Skip to content

Fixes for TREB-761

Fixes for TREB-761 #75

Workflow file for this run

name: Pull Request
on:
pull_request:
types:
- opened
- reopened
- synchronize
- closed
push:
tags:
- '*'
jobs:
style:
name: Style
runs-on: ubuntu-latest
container:
image: ghcr.io/tektronix/tsp-toolkit-build:latest
credentials:
username: ${{github.actor}}
password: ${{secrets.GITHUB_TOKEN}}
steps:
- name: Tool Versions
run: cargo fmt --version
- name: Checkout
uses: actions/checkout@v3
- name: Check Style
run: |
git config --global credential.helper store
echo "https://${{vars.SERVICE_ACCOUNT_USER}}:${{secrets.SERVICE_ACCOUNT_PAT}}@github.com" > ~/.git-credentials
cargo fmt --check --verbose
lint:
name: Lint
runs-on: ubuntu-latest
container:
image: ghcr.io/tektronix/tsp-toolkit-build:latest
credentials:
username: ${{github.actor}}
password: ${{secrets.GITHUB_TOKEN}}
steps:
- name: Tool Versions
run: cargo clippy --version
- name: Checkout
uses: actions/checkout@v3
- name: Lint
run: |
git config --global credential.helper store
echo "https://${{vars.SERVICE_ACCOUNT_USER}}:${{secrets.SERVICE_ACCOUNT_PAT}}@github.com" > ~/.git-credentials
cargo clippy
sbom:
name: Generate CycloneDX
runs-on: ubuntu-latest
container:
image: ghcr.io/tektronix/tsp-toolkit-build:latest
credentials:
username: ${{github.actor}}
password: ${{secrets.GITHUB_TOKEN}}
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Install Tools
run: |
npm ci --devDependencies
- name: Generate Rust BOM
run: |
git config --global credential.helper store
echo "https://${{vars.SERVICE_ACCOUNT_USER}}:${{secrets.SERVICE_ACCOUNT_PAT}}@github.com" > ~/.git-credentials
cargo cyclonedx --format json --all --describe crate -vvv
- name: Generate NPM BOM
run: npx @cyclonedx/cyclonedx-npm --output-format JSON --package-lock-only --output-reproducible --output-file npm.cdx.json
- name: Upload Results
uses: actions/upload-artifact@v3
with:
name: software-bom
path: |
**/*.cdx.json
test:
name: Test
runs-on: ubuntu-latest
container:
image: ghcr.io/tektronix/tsp-toolkit-build:latest
credentials:
username: ${{github.actor}}
password: ${{secrets.GITHUB_TOKEN}}
env:
CARGO_HOME: ".cargo"
RUSTFLAGS: "-Cinstrument-coverage"
TEST_DIR: "test-results"
LLVM_PROFILE_FILE: "../test-results/%p-%m.profraw"
steps:
- name: Tool Versions
run: |
cargo --version
grcov --version
- name: Checkout
uses: actions/checkout@v3
- name: Prebuild
run: |
git config --global credential.helper store
echo "https://${{vars.SERVICE_ACCOUNT_USER}}:${{secrets.SERVICE_ACCOUNT_PAT}}@github.com" > ~/.git-credentials
mkdir -p ${{env.CARGO_HOME}}; cargo build --tests
- name: Run Tests
run: |
git config --global credential.helper store
echo "https://${{vars.SERVICE_ACCOUNT_USER}}:${{secrets.SERVICE_ACCOUNT_PAT}}@github.com" > ~/.git-credentials
mkdir -p "${{env.TEST_DIR}}"
cargo test --all -- -Z unstable-options --format json --report-time > ${{env.TEST_DIR}}/cargo_test.json
- name: Process Test Results
run: |
cat ${{env.TEST_DIR}}/cargo_test.json | cargo2junit > ${{env.TEST_DIR}}/report.xml
grcov ${{env.TEST_DIR}} --binary-path target/debug -s . -o "${{env.TEST_DIR}}" --ignore-not-existing --ignore '.cargo/*' --output-types cobertura
- name: Upload Results
uses: actions/upload-artifact@v3
if: ${{always()}}
with:
name: unit-test-report
path: |
${{env.TEST_DIR}}
code_coverage:
name: Code Coverage
runs-on: ubuntu-latest
needs: test
steps:
- name: Download Test Results
uses: actions/download-artifact@v3
with:
name: unit-test-report
path: test-results
- name: Display structure of downloaded files
run: ls -R
- name: Code Coverage Report
uses: irongut/[email protected]
continue-on-error: true
with:
filename: test-results/cobertura.xml
badge: true
format: markdown
hide_branch_rate: true
hide_complexity: true
indicators: true
output: both
thresholds: "30 50"
- name: Add Coverage PR Comment
uses: marocchino/sticky-pull-request-comment@v2
continue-on-error: true
if: github.event_name == 'pull_request'
with:
header: Test Coverage
path: code-coverage-results.md
build:
name: Build
strategy:
matrix:
target_triple:
- x86_64-pc-windows-gnu
- x86_64-unknown-linux-gnu
runs-on: ubuntu-latest
container:
image: ghcr.io/tektronix/tsp-toolkit-build:latest
credentials:
username: ${{github.actor}}
password: ${{secrets.GITHUB_TOKEN}}
steps:
- name: Tool Versions
run: rustc --version
- name: Checkout
uses: actions/checkout@v3
- name: Build
run: |
git config --global credential.helper store
echo "https://${{vars.SERVICE_ACCOUNT_USER}}:${{secrets.SERVICE_ACCOUNT_PAT}}@github.com" > ~/.git-credentials
cargo build --target "${{matrix.target_triple}}" --release
- name: Upload Artifacts
uses: actions/upload-artifact@v3
with:
name: executable
path: |
target/${{matrix.target_triple}}/release/kic*
!target/${{matrix.target_triple}}/**/*.d
!target/${{matrix.target_triple}}/**/*.rlib
package:
name: Package
runs-on: ubuntu-latest
needs: build
container:
image: ghcr.io/tektronix/tsp-toolkit-build:latest
credentials:
username: ${{github.actor}}
password: ${{secrets.GITHUB_TOKEN}}
steps:
- name: Update ClamAV
run: freshclam
- name: Tool Versions
run: |
npm --version
clamscan -V
- name: Checkout
uses: actions/checkout@v3
with:
#set-safe-directory: "${{github.workspace}}"
fetch-depth: 0
fetch-tags: true
- name: Get Artifacts
uses: actions/download-artifact@v3
with:
name: executable
path: target/
- name: Get Tagged Version
id: lasttag
run: |
git config --global --add safe.directory "$PWD"
COMMIT="${{github.sha}}"
if ${{contains(github.head_ref, 'release')}}; then
V="${{github.head_ref}}"
V="${V#release/}"
else
V="$(cargo metadata --format-version=1 --no-deps | jq '.packages[0].version')"
echo "Extracted version: $V"
V="$(echo "v${V}" | sed 's/\"//g')"
echo "Cleaned up version: $V"
fi
# Check to see if the version tag already exists
# If it does, print a message and exit with an error code
if [ $(git tag --list "$V") ]; then
echo "Version tag already exists. Did you bump the version number?"
