Skip to content

Commit

Permalink
feat: Overhaul CI testing. (#192)
Browse files Browse the repository at this point in the history
This commit does a few things:

- Restructures CI testing files to split out conventional commits checking
  into its own file.
- Updates cargo-dist to the latest version.
- Updates CI testing to be run on a matrix of MacOS, Ubuntu, and Windows.

There's more to do in the future, including making sure our test matrix
matches the host types used for building release artifacts for the CLI,
but this is a good start.

Signed-off-by: Andrew Lilley Brinker <alilleybrinker@gmail.com>
  • Loading branch information
alilleybrinker authored Aug 27, 2024
1 parent f7ab3fd commit 64895fa
Show file tree
Hide file tree
Showing 10 changed files with 179 additions and 132 deletions.
38 changes: 0 additions & 38 deletions .github/workflows/ci.yml

This file was deleted.

17 changes: 17 additions & 0 deletions .github/workflows/commits.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
name: Commit Checks

on:
pull_request:
branches: [main]

permissions:
contents: read

jobs:
conventional-commits:
name: Conventional Commits
runs-on: ubuntu-latest
timeout-minutes: 5
steps:
- uses: actions/checkout@v4
- uses: webiny/action-conventional-commits@v1.3.0
82 changes: 45 additions & 37 deletions .github/workflows/release.yml
Original file line number Diff line number Diff line change
@@ -1,3 +1,5 @@
# This file was autogenerated by cargo-dist: https://opensource.axo.dev/cargo-dist/
#
# Copyright 2022-2024, axodotdev
# SPDX-License-Identifier: MIT or Apache-2.0
#
Expand All @@ -12,11 +14,10 @@
# title/body based on your changelogs.

name: Release

permissions:
contents: write
id-token: write
attestations: write
"attestations": "write"
"contents": "write"
"id-token": "write"

# This task will run whenever you push a git tag that looks like a version
# like "1.0.0", "v0.1.0-prerelease.1", "my-app/0.1.0", "releases/v1.0.0", etc.
Expand Down Expand Up @@ -64,7 +65,12 @@ jobs:
# we specify bash to get pipefail; it guards against the `curl` command
# failing. otherwise `sh` won't catch that `curl` returned non-0
shell: bash
run: "curl --proto '=https' --tlsv1.2 -LsSf https://github.com/axodotdev/cargo-dist/releases/download/v0.16.0/cargo-dist-installer.sh | sh"
run: "curl --proto '=https' --tlsv1.2 -LsSf https://github.com/axodotdev/cargo-dist/releases/download/v0.21.1/cargo-dist-installer.sh | sh"
- name: Cache cargo-dist
uses: actions/upload-artifact@v4
with:
name: cargo-dist-cache
path: ~/.cargo/bin/cargo-dist
# sure would be cool if github gave us proper conditionals...
# so here's a doubly-nested ternary-via-truthiness to try to provide the best possible
# functionality based on whether this is a pull_request, and whether it's from a fork.
Expand Down Expand Up @@ -113,10 +119,6 @@ jobs:
- uses: actions/checkout@v4
with:
submodules: recursive
- uses: swatinem/rust-cache@v2
with:
key: ${{ join(matrix.targets, '-') }}
cache-provider: ${{ matrix.cache_provider }}
- name: Install cargo-dist
run: ${{ matrix.install_dist }}
# Get the dist-manifest
Expand Down Expand Up @@ -172,9 +174,12 @@ jobs:
- uses: actions/checkout@v4
with:
submodules: recursive
- name: Install cargo-dist
shell: bash
run: "curl --proto '=https' --tlsv1.2 -LsSf https://github.com/axodotdev/cargo-dist/releases/download/v0.16.0/cargo-dist-installer.sh | sh"
- name: Install cached cargo-dist
uses: actions/download-artifact@v4
with:
name: cargo-dist-cache
path: ~/.cargo/bin/
- run: chmod +x ~/.cargo/bin/cargo-dist
# Get all the local artifacts for the global tasks to use (for e.g. checksums)
- name: Fetch local artifacts
uses: actions/download-artifact@v4
Expand Down Expand Up @@ -218,16 +223,19 @@ jobs:
- uses: actions/checkout@v4
with:
submodules: recursive
- name: Install cargo-dist
run: "curl --proto '=https' --tlsv1.2 -LsSf https://github.com/axodotdev/cargo-dist/releases/download/v0.16.0/cargo-dist-installer.sh | sh"
- name: Install cached cargo-dist
uses: actions/download-artifact@v4
with:
name: cargo-dist-cache
path: ~/.cargo/bin/
- run: chmod +x ~/.cargo/bin/cargo-dist
# Fetch artifacts from scratch-storage
- name: Fetch artifacts
uses: actions/download-artifact@v4
with:
pattern: artifacts-*
path: target/distrib/
merge-multiple: true
# This is a harmless no-op for GitHub Releases, hosting for that happens in "announce"
- id: host
shell: bash
run: |
Expand All @@ -241,23 +249,7 @@ jobs:
# Overwrite the previous copy
name: artifacts-dist-manifest
path: dist-manifest.json

