Skip to content

chore: release

chore: release #11574

Workflow file for this run

name: Lint
on:
pull_request:
branches: [main]
push:
branches: [main]
merge_group:
# Ensures that only one workflow task will run at a time. Previous builds, if
# already in process, will get cancelled. Only the latest commit will be allowed
# to run, cancelling any workflows in between
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
permissions:
contents: read
pull-requests: read
env:
CLICOLOR: 1
jobs:
changes:
runs-on: ubuntu-latest
timeout-minutes: 5
outputs:
lint: ${{ steps.filter.outputs.lint || 'true' }}
hadolint: ${{ steps.filter.outputs.hadolint || 'true' }}
shellcheck: ${{ steps.filter.outputs.shellcheck || 'true' }}
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
if: github.event_name == 'pull_request'
with:
persist-credentials: false
- uses: dorny/paths-filter@fbd0ab8f3e69293af611ebaee6363fc25e6d187d # v4.0.1
id: filter
if: github.event_name == 'pull_request'
with:
filters: .github/path-filters.yml
clippy:
name: clippy ${{ matrix.rust-version }} / ${{ matrix.type }}
needs: changes
if: needs.changes.outputs.lint == 'true'
permissions:
contents: read
id-token: write
statuses: write
runs-on: ubuntu-latest
timeout-minutes: 30
strategy:
fail-fast: false
matrix:
rust-version: [stable, beta]
type: [release, tests]
include:
- type: release
args: --workspace --all-targets
features: default-release-binaries
- type: tests
args: --workspace --all-targets
features: default-release-binaries proptest-impl lightwalletd-grpc-tests zebra-checkpoints
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd #v6.0.2
with:
persist-credentials: false
- uses: actions-rust-lang/setup-rust-toolchain@46268bd060767258de96ed93c1251119784f2ab6 #v1.16.1
with:
components: clippy
toolchain: ${{ matrix.rust-version }}
cache-on-failure: true
- uses: ./.github/actions/setup-zebra-build
- name: Run clippy
run: cargo clippy ${{ matrix.args }} --features "${{ matrix.features }}"
crate-checks:
needs: changes
if: needs.changes.outputs.lint == 'true'
permissions:
contents: read
statuses: write
runs-on: ubuntu-latest
timeout-minutes: 30
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd #v6.0.2
with:
persist-credentials: false
- uses: actions-rust-lang/setup-rust-toolchain@46268bd060767258de96ed93c1251119784f2ab6 #v1.16.1
with:
cache-on-failure: true
- uses: taiki-e/install-action@65851e10cd6c377f11a60e600abc07cb08643468 #v2.79.3
with:
tool: cargo-hack
- uses: ./.github/actions/setup-zebra-build
- run: cargo hack check --workspace
msrv:
name: MSRV
needs: changes
if: needs.changes.outputs.lint == 'true'
permissions:
contents: read
id-token: write
statuses: write
runs-on: ubuntu-latest
timeout-minutes: 30
strategy:
matrix:
include:
- binary: zebrad
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd #v6.0.2
with:
persist-credentials: false
- uses: actions-rust-lang/setup-rust-toolchain@46268bd060767258de96ed93c1251119784f2ab6 #v1.16.1
with:
toolchain: 1.91 # MSRV
cache-on-failure: true
- uses: ./.github/actions/setup-zebra-build
- run: cargo build --bin "${{ matrix.binary }}" --workspace
docs:
name: docs
needs: changes
if: needs.changes.outputs.lint == 'true'
permissions:
contents: read
statuses: write
runs-on: ubuntu-latest
timeout-minutes: 30
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd #v6.0.2
with:
persist-credentials: false
- uses: actions-rust-lang/setup-rust-toolchain@46268bd060767258de96ed93c1251119784f2ab6 #v1.16.1
with:
toolchain: nightly
cache-on-failure: true
- uses: ./.github/actions/setup-zebra-build
- run: cargo doc --no-deps --workspace --all-features --document-private-items --target-dir "$(pwd)"/target/internal
env:
# Keep in sync with ./book.yml:jobs.build
# The -A and -W settings must be the same as the `rustdocflags` in:
# https://github.com/ZcashFoundation/zebra/blob/main/.cargo/config.toml#L87
RUSTDOCFLAGS: --html-in-header katex-header.html -A rustdoc::private_intra_doc_links -D warnings
fmt:
name: fmt
needs: changes
if: needs.changes.outputs.lint == 'true'
permissions:
contents: read
statuses: write
runs-on: ubuntu-latest
timeout-minutes: 30
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd #v6.0.2
with:
persist-credentials: false
- uses: actions-rust-lang/setup-rust-toolchain@46268bd060767258de96ed93c1251119784f2ab6 #v1.16.1
with:
toolchain: nightly
components: rustfmt
- name: Run fmt
run: cargo fmt --all -- --check
unused-deps:
name: unused-deps
needs: changes
if: needs.changes.outputs.lint == 'true'
permissions:
contents: read
id-token: write
statuses: write
runs-on: ubuntu-latest
timeout-minutes: 30
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd #v6.0.2
with:
persist-credentials: false
- uses: actions-rust-lang/setup-rust-toolchain@46268bd060767258de96ed93c1251119784f2ab6 #v1.16.1
with:
toolchain: nightly
cache-on-failure: true
- uses: taiki-e/install-action@65851e10cd6c377f11a60e600abc07cb08643468 #v2.79.3
with:
tool: cargo-udeps
- uses: ./.github/actions/setup-zebra-build
