Setup CI integration

[colinbankier]

TravisCI, CircleCI and a host of others offer free tiers - choose one, and integrate it with the project.

[oddg]

Hi @colinbankier! Really sweet project.

I gathered from #8 that you would not mind external contributions. I am working on the CI. Here my plan:

• [x] get the app to compile
• [x] add basic CI to run cargo build
• [x] get the test to compile and pass (thanks to @LukeMathWalker)
• ~[ ] add a cargo make t in the travis file~ (thanks to @LukeMathWalker)
• [x] add extra validation:
  • cargo fmt
  • cargo clippy
  • ~cargo audit~ (vulnerability in tokio dependency)

[LukeMathWalker]

It would cool to add cargo audit to the CI pipeline as well, if we want to keep as close as possible to a real world application.

[colinbankier]

This is great, thanks! The existing cargo make file used to compile and run tests successfully, but after changes in tide things broke. Are you hoping to update to latest tide as part of this? I'll have to review what state I left things in last time I tried to update.

On Fri, 13 Sep. 2019, 7:45 pm Luca Palmieri, notifications@github.com wrote:

It would cool to add cargo audit to the CI pipeline as well, if we want to keep as close as possible to a real world application.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/colinbankier/realworld-tide/issues/3?email_source=notifications&email_token=AAGE3VHLCKDVFQQ3OXYWMATQJNONJA5CNFSM4GLUWCQKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD6URGAA#issuecomment-531174144, or mute the thread https://github.com/notifications/unsubscribe-auth/AAGE3VC35IYK3OIIUYH7VSLQJNONJANCNFSM4GLUWCQA .

[oddg]

Are you hoping to update to latest tide as part of this?

I tried to build with tide v0.2 and the build breaks because tide v0.2 depends on http-service v0.2.0 which does not compile anymore (it uses the removed await! macro).

So yes for now I am targeting the master branch of tide. Maybe we could target a specific commit to have a bit more stability.

[LukeMathWalker]

I have opened a PR ( https://github.com/oddg/realworld-tide/pull/3 ) against your branch @oddg to simplify the setup of the database and remove cargo-make as a dependency/added complexity.

[oddg]

cargo audit reports a vulnerability related to memoffset which is an indirect dependency of tokio-threadpool. Not too sure what we can do about it.

[LukeMathWalker]

cargo audit reports a vulnerability related to memoffset which is an indirect dependency of tokio-threadpool. Not too sure what we can do about it.

It's enough to run cargo update and commit the new Cargo.lock to version control. I have opened a PR with the output: https://github.com/oddg/realworld-tide/pull/5 Cargo audit comes out clean now :+1: