Skip to content

Commit

Permalink
Enable CI jobs (#16)
Browse files Browse the repository at this point in the history 
* Enable CI jobs

* Fix clippy lints

* Add cargo deny config

* Add license exception for rustls-webpki

* Add cargo deny ban skip exception for socket2

---------

Co-authored-by: Björn Westlin <[email protected]>
  • Loading branch information
@vojd @bwestlin
vojd and bwestlin authored Sep 20, 2023
1 parent 17fa7d6 commit e0299b7
Show file tree
Hide file tree
Showing 3 changed files with 99 additions and 147 deletions.
144 changes: 18 additions & 126 deletions .github/workflows/rust-ci.yml
View file
Original file line number Diff line number Diff line change
@@ -1,12 +1,10 @@
# TODO: Replace this line with the commented ones to actually run the action in your repo(s)
on: public
# on:
# push:
# branches:
# - main
# tags:
# - "*"
# pull_request:
on:
push:
branches:
- main
tags:
- "*"
pull_request:

name: CI
jobs:
Expand Down Expand Up @@ -54,15 +52,13 @@ jobs:
- name: cargo test
run: cargo test --release

# TODO: Remove this check if you don't use cargo-deny in the repo
deny-check:
name: cargo-deny
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: EmbarkStudios/cargo-deny-action@v1

# TODO: Remove this check if you don't publish the crate(s) from this repo
publish-check:
name: Publish Check
runs-on: ubuntu-latest
Expand All @@ -76,123 +72,19 @@ jobs:
- name: cargo publish check
run: cargo publish --dry-run

# TODO: Remove this job if you don't release binaries
# Replace occurances of $BIN_NAME with the name of your binary
release:
name: Release
needs: [test, deny-check]
publish:
name: Publish
needs: [test, deny-check, publish-check]
runs-on: ubuntu-latest
if: startsWith(github.ref, 'refs/tags/')
strategy:
matrix:
os: [ubuntu-latest, macOS-latest, windows-latest]
include:
- os: ubuntu-latest
rust: stable
target: x86_64-unknown-linux-musl
bin: $BIN_NAME
# We don't enable the progress feature when targeting
# musl since there are some dependencies on shared libs
features: ""
- os: windows-latest
rust: stable
target: x86_64-pc-windows-msvc
bin: $BIN_NAME.exe
features: progress
- os: macOS-latest
rust: stable
target: x86_64-apple-darwin
bin: $BIN_NAME
features: progress
runs-on: ${{ matrix.os }}
steps:
- name: Install stable toolchain
uses: actions-rs/toolchain@v1
- uses: actions/checkout@v2
- uses: actions-rs/toolchain@v1
with:
toolchain: ${{ matrix.rust }}
toolchain: stable
override: true
target: ${{ matrix.target }}
- name: Install musl tools
if: matrix.os == 'ubuntu-latest'
run: sudo apt-get install -y musl-tools
- name: Checkout
uses: actions/checkout@v3
- run: cargo fetch --target ${{ matrix.target }}
- name: Release build
shell: bash
run: |
if [ "${{ matrix.features }}" != "" ]; then
cargo build --release --target ${{ matrix.target }} --features ${{ matrix.features }}
else
cargo build --release --target ${{ matrix.target }}
fi
- name: Package
shell: bash
run: |
name=$BIN_NAME
tag=$(git describe --tags --abbrev=0)
release_name="$name-$tag-${{ matrix.target }}"
release_tar="${release_name}.tar.gz"
mkdir "$release_name"
if [ "${{ matrix.target }}" != "x86_64-pc-windows-msvc" ]; then
strip "target/${{ matrix.target }}/release/${{ matrix.bin }}"
fi
cp "target/${{ matrix.target }}/release/${{ matrix.bin }}" "$release_name/"
cp README.md LICENSE-APACHE LICENSE-MIT "$release_name/"
tar czvf "$release_tar" "$release_name"
rm -r "$release_name"
# Windows environments in github actions don't have the gnu coreutils installed,
# which includes the shasum exe, so we just use powershell instead
if [ "${{ matrix.os }}" == "windows-latest" ]; then
echo "(Get-FileHash \"${release_tar}\" -Algorithm SHA256).Hash | Out-File -Encoding ASCII -NoNewline \"${release_tar}.sha256\"" | pwsh -c -
else
echo -n "$(shasum -ba 256 "${release_tar}" | cut -d " " -f 1)" > "${release_tar}.sha256"
fi
- name: Publish
uses: softprops/action-gh-release@v1
with:
draft: true
files: "$BIN_NAME*"
- run: cargo fetch
- name: cargo publish
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

