feat(plugins): add Rust url_reputation plugin #292
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Rust Plugins CI/CD | |
| on: | |
| push: | |
| branches: [main, develop] | |
| paths: | |
| - "plugins_rust/**" | |
| - "plugins/pii_filter/**" | |
| - ".github/workflows/rust-plugins.yml" | |
| pull_request: | |
| types: [opened, synchronize, ready_for_review] | |
| branches: [main, develop] | |
| paths: | |
| - "plugins_rust/**" | |
| - "plugins/pii_filter/**" | |
| workflow_dispatch: | |
| env: | |
| CARGO_TERM_COLOR: always | |
| RUST_BACKTRACE: 1 | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| # Rust unit tests and linting (all plugins in one job per OS) | |
| rust-tests: | |
| if: github.event_name != 'pull_request' || !github.event.pull_request.draft | |
| name: Rust Tests (${{ matrix.os }}) | |
| runs-on: ${{ matrix.os }} | |
| timeout-minutes: 60 | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| os: ${{ github.event_name == 'pull_request' && fromJSON('["ubuntu-latest"]') || fromJSON('["ubuntu-latest", "macos-latest", "windows-latest"]') }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Install Rust components | |
| run: | | |
| rustup toolchain install stable | |
| rustup component add rustfmt clippy | |
| rustup default stable | |
| - name: Cache Cargo registry | |
| uses: actions/cache@v4 | |
| with: | |
| path: ~/.cargo/registry | |
| key: ${{ runner.os }}-cargo-registry-${{ hashFiles('**/Cargo.lock') }} | |
| - name: Cache Cargo index | |
| uses: actions/cache@v4 | |
| with: | |
| path: ~/.cargo/git | |
| key: ${{ runner.os }}-cargo-index-${{ hashFiles('**/Cargo.lock') }} | |
| - name: Cache Cargo build | |
| uses: actions/cache@v4 | |
| with: | |
| path: plugins_rust/*/target | |
| key: ${{ runner.os }}-cargo-build-${{ hashFiles('**/Cargo.lock') }} | |
| # rust-check = fmt-check + clippy + cargo test only | |
| - name: Run all checks for plugins | |
| run: make rust-check | |
| # Build wheels for multiple platforms (all plugins in one job per OS) | |
| build-wheels: | |
| if: github.event_name != 'pull_request' || !github.event.pull_request.draft | |
| name: Build wheels (${{ matrix.os }}) | |
| runs-on: ${{ matrix.os }} | |
| timeout-minutes: 60 | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| os: ${{ github.event_name == 'pull_request' && fromJSON('["ubuntu-latest"]') || fromJSON('["ubuntu-latest", "macos-latest", "windows-latest"]') }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: "3.12" | |
| - name: Install Rust stable | |
| run: rustup default stable | |
| - name: Install uv | |
| uses: astral-sh/setup-uv@v5 | |
| with: | |
| version: "0.9.2" | |
| - name: Install maturin as CLI tool | |
| run: uv tool install maturin | |
| - name: Build wheels for all plugins | |
| run: make rust-build-wheels | |
| - name: Upload wheels as artifacts | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: wheels-build | |
| path: plugins_rust/*/dist/*.whl | |
| # Security audit (all plugins in one job) | |
| security-audit: | |
| if: github.event_name != 'pull_request' || !github.event.pull_request.draft | |
| name: Security Audit | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 60 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Install Rust stable | |
| run: rustup default stable | |
| - name: Install cargo-audit | |
| run: cargo install cargo-audit | |
| - name: Run security audit on all plugins | |
| run: make rust-audit | |
| # Benchmark tests (verify benchmarks compile and run) | |
| benchmark-tests: | |
| if: github.event_name != 'pull_request' || !github.event.pull_request.draft | |
| name: Benchmark Tests | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 60 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Install Rust stable | |
| run: rustup default stable | |
| - name: Cache Cargo registry | |
| uses: actions/cache@v4 | |
| with: | |
| path: ~/.cargo/registry | |
| key: ${{ runner.os }}-cargo-registry-${{ hashFiles('**/Cargo.lock') }} | |
| - name: Cache Cargo index | |
| uses: actions/cache@v4 | |
| with: | |
| path: ~/.cargo/git | |
| key: ${{ runner.os }}-cargo-index-${{ hashFiles('**/Cargo.lock') }} | |
| - name: Cache Cargo build | |
| uses: actions/cache@v4 | |
| with: | |
| path: plugins_rust/*/target | |
| key: ${{ runner.os }}-cargo-bench-${{ hashFiles('**/Cargo.lock') }} | |
| - name: Run benchmarks for all plugins | |
| run: make rust-bench | |
| # Coverage report (all plugins in one job) | |
| coverage: | |
| if: github.event_name != 'pull_request' || !github.event.pull_request.draft | |
| name: Code Coverage | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 60 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: "3.12" | |
| - name: Install Rust stable and components | |
| run: | | |
| rustup default stable | |
| rustup component add llvm-tools-preview | |
| - name: Install uv | |
| uses: astral-sh/setup-uv@v5 | |
| with: | |
| version: "0.9.2" | |
| - name: Install maturin as CLI tool | |
| run: uv tool install maturin | |
| - name: Create virtual environment | |
| run: uv venv | |
| - name: Install coverage tools | |
| run: | | |
| uv pip install pytest pytest-cov pydantic | |
| cargo install cargo-llvm-cov | |
| - name: Run coverage for all plugins | |
| run: make rust-coverage | |
| - name: Upload coverage to Codecov | |
| uses: codecov/codecov-action@v4 | |
| with: | |
| files: ./plugins_rust/*/coverage/cobertura.xml | |
| flags: rust-plugins | |
| name: rust-plugins-coverage | |
| # Build documentation (all plugins in one job) | |
| documentation: | |
| if: github.event_name != 'pull_request' || !github.event.pull_request.draft | |
| name: Build Documentation | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 60 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Install Rust stable | |
| run: rustup default stable | |
| - name: Build Rust docs for all plugins | |
| run: make rust-doc | |
| - name: Upload documentation | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: rust-docs | |
| path: plugins_rust/*/target/doc | |
| # Release build (only on tags, all plugins per OS) | |
| release: | |
| name: Release Build (${{ matrix.os }}) | |
| runs-on: ${{ matrix.os }} | |
| timeout-minutes: 60 | |
| if: startsWith(github.ref, 'refs/tags/') | |
| needs: rust-tests | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| os: [ubuntu-latest, macos-latest, windows-latest] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: "3.12" | |
| - name: Install Rust stable | |
| run: rustup default stable | |
| - name: Install uv | |
| uses: astral-sh/setup-uv@v5 | |
| with: | |
| version: "0.9.2" | |
| - name: Install maturin as CLI tool | |
| run: uv tool install maturin | |
| - name: Build and publish release wheels | |
| env: | |
| MATURIN_PYPI_TOKEN: ${{ secrets.PYPI_TOKEN }} | |
| run: | | |
| make rust-release | |
| if [ "${{ matrix.os }}" = "ubuntu-latest" ]; then | |
| make rust-release-publish | |
| fi | |
| - name: Upload release artifacts | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: release-wheels-${{ matrix.os }} | |
| path: plugins_rust/*/dist/*.whl |