ci: ensure code coverage never fails the CI pipeline #92
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| push: | |
| branches: [ main, develop ] | |
| paths: | |
| - '**.rs' | |
| - 'Cargo.toml' | |
| - 'Cargo.lock' | |
| - '.github/workflows/ci.yml' | |
| pull_request: | |
| branches: [ main, develop ] | |
| paths: | |
| - '**.rs' | |
| - 'Cargo.toml' | |
| - 'Cargo.lock' | |
| - '.github/workflows/ci.yml' | |
| env: | |
| CARGO_TERM_COLOR: always | |
| jobs: | |
| lint: | |
| name: Lint with prek | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Install Rust | |
| uses: dtolnay/rust-toolchain@stable | |
| with: | |
| components: rustfmt, clippy | |
| - name: Rust Cache | |
| uses: Swatinem/rust-cache@v2 | |
| - name: Cache prek binary | |
| id: cache-prek | |
| uses: actions/cache@v4 | |
| with: | |
| path: ~/.local/bin/prek | |
| key: prek-${{ runner.os }}-latest | |
| - name: Install prek | |
| if: steps.cache-prek.outputs.cache-hit != 'true' | |
| run: | | |
| curl -LsSf https://github.com/j178/prek/releases/latest/download/prek-installer.sh | sh | |
| - name: Add prek to PATH | |
| run: echo "$HOME/.local/bin" >> $GITHUB_PATH | |
| - name: Run prek | |
| run: prek run --all-files | |
| test: | |
| name: Test | |
| runs-on: ${{ matrix.os }} | |
| strategy: | |
| matrix: | |
| os: [ubuntu-latest, macos-latest, windows-latest] | |
| rust: [stable] | |
| include: | |
| # Only run on Linux for PR, all platforms for push to main | |
| - os: ubuntu-latest | |
| rust: stable | |
| steps: | |
| - uses: actions/checkout@v4 | |
| # Skip macOS and Windows tests on pull requests | |
| - name: Check if should run | |
| id: should-run | |
| run: | | |
| if [ "${{ github.event_name }}" = "pull_request" ] && [ "${{ matrix.os }}" != "ubuntu-latest" ]; then | |
| echo "skip=true" >> $GITHUB_OUTPUT | |
| else | |
| echo "skip=false" >> $GITHUB_OUTPUT | |
| fi | |
| shell: bash | |
| - name: Install Rust | |
| if: steps.should-run.outputs.skip != 'true' | |
| uses: dtolnay/rust-toolchain@stable | |
| - name: Rust Cache | |
| if: steps.should-run.outputs.skip != 'true' | |
| uses: Swatinem/rust-cache@v2 | |
| with: | |
| shared-key: ${{ matrix.os }}-${{ matrix.rust }} | |
| - name: Build | |
| if: steps.should-run.outputs.skip != 'true' | |
| run: cargo build --verbose | |
| - name: Run tests | |
| if: steps.should-run.outputs.skip != 'true' | |
| run: cargo test --verbose | |
| coverage: | |
| name: Code Coverage | |
| runs-on: ubuntu-latest | |
| # Only run coverage on push to main branch | |
| if: github.event_name == 'push' && github.ref == 'refs/heads/main' | |
| continue-on-error: true | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Install Rust | |
| uses: dtolnay/rust-toolchain@stable | |
| - name: Rust Cache | |
| uses: Swatinem/rust-cache@v2 | |
| - name: Cache tarpaulin binary | |
| id: cache-tarpaulin | |
| uses: actions/cache@v4 | |
| with: | |
| path: ~/.cargo/bin/cargo-tarpaulin | |
| key: tarpaulin-${{ runner.os }}-0.31.2 | |
| - name: Install tarpaulin | |
| if: steps.cache-tarpaulin.outputs.cache-hit != 'true' | |
| run: cargo install cargo-tarpaulin --version 0.31.2 | |
| - name: Run tarpaulin | |
| continue-on-error: true | |
| run: cargo tarpaulin --verbose --all-features --workspace --timeout 300 --out xml | |
| - name: Upload to codecov.io | |
| if: always() | |
| continue-on-error: true | |
| uses: codecov/codecov-action@v4 | |
| with: | |
| token: ${{ secrets.CODECOV_TOKEN }} | |
| fail_ci_if_error: false | |
| security: | |
| name: Security Audit | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Run cargo audit | |
| uses: rustsec/audit-check@v2 | |
| with: | |
| token: ${{ secrets.GITHUB_TOKEN }} |