Template to maintain a rust project running CI/CD with Github Workflows.

Overview

Rust CI/CD template

License Crates.io Minimum Supported Rust Version CI

Template to maintain a rust project running CI/CD with Github Workflows.

CI Workflow

ci.yaml

CI

This workflow will run every time you push to main or make a pull request. You can also run the workflow manually in github.

It will run:

CD Workflow

CD-1 CD-2

build_and_release.yaml

This workflow will only run manually through GitHub.

It will:

  • Validate your input version with regex (e.g. v3.1.4-alpha+159).
  • Run the ci workflow.
  • Run cargo semver-checks:
    • Lint your crate API changes for semver violations.
    • This will only run if you crate is a library.
    • Uses your previous tag as a baseline.
  • Run add-notice:
    • Add header notices to your rust files.
    • Check for the NOTICEe file.
    • Auto-commit.
  • Run cargo-bump:
    • Bump the current version of the Cargo.toml file.
    • Uses the input version if provided.
    • Auto-commit.
  • Run cargo-attributions:
    • Comply with licenses distribution.
    • Add licenses, notices and metadata of your dependencies.
    • Crate an attribution folder
    • Auto-commit.
  • Create a new tag:
    • Uses the input version if provided.
    • It's created only if the tag not exists.
  • Create a new github release:
    • Uses create-gh-release-action
    • Includes your changelog if matches the same version.
    • Uses the created tag as a reference.
  • Build and Release in Github:
    • Using upload-rust-binary-action
    • And setup-cross-toolchain-action
    • Only builds if your crate contains a binary crate.
    • Uses the created tag as a reference.
    • Bundle the attribution folder with licenses and notices.
    • Create checksum with sha256.
    • It builds for linux: gnu (x86_64|aarch64|riscv64gc) and musl (x86_64|aarch64).
    • It builds for windows: msvc (x86_64|aarch64) and gnu (x86_64).
    • It builds for mac-os (x86_64|aarch64).
  • Publish the create to crates.io:
    • Only if you have the secrets.CARGO_REGISTRY_TOKEN variable added to repository secrets.
    • Path: Settings -> Security -> Secrets and variables -> Actions -> Repository secrets.

How to use the Build and Release workflow

You will run this directly in your Github repo -> Section Actions -> [Main] Build & Release workflow. -> Run workflow button.

Build and Release Workflow

Here you can do three things to run the workflow:

  1. Write the new version you want to release: - The version is in the form of:
    • Version parts: ${MAJOR}.${MINOR}.${PATCH}-${PRE-RELEASE}+${BUILD}
    • Example: 3.1.4-alpha+159
  2. Select the release_type you want: release-type
    • patch, minor and major.
    • It will use your current crate version as a baseline.
    • Keep in none if you only want the writing version.
  3. Keep all with the defaults (without version and release_type = none)
    • It will use your current crate version as a baseline.
    • Run if you already update your crate version.
    • Useful for testing when you already run the workflow.

The two booleans allow you to publish your crate to creates.io and overwrite your tag to add modifications to a release, respectively.

Dependabot

This template includes a setup for dependabot and a workflow for auto-merge.

  • It will update packages for cargo and github-actions weekly.

  • For rust:

    • It will create pull request in groups.
    • One group for patch updates, one for minor updates and one for major updates.
    • It will auto-merge the pull request if passes ci.
  • For github-actions:

    • It will create a pull request in groups.
    • Only one group for the updates.
    • It will auto-merge the pull request if passes ci.

Other workflows

This template uses workflow call and workflow dispatch to reuse workflows and be able to run them individually. So you can run various jobs of the ci/cd workflows independently.

Some workflows to consider:

  • weekly-workflow
    • Run the ci workflow.
    • Update Dependencies, Attributions and Notices.
  • monthly-workflow
    • Run the build_and_release workflow.
    • Do a patch release and publish to crates.io
  • update_msrv.yaml
    • It will run cargo-msrv to update your rust-version in Cargo.toml
    • If you uses the MSRV in your README.md it will also updated it.
  • cargo_semver_checks
    • Test semver violations before releasing.
  • cache.yaml
    • To clean the caches generated for the workflows.
    • Run if you have problems with the cache.
  • add_notice.yaml
    • To replace and update your notices.
    • To apply notices to other kind of files.
    • To use different comment styles.
  • publish.yaml
    • To publish your crate to crates.io.