# TODO: Remove this job if you don't publish container images on each release
# TODO: Create a repository on DockerHub with the same name as the GitHub repo
# TODO: Add the new repo to the buildbot group with read & write permissions
# TODO: Add the embarkbot dockerhub password to the repo secrets as DOCKERHUB_PASSWORD
publish-container-images:
name: Publish container images
runs-on: ubuntu-latest
if: startsWith(github.ref, 'refs/tags/')
needs: [test, deny-check]
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Set up QEMU
uses: docker/setup-qemu-action@v1
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- name: Login to Dockerhub
uses: docker/login-action@v1
with:
username: embarkbot
password: ${{ secrets.DOCKERHUB_PASSWORD }}
- name: Docker meta
id: docker_meta
uses: crazy-max/ghaction-docker-meta@v1
with:
images: embarkstudios/${{ github.event.repository.name }}
tag-semver: |
{{version}}
{{major}}.{{minor}}
- name: Build and push
uses: docker/build-push-action@v2
with:
context: .
file: ./Dockerfile
push: true
tags: ${{ steps.docker_meta.outputs.tags }}
labels: ${{ steps.docker_meta.outputs.labels }}
CARGO_REGISTRY_TOKEN: ${{ secrets.CRATES_IO_TOKEN }}
run: cargo publish
71 changes: 71 additions & 0 deletions deny.toml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,71 @@
targets = [
{ triple = "x86_64-unknown-linux-gnu" },
{ triple = "x86_64-unknown-linux-musl" },
{ triple = "x86_64-pc-windows-msvc" },
{ triple = "x86_64-apple-darwin" },
]

[advisories]
unmaintained = "deny"
ignore = []

[bans]
multiple-versions = "deny"
deny = [{ name = "openssl" }, { name = "openssl-sys" }]
skip = [{ name = "socket2" }]
skip-tree = []

[licenses]
unlicensed = "deny"
# We want really high confidence when inferring licenses from text
confidence-threshold = 0.92
allow = ["Apache-2.0", "MIT", "BSD-3-Clause", "Unicode-DFS-2016"]
exceptions = [
{ allow = [
"MPL-2.0",
], name = "webpki-roots" },
{ allow = [
"ISC",
], name = "untrusted" },
{ allow = [
"ISC",
], name = "webpki" },
{ allow = [
"ISC",
], name = "rustls-webpki" },
{ allow = [
"ISC",
"MIT",
"OpenSSL",
], name = "ring" },
{ allow = [
"Zlib",
], name = "tinyvec" },
]

[[licenses.clarify]]
name = "ring"
# SPDX considers OpenSSL to encompass both the OpenSSL and SSLeay licenses
# https://spdx.org/licenses/OpenSSL.html
# ISC - Both BoringSSL and ring use this for their new files
# MIT - "Files in third_party/ have their own licenses, as described therein. The MIT
# license, for third_party/fiat, which, unlike other third_party directories, is
# compiled into non-test libraries, is included below."
# OpenSSL - Obviously
expression = "ISC AND MIT AND OpenSSL"
license-files = [{ path = "LICENSE", hash = 0xbd0eed23 }]

[[licenses.clarify]]
name = "encoding_rs"
expression = "(Apache-2.0 OR MIT) AND BSD-3-Clause"
license-files = [{ path = "COPYRIGHT", hash = 0x39f8ad31 }]

[[licenses.clarify]]
name = "webpki"
expression = "ISC"
license-files = [{ path = "LICENSE", hash = 0x001c7e6c }]

[[licenses.clarify]]
name = "rustls-webpki"
expression = "ISC"
license-files = [{ path = "LICENSE", hash = 0x001c7e6c }]
31 changes: 10 additions & 21 deletions src/client.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -85,7 +85,7 @@ pub fn query_string(api_key: &str, text: &str, method: Method) -> String {
.append_pair("format", "json")
.append_pair("api_key", api_key)
.append_pair("text", text)
.append_pair("method", &method_str)
.append_pair("method", method_str)
.append_pair("semail", "1")
.append_pair("slink", "1")
.append_pair("rsp", "1")
Expand Down Expand Up @@ -241,8 +241,7 @@ where
if !api_response
.rsp
.method
.as_ref()
.map(|s| s.as_str())
.as_deref()
.eq(&Some(method.method_str()))
{
return Err(ResponseError::MisMatchedMethod(
Expand Down Expand Up @@ -346,10 +345,8 @@ mod test {