- run: cargo udeps --workspace --all-targets --all-features --locked
no-test-deps:
needs: changes
if: needs.changes.outputs.lint == 'true'
runs-on: ubuntu-latest
timeout-minutes: 30
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd #v6.0.2
with:
persist-credentials: false
- uses: actions-rust-lang/setup-rust-toolchain@46268bd060767258de96ed93c1251119784f2ab6 #v1.16.1
with:
toolchain: stable
cache-on-failure: true
- name: Ensure no arbitrary or proptest dependency on default build
run: cargo tree --package zebrad -e=features,no-dev | grep -Eq "arbitrary|proptest" && exit 1 || exit 0
# Checks that selected rates can compile with power set of features
features:
name: features
needs: changes
if: needs.changes.outputs.lint == 'true'
permissions:
contents: read
id-token: write
statuses: write
runs-on: ubuntu-latest
timeout-minutes: 30
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd #v6.0.2
with:
persist-credentials: false
- uses: actions-rust-lang/setup-rust-toolchain@46268bd060767258de96ed93c1251119784f2ab6 #v1.16.1
with:
toolchain: nightly
cache-on-failure: true
- name: cargo install cargo-hack
uses: taiki-e/install-action@65851e10cd6c377f11a60e600abc07cb08643468 #v2.79.3
with:
tool: cargo-hack
- uses: ./.github/actions/setup-zebra-build
- run: cargo hack check --all
env:
RUSTFLAGS: -D warnings
check-cargo-lock:
name: check-cargo-lock
needs: changes
if: needs.changes.outputs.lint == 'true'
permissions:
contents: read
id-token: write
statuses: write
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd #v6.0.2
with:
persist-credentials: false
- uses: actions-rust-lang/setup-rust-toolchain@46268bd060767258de96ed93c1251119784f2ab6 #v1.16.1
with:
toolchain: stable
cache-on-failure: true
- uses: ./.github/actions/setup-zebra-build
- run: cargo check --locked --all-features --all-targets
deny:
name: Check deny ${{ matrix.checks }} ${{ matrix.features }}
needs: changes
if: needs.changes.outputs.lint == 'true'
permissions:
contents: read
statuses: write
runs-on: ubuntu-latest
strategy:
matrix:
checks:
- bans
- sources
- advisories
- licenses
# We don't need to check `--no-default-features` here, because (except in very rare cases):
# - disabling features isn't going to add duplicate dependencies
# - disabling features isn't going to add more crate sources
# For advisories and licenses, feature flags don't change the dependency tree materially,
# so we only need the default and --all-features variants.
features: ["", --features default-release-binaries, --all-features]
# Always run the --all-features job, to get accurate "skip tree root was not found" warnings
fail-fast: false
# Prevent sudden announcement of a new advisory from failing ci:
continue-on-error: ${{ matrix.checks == 'advisories' }}
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd #v6.0.2
with:
persist-credentials: false
- uses: actions-rust-lang/setup-rust-toolchain@46268bd060767258de96ed93c1251119784f2ab6 #v1.16.1
with:
cache-on-failure: true
- name: Check ${{ matrix.checks }} with features ${{ matrix.features }}
uses: EmbarkStudios/cargo-deny-action@6c8f9facfa5047ec02d8485b6bf52b587b7777d1 #v2.0.18
with:
# --all-features spuriously activates openssl, but we want to ban that dependency in
# all of zebrad's production features for security reasons. But the --all-features job is
# the only job that gives accurate "skip tree root was not found" warnings.
# In other jobs, we expect some of these warnings, due to disabled features.
command: check ${{ matrix.checks }} ${{ matrix.features == '--all-features' && '--allow banned' || '--allow unmatched-skip-root' }}
arguments: --workspace ${{ matrix.features }}
hadolint:
name: hadolint
needs: changes
if: needs.changes.outputs.hadolint == 'true'
permissions:
contents: read
runs-on: ubuntu-latest
timeout-minutes: 5
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
- name: Run hadolint
uses: hadolint/hadolint-action@2332a7b74a6de0dda2e2221d575162eba76ba5e5 # v3.3.0
with:
dockerfile: docker/Dockerfile
failure-threshold: warning
shellcheck:
name: shellcheck
needs: changes
if: needs.changes.outputs.shellcheck == 'true'
permissions:
contents: read
runs-on: ubuntu-latest
timeout-minutes: 5
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
# shellcheck is preinstalled on the ubuntu-latest runner image.
- name: Run shellcheck
run: |
find . -type f -name '*.sh' \
-not -path './target/*' \
-print0 | xargs -0 -r shellcheck --color=always
lint:
runs-on: ubuntu-latest
if: always()
needs:
- changes
- clippy
- crate-checks
- msrv
- docs
- fmt
- unused-deps
- check-cargo-lock
- no-test-deps
- features
- deny
- hadolint
- shellcheck
timeout-minutes: 30
steps:
- name: Decide whether the needed jobs succeeded or failed
uses: re-actors/alls-green@05ac9388f0aebcb5727afa17fcccfecd6f8ec5fe #v1.2.2
with:
jobs: ${{ toJSON(needs) }}
allowed-skips: clippy, crate-checks, msrv, docs, fmt, unused-deps, check-cargo-lock, no-test-deps, features, deny, hadolint, shellcheck