Skip to content

ci(deps): bump actions/attest-build-provenance from 1 to 2 #3312

ci(deps): bump actions/attest-build-provenance from 1 to 2

ci(deps): bump actions/attest-build-provenance from 1 to 2 #3312

Workflow file for this run

name: CI
on:
pull_request:
branches:
- 'master'
push:
branches-ignore:
- 'gh-readonly-queue/**'
workflow_dispatch:
merge_group:
types: [checks_requested]
env:
RUSTFLAGS: -Dwarnings
jobs:
build_and_test:
if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name != github.event.pull_request.base.repo.full_name
strategy:
matrix:
os: [ubuntu-latest, macOS-latest, windows-latest]
rustalias: [stable, nightly, msrv]
feature_flag: ["--all-features", "--no-default-features", ""]
include:
- rustalias: stable
rust: stable
- rustalias: msrv
rust: '1.73'
- rustalias: nightly
rust: nightly
name: 'Build and test ${{ matrix.feature_flag }}: ${{ matrix.os }}, ${{ matrix.rustalias }}'
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@master
- name: Install Rust
uses: actions-rs/toolchain@v1
with:
toolchain: ${{ matrix.rust }}
override: true
- name: Check
uses: actions-rs/cargo@v1
with:
command: check
args: --all ${{ matrix.feature_flag }} --bins --examples
- name: Tests
uses: actions-rs/cargo@v1
with:
command: test
args: --all ${{ matrix.feature_flag }}
cargo_fmt:
if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name != github.event.pull_request.base.repo.full_name
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions-rs/toolchain@v1
with:
profile: minimal
toolchain: nightly
override: true
components: rustfmt
- name: fmt
uses: actions-rs/cargo@v1
with:
command: fmt
args: --all -- --check
check_minimal_versions:
if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name != github.event.pull_request.base.repo.full_name
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions-rs/toolchain@v1
with:
profile: minimal
toolchain: nightly
override: true
- name: resolve minimal versions
run: cargo -Z minimal-versions update
- name: check
run: cargo check --all-features
- name: test
run: cargo test --all-features
style_and_docs:
if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name != github.event.pull_request.base.repo.full_name
strategy:
matrix:
feature_flag: ["--all-features", "--no-default-features", ""]
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions-rs/toolchain@v1
with:
profile: minimal
toolchain: nightly
override: true
components: clippy
- name: clippy
uses: actions-rs/cargo@v1
with:
command: clippy
args: --all-targets ${{ matrix.feature_flag }} -- -D warnings
- name: docs
uses: actions-rs/cargo@v1
with:
command: doc
args: --no-deps ${{ matrix.feature_flag }}
fuzz_read:
runs-on: ubuntu-latest
needs:
- build_and_test
- cargo_fmt
- style_and_docs
steps:
- uses: actions/checkout@v4
- uses: actions-rs/toolchain@v1
with:
profile: minimal
toolchain: nightly
override: true
- name: Install afl
uses: actions-rs/cargo@v1
with:
command: install
args: cargo-afl
- name: cargo afl system-config
uses: actions-rs/cargo@v1
with:
command: afl
args: system-config
- name: compile fuzz
uses: actions-rs/cargo@v1
with:
command: afl
args: build --all-features --manifest-path ${{ github.workspace }}/fuzz_read/Cargo.toml
- name: run fuzz
timeout-minutes: 70
uses: actions-rs/cargo@v1
with:
command: afl
args: fuzz -i ${{ github.workspace }}/fuzz_read/in -o out -V 3600 -a binary -- ${{ github.workspace }}/fuzz_read/target/debug/fuzz_read
- name: Minimize corpus
uses: actions-rs/cargo@v1
with:
command: afl
args: cmin -i out/default/queue -o out_cmin -- ${{ github.workspace }}/fuzz_read/target/debug/fuzz_read
- name: Report coverage
uses: actions-rs/cargo@v1
with:
command: afl
args: showmap -C -i out -o map -- ${{ github.workspace }}/fuzz_read/target/debug/fuzz_read
- run: sudo apt install rename
- name: Rename files
run: |
rename 's/:/-/g' map/*
rename 's/:/-/g' out_cmin/*
rename 's/:/-/g' out/default/crashes/*
- name: Upload updated corpus
uses: actions/upload-artifact@v4
with:
name: fuzz_read_corpus
path: out_cmin/*
- name: Upload any failure inputs
if: always()
uses: actions/upload-artifact@v4
with:
name: fuzz_read_bad_inputs
path: out/default/crashes/*
if-no-files-found: ignore
- name: Upload coverage report
if: always()
uses: actions/upload-artifact@v4
with:
name: fuzz_read_coverage
path: map
fuzz_read_with_no_features:
runs-on: ubuntu-latest
needs:
- build_and_test
- cargo_fmt
- style_and_docs
