Prepare nightly release #4135
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| workflow_dispatch: | |
| pull_request: | |
| types: | |
| - opened | |
| - reopened | |
| - synchronize | |
| - labeled | |
| push: | |
| branches: | |
| - main | |
| - nightly | |
| schedule: | |
| - cron: "0 18 * * 1,4,6" # 1800 UTC every Monday, Thursday, Saturday | |
| jobs: | |
| tests: | |
| name: Unit tests | |
| if: | | |
| github.event_name != 'pull_request' || | |
| github.event.pull_request.author_association == 'COLLABORATOR' || | |
| github.event.pull_request.author_association == 'MEMBER' || | |
| github.event.pull_request.user.login == 'dependabot[bot]' || | |
| contains(github.event.pull_request.labels.*.name, 'safe to test') | |
| runs-on: ${{ matrix.os }} | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| os: [windows-latest, macos-latest, ubuntu-latest] | |
| rust_version: [stable, 1.81.0] | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Install Rust toolchain | |
| uses: dtolnay/rust-toolchain@master | |
| with: | |
| toolchain: ${{ matrix.rust_version }} | |
| components: llvm-tools-preview | |
| - name: Cache Rust dependencies | |
| uses: Swatinem/rust-cache@v2 | |
| - name: Install cargo-llvm-cov | |
| uses: taiki-e/install-action@cargo-llvm-cov | |
| - name: Generate code coverage | |
| env: | |
| RUST_BACKTRACE: "1" | |
| run: cargo llvm-cov --lib --all-features --lcov --output-path lcov.info | |
| # Tokens aren't available for PRs originating from forks, | |
| # so we don't attempt to upload code coverage in that case. | |
| - name: Upload code coverage results | |
| if: | | |
| github.event_name != 'pull_request' || | |
| github.event.pull_request.author_association == 'COLLABORATOR' || | |
| github.event.pull_request.author_association == 'MEMBER' || | |
| github.event.pull_request.user.login == 'dependabot[bot]' | |
| uses: codecov/codecov-action@v5 | |
| with: | |
| token: ${{ secrets.CODECOV_TOKEN }} | |
| fail_ci_if_error: true | |
| verbose: true | |
| tests-cli: | |
| name: Unit tests (c2patool) | |
| if: | | |
| github.event_name != 'pull_request' || | |
| github.event.pull_request.author_association == 'COLLABORATOR' || | |
| github.event.pull_request.author_association == 'MEMBER' || | |
| github.event.pull_request.user.login == 'dependabot[bot]' || | |
| contains(github.event.pull_request.labels.*.name, 'safe to test') | |
| runs-on: ${{ matrix.os }} | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| os: [windows-latest, macos-latest, ubuntu-latest] | |
| rust_version: [stable] | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Install Rust toolchain | |
| uses: dtolnay/rust-toolchain@master | |
| with: | |
| toolchain: ${{ matrix.rust_version }} | |
| components: llvm-tools-preview | |
| - name: Cache Rust dependencies | |
| uses: Swatinem/rust-cache@v2 | |
| - name: Install cargo-llvm-cov | |
| uses: taiki-e/install-action@cargo-llvm-cov | |
| - name: Generate code coverage | |
| env: | |
| RUST_BACKTRACE: "1" | |
| run: cargo llvm-cov --bins --all-features --lcov --output-path lcov.info | |
| # Tokens aren't available for PRs originating from forks, | |
| # so we don't attempt to upload code coverage in that case. | |
| - name: Upload code coverage results | |
| if: | | |
| github.event_name != 'pull_request' || | |
| github.event.pull_request.author_association == 'COLLABORATOR' || | |
| github.event.pull_request.author_association == 'MEMBER' || | |
| github.event.pull_request.user.login == 'dependabot[bot]' | |
| uses: codecov/codecov-action@v5 | |
| with: | |
| token: ${{ secrets.CODECOV_TOKEN }} | |
| fail_ci_if_error: true | |
| verbose: true | |
| doc-tests: | |
| name: Doc tests (requires nightly Rust) | |
| # TODO: Remove this once cargo-llvm-cov can run doc tests and generate | |
| # coverage. (This requires a bug fix that is only available in nightly Rust.) | |
| # Watch https://github.com/taiki-e/cargo-llvm-cov/issues/2 | |
| # for progress. | |
| if: | | |
| github.event_name != 'pull_request' || | |
| github.event.pull_request.author_association == 'COLLABORATOR' || | |
| github.event.pull_request.author_association == 'MEMBER' || | |
| github.event.pull_request.user.login == 'dependabot[bot]' || | |
| contains(github.event.pull_request.labels.*.name, 'safe to test') | |
| runs-on: ${{ matrix.os }} | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| os: [windows-latest, macos-latest, ubuntu-latest] | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Install Rust toolchain | |
| uses: dtolnay/rust-toolchain@stable | |
| # - name: Install Rust toolchain | |
