Skip to content

ci: Bump actions/checkout from 5 to 6 #239

ci: Bump actions/checkout from 5 to 6

ci: Bump actions/checkout from 5 to 6 #239

Workflow file for this run

name: CI
on:
push:
branches: [main, master]
pull_request:
branches: [main, master]
env:
CARGO_TERM_COLOR: always
RUST_BACKTRACE: 1
# ws63-rs builds with the custom `hisi-riscv` toolchain (stable rustc with the WS63
# riscv32imfc hard-float target baked in as a builtin; see rust-toolchain.toml).
# Each job installs+links it from the hisi-riscv-rust-toolchain release via
# .github/scripts/install-toolchain.sh. Default target (riscv32imfc) is in
# .cargo/config.toml; no -Z build-std needed (toolchain ships precompiled core).
jobs:
# ── Per-crate check ─────────────────────────────────────────────
build:
name: Check (RISC-V)
runs-on: ubuntu-latest
strategy:
matrix:
# hisi-riscv-hal has NO default chip (0.5.0, esp-hal style), so a bare
# `cargo check -p hisi-riscv-hal` fires the no-chip compile_error; select
# chip-ws63 for it. ws63-pac / hisi-riscv-rt compile chip-neutrally.
include:
- crate: ws63-pac
args: ""
- crate: hisi-riscv-hal
args: "--no-default-features --features chip-ws63"
- crate: hisi-riscv-rt
args: ""
steps:
- uses: actions/checkout@v6
with:
submodules: recursive
- name: Install hisi-riscv toolchain
run: bash .github/scripts/install-toolchain.sh
- uses: actions/cache@v5
with:
# NOTE: do NOT cache target/ — it is built by the custom `hisi-riscv` rustc whose
# strict-version-hash differs from any other 1.96.0; a stale target/ from a
# different toolchain causes E0463 "can't find crate". Registry/git caches are
# toolchain-agnostic (just crate sources) and safe.
path: |
~/.cargo/registry/
~/.cargo/git/
key: ${{ runner.os }}-cargo-ws63-${{ hashFiles('**/Cargo.lock') }}
restore-keys: ${{ runner.os }}-cargo-ws63-
- name: Check ${{ matrix.crate }}
run: cargo check -p ${{ matrix.crate }} ${{ matrix.args }}
# ── Full workspace check + library build ────────────────────────
workspace:
name: Workspace
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
with:
submodules: recursive
- name: Install hisi-riscv toolchain
run: bash .github/scripts/install-toolchain.sh
- uses: actions/cache@v5
with:
# NOTE: do NOT cache target/ — it is built by the custom `hisi-riscv` rustc whose
# strict-version-hash differs from any other 1.96.0; a stale target/ from a
# different toolchain causes E0463 "can't find crate". Registry/git caches are
# toolchain-agnostic (just crate sources) and safe.
path: |
~/.cargo/registry/
~/.cargo/git/
key: ${{ runner.os }}-cargo-ws63-${{ hashFiles('**/Cargo.lock') }}
restore-keys: ${{ runner.os }}-cargo-ws63-
# Covers every member (incl. blinky + flashboot) at the type/codegen level.
- name: Check workspace
run: cargo check --workspace
# Real build (link) of the default-members: the libraries + the blinky example
# (blinky links via hisi-riscv-rt's exported linker scripts). The experimental
# flashboot binary is excluded from the default build. No `|| true` masking.
- name: Build default members (release, links blinky)
run: cargo build --release
# ── Clippy (gating) ─────────────────────────────────────────────
clippy:
name: Clippy
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
with:
submodules: recursive
- name: Install hisi-riscv toolchain
run: bash .github/scripts/install-toolchain.sh
- uses: actions/cache@v5
with:
# NOTE: do NOT cache target/ — it is built by the custom `hisi-riscv` rustc whose
# strict-version-hash differs from any other 1.96.0; a stale target/ from a
# different toolchain causes E0463 "can't find crate". Registry/git caches are
# toolchain-agnostic (just crate sources) and safe.
path: |
~/.cargo/registry/
~/.cargo/git/
key: ${{ runner.os }}-cargo-ws63-${{ hashFiles('**/Cargo.lock') }}
restore-keys: ${{ runner.os }}-cargo-ws63-
# Gating: no `continue-on-error`, no `| head` (which would swallow the exit code).
# ws63-flashboot is now clippy-clean too (was excluded as experimental), so the
# whole workspace is gated.
- name: Run clippy
run: cargo clippy --workspace -- -D warnings
# ── Format check ────────────────────────────────────────────────
fmt:
name: Rustfmt
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
with:
submodules: recursive
- name: Install hisi-riscv toolchain
run: bash .github/scripts/install-toolchain.sh
- name: Check formatting
run: cargo fmt --all -- --check
# ── Host unit tests ─────────────────────────────────────────────
# hisi-riscv-hal's riscv CSR asm is cfg-gated to riscv32 (host gets no-op stubs), and
# ws63-pac's riscv coupling is gated too, so the crate compiles for x86 and the
# pure-logic unit tests (encoding, tick math, proptests) actually run. Uses the
# stable toolchain on the host target (RUSTUP_TOOLCHAIN overrides the hisi-riscv pin in
# rust-toolchain.toml; --target overrides the riscv32 default in .cargo/config.toml).
host-test:
name: Host unit tests
runs-on: ubuntu-latest
env:
RUSTUP_TOOLCHAIN: stable
steps:
- uses: actions/checkout@v6
with:
submodules: recursive
# The HAL has NO default chip (esp-hal style, 0.5.0) and its `default` pulls
# `rt`, so a bare `cargo test -p hisi-riscv-hal` resolves with no chip and every
# `soc::pac` reference vanishes. Select `chip-ws63` explicitly (mirrors the HAL's
# `just test` recipe): 309 unit/property tests + the doctests run on the host.
- name: Run host unit tests (x86_64)
run: cargo test -p hisi-riscv-hal --no-default-features --features chip-ws63 --target x86_64-unknown-linux-gnu
# ── Dependency audit (advisory) ─────────────────────────────────
audit:
name: Security Audit
runs-on: ubuntu-latest
continue-on-error: true
# rustsec/audit-check posts results as a check-run/annotations; needs checks: write
# (default token is read-only here → "Resource not accessible by integration").
permissions:
contents: read
checks: write
steps:
- uses: actions/checkout@v6
with:
submodules: recursive
# rust-toolchain.toml pins hisi-riscv, so the cargo shim refuses to run until it's
# installed (even though cargo-audit only parses Cargo.lock).
- name: Install hisi-riscv toolchain
run: bash .github/scripts/install-toolchain.sh
# rustsec/audit-check has no Node 24 release; use cargo-audit directly via
# taiki-e/install-action (composite, Node-24 era) which fetches a prebuilt
# binary. cargo-audit just parses Cargo.lock + the advisory DB.
- name: Install cargo-audit
uses: taiki-e/install-action@v2
with:
tool: cargo-audit
- name: Run cargo audit
run: cargo audit