name: 'PR Checks'
on:
pull_request:
branches: [ main, prerelease, release/** ]
permissions:
contents: read
jobs:
changes:
name: Detect Changes
runs-on: ubuntu-latest
outputs:
rust: ${{ steps.filter.outputs.rust }}
submodules: ${{ steps.filter.outputs.submodules }}
should_test: ${{ steps.filter.outputs.rust == 'true' || steps.filter.outputs.submodules == 'true' }}
steps:
- uses: actions/checkout@v4
with:
submodules: recursive
- uses: dorny/paths-filter@v3
id: filter
with:
filters: |
rust:
- '**/*.rs'
- '**/*.toml'
- '**/Cargo.lock'
- '**/rust-toolchain'
- '**/.cargo/**'
submodules:
- 'iam-policy-autopilot-policy-generation/resources/config/sdks/boto3/**'
- 'iam-policy-autopilot-policy-generation/resources/config/sdks/botocore-data/**'
test-linux:
name: Test Linux
needs: [changes]
if: needs.changes.outputs.should_test == 'true'
runs-on: ubuntu-latest
permissions:
contents: read
strategy:
matrix:
target: [x86_64-unknown-linux-gnu, aarch64-unknown-linux-gnu]
steps:
- uses: actions/checkout@v4
with:
submodules: recursive
- uses: dtolnay/rust-toolchain@stable
with:
targets: ${{ matrix.target }}
- uses: Swatinem/rust-cache@v2
- name: Install cross-compilation toolchains
if: matrix.target == 'aarch64-unknown-linux-gnu'
run: |
sudo apt-get update
sudo apt-get install -y gcc-aarch64-linux-gnu
echo '[target.aarch64-unknown-linux-gnu]' >> ~/.cargo/config.toml
echo 'linker = "aarch64-linux-gnu-gcc"' >> ~/.cargo/config.toml
- name: Build
run: cargo build --workspace --target ${{ matrix.target }} --verbose --release
- name: Run tests
if: matrix.target == 'x86_64-unknown-linux-gnu'
run: cargo test --workspace --verbose
test-windows:
name: Test Windows
needs: [changes]
if: needs.changes.outputs.should_test == 'true'
runs-on: windows-latest
permissions:
contents: read
strategy:
matrix:
target: [x86_64-pc-windows-msvc, aarch64-pc-windows-msvc]
steps:
- uses: actions/checkout@v4
with:
submodules: recursive
- uses: dtolnay/rust-toolchain@stable
with:
targets: ${{ matrix.target }}
- uses: Swatinem/rust-cache@v2
- name: Build
run: cargo build --workspace --target ${{ matrix.target }} --verbose --release
test-macos:
name: Test macOS
needs: [changes]
if: needs.changes.outputs.should_test == 'true'
runs-on: macos-latest
permissions:
contents: read
strategy:
matrix:
target: [x86_64-apple-darwin, aarch64-apple-darwin]
steps:
- uses: actions/checkout@v4
with:
submodules: recursive
- uses: dtolnay/rust-toolchain@stable
with:
targets: ${{ matrix.target }}
- uses: Swatinem/rust-cache@v2
- name: Build
run: cargo build --workspace --target ${{ matrix.target }} --verbose --release
fmt:
name: Format
needs: [changes]
if: needs.changes.outputs.rust == 'true'
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- uses: actions/checkout@v4
- uses: dtolnay/rust-toolchain@stable
with:
components: rustfmt
- name: Check formatting
run: cargo fmt --all -- --check
clippy:
name: Clippy
needs: [changes]
if: needs.changes.outputs.rust == 'true'
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- uses: actions/checkout@v4
with:
submodules: recursive
- uses: dtolnay/rust-toolchain@stable
with:
components: clippy
- uses: Swatinem/rust-cache@v2
- name: Run clippy
run: cargo clippy --workspace -- -D warnings
custom-lints:
name: Custom Lints (dylint)
needs: [changes]
if: needs.changes.outputs.rust == 'true'
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- uses: actions/checkout@v4
with:
submodules: recursive
- name: Install Rust stable
uses: dtolnay/rust-toolchain@stable
- name: Install Rust nightly
uses: dtolnay/rust-toolchain@nightly
with:
components: rustc-dev, llvm-tools
- uses: Swatinem/rust-cache@v2
with:
cache-directories: |
~/.dylint_drivers
- name: Install dylint
run: cargo install cargo-dylint dylint-link
- name: Run custom lints
run: cargo dylint --all --workspace
# Note: dylint automatically uses the nightly toolchain to build the lint library
# (specified in iam-policy-autopilot-lints/rust-toolchain) and stable to check the workspace