| # uses: dtolnay/rust-toolchain@nightly | |
| # with: | |
| # components: llvm-tools-preview | |
| - name: Cache Rust dependencies | |
| uses: Swatinem/rust-cache@v2 | |
| - name: Install cargo-llvm-cov | |
| uses: taiki-e/install-action@cargo-llvm-cov | |
| # Disabling code coverage for doc tests due to a new bug in Rust nightly | |
| # as of 2025-01-08. Will investigate later to see if there's a repro case. | |
| # Meanwhile, simply run the tests so we know if there are any failing | |
| # doc tests. | |
| - name: Run doc tests (COVERAGE DISABLED) | |
| run: | |
| cargo test --workspace --all-features --doc | |
| # - name: Generate code coverage | |
| # env: | |
| # RUST_BACKTRACE: "1" | |
| # run: cargo llvm-cov --workspace --all-features --lcov --doctests --output-path lcov.info | |
| # Tokens aren't available for PRs originating from forks, | |
| # so we don't attempt to upload code coverage in that case. | |
| # - name: Upload code coverage results | |
| # if: | | |
| # github.event_name != 'pull_request' || | |
| # github.event.pull_request.author_association == 'COLLABORATOR' || | |
| # github.event.pull_request.author_association == 'MEMBER' || | |
| # github.event.pull_request.user.login == 'dependabot[bot]' | |
| # uses: codecov/codecov-action@v5 | |
| # with: | |
| # token: ${{ secrets.CODECOV_TOKEN }} | |
| # fail_ci_if_error: true | |
| # verbose: true | |
| cargo-check: | |
| name: Default features build | |
| if: | | |
| github.event_name != 'pull_request' || | |
| github.event.pull_request.author_association == 'COLLABORATOR' || | |
| github.event.pull_request.author_association == 'MEMBER' || | |
| github.event.pull_request.user.login == 'dependabot[bot]' || | |
| contains(github.event.pull_request.labels.*.name, 'safe to test') | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Install Rust toolchain | |
| uses: dtolnay/rust-toolchain@stable | |
| - name: Cache Rust dependencies | |
| uses: Swatinem/rust-cache@v2 | |
| - name: "`cargo check` with default features" | |
| run: cargo check | |
| tests-cross: | |
| name: Unit tests | |
| if: | | |
| github.event_name != 'pull_request' || | |
| github.event.pull_request.author_association == 'COLLABORATOR' || | |
| github.event.pull_request.author_association == 'MEMBER' || | |
| github.event.pull_request.user.login == 'dependabot[bot]' || | |
| contains(github.event.pull_request.labels.*.name, 'safe to test') | |
| runs-on: ubuntu-latest | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| target: [aarch64-unknown-linux-gnu] | |
| rust_version: [stable, 1.81.0] | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Install Rust toolchain | |
| uses: dtolnay/rust-toolchain@master | |
| with: | |
| toolchain: ${{ matrix.rust_version }} | |
| targets: ${{ matrix.target }} | |
| - name: Install cross-compilation toolset | |
| run: cargo install cross | |
| - name: Cache Rust dependencies | |
| uses: Swatinem/rust-cache@v2 | |
| # Note that we do not run code coverage because | |
| # it isn't readily accessible from cross-compilation | |
| # environment. (A PR to fix this would be welcomed!) | |
| - name: Run unit tests (cross build) | |
| run: cross test --all-targets --all-features --target ${{ matrix.target }} | |
| tests-wasm: | |
| name: Unit tests (WASM) | |
| if: | | |
| github.event_name != 'pull_request' || | |
| github.event.pull_request.author_association == 'COLLABORATOR' || | |
| github.event.pull_request.author_association == 'MEMBER' || | |
| github.event.pull_request.user.login == 'dependabot[bot]' || | |
| contains(github.event.pull_request.labels.*.name, 'safe to test') | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Install Rust toolchain | |
| uses: dtolnay/rust-toolchain@stable | |
| - name: Install wasm-pack | |
| run: curl https://rustwasm.github.io/wasm-pack/installer/init.sh -sSf | sh | |
| - name: Run Wasm tests (c2pa-crypto) | |
| run: wasm-pack test --chrome --headless | |
| working-directory: ./internal/crypto | |
| - name: Run Wasm tests (c2pa-status-tracker) | |
| run: wasm-pack test --chrome --headless | |
| working-directory: ./internal/status-tracker | |
| - name: Run Wasm tests (c2pa-rs) | |
| run: wasm-pack test --chrome --headless | |
| working-directory: ./sdk | |
| test-direct-minimal-versions: | |
| name: Unit tests with minimum versions of direct dependencies | |
| if: | | |
| github.event_name != 'pull_request' || | |
| github.event.pull_request.author_association == 'COLLABORATOR' || | |
| github.event.pull_request.author_association == 'MEMBER' || | |
| github.event.pull_request.user.login == 'dependabot[bot]' || | |