What to change if you want to use this template

Similar projects that might help you

LICENSE

SPDX-License-Identifier: CC0-1.0 OR MIT OR Apache-2.0

Licensed under a triple license at your option:

You might also like...
Simple template for building smart contract(Rust) and RPC Client(web3.js) on Solana (WIP) ⛏👷🚧⚠️
Simple template for building smart contract(Rust) and RPC Client(web3.js) on Solana (WIP) ⛏👷🚧⚠️

Solana BPF Boilerplate Simple template for building smart contract(Rust) and RPC Client(web3.js) on Solana This boilerplate provides the following. Si

A blazing fast, type-safe template engine for Rust.

markup.rs A blazing fast, type-safe template engine for Rust. markup.rs is a template engine for Rust powered by procedural macros which parses the te

This is a template to build secret contracts in Rust to run in Secret Network

Secret Contracts Starter Pack This is a template to build secret contracts in Rust to run in Secret Network. To understand the framework better, pleas

A template to build smart contracts in Rust to run inside a Cosmos SDK module on all chains that enable it.

CosmWasm Starter Pack This is a template to build smart contracts in Rust to run inside a Cosmos SDK module on all chains that enable it. To understan

🖨 Template for Rust applications & smart contracts @okp4.

Rust Template Template for Rust projects @okp4. Purpose & Philosophy This repository holds the template for building Rust projects with a consistent s

Minimal compile-time Rust template engine

boilerplate boilerplate is a minimal compile-time Rust text template engine. Quick Start Add boilerplate to your project's Cargo.toml: [dependencies]

Cloup is a template manager that provides the files you desire when you need them, written in Rust.
Cloup is a template manager that provides the files you desire when you need them, written in Rust.

cloup cloup is a template manager that delivers the files you desire when you need them, written in rust you no longer need to locate your previous pr

A template for command-line Rust programs

This is a template for command-line Rust programs. Clone and run the rename script with both a lowercase and UpperCase name. In the dev profile, depen

Rust-Rocket framework template Demo

rocketapp Rust-Rocket framework template Demo dependencies are defined in Cargo.toml Clone as: git clone https://github.com/srikantgdev/rocketapp [op

Comments
  • Bump EmbarkStudios/cargo-deny-action from 1 to 2 in the github-actions-updates group

    Bump EmbarkStudios/cargo-deny-action from 1 to 2 in the github-actions-updates group

    Bumps the github-actions-updates group with 1 update: EmbarkStudios/cargo-deny-action.

    Updates EmbarkStudios/cargo-deny-action from 1 to 2

    Release notes

    Sourced from EmbarkStudios/cargo-deny-action's releases.

    Release 2.0.1 - cargo-deny 0.16.1

    Fixed

    • PR#691 fixed an issue where workspace dependencies that used the current dir '.' path component would incorrectly trigger the unused-workspace-dependency lint.

    Release 2.0.0 - cargo-deny 0.16.0

    Action

    Added

    Changed

    • This release includes breaking changes in cargo-deny, so this release begins the v2 tag, using v1 will be stable but not follow future cargo-deny releases.

    cargo-deny

    Removed

    • PR#681 finished the deprecation introduced in PR#611, making the usage of the deprecated fields into errors.

    [advisories]

    The following fields have all been removed in favor of denying all advisories by default. To ignore an advisory the ignore field can be used as before.

    • vulnerability - Vulnerability advisories are now deny by default
    • unmaintained - Unmaintained advisories are now deny by default
    • unsound - Unsound advisories are now deny by default
    • notice - Notice advisories are now deny by default
    • severity-threshold - The severity of vulnerabilities is now irrelevant

    [licenses]

    The following fields have all been removed in favor of denying all licenses that are not explicitly allowed via either allow or exceptions.