# Create a GitHub Release while uploading all files to it
announce:
needs:
- plan
- host
# use "always() && ..." to allow us to wait for all publish jobs while
# still allowing individual publish jobs to skip themselves (for prereleases).
# "host" however must run to completion, no skipping allowed!
if: ${{ always() && needs.host.result == 'success' }}
runs-on: "ubuntu-20.04"
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
steps:
- uses: actions/checkout@v4
with:
submodules: recursive
# Create a GitHub Release while uploading all files to it
- name: "Download GitHub Artifacts"
uses: actions/download-artifact@v4
with:
Expand All @@ -270,12 +262,28 @@ jobs:
rm -f artifacts/*-dist-manifest.json
- name: Create GitHub Release
env:
PRERELEASE_FLAG: "${{ fromJson(needs.host.outputs.val).announcement_is_prerelease && '--prerelease' || '' }}"
ANNOUNCEMENT_TITLE: "${{ fromJson(needs.host.outputs.val).announcement_title }}"
ANNOUNCEMENT_BODY: "${{ fromJson(needs.host.outputs.val).announcement_github_body }}"
PRERELEASE_FLAG: "${{ fromJson(steps.host.outputs.manifest).announcement_is_prerelease && '--prerelease' || '' }}"
ANNOUNCEMENT_TITLE: "${{ fromJson(steps.host.outputs.manifest).announcement_title }}"
ANNOUNCEMENT_BODY: "${{ fromJson(steps.host.outputs.manifest).announcement_github_body }}"
RELEASE_COMMIT: "${{ github.sha }}"
run: |
# Write and read notes from a file to avoid quoting breaking things
echo "$ANNOUNCEMENT_BODY" > $RUNNER_TEMP/notes.txt
gh release create "${{ needs.plan.outputs.tag }}" --title "$ANNOUNCEMENT_TITLE" --notes-file "$RUNNER_TEMP/notes.txt" $PRERELEASE_FLAG
gh release upload "${{ needs.plan.outputs.tag }}" artifacts/*
gh release create "${{ needs.plan.outputs.tag }}" --target "$RELEASE_COMMIT" $PRERELEASE_FLAG --title "$ANNOUNCEMENT_TITLE" --notes-file "$RUNNER_TEMP/notes.txt" artifacts/*
announce:
needs:
- plan
- host
# use "always() && ..." to allow us to wait for all publish jobs while
# still allowing individual publish jobs to skip themselves (for prereleases).
# "host" however must run to completion, no skipping allowed!
if: ${{ always() && needs.host.result == 'success' }}
runs-on: "ubuntu-20.04"
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
steps:
- uses: actions/checkout@v4
with:
submodules: recursive
57 changes: 57 additions & 0 deletions .github/workflows/test.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,57 @@
name: Test

# Run on both PRs and pushes to the main branch.
# It may seem redundant to run tests on main, since we disallow pushing directly
# to main and all PRs get tested before merging.
#
# But due to how GitHub Actions isolates caches, we need to run the tests on
# main so that caches are available to new PRs. The caches created when testing
# PR code cannot be re-used outside of testing that PR.
#
# See the GitHub Actions documentation here:
# https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/caching-dependencies-to-speed-up-workflows#restrictions-for-accessing-a-cache
on:
push:
branches: [main]
paths:
- "gitoid/**"
- "omnibor/**"
- "omnibor-cli/**"
- "xtask/**"
pull_request:
branches: [main]
paths:
- "gitoid/**"
- "omnibor/**"
- "omnibor-cli/**"
- "xtask/**"

permissions:
contents: read

env:
RUSTFLAGS: -Dwarnings
CARGO_TERM_COLOR: always

jobs:
test:
strategy:
matrix:
os: [ubuntu-latest, windows-latest, macos-latest]
name: "${{ matrix.os }}"
runs-on: ${{ matrix.os }}
timeout-minutes: 15
steps:
- uses: actions/checkout@v4
- uses: dtolnay/rust-toolchain@stable
- uses: swatinem/rust-cache@v2
with:
key: ${{ matrix.os }}
- name: Dependency Tree
run: cargo tree
- name: Check
run: cargo check --verbose --workspace
- name: Test
run: cargo test --verbose --workspace
- name: Lint
run: cargo clippy --verbose --workspace
14 changes: 5 additions & 9 deletions Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -16,25 +16,21 @@ homepage = "https://omnibor.io"
# Config for 'cargo dist'
[workspace.metadata.dist]
# The preferred cargo-dist version to use in CI (Cargo.toml SemVer syntax)
cargo-dist-version = "0.16.0"
cargo-dist-version = "0.21.1"
# CI backends to support
ci = "github"
# The installers to generate for each app
installers = ["shell", "powershell"]
# Target platforms to build apps for (Rust target-triple syntax)
targets = [
"aarch64-apple-darwin",
"x86_64-apple-darwin",
"x86_64-unknown-linux-gnu",
"x86_64-unknown-linux-musl",
"x86_64-pc-windows-msvc",
]
# Publish jobs to run in CI
targets = ["aarch64-apple-darwin", "x86_64-apple-darwin", "x86_64-unknown-linux-gnu", "x86_64-unknown-linux-musl", "x86_64-pc-windows-msvc"]
# Which actions to run on pull requests
pr-run-mode = "plan"
# Whether to install an updater program
install-updater = false
# Whether to enable GitHub Attestations
github-attestations = true
# Path that installers should place binaries in
install-path = "CARGO_HOME"

