refactor: Cleanup types split (#1717) #4613
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| name: Linters | |
| permissions: | |
| contents: read | |
| on: | |
| push: | |
| branches: ["main" ] | |
| pull_request: | |
| branches: ["main" ] | |
| paths: | |
| - 'Cargo.toml' | |
| - 'Cargo.lock' | |
| - '.github/workflows/linters.yml' | |
| - 'auth-*/**' | |
| - 'cli-*/**' | |
| - 'openstack_cli/**' | |
| - 'openstack_sdk/**' | |
| - 'openstack_tui/**' | |
| - 'openstack_types/**' | |
| - 'sdk-*/**' | |
| - 'fuzz/**' | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }} | |
| cancel-in-progress: true | |
| env: | |
| CARGO_TERM_COLOR: always | |
| jobs: | |
| rustfmt: | |
| name: Run rustfmt on the latest supported toolchain | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0 | |
| with: | |
| egress-policy: audit | |
| - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 | |
| - name: Install Rust | |
| uses: dtolnay/rust-toolchain@6d653acede28d24f02e3cd41383119e8b1b35921 # stable | |
| with: | |
| toolchain: stable | |
| components: rustfmt | |
| - name: Run rustfmt | |
| run: cargo fmt -- --check | |
| clippy: | |
| name: Run clippy on the minimum supported toolchain | |
| runs-on: ubuntu-latest | |
| # reduce job-level privileges so this job can run for forked PRs without requiring maintainer approval | |
| permissions: | |
| contents: read | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0 | |
| with: | |
| egress-policy: audit | |
| - name: Install dependencies | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y libudev-dev | |
| - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 | |
| with: | |
| ref: ${{ github.event.pull_request.head.sha }} | |
| persist-credentials: false | |
| - name: Ensure bash is installed | |
| run: sudo apt-get update && sudo apt-get install -y bash | |
| - name: Install Rust | |
| uses: dtolnay/rust-toolchain@6d653acede28d24f02e3cd41383119e8b1b35921 # stable | |
| with: | |
| toolchain: stable | |
| components: rustfmt, clippy | |
| - name: Install cargo-binstall | |
| uses: taiki-e/install-action@f37a1e4d34f3e1c6a571e294b0258f2805eab48d # v2.58.4 | |
| with: | |
| tool: cargo-binstall | |
| - name: Install required cargo | |
| run: cargo binstall clippy-sarif sarif-fmt --force | |
| - name: Run rust-clippy | |
| run: | |
| cargo clippy | |
| --lib --tests | |
| --all-features | |
| --message-format=json | ${CARGO_HOME}/bin/clippy-sarif | tee rust-clippy-results.sarif | ${CARGO_HOME}/bin/sarif-fmt | |
| - name: Upload SARIF as artifact (so a separate, trusted job can upload to GitHub) | |
| uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 | |
| with: | |
| name: rust-clippy-results | |
| path: rust-clippy-results.sarif | |
| upload-sarif: | |
| name: Upload CodeQL results | |
| needs: clippy | |
| runs-on: ubuntu-latest | |
| # grant the write permission only to this job (trusted execution) | |
| permissions: | |
| contents: read | |
| security-events: write | |
| # Only run the upload step for trusted contexts: | |
| # - pushes (e.g. push to main) | |
| # - pull requests whose head repo is not a fork (i.e. runs from trusted repository) | |
| if: ${{ github.event_name == 'push' || (github.event_name == 'pull_request' && github.event.pull_request.head.repo.fork == false) }} | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0 | |
| with: | |
| egress-policy: audit | |
| - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 | |
| - name: Download SARIF artifact | |
| uses: actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 # v8.0.0 | |
| with: | |
| name: rust-clippy-results | |
| path: . | |
| - name: Upload analysis results to GitHub | |
| uses: github/codeql-action/upload-sarif@6bc82e05fd0ea64601dd4b465378bbcf57de0314 # v4.32.1 | |
| with: | |
| sarif_file: rust-clippy-results.sarif | |
| wait-for-processing: true | |
| typos: | |
| name: Spell Check with Typos | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0 | |
| with: | |
| egress-policy: audit | |
| - name: Checkout Actions Repository | |
| uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 | |
| - name: Check for typos | |
| uses: crate-ci/typos@631208b7aac2daa8b707f55e7331f9112b0e062d # v1.44.0 | |
| with: | |
| config: typos.toml |