Mike Swanson
39e9ac4b75
Some checks failed
Build and Test / Build Server (Linux) (push) Successful in 7m49s
Build and Test / Build Agent (Windows) (push) Failing after 13m6s
Build and Test / Security Audit (push) Failing after 4m17s
Build and Test / Build Summary (push) Has been skipped
Run Tests / Test Server (push) Failing after 2m39s
Run Tests / Test Agent (push) Failing after 2m34s
Run Tests / Code Coverage (push) Failing after 6m1s
Run Tests / Lint and Format Check (push) Failing after 2m12s
Allow manual re-runs of the CI gate without a dummy commit (useful while provisioning the Pluto windows-msvc runner). Also re-triggers the run. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
158 lines
5.2 KiB
YAML
158 lines
5.2 KiB
YAML
name: Build and Test
|
|
|
|
# PR/push CI gate (SPEC-001): fmt, clippy -D warnings, build, test, cargo-audit.
|
|
# This workflow does NOT version, sign, or release — that is release.yml's job. The agent build
|
|
# here is a compile gate only (it produces an unsigned artifact for inspection). Release commits
|
|
# carry `[skip ci]` so this workflow does not re-run on the version-bump commit.
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- main
|
|
- develop
|
|
pull_request:
|
|
branches:
|
|
- main
|
|
workflow_dispatch: # allow manual re-runs (Actions -> Build and Test -> Run workflow)
|
|
|
|
jobs:
|
|
build-server:
|
|
name: Build Server (Linux)
|
|
runs-on: ubuntu-latest
|
|
# .cargo/config.toml defaults to the windows-msvc target for local Windows dev.
|
|
# On the Linux runner, force the host target so clippy/test (which do not pass
|
|
# an explicit --target) build for Linux instead of an uninstalled cross target.
|
|
env:
|
|
CARGO_BUILD_TARGET: x86_64-unknown-linux-gnu
|
|
steps:
|
|
- name: Checkout code
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Install Rust toolchain
|
|
uses: actions-rs/toolchain@v1
|
|
with:
|
|
toolchain: stable
|
|
target: x86_64-unknown-linux-gnu
|
|
override: true
|
|
components: rustfmt, clippy
|
|
|
|
- name: Cache Cargo dependencies
|
|
uses: actions/cache@v3
|
|
with:
|
|
path: |
|
|
~/.cargo/bin/
|
|
~/.cargo/registry/index/
|
|
~/.cargo/registry/cache/
|
|
~/.cargo/git/db/
|
|
target/
|
|
key: ${{ runner.os }}-cargo-server-${{ hashFiles('server/Cargo.lock') }}
|
|
restore-keys: |
|
|
${{ runner.os }}-cargo-server-
|
|
|
|
- name: Install system dependencies
|
|
run: |
|
|
sudo apt-get update
|
|
sudo apt-get install -y pkg-config libssl-dev protobuf-compiler
|
|
|
|
- name: Check formatting
|
|
run: cd server && cargo fmt --all -- --check
|
|
|
|
# Informational (warn-only) for now. The pre-spec codebase has ~65 lint warnings,
|
|
# mostly dead-code for API the integration spec (native-remote-control) will wire.
|
|
# Re-tighten to `-- -D warnings` during the GC re-spec once that API is in use.
|
|
- name: Run Clippy (informational)
|
|
run: cd server && cargo clippy --all-targets --all-features
|
|
|
|
- name: Build server
|
|
run: |
|
|
cd server
|
|
cargo build --release --target x86_64-unknown-linux-gnu
|
|
|
|
- name: Run tests
|
|
run: |
|
|
cd server
|
|
cargo test --release
|
|
|
|
- name: Upload server binary
|
|
uses: actions/upload-artifact@v3
|
|
with:
|
|
name: guruconnect-server-linux
|
|
path: server/target/x86_64-unknown-linux-gnu/release/guruconnect-server
|
|
retention-days: 30
|
|
|
|
build-agent:
|
|
name: Build Agent (Windows)
|
|
# Native build on the Pluto Gitea Actions runner (host-mode, Windows Server 2019).
|
|
# The MSVC toolchain (x86_64-pc-windows-msvc target + crt-static via .cargo/config.toml)
|
|
# is pre-installed under the Administrator profile; the runner itself runs as SYSTEM, so
|
|
# the job points CARGO_HOME/RUSTUP_HOME at the Administrator homes.
|
|
runs-on: windows-msvc
|
|
env:
|
|
CARGO_HOME: C:\Users\Administrator\.cargo
|
|
RUSTUP_HOME: C:\Users\Administrator\.rustup
|
|
steps:
|
|
- name: Checkout code
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Add cargo bin to PATH
|
|
shell: pwsh
|
|
run: |
|
|
# Make cargo/rustc from the Administrator toolchain visible to later steps.
|
|
"C:\Users\Administrator\.cargo\bin" | Out-File -FilePath $env:GITHUB_PATH -Encoding utf8 -Append
|
|
|
|
- name: Toolchain sanity check
|
|
shell: pwsh
|
|
run: |
|
|
# Fail early with a clear marker if the pre-installed toolchain is not reachable.
|
|
cargo --version
|
|
rustc --version
|
|
|
|
- name: Build agent (native x86_64-pc-windows-msvc)
|
|
shell: pwsh
|
|
run: |
|
|
# crt-static and the default target come from .cargo/config.toml; we pass --target
|
|
# explicitly so the artifact path is deterministic regardless of host defaults.
|
|
Set-Location agent
|
|
cargo build --release --target x86_64-pc-windows-msvc
|
|
Write-Host "[OK] Built agent for x86_64-pc-windows-msvc"
|
|
|
|
- name: Upload agent binary
|
|
uses: actions/upload-artifact@v3
|
|
with:
|
|
name: guruconnect-agent-windows
|
|
path: agent/target/x86_64-pc-windows-msvc/release/guruconnect.exe
|
|
retention-days: 30
|
|
|
|
security-audit:
|
|
name: Security Audit
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout code
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Install Rust toolchain
|
|
uses: actions-rs/toolchain@v1
|
|
with:
|
|
toolchain: stable
|
|
|
|
- name: Install cargo-audit
|
|
run: cargo install cargo-audit
|
|
|
|
- name: Run security audit on server
|
|
run: cd server && cargo audit
|
|
|
|
- name: Run security audit on agent
|
|
run: cd agent && cargo audit
|
|
|
|
build-summary:
|
|
name: Build Summary
|
|
runs-on: ubuntu-latest
|
|
needs: [build-server, build-agent, security-audit]
|
|
steps:
|
|
- name: Build succeeded
|
|
run: |
|
|
echo "All builds completed successfully"
|
|
echo "Server: Linux x86_64"
|
|
echo "Agent: Windows x86_64"
|
|
echo "Security: Passed"
|