This introduces two workflows: one for basic CI (format and check) and
one for security audits. The security audit workflow probably isn't
going to catch anything, but it only runs when the cargo manifest
changes, so hopefully it doesn't slow things down too much. The CI
workflow is designed to run cargo fmt against the code and to run
cargo check with every combination of options. Right now, the
unproven feature must be enabled, which ends up requiring a nightly
compiler. As a result, the build matrix only runs two variants (one for
each of the two supported devices). Once builds can be done without the
unproven feature, ~ can be added to the proven dimension of the
matrix, which will then allow builds to run against both nightly and
stable.
Regarding the actual implementation, there are a few quirks in this
config.
The verbose on object is the result of pushes to pull requests
triggering the workflow twice - the workflow is triggerd by both the
push and pull_request events. By restricting these to the master
branch, it ensures that only pushes to the master branch or pull
requests to the master branch (but not pushes to pull request branches)
trigger.
The bizarre construction of the run step in the check job is needed
because GitHub isn't parsing the declaration correctly. The
preferred syntax would be to make use of the folded chomping block
operator and to drop the shell linewraps. Something closer to this:
This introduces two workflows: one for basic CI (format and check) and one for security audits. The security audit workflow probably isn't going to catch anything, but it only runs when the cargo manifest changes, so hopefully it doesn't slow things down too much. The CI workflow is designed to run
cargo fmtagainst the code and to runcargo checkwith every combination of options. Right now, theunprovenfeature must be enabled, which ends up requiring a nightly compiler. As a result, the build matrix only runs two variants (one for each of the two supported devices). Once builds can be done without theunprovenfeature,~can be added to theprovendimension of the matrix, which will then allow builds to run against both nightly and stable.Regarding the actual implementation, there are a few quirks in this config.
The verbose
onobject is the result of pushes to pull requests triggering the workflow twice - the workflow is triggerd by both thepushandpull_requestevents. By restricting these to the master branch, it ensures that only pushes to the master branch or pull requests to the master branch (but not pushes to pull request branches) trigger.The bizarre construction of the
runstep in thecheckjob is needed because GitHub isn't parsing the declaration correctly. The preferred syntax would be to make use of the folded chomping block operator and to drop the shell linewraps. Something closer to this: