ci: update CI pipelines to match Jumpy. (#116)

fishfolk · Apr 19, 2023 · 681e94d · 681e94d
1 parent ad6d073
commit 681e94d
Show file tree

Hide file tree

Showing 6 changed files with 129 additions and 87 deletions.
diff --git a/.github/workflows/bors-commit-lint.yml b/.github/workflows/bors-commit-lint.yml
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -1,110 +1,132 @@
-name: CI
+name: 🔁 Continuous Integration
 
 on:
   push:
     branches:
       - main
-      - staging
-      - trying
   pull_request:
+  merge_group:
 
 jobs:
   check_formatting:
     runs-on: ubuntu-latest
-    name: Check Rust formatting
+    name: 🗒 Check Rust formatting
     steps:
-      - uses: actions/checkout@v3
-      - name: Install Rustfmt
+      - name: ⬇️ Checkout Source
+        uses: actions/checkout@v3
+
+      - name: 🦀 Install Rustfmt
         uses: actions-rs/toolchain@v1
         with:
           components: rustfmt
-      - uses: actions-rs/cargo@v1
+
+      - name: 🔧 Check
+        uses: actions-rs/cargo@v1
         with:
           command: fmt
           args: --all -- --check
 
   clippy_correctness_checks:
     runs-on: ubuntu-latest
-    name: Clippy correctness checks
+    name: 🔧 Clippy correctness checks
     strategy:
       fail-fast: false
       matrix:
         config:
           - { target: "x86_64-unknown-linux-gnu", target_dir: "target" }
-          # Disable WASM Target until we fix WASM compile
-          # - { target: 'wasm32-unknown-unknown', target_dir: 'web-target' }
+          - { target: "wasm32-unknown-unknown", target_dir: "web-target" }
     steps:
-      - name: Install dependencies
+      - name: ⬇️ Checkout Source
+        uses: actions/checkout@v3
+
+      - name: 🧰 Install dependencies
         run: |
           sudo apt-get update
           sudo apt-get install -y -q \
               libasound2-dev \
               libudev-dev
-      - uses: actions/checkout@v3
-      - name: Install WASM Target
+
+      - name: 🧰 Install WASM Target
         if: matrix.config.target == 'wasm32-unknown-unknown'
         uses: actions-rs/toolchain@v1
         with:
           target: ${{ matrix.config.target }}
           components: clippy
-      - name: Install Clippy
+
+      - name: 🧰 Install Clippy
         if: matrix.config.target != 'wasm32-unknown-unknown'
         uses: actions-rs/toolchain@v1
         with:
           components: clippy
-      - uses: actions/cache@v3
-        name: Cache cargo registry
+
+      - name: ♻️ Cache Cargo
+        uses: actions/cache@v3
         with:
           path: |
             ~/.cargo/registry/index/
             ~/.cargo/registry/cache/
             ~/.cargo/git/db/
-          key: cargo-registry
-      - uses: actions/cache@v3
-        name: Cache cargo target
-        with:
-          path: |
             target/
             web-target/
-          key: ${{ runner.os }}-cargo-target-${{ hashFiles('**/Cargo.lock') }}
-      - uses: actions-rs/cargo@v1
+          key: ci-${{ matrix.config.target }}-${{ hashFiles('**/Cargo.lock') }}
+          restore-keys: |
+            ci-${{ matrix.config.target }}-
+
+      - name: 🔧 Check
+        uses: actions-rs/cargo@v1
         env:
           CARGO_TARGET_DIR: ${{ matrix.config.target_dir }}
         with:
           command: clippy
           args: --target ${{ matrix.config.target }} -- -W clippy::correctness -D warnings
 
+  cargo-deny:
+    name: ©️ License and advisories check
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        checks:
+          - advisories
+          - bans licenses sources
+
+    # Prevent sudden announcement of a new advisory from failing ci:
+    continue-on-error: ${{ matrix.checks == 'advisories' }}
+
+    steps:
+      - uses: actions/checkout@v3
+      - uses: EmbarkStudios/cargo-deny-action@v1
+        with:
+          command: check ${{ matrix.checks }}
+
   miri_tests:
     runs-on: ubuntu-latest
-    name: Miri tests
+    name: 📡 Miri tests
     steps:
-      - name: Install dependencies
+      - uses: actions/checkout@v3
+      - name: 🧰 Install dependencies
         run: |
           sudo apt-get update
           sudo apt-get install -y -q \
               libasound2-dev \
               libudev-dev
-      - uses: actions/checkout@v3
-      - name: Install Miri
+      - name: 🧰 Install Miri
         run: |
           rustup toolchain install nightly --component miri
           rustup override set nightly
           cargo miri setup
-      - uses: actions/cache@v3
-        name: Cache cargo registry
+      - name: ♻️ Cache Cargo
+        uses: actions/cache@v3
         with:
           path: |
             ~/.cargo/registry/index/
             ~/.cargo/registry/cache/
             ~/.cargo/git/db/
-          key: cargo-registry
-      - uses: actions/cache@v3
-        name: Cache miri target
-        with:
-          path: |
             target/
-          key: miri-target
-      - name: Test with Miri
+            web-target/
+          key: ci-miri-${{ matrix.config.target }}-${{ hashFiles('**/Cargo.lock') }}
+          restore-keys: |
+            ci-miri-${{ matrix.config.target }}-
+      - name: 📡 Test with Miri
         run: |
           # Try multiple seeds to catch possible alignment issues
           for SEED in $(seq 0 10); do

diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml
@@ -1,71 +1,57 @@
-name: Documentation
+name: 🗒 Documentation
 
 on:
   push:
     branches:
       - main
-      - staging
-      - trying
   pull_request:
+  merge_group:
 
 jobs:
   book:
-    name: Build Docs
+    name: 🔨 Build Docs
     runs-on: ubuntu-latest
     steps:
-      - name: Checkout Source
+      - name: ⬇ ️Checkout Source
         uses: actions/checkout@v2
 
-      - name: Install dependencies
+      - name: 🧰 Install dependencies
         run: |
           sudo apt-get update
           sudo apt-get install -y -q \
               libasound2-dev \
               libudev-dev
 
-      - name: Install Rust
+      - name: 🦀 Install Rust
         uses: actions-rs/toolchain@v1
 
-      - name: Install mdbook
+      - name: 📖 Install mdbook
         uses: peaceiris/actions-mdbook@v1
         with:
           mdbook-version: "0.4.22"
 
       - uses: actions/cache@v3
-        name: Cache cargo registry
+        name: ♻️ Cache Cargo
         with:
           path: |
             ~/.cargo/registry/index/
             ~/.cargo/registry/cache/
             ~/.cargo/git/db/
-          key: cargo-registry
-      - uses: actions/cache@v3
-        name: Cache cargo target
-        with:
-          path: |
             target/
             web-target/
-          key: Linux-cargo-target-${{ hashFiles('**/Cargo.lock') }}
-
-      - name: Test Book Rust Examples
-        run: |
-          cargo b -p bones_ecs
-          mdbook test book -L target/debug/deps
+          key: docs-${{ hashFiles('**/Cargo.lock') }}
+          restore-keys: |
+            docs-
 
-      - name: Build Rustdoc
+      - name: 🔨 Build Rustdoc
         run: |
           cargo doc --workspace --no-deps
           mv target/doc book/src/rustdoc
 
-
-      - name: Build MDBook
-        run: |
-            cd book
-            mdbook build
-
-      - name: Deploy 🚀
-        uses: peaceiris/actions-gh-pages@v3
+      - name: 🚀 Deploy
+        uses: JamesIves/github-pages-deploy-action@4.1.3
         if: ${{ github.ref == 'refs/heads/main' }}
         with:
-          github_token: ${{ secrets.GITHUB_TOKEN }}
-          publish_dir: ./book/dist
+          branch: gh-pages
+          folder: ./book/dist
+          target-folder: book
diff --git a/.github/workflows/merge-group-commit-lint.yml b/.github/workflows/merge-group-commit-lint.yml
@@ -0,0 +1,20 @@
+name: 🕵 Lint Merge Group Commit Message
+on:
+  pull_request:
+  merge_group:
+
+jobs:
+  commitlint:
+    name: 🔎 Lint Commit Message
+    runs-on: ubuntu-latest
+    steps:
+      - name: ⬇️ Checkout Source
+        uses: actions/checkout@v3
+        if: github.event_name == 'merge_group'
+        with:
+          fetch-depth: 2
+      - name: 🔎 Lint Commit Message
+        uses: wagoid/commitlint-github-action@v5
+        if: github.event_name == 'merge_group'
+        with:
+          commitDepth: 1
diff --git a/.github/workflows/pul-requests.yml b/.github/workflows/pul-requests.yml
@@ -1,17 +1,20 @@
-name: Pull Requests
+name: ⏮️ Pull Requests
 
 on:
   pull_request_target:
     types:
       - opened
       - edited
       - synchronize
+  merge_group:
 
 jobs:
   main:
-    name: Validate conventional PR title
+    name: 🕵 Validate Conventional PR Title
     runs-on: ubuntu-latest
     steps:
       - uses: amannn/action-semantic-pull-request@v5
+        name: 🔎 Validate Conventional PR Title
+        if: github.event_name == 'pull_request_target'
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/deny.toml b/deny.toml
@@ -0,0 +1,29 @@
+# This section is considered when running `cargo deny check licenses`
+# More documentation for the licenses section can be found here:
+# https://embarkstudios.github.io/cargo-deny/checks/licenses/cfg.html
+[licenses]
+unlicensed = "deny"
+allow = [
+    "MIT",
+    "Apache-2.0",
+    "Unlicense",
+    "Zlib",
+    "Apache-2.0 WITH LLVM-exception",
+    "Unicode-DFS-2016",
+    "BSD-3-Clause",
+    "BSL-1.0",
+    "MIT-0",
+    "OFL-1.1",
+    "LicenseRef-UFL-1.0",
+    "CC0-1.0",
+    "ISC",
+    "BSD-2-Clause",
+    "MPL-2.0", # TODO(zicklag): I believe MPL is fine for us, but maybe double-check this.
+    "OpenSSL",
+]
+default = "deny"
+
+[sources.allow-org]
+github = [
+    "fishfolk",
+]