#[test]
fn check_result_missing_found() -> Result<(), Box<dyn Error>> {
let body = format!("{{\"rsp\":{{\"@attributes\":{{\"stat\":\"ok\",\"rsp\":\"0.0072040557861328\"}},\"method\":\"webpurify.live.check\",\"format\":\"rest\",\"api_key\":\"123\"}}}}");
let response = Response::builder()
.status(StatusCode::OK)
.body(body.as_bytes().to_vec());
let body = b"{{\"rsp\":{{\"@attributes\":{{\"stat\":\"ok\",\"rsp\":\"0.0072040557861328\"}},\"method\":\"webpurify.live.check\",\"format\":\"rest\",\"api_key\":\"123\"}}}}";
let response = Response::builder().status(StatusCode::OK).body(body);
let result = client::profanity_check_result(response?);
assert!(result.is_err());
Ok(())
Expand All @@ -368,9 +365,7 @@ mod test {
#[test]
fn replace_result() -> Result<(), Box<dyn Error>> {
let body = b"{\"rsp\":{\"@attributes\":{\"stat\":\"ok\",\"rsp\":\"0.018898963928223\"},\"method\":\"webpurify.live.replace\",\"format\":\"rest\",\"found\":\"3\",\"text\":\"foo\",\"api_key\":\"123\"}}";
let response = Response::builder()
.status(StatusCode::OK)
.body((*body).into_iter().collect::<Vec<_>>())?;
let response = Response::builder().status(StatusCode::OK).body(body)?;
let result = client::profanity_replace_result(response)?;

assert_eq!(result, "foo".to_owned());
Expand All @@ -380,9 +375,7 @@ mod test {
#[test]
fn replace_result_missing_found() -> Result<(), Box<dyn Error>> {
let body = b"{\"rsp\":{\"@attributes\":{\"stat\":\"ok\",\"rsp\":\"0.018898963928223\"},\"method\":\"webpurify.live.replace\",\"format\":\"rest\",\"text\":\"foo\",\"api_key\":\"123\"}}";
let response = Response::builder()
.status(StatusCode::OK)
.body((*body).into_iter().collect::<Vec<_>>())?;
let response = Response::builder().status(StatusCode::OK).body(body)?;
let result = client::profanity_replace_result(response)?;

assert_eq!(result, "foo".to_owned());
Expand Down Expand Up @@ -412,7 +405,7 @@ mod test {
),
] {
let result = client::profanity_replace_result(response(code)?);
let result_err = result.err().expect("Expected error");
let result_err = result.expect_err("Expected error");
assert!(
std::mem::discriminant(&result_err) == std::mem::discriminant(&err),
"Expected error: {:?} but got: {:?}",
Expand All @@ -427,18 +420,14 @@ mod test {
#[test]
fn mismatched_response_methods() -> Result<(), Box<dyn Error>> {
// Check treated as replace result
let body = format!("{{\"rsp\":{{\"@attributes\":{{\"stat\":\"ok\",\"rsp\":\"0.0072040557861328\"}},\"method\":\"webpurify.live.check\",\"format\":\"rest\",\"found\":\"1\",\"api_key\":\"123\"}}}}");
let response = Response::builder()
.status(StatusCode::OK)
.body(body.as_bytes().to_vec());
let body = b"{{\"rsp\":{{\"@attributes\":{{\"stat\":\"ok\",\"rsp\":\"0.0072040557861328\"}},\"method\":\"webpurify.live.check\",\"format\":\"rest\",\"found\":\"1\",\"api_key\":\"123\"}}}}";
let response = Response::builder().status(StatusCode::OK).body(body);
let result = client::profanity_replace_result(response?);
assert!(result.is_err());

// Replace treated as check result
let body = b"{\"rsp\":{\"@attributes\":{\"stat\":\"ok\",\"rsp\":\"0.018898963928223\"},\"method\":\"webpurify.live.replace\",\"format\":\"rest\",\"found\":\"3\",\"text\":\"foo\",\"api_key\":\"123\"}}";
let response = Response::builder()
.status(StatusCode::OK)
.body((*body).into_iter().collect::<Vec<_>>())?;
let response = Response::builder().status(StatusCode::OK).body(body)?;
let result = client::profanity_check_result(response);
assert!(result.is_err());

Expand Down

0 comments on commit e0299b7

Please sign in to comment.