exit 1
fi
# Create an RC release if
# 1) This PR is a release branch that hasn't been merged to main.
# 2) This is a feature branch being merged into the main branch.
if ${{(! github.event.pull_request.merged && contains(github.head_ref, 'release/')) || (github.event.pull_request.merged && !contains(github.head_ref, 'release/'))}}; then
V="${V}-$(git tag --list ${V}* | wc -l)"
echo "RC Version: $V"
fi
CL=${V#v}
CL=${CL%-*}
echo "version=${V}" >> $GITHUB_OUTPUT
echo "cl_version=${CL}" >> $GITHUB_OUTPUT
echo "commit=${COMMIT}" >> $GITHUB_OUTPUT
npm version --no-git-tag-version "${V}" || true
- name: Move Packages
run: |
mkdir -p bin
for f in target/*; do cp "$f" bin; done;
- name: Run ClamAV
run: clamscan -v bin/*
- name: npm Package
run: npm pack
- name: Upload Artifacts
uses: actions/upload-artifact@v3
with:
name: package
path: ./*.tgz
publish:
name: Publish
if: ${{ endsWith(github.base_ref, 'main') && (contains(github.head_ref, 'release/') || github.event.pull_request.merged) }}
needs:
- build
- lint
- style
- test
- code_coverage
- package
- sbom
runs-on: ubuntu-latest
container:
image: ghcr.io/tektronix/tsp-toolkit-build:latest
credentials:
username: ${{github.actor}}
password: ${{secrets.GITHUB_TOKEN}}
#https://github.com/actions/runner/issues/2033#issuecomment-1598547465
options: --user 1001
steps:
- name: Tool Versions
run: npm --version
- uses: actions/setup-node@v3
with:
node-version: '20.x'
registry-url: 'https://npm.pkg.github.com'
scope: '@tektronix'
- name: Checkout
uses: actions/checkout@v3
- name: Get Artifacts
uses: actions/download-artifact@v3
with:
name: package
- name: publish package
run: |
npm publish *.tgz
env:
NODE_AUTH_TOKEN: ${{secrets.GITHUB_TOKEN}}
release:
name: Release
runs-on: ubuntu-latest
permissions:
contents: write
checks: write
pull-requests: read
needs:
- build
- lint
- style
- test
- code_coverage
- package
- sbom
if: ${{ endsWith(github.base_ref, 'main') && (contains(github.head_ref, 'release/') || github.event.pull_request.merged) }}
steps:
- name: Checkout
uses: actions/checkout@v3
with:
fetch-depth: 0
fetch-tags: true
- name: Get Tagged Version
id: lasttag
run: |
git config --global --add safe.directory "$PWD"
COMMIT="${{github.sha}}"
if ${{contains(github.head_ref, 'release')}}; then
V="${{github.head_ref}}"
V="${V#release/}"
else
V="$(cargo metadata --format-version=1 --no-deps | jq '.packages[0].version')"
echo "Extracted version: $V"
V="$(echo "v${V}" | sed 's/\"//g')"
echo "Cleaned up version: $V"
fi
# Check to see if the version tag already exists
# If it does, print a message and exit with an error code
if [ $(git tag --list "$V") ]; then
echo "Version tag already exists. Did you bump the version number?"
exit 1
fi
# Create an RC release if
# 1) This PR is a release branch that hasn't been merged to main.
# 2) This is a feature branch being merged into the main branch.
if ${{(! github.event.pull_request.merged && contains(github.head_ref, 'release/')) || (github.event.pull_request.merged && !contains(github.head_ref, 'release/'))}}; then
V="${V}-$(git tag --list ${V}* | wc -l)"
echo "RC Version: $V"
fi
CL=${V#v}
CL=${CL%-*}
echo "version=${V}" >> $GITHUB_OUTPUT
echo "cl_version=${CL}" >> $GITHUB_OUTPUT
echo "commit=${COMMIT}" >> $GITHUB_OUTPUT
- run: 'git tag --list ${V}*'
- name: Get Artifacts
uses: actions/download-artifact@v3
with:
name: executable
path: target
- name: Get SBOM
uses: actions/download-artifact@v3
with:
name: software-bom
path: sbom
- name: Get Changelog for this Tag
id: changelog
uses: coditory/changelog-parser@v1
with:
version: ${{steps.lasttag.outputs.cl_version}}
- name: Create Release
uses: ncipollo/release-action@v1
with:
name: ${{steps.lasttag.outputs.version}}
artifacts: target/*,sbom/**/*
body: |
## Features Requests / Bugs
If you find issues or have a feature request, please enter a [new issue on GitHub](${{github.server_url}}/${{github.repository}}/issues/new).
## Installation
View the installation instructions in the [README](${{github.server_url}}/${{github.repository}}/blob/main/README.md)
## Changelog
${{steps.changelog.outputs.description}}
prerelease: ${{(! github.event.pull_request.merged) || (github.event.pull_request.merged && ! contains(github.head_ref, 'release/'))}}
commit: ${{steps.lasttag.outputs.commit}}
makeLatest: true
tag: ${{steps.lasttag.outputs.version}}