chore(ci): move clippy + test from PR-time CI to release pipeline (#21) #31
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # PR / push CI for lightweight quality gates. Runs cargo-deny (license / | |
| # advisory) and cargo-fmt on every touched-Rust change so formatting drift and | |
| # license issues are caught at PR time. | |
| # | |
| # Clippy and cargo-test used to run here as `clippy + test (macOS ARM64)` on | |
| # the self-hosted Apple Silicon runner, but each run consumed ~15 minutes of | |
| # that single shared runner per PR push. Those gates were moved to the release | |
| # workflow (`release.yml::build-macos`), which now runs fmt/clippy/test before | |
| # producing signed artifacts. Local developers should run `make verify` (or | |
| # `make verify-clean` for a cache-clear pass) before pushing to catch | |
| # regressions that release-time CI will otherwise surface. | |
| # | |
| # Note on CUDA gating: CUDA verification stays exclusive to release.yml because | |
| # it requires a Linux self-hosted runner (currently only the GB10 node used for | |
| # release builds). Adding a PR-level CUDA gate would double runner cost for | |
| # limited additional safety on PRs that don't touch CUDA-specific code paths. | |
| name: CI | |
| on: | |
| push: | |
| branches: [main] | |
| pull_request: | |
| branches: [main] | |
| permissions: | |
| contents: read | |
| jobs: | |
| changes: | |
| name: Detect changes | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| pull-requests: read | |
| outputs: | |
| rust: ${{ steps.filter.outputs.rust }} | |
| steps: | |
| - uses: actions/checkout@v6 | |
| with: | |
| persist-credentials: false | |
| - uses: dorny/paths-filter@v4 | |
| id: filter | |
| with: | |
| filters: | | |
| rust: | |
| - '**/*.rs' | |
| - '**/Cargo.toml' | |
| - 'Cargo.lock' | |
| - 'deny.toml' | |
| - '.github/workflows/ci.yml' | |
| deny: | |
| name: cargo-deny | |
| needs: changes | |
| if: needs.changes.outputs.rust == 'true' | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| steps: | |
| - uses: actions/checkout@v6 | |
| with: | |
| persist-credentials: false | |
| - uses: EmbarkStudios/cargo-deny-action@v2 | |
| with: | |
| command: check | |
| log-level: warn | |
| fmt: | |
| name: cargo-fmt | |
| needs: changes | |
| if: needs.changes.outputs.rust == 'true' | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| steps: | |
| - uses: actions/checkout@v6 | |
| with: | |
| persist-credentials: false | |
| - uses: dtolnay/rust-toolchain@stable | |
| with: | |
| components: rustfmt | |
| - run: cargo fmt --all -- --check | |