Bump clap from 4.5.44 to 4.5.45 #1058
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI/CD Pipeline | |
| on: | |
| push: | |
| branches: [master, main] | |
| pull_request: | |
| branches: [master, main] | |
| release: | |
| types: [published] | |
| workflow_dispatch: | |
| env: | |
| CARGO_TERM_COLOR: always | |
| RUST_BACKTRACE: 1 | |
| jobs: | |
| # Security and code quality checks | |
| security: | |
| name: Security Audit | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Setup Rust | |
| uses: dtolnay/rust-toolchain@stable | |
| - name: Cache dependencies | |
| uses: Swatinem/rust-cache@v2 | |
| with: | |
| key: audit-${{ hashFiles('**/Cargo.lock') }} | |
| - name: Install cargo-audit | |
| run: cargo install cargo-audit | |
| - name: Security audit | |
| run: cargo audit | |
| # Code quality and testing | |
| test: | |
| name: Test Suite | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Setup Rust | |
| uses: dtolnay/rust-toolchain@stable | |
| with: | |
| components: rustfmt, clippy | |
| - name: Cache dependencies | |
| uses: Swatinem/rust-cache@v2 | |
| with: | |
| key: test-${{ hashFiles('**/Cargo.lock') }} | |
| - name: Format check | |
| run: cargo fmt --all -- --check | |
| - name: Clippy check | |
| run: cargo clippy --workspace --all-targets --all-features -- -D warnings | |
| - name: Run tests | |
| run: cargo test --workspace --all-features --verbose | |
| - name: Build debug | |
| run: cargo build --workspace --all-targets --all-features | |
| - name: Upload debug artifact | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: redproxy-rs-debug-${{ github.sha }} | |
| path: target/debug/redproxy-rs | |
| retention-days: 7 | |
| # Cross-platform release builds | |
| build-cross: | |
| needs: [security, test] | |
| name: ${{ matrix.job.os }} (${{ matrix.job.target }}) | |
| runs-on: ${{ matrix.job.os }} | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| job: | |
| - {os: ubuntu-latest, target: aarch64-unknown-linux-gnu, use-cross: true } | |
| - { os: ubuntu-latest, target: x86_64-unknown-linux-gnu } | |
| - { os: macos-latest, target: x86_64-apple-darwin } | |
| - { os: windows-latest, target: x86_64-pc-windows-msvc } | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Setup Rust | |
| uses: dtolnay/rust-toolchain@stable | |
| with: | |
| targets: ${{ matrix.job.target }} | |
| - name: Cache dependencies | |
| uses: Swatinem/rust-cache@v2 | |
| with: | |
| key: release-${{ matrix.job.target }}-${{ hashFiles('**/Cargo.lock') }} | |
| - name: Install cross-compilation tools | |
| if: matrix.job.use-cross | |
| run: cargo install cross --git https://github.com/cross-rs/cross | |
| - name: Install system dependencies | |
| if: matrix.job.os == 'ubuntu-latest' && !matrix.job.use-cross | |
| shell: bash | |
| run: | | |
| case ${{ matrix.job.target }} in | |
| aarch64-unknown-linux-gnu) | |
| sudo apt-get update | |
| sudo apt-get install -y gcc-aarch64-linux-gnu | |
| ;; | |
| esac | |
| - name: Extract project metadata | |
| id: metadata | |
| shell: bash | |
| run: | | |
| cargo metadata --no-deps --format-version 1 | jq -r --arg id "$(cargo pkgid)" '.packages[] | select(.id == $id) | "name=\(.name)\nversion=\(.version)"' >> $GITHUB_OUTPUT | |
| - name: Build release binary | |
| shell: bash | |
| run: | | |
| if [ "${{ matrix.job.use-cross }}" = "true" ]; then | |
| cross build --locked --release --target=${{ matrix.job.target }} --workspace --all-features | |
| else | |
| cargo build --locked --release --target=${{ matrix.job.target }} --workspace --all-features | |
| fi | |
| - name: Prepare release artifacts | |
| id: artifact | |
| shell: bash | |
| run: | | |
| # Determine file extension | |
| if [[ "${{ matrix.job.target }}" == *"windows"* ]]; then | |
| EXT=".exe" | |
| ARCHIVE_EXT=".zip" | |
| else | |
| EXT="" | |
| ARCHIVE_EXT=".tar.gz" | |
| fi | |
| BIN_NAME="${{ steps.metadata.outputs.name }}${EXT}" | |
| PKG_NAME="${{ steps.metadata.outputs.name }}-v${{ steps.metadata.outputs.version }}-${{ matrix.job.target }}${ARCHIVE_EXT}" | |
| # Copy and optionally strip binary | |
| mkdir -p artifacts | |
| cp "target/${{ matrix.job.target }}/release/${BIN_NAME}" "artifacts/" | |
| # Strip debug symbols on Unix systems | |
| if [[ "${{ matrix.job.target }}" != *"windows"* ]]; then | |
| case "${{ matrix.job.target }}" in | |
| aarch64-unknown-linux-gnu) | |
| if command -v aarch64-linux-gnu-strip >/dev/null 2>&1; then | |
| aarch64-linux-gnu-strip "artifacts/${BIN_NAME}" | |
| fi | |
| ;; | |
| *) | |
| strip "artifacts/${BIN_NAME}" 2>/dev/null || true | |
| ;; | |
| esac | |
| fi | |
| # Create archive | |
| cd artifacts | |
| if [[ "${{ matrix.job.target }}" == *"windows"* ]]; then | |
| 7z a "../${PKG_NAME}" "${BIN_NAME}" | |
| else | |
| tar czf "../${PKG_NAME}" "${BIN_NAME}" | |
| fi | |
| cd .. | |
| echo "pkg_name=${PKG_NAME}" >> $GITHUB_OUTPUT | |
| echo "pkg_path=${PKG_NAME}" >> $GITHUB_OUTPUT | |
| - name: Upload build artifacts | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: ${{ steps.artifact.outputs.pkg_name }} | |
| path: ${{ steps.artifact.outputs.pkg_path }} | |
| retention-days: 30 | |
| - name: Upload to release | |
| if: github.event_name == 'release' | |
| uses: softprops/action-gh-release@v2 | |
| with: | |
| files: ${{ steps.artifact.outputs.pkg_path }} | |
| # Auto-merge dependabot PRs | |
| dependabot: | |
| needs: [build-cross] | |
| runs-on: ubuntu-latest | |
| permissions: | |
| pull-requests: write | |
| contents: write | |
| if: github.actor == 'dependabot[bot]' && github.event_name == 'pull_request' | |
| steps: | |
| - name: Fetch dependabot metadata | |
| id: metadata | |
| uses: dependabot/fetch-metadata@v2 | |
| with: | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Auto-approve and merge updates | |
| env: | |
| PR_URL: ${{ github.event.pull_request.html_url }} | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| gh pr review --approve "$PR_URL" | |
| gh pr merge --auto --squash "$PR_URL" |