Template to maintain a rust project running CI/CD with Github Workflows.
This workflow will run every time you push to main or make a pull request. You can also run the workflow manually in github.
It will run:
- cargo build: Compiling for ubuntu-latest.
- cargo fmt:
- Rust Formatter.
- Check for the file rustfmt.toml.
- cargo clippy:
- Lints catch common mistakes and improve your Rust code.
- Check for the sections
[lints.rust]
and[linsts.clippy]
in the Cargo.toml file.
- cargo doc: Build the documentation.
- cargo doc --test: Run tests in the documentation, only if the crate is a lib.
- cargo-nextest: Execute unit and integration tests.
- cargo miri test: Help to detect certain classes of undefined behavior.
- typos:
- Source code spell checker.
- Check for the typos.toml file.
- docs
- taplo fmt: Toml formatter.
- markdownlint-cli2:
- Markdown linter and formatter.
- Check for the file .markdownlint.yaml
- yamlfmt: Yaml formatter.
- cargo deny:
- cargo audit:
- Check for security vulnerabilities.
- Uses the advisory-db
- cargo msrv: Keep the rustc version on check.
This workflow will only run manually through GitHub.
It will:
- Validate your input version with regex (e.g. v3.1.4-alpha+159).
- Run the ci workflow.
- Run cargo semver-checks:
- Lint your crate API changes for semver violations.
- This will only run if you crate is a library.
- Uses your previous tag as a baseline.
- Run add-notice:
- Add header notices to your rust files.
- Check for the NOTICEe file.
- Auto-commit.
- Run cargo-bump:
- Bump the current version of the Cargo.toml file.
- Uses the input version if provided.
- Auto-commit.
- Run cargo-attributions:
- Comply with licenses distribution.
- Add licenses, notices and metadata of your dependencies.
- Crate an attribution folder
- Auto-commit.
- Create a new tag:
- Uses the input version if provided.
- It's created only if the tag not exists.
- Create a new github release:
- Uses create-gh-release-action
- Includes your changelog if matches the same version.
- Uses the created tag as a reference.
- Build and Release in Github:
- Using upload-rust-binary-action
- And setup-cross-toolchain-action
- Only builds if your crate contains a binary crate.
- Uses the created tag as a reference.
- Bundle the attribution folder with licenses and notices.
- Create checksum with sha256.
- It builds for linux: gnu (x86_64|aarch64|riscv64gc) and musl (x86_64|aarch64).
- It builds for windows: msvc (x86_64|aarch64) and gnu (x86_64).
- It builds for mac-os (x86_64|aarch64).
- Publish the create to crates.io:
- Only if you have the secrets.CARGO_REGISTRY_TOKEN variable added to repository secrets.
- Path: Settings -> Security -> Secrets and variables -> Actions -> Repository secrets.
You will run this directly in your Github repo -> Section Actions
-> [Main] Build & Release
workflow. -> Run workflow
button.
Here you can do three things to run the workflow:
- Write the new version you want to release: - The version is in the form of:
- Version parts:
${MAJOR}.${MINOR}.${PATCH}-${PRE-RELEASE}+${BUILD}
- Example: 3.1.4-alpha+159
- Version parts:
- Select the release_type you want:
patch
,minor
andmajor
.- It will use your current crate version as a baseline.
- Keep in
none
if you only want the writing version.
- Keep all with the defaults (without version and release_type = none)
- It will use your current crate version as a baseline.
- Run if you already update your crate version.
- Useful for testing when you already run the workflow.
The two booleans allow you to publish your crate to creates.io and overwrite your tag to add modifications to a release, respectively.
This template includes a setup for dependabot and a workflow for auto-merge.
-
It will update packages for cargo and github-actions weekly.
-
For rust:
- It will create pull request in groups.
- One group for patch updates, one for minor updates and one for major updates.
- It will auto-merge the pull request if passes ci.
-
For github-actions:
- It will create a pull request in groups.
- Only one group for the updates.
- It will auto-merge the pull request if passes ci.
This template uses workflow call and workflow dispatch to reuse workflows and be able to run them individually. So you can run various jobs of the ci/cd workflows independently.
Some workflows to consider:
- weekly-workflow
- Run the ci workflow.
- Update Dependencies, Attributions and Notices.
- monthly-workflow
- Run the build_and_release workflow.
- Do a patch release and publish to crates.io
- update_msrv.yaml
- It will run cargo-msrv to update your
rust-version
in Cargo.toml - If you uses the MSRV in your README.md it will also updated it.
- It will run cargo-msrv to update your
- cargo_semver_checks
- Test semver violations before releasing.
- cache.yaml
- To clean the caches generated for the workflows.
- Run if you have problems with the cache.
- add_notice.yaml
- To replace and update your notices.
- To apply notices to other kind of files.
- To use different comment styles.
- publish.yaml
- To publish your crate to crates.io.
- Change this file.
- Change the metadata in Cargo.toml
- Change the licenses files. Right now uses LICENSE-CC0-1.0, LICENSE-MIT and LICENSE-Apache-2.0.
- Change the deny.toml file.
- Change the NOTICE file:
- Remove the notice in main.rs.
- Or you can run add-notice --remove before you update the NOTICE file.
- Change the FUNDING.yaml file.
SPDX-License-Identifier: CC0-1.0 OR MIT OR Apache-2.0
Licensed under a triple license at your option:
- CC0-1.0 license.
- MIT license.
- Apache-2.0 license.