"
	fi
	cargo $CAREFUL test $BUILD_TYPE --locked $TRIPLE
	fi

	- name: CodeCov Windows workaround
	if: ${{ startsWith(matrix.os, 'windows') && matrix.type == 'debug' && matrix.rust-toolchain == 'stable' }}
	run: \|
	# FIXME: Without this, the codecov/codecov-action fails. No idea why it's looking under C:/msys64 now, it shouldn't.
	mkdir -p C:/msys64/home/runneradmin/
	touch C:/msys64/home/runneradmin/.gitconfig

	- uses: codecov/codecov-action@671740ac38dd9b0130fbe1cec585b89eea48d3de # v5.5.2
	with:
	files: codecov.json
	fail_ci_if_error: false
	token: ${{ secrets.CODECOV_TOKEN }}
	verbose: true
	flags: ${{ startsWith(matrix.os, 'ubuntu') && 'linux' \|\| startsWith(matrix.os, 'macos') && 'macos' \|\| 'windows' }}
	env:
	CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
	if: matrix.type == 'debug' && matrix.rust-toolchain == 'stable'

	- name: Save simulation seeds artifact
	if: ${{ always() }}
	uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
	with:
	name: simulation-seeds-${{ matrix.os }}-${{ matrix.rust-toolchain }}-${{ matrix.type }}
	path: simulation-seeds
	compression-level: 9

	check-cargo-lock:
	name: Ensure `Cargo.lock` contains all required dependencies
	runs-on: ubuntu-24.04
	steps:
	- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
	with:
	persist-credentials: false
	- uses: ./.github/actions/rust
	with:
	version: stable
	tools: cargo-hack
	token: ${{ secrets.GITHUB_TOKEN }}
	- run: \|
	cargo update -w --locked
	cargo hack update -w --locked

	check-android:
	name: Check Android
	runs-on: ubuntu-24.04
	strategy:
	matrix:
	target: ['x86_64-linux-android', 'i686-linux-android'] # 'aarch64-linux-android' not currently working
	steps:
	- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
	with:
	persist-credentials: false
	- id: nss-version
	run: echo "minimum=$(cat min_version.txt)" >> "$GITHUB_OUTPUT"
	- uses: ./.github/actions/check-android
	with:
	target: ${{ matrix.target }}
	minimum-nss-version: ${{ steps.nss-version.outputs.minimum }}
	github-token: ${{ secrets.GITHUB_TOKEN }}

	check-vm:
	name: Run checks for VM-only platforms
	runs-on: ubuntu-24.04
	strategy:
	fail-fast: false
	matrix:
	os: [ freebsd, openbsd, netbsd ] # NSS package on 'solaris' is too old.
	steps:
	- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
	with:
	persist-credentials: false
	- uses: ./.github/actions/check-vm
	with:
	platform: ${{ matrix.os }}
	codecov-token: ${{ secrets.CODECOV_TOKEN }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CI #44

Workflow file

CI #44

Uh oh!

Workflow file for this run