clamreef-agent/.github/workflows/ci.yml at d99fdf0453dafeb8b4fcfd204dee5b08c4164fa3 · base-14/clamreef-agent · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
name: CI

on:
  push:
    branches: [ main, develop ]
  pull_request:
    branches: [ main, develop ]

env:
  CARGO_TERM_COLOR: always
  RUST_BACKTRACE: 1

jobs:
  test:
    name: Test Suite
    runs-on: ${{ matrix.os }}
    strategy:
      matrix:
        os: [ubuntu-latest, windows-latest, macos-latest]
        rust: [stable, beta]
        exclude:
          # Reduce CI load by only testing beta on Ubuntu
          - os: windows-latest
            rust: beta
          - os: macos-latest
            rust: beta

    steps:
    - name: Checkout code
      uses: actions/checkout@v6

    - name: Install Rust toolchain
      uses: dtolnay/rust-toolchain@master
      with:
        toolchain: ${{ matrix.rust }}
        components: rustfmt, clippy

    - name: Setup Rust cache
      uses: Swatinem/rust-cache@v2
      with:
        key: ${{ matrix.os }}-${{ matrix.rust }}

    - name: Install ClamAV (Ubuntu)
      if: matrix.os == 'ubuntu-latest'
      run: |
        sudo apt-get update
        sudo apt-get install -y clamav clamav-daemon
        sudo systemctl stop clamav-freshclam
        sudo systemctl stop clamav-daemon
        # Create test socket directory
        sudo mkdir -p /var/run/clamav
        sudo chown clamav:clamav /var/run/clamav

    - name: Install ClamAV (macOS)
      if: matrix.os == 'macos-latest'
      run: |
        brew install clamav
        # Create test socket directory
        sudo mkdir -p /opt/homebrew/var/run/clamav

    - name: Install ClamAV (Windows)
      if: matrix.os == 'windows-latest'
      run: |
        # ClamAV for Windows - download and install
        choco install clamav
      shell: powershell

    - name: Check formatting
      if: matrix.rust == 'stable'
      run: cargo fmt --all -- --check

    - name: Run clippy
      if: matrix.rust == 'stable'
      run: cargo clippy --all-targets --all-features -- -D warnings

    - name: Build
      run: cargo build --verbose --all-features

    - name: Run tests
      run: cargo test --verbose --all-features

    - name: Run doc tests
      run: cargo test --doc

  security:
    name: Security Audit
    runs-on: ubuntu-latest
    steps:
    - name: Checkout code
      uses: actions/checkout@v6

    - name: Install Rust toolchain
      uses: dtolnay/rust-toolchain@stable

    - name: Setup Rust cache
      uses: Swatinem/rust-cache@v2

    - name: Install cargo-audit
      run: cargo install cargo-audit

    - name: Run security audit
      run: cargo audit

    - name: Install cargo-deny
      run: cargo install cargo-deny --locked

    - name: Run cargo-deny check
      run: cargo deny check

  coverage:
    name: Code Coverage
    runs-on: ubuntu-latest
    steps:
    - name: Checkout code
      uses: actions/checkout@v6

    - name: Install Rust toolchain
      uses: dtolnay/rust-toolchain@stable

    - name: Setup Rust cache
      uses: Swatinem/rust-cache@v2

    - name: Install ClamAV
      run: |
        sudo apt-get update
        sudo apt-get install -y clamav clamav-daemon
        sudo systemctl stop clamav-freshclam
        sudo systemctl stop clamav-daemon
        sudo mkdir -p /var/run/clamav
        sudo chown clamav:clamav /var/run/clamav

    - name: Install tarpaulin
      run: cargo install cargo-tarpaulin

    - name: Run coverage
      run: cargo tarpaulin --verbose --all-features --workspace --timeout 120 --fail-under 74