# The profile that 'cargo dist' will build with
[profile.dist]
Expand Down
52 changes: 38 additions & 14 deletions gitoid/benches/benchmark.rs
Original file line number Diff line number Diff line change
Expand Up @@ -2,20 +2,20 @@ use criterion::black_box;
use criterion::criterion_group;
use criterion::criterion_main;
use criterion::Criterion;
#[cfg(all(feature = "rustcrypto", feature = "sha1"))]
use gitoid::rustcrypto::Sha1 as RustSha1;
#[cfg(all(feature = "rustcrypto", feature = "sha256"))]
use gitoid::rustcrypto::Sha256 as RustSha256;
use gitoid::Blob;
#[cfg(all(feature = "boringssl", feature = "sha1"))]
use gitoid::boringssl::Sha1 as BoringSha1;
#[cfg(all(feature = "boringssl", feature = "sha256"))]
use gitoid::boringssl::Sha256 as BoringSha256;
use gitoid::GitOid;
#[cfg(all(feature = "openssl", feature = "sha1"))]
use gitoid::openssl::Sha256 as OpenSSLSha256;
#[cfg(all(feature = "openssl", feature = "sha1"))]
use gitoid::openssl::Sha1 as OpenSSLSha1;
#[cfg(all(feature = "openssl", feature = "sha1"))]
use gitoid::openssl::Sha256 as OpenSSLSha256;
#[cfg(all(feature = "rustcrypto", feature = "sha1"))]
use gitoid::rustcrypto::Sha1 as RustSha1;
#[cfg(all(feature = "rustcrypto", feature = "sha256"))]
use gitoid::rustcrypto::Sha256 as RustSha256;
use gitoid::Blob;
use gitoid::GitOid;

#[cfg(not(any(feature = "rustcrypto", feature = "boringssl",)))]
compile_error!(
Expand Down Expand Up @@ -187,20 +187,44 @@ criterion_group!(
#[cfg(all(feature = "rustcrypto", feature = "boringssl", feature = "openssl"))]
criterion_main!(rustcrypto_benches, boringssl_benches, openssl_benches);

#[cfg(all(feature = "rustcrypto", feature = "boringssl", not(feature= "openssl")))]
#[cfg(all(
feature = "rustcrypto",
feature = "boringssl",
not(feature = "openssl")
))]
criterion_main!(rustcrypto_benches, boringssl_benches);

#[cfg(all(not(feature = "rustcrypto"), feature = "boringssl", feature= "openssl"))]
#[cfg(all(
not(feature = "rustcrypto"),
feature = "boringssl",
feature = "openssl"
))]
criterion_main!(boringssl_benches, openssl_benches());

#[cfg(all(feature = "rustcrypto", not(feature = "boringssl"), feature= "openssl"))]
#[cfg(all(
feature = "rustcrypto",
not(feature = "boringssl"),
feature = "openssl"
))]
criterion_main!(rustcrypto_benches, openssl_benches);

#[cfg(all(feature = "rustcrypto", not(feature = "boringssl"), not(feature= "openssl")))]
#[cfg(all(
feature = "rustcrypto",
not(feature = "boringssl"),
not(feature = "openssl")
))]
criterion_main!(rustcrypto_benches);

#[cfg(all(not(feature = "rustcrypto"), feature = "boringssl", not(feature = "openssl")))]
#[cfg(all(
not(feature = "rustcrypto"),
feature = "boringssl",
not(feature = "openssl")
))]
criterion_main!(boringssl_benches);

#[cfg(all(not(feature = "rustcrypto"), not(feature = "boringssl"), feature = "openssl"))]
#[cfg(all(
not(feature = "rustcrypto"),
not(feature = "boringssl"),
feature = "openssl"
))]
criterion_main!(openssl_benches);
2 changes: 1 addition & 1 deletion gitoid/src/backend/openssl.rs
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,6 @@
use crate::impl_hash_algorithm;
use crate::sealed::Sealed;
use crate::HashAlgorithm;
use openssl::sha;
use digest::consts::U20;
use digest::consts::U32;
use digest::generic_array::GenericArray;
Expand All @@ -13,6 +12,7 @@ use digest::HashMarker;
use digest::Output;
use digest::OutputSizeUser;
use digest::Update;
use openssl::sha;

#[cfg(feature = "sha1")]
/// SHA-1 algorithm
Expand Down
Loading

0 comments on commit 64895fa

Please sign in to comment.