Skip to content

rustls

rustls #812

Workflow file for this run

name: rustls
permissions:
contents: read
on:
push:
pull_request:
merge_group:
schedule:
- cron: '0 21 * * *'
jobs:
build:
name: Build + test
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
# test a bunch of toolchains on ubuntu
rust:
- stable
- beta
- nightly
os: [ubuntu-latest]
# but only stable on macos/windows (slower platforms)
include:
- os: macos-latest
rust: stable
- os: windows-latest
rust: stable
steps:
- name: Checkout sources
uses: actions/checkout@v4
with:
persist-credentials: false
- name: Install ${{ matrix.rust }} toolchain
uses: dtolnay/rust-toolchain@master
with:
toolchain: ${{ matrix.rust }}
- name: Install valgrind
if: runner.os == 'Linux'
run: sudo apt-get update && sudo apt-get install -y valgrind
- name: cargo test (debug; default features)
run: cargo test
env:
RUST_BACKTRACE: 1
- name: cargo test (debug; all features)
run: cargo test --all-features
env:
RUST_BACKTRACE: 1
- name: cargo test (debug; no default features; no run)
run: cargo test --no-default-features
env:
RUST_BACKTRACE: 1
wasm_build:
name: Build wasm32
runs-on: ubuntu-latest
steps:
- name: Checkout sources
uses: actions/checkout@v4
with:
persist-credentials: false
- name: Install stable toolchain
uses: dtolnay/rust-toolchain@stable
- name: Add wasm target
run: rustup target add wasm32-unknown-unknown
- name: wasm32 build (debug; default features)
run: cargo build --target wasm32-unknown-unknown --lib
env:
RUST_BACKTRACE: 1
- name: wasm32 build (debug; all features)
run: cargo build --target wasm32-unknown-unknown --lib --all-features
env:
RUST_BACKTRACE: 1
- name: wasm32 build (debug; no default features)
run: cargo build --target wasm32-unknown-unknown --lib --no-default-features
env:
RUST_BACKTRACE: 1
msrv:
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
os: [ubuntu-latest, macos-latest, windows-latest]
steps:
- name: Checkout sources
uses: actions/checkout@v4
with:
persist-credentials: false
- name: Install MSRV toolchain
uses: dtolnay/rust-toolchain@master
with:
toolchain: "1.60"
- run: cargo check --lib --all-features
format:
name: Format
runs-on: ubuntu-latest
steps:
- name: Checkout sources
uses: actions/checkout@v4
with:
persist-credentials: false
- name: Install rust toolchain
uses: dtolnay/rust-toolchain@stable
with:
components: rustfmt
- name: Check formatting
run: cargo fmt --all -- --check
clippy:
name: Clippy
runs-on: ubuntu-latest
steps:
- name: Checkout sources
uses: actions/checkout@v4
with:
persist-credentials: false
- name: Install rust toolchain
uses: dtolnay/rust-toolchain@stable
with:
components: clippy
- run: cargo clippy --all-features -- --deny warnings
semver:
name: Check semver compatibility
runs-on: ubuntu-latest
steps:
- name: Checkout sources
uses: actions/checkout@v4
with:
persist-credentials: false
- name: Check semver
uses: obi1kenobi/cargo-semver-checks-action@v2
fuzz:
name: Smoke-test fuzzing targets
runs-on: ubuntu-latest
steps:
- name: Checkout sources
uses: actions/checkout@v4
with:
persist-credentials: false
- name: Install nightly toolchain
uses: dtolnay/rust-toolchain@nightly
- name: Install cargo fuzz
run: cargo install cargo-fuzz
- name: Smoke-test fuzz targets
run: |
cargo fuzz build
for target in $(cargo fuzz list) ; do
cargo fuzz run $target -- -max_total_time=10
done
valgrind:
name: Check side-channels on base64 decoder
runs-on: ubuntu-latest
steps:
- name: Checkout sources
uses: actions/checkout@v4
with:
persist-credentials: false
- name: Install stable toolchain
uses: dtolnay/rust-toolchain@stable
- name: Install valgrind
if: runner.os == 'Linux'
run: sudo apt-get update && sudo apt-get install -y valgrind
- name: Build and run test
run: |
cargo test --all-features --lib
exe=$(cargo test --all-features --no-run --message-format json | \
jq --slurp --raw-output '.[] | select(.reason == "compiler-artifact") | select(.target.name == "rustls_pki_types") | select(.profile.test) | .executable')
valgrind --error-exitcode=99 --exit-on-first-error=yes $exe