| contains(github.event.pull_request.labels.*.name, 'safe to test') | |
| runs-on: ${{ matrix.os }} | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| os: [windows-latest, macos-latest, ubuntu-latest] | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Install Rust toolchain | |
| uses: dtolnay/rust-toolchain@nightly | |
| - name: Cache Rust dependencies | |
| uses: Swatinem/rust-cache@v2 | |
| - name: Run tests | |
| run: cargo +nightly test -Z direct-minimal-versions --all-targets --all-features | |
| clippy_check: | |
| name: Clippy | |
| if: | | |
| github.event_name != 'pull_request' || | |
| github.event.pull_request.author_association == 'COLLABORATOR' || | |
| github.event.pull_request.author_association == 'MEMBER' || | |
| github.event.pull_request.user.login == 'dependabot[bot]' || | |
| contains(github.event.pull_request.labels.*.name, 'safe to test') | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Install Rust toolchain | |
| uses: dtolnay/rust-toolchain@stable | |
| with: | |
| components: clippy | |
| - name: Cache Rust dependencies | |
| uses: Swatinem/rust-cache@v2 | |
| - name: Run Clippy | |
| run: cargo clippy --all-features --all-targets -- -Dwarnings | |
| cargo_fmt: | |
| name: Enforce Rust code format | |
| if: | | |
| github.event_name != 'pull_request' || | |
| github.event.pull_request.author_association == 'COLLABORATOR' || | |
| github.event.pull_request.author_association == 'MEMBER' || | |
| github.event.pull_request.user.login == 'dependabot[bot]' || | |
| contains(github.event.pull_request.labels.*.name, 'safe to test') | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Install nightly toolchain | |
| uses: dtolnay/rust-toolchain@nightly | |
| with: | |
| components: rustfmt | |
| - name: Check format | |
| run: cargo +nightly fmt --all -- --check | |
| docs_rs: | |
| name: Preflight docs.rs build | |
| if: | | |
| github.event_name != 'pull_request' || | |
| github.event.pull_request.author_association == 'COLLABORATOR' || | |
| github.event.pull_request.author_association == 'MEMBER' || | |
| github.event.pull_request.user.login == 'dependabot[bot]' || | |
| contains(github.event.pull_request.labels.*.name, 'safe to test') | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Install nightly Rust toolchain | |
| # Nightly is used here because the docs.rs build | |
| # uses nightly and we use doc_cfg features that are | |
| # not in stable Rust as of this writing (Rust 1.81). | |
| uses: dtolnay/rust-toolchain@nightly | |
| - name: Run cargo docs | |
| # This is intended to mimic the docs.rs build | |
| # environment. The goal is to fail PR validation | |
| # if the subsequent release would result in a failed | |
| # documentation build on docs.rs. | |
| run: cargo +nightly doc --workspace --all-features --no-deps | |
| env: | |
| RUSTDOCFLAGS: --cfg docsrs | |
| DOCS_RS: 1 | |
| cargo-deny: | |
| name: License / vulnerability audit | |
| if: | | |
| github.event_name != 'pull_request' || | |
| github.event.pull_request.author_association == 'COLLABORATOR' || | |
| github.event.pull_request.author_association == 'MEMBER' || | |
| github.event.pull_request.user.login == 'dependabot[bot]' || | |
| contains(github.event.pull_request.labels.*.name, 'safe to test') | |
| runs-on: ubuntu-latest | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| checks: | |
| - advisories | |
| - bans licenses sources | |
| # Prevent sudden announcement of a new advisory from failing CI: | |
| continue-on-error: ${{ matrix.checks == 'advisories' }} | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Audit crate dependencies | |
| uses: EmbarkStudios/cargo-deny-action@v2 | |
| with: | |
| command: check ${{ matrix.checks }} | |
| unused_deps: | |
| name: Check for unused dependencies | |
| if: | | |
| github.event_name != 'pull_request' || | |
| github.event.pull_request.author_association == 'COLLABORATOR' || | |
| github.event.pull_request.author_association == 'MEMBER' || | |
| github.event.pull_request.user.login == 'dependabot[bot]' || | |
| contains(github.event.pull_request.labels.*.name, 'safe to test') | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: write | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Install nightly Rust toolchain | |
| uses: dtolnay/rust-toolchain@nightly | |
| - name: Run cargo-udeps | |
| run: | | |
| mv ./.github/temp-bin/cargo-udeps /home/runner/.cargo/bin/cargo-udeps | |
| cargo udeps --all-targets --all-features | |
| # NOTE: Using pre-built binary as a workaround for | |
| # https://github.com/aig787/cargo-udeps-action/issues/6. |