steps:
- uses: actions/checkout@v4
- uses: actions-rs/toolchain@v1
with:
profile: minimal
toolchain: nightly
override: true
- name: Install afl
uses: actions-rs/cargo@v1
with:
command: install
args: cargo-afl
- name: cargo afl system-config
uses: actions-rs/cargo@v1
with:
command: afl
args: system-config
- name: compile fuzz
uses: actions-rs/cargo@v1
with:
command: afl
args: build --manifest-path ${{ github.workspace }}/fuzz_read/Cargo.toml
- name: run fuzz
timeout-minutes: 70
uses: actions-rs/cargo@v1
with:
command: afl
args: fuzz -i ${{ github.workspace }}/fuzz_read/in -o out -V 3600 -a binary -- ${{ github.workspace }}/fuzz_read/target/debug/fuzz_read
- name: Report coverage
uses: actions-rs/cargo@v1
with:
command: afl
args: showmap -C -i out -o map -- ${{ github.workspace }}/fuzz_read/target/debug/fuzz_read
- run: sudo apt install rename
- name: Rename files
run: |
rename 's/:/-/g' map/*
rename 's/:/-/g' out/default/crashes/*
- name: Upload any failure inputs
if: always()
uses: actions/upload-artifact@v4
with:
name: fuzz_read_bad_inputs_no_features
path: out/default/crashes/*
if-no-files-found: ignore
- name: Upload coverage report
if: always()
uses: actions/upload-artifact@v4
with:
name: fuzz_read_coverage_no_features
path: map
fuzz_write:
runs-on: ubuntu-latest
needs:
- build_and_test
- cargo_fmt
- style_and_docs
steps:
- uses: actions/checkout@v4
- uses: actions-rs/toolchain@v1
with:
profile: minimal
toolchain: nightly
override: true
- name: Install afl
uses: actions-rs/cargo@v1
with:
command: install
args: cargo-afl
- name: cargo afl system-config
uses: actions-rs/cargo@v1
with:
command: afl
args: system-config
- name: compile fuzz
uses: actions-rs/cargo@v1
with:
command: afl
args: build --all-features --manifest-path ${{ github.workspace }}/fuzz_write/Cargo.toml
- name: run fuzz
timeout-minutes: 70
uses: actions-rs/cargo@v1
with:
command: afl
args: fuzz -i ${{ github.workspace }}/fuzz_write/in -o out -V 3600 -a binary -x ${{ github.workspace }}/fuzz_write/fuzz.dict -- ${{ github.workspace }}/fuzz_write/target/debug/fuzz_write
- name: Minimize corpus
uses: actions-rs/cargo@v1
with:
command: afl
args: cmin -i out/default/queue -o out_cmin -- ${{ github.workspace }}/fuzz_write/target/debug/fuzz_write
- name: Report coverage
uses: actions-rs/cargo@v1
with:
command: afl
args: showmap -C -i out -o map -- ${{ github.workspace }}/fuzz_write/target/debug/fuzz_write
- run: sudo apt install rename
- name: Rename files
run: |
rename 's/:/-/g' map/*
rename 's/:/-/g' out_cmin/*
rename 's/:/-/g' out/default/crashes/*
- name: Upload updated corpus
uses: actions/upload-artifact@v4
with:
name: fuzz_write_corpus
path: out_cmin/*
- name: Upload any failure inputs
if: always()
uses: actions/upload-artifact@v4
with:
name: fuzz_write_bad_inputs
path: out/default/crashes/*
if-no-files-found: ignore
- name: Upload coverage report
if: always()
uses: actions/upload-artifact@v4
with:
name: fuzz_write_coverage
path: map
fuzz_write_with_no_features:
runs-on: ubuntu-latest
needs:
- build_and_test
- cargo_fmt
- style_and_docs
steps:
- uses: actions/checkout@v4
- uses: actions-rs/toolchain@v1
with:
profile: minimal
toolchain: nightly
override: true
- name: Install afl
uses: actions-rs/cargo@v1
with:
command: install
args: cargo-afl
- name: cargo afl system-config
uses: actions-rs/cargo@v1
with:
command: afl
args: system-config
- name: compile fuzz
uses: actions-rs/cargo@v1
with:
command: afl
args: build --all-features --manifest-path ${{ github.workspace }}/fuzz_write/Cargo.toml
- name: run fuzz
timeout-minutes: 70
uses: actions-rs/cargo@v1
with:
command: afl
args: fuzz -i ${{ github.workspace }}/fuzz_write/in -o out -V 3600 -a binary -x ${{ github.workspace }}/fuzz_write/fuzz.dict -- ${{ github.workspace }}/fuzz_write/target/debug/fuzz_write
- name: Report coverage
uses: actions-rs/cargo@v1
with:
command: afl
args: showmap -C -i out -o map -- ${{ github.workspace }}/fuzz_write/target/debug/fuzz_write
- run: sudo apt install rename
- name: Rename files
run: |
rename 's/:/-/g' map/*
rename 's/:/-/g' out/default/crashes/*
- name: Upload any failure inputs
if: always()
uses: actions/upload-artifact@v4
with:
name: fuzz_write_bad_inputs_no_features
path: out/default/crashes/*
if-no-files-found: ignore
- name: Upload coverage report
if: always()
uses: actions/upload-artifact@v4
with:
name: fuzz_write_coverage_no_features
path: map