    • unlicensed - Crates whose license(s) cannot be confidently determined are now always errors. The clarify field can be used to help cargo-deny determine the license.
    • allow-osi-fsf-free - The OSI/FSF Free attributes are now irrelevant, only whether it is explicitly allowed.
    • copyleft - The copyleft attribute is now irrelevant, only whether it is explicitly allowed.
    • default - The default is now deny.
    • deny - All licenses are now denied by default, this field added nothing.

    Changed

    • PR#685 follows up on PR#673, moving the fields that were added to their own separate bans.workspace-dependencies section. This is an unannounced breaking change but is fairly minor and 0.15.0 was never released on github actions so the amount of people affected by this will be (hopefully) small. This also makes the workspace duplicate detection off by default since the field is optional, but makes it so that if not specified workspace duplicates are now deny instead of warn.

    Fixed

    • PR#685 resolved #682 by adding the include-path-dependencies field, allowing path dependencies to be ignored if it is false.

    Release 1.6.3 - cargo-deny 0.14.21

    Fixed

    • PR#643 resolved #629 by making the hosted git (github, gitlab, bitbucket) org/user name comparison case-insensitive. Thanks @​pmnlla!
    • PR#649 fixed an issue where depending on the same crate multiple times by using different cfg()/triple targets could cause features to be resolved incorrectly and thus crates to be not pulled into the graph used for checking.

    [0.14.20] - 2024-03-23

    Fixed

    • PR#642 resolved #641 by pinning gix-transport (and its unique dependencies) to 0.41.2 as a workaround for cargo install not using the lockfile. See this issue for more information.

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
    • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
    • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
    • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
    • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
    • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    dependencies github_actions 
    opened by dependabot[bot] 0
  • Bump DavidAnson/markdownlint-cli2-action from 15 to 16 in the github-actions-updates group

    Bump DavidAnson/markdownlint-cli2-action from 15 to 16 in the github-actions-updates group

    Bumps the github-actions-updates group with 1 update: DavidAnson/markdownlint-cli2-action.

    Updates DavidAnson/markdownlint-cli2-action from 15 to 16

    Release notes

    Sourced from DavidAnson/markdownlint-cli2-action's releases.

    Update markdownlint version (markdownlint-cli2 v0.13.0, markdownlint v0.34.0).

    No release notes provided.

    Update markdownlint version (markdownlint-cli2 v0.12.1, markdownlint v0.33.0).

    Update markdownlint version (markdownlint-cli2 v0.11.0, markdownlint v0.32.1), remove deprecated "command" input.

    No release notes provided.

    Update markdownlint version (markdownlint-cli2 v0.10.0, markdownlint v0.31.1).

    No release notes provided.

    Update markdownlint version (markdownlint-cli2 v0.9.2, markdownlint v0.30.0).

    No release notes provided.

    Update markdownlint version (markdownlint-cli2 v0.8.1, markdownlint v0.29.0), add "config" and "fix" inputs, deprecate "command" input.

    No release notes provided.

    Update markdownlint version (markdownlint-cli2 v0.7.1, markdownlint v0.28.2).

    No release notes provided.

    Update markdownlint version (markdownlint-cli2 v0.7.0, markdownlint v0.28.1), include link to rule information in title of annotations (clickable in GitHub).

    No release notes provided.

    Update markdownlint version (markdownlint-cli2 v0.6.0, markdownlint v0.27.0).

    No release notes provided.

    Update markdownlint version (markdownlint-cli2 v0.5.1, markdownlint v0.26.2).

    No release notes provided.

    Update markdownlint version (markdownlint-cli2 v0.4.0, markdownlint v0.25.1)

    No release notes provided.

    Commits
    • b4c9fea Update to version 16.0.0.
    • 349248f Update CONTRIBUTING.md to link to a more relevant (my own) blog post about ve...
    • b22040a Freshen generated index.js file.
    • d73fc7d Bump markdownlint-cli2 from 0.12.1 to 0.13.0
    • 4a035c1 Bump eslint-plugin-unicorn from 51.0.1 to 52.0.0
    • 3eeb58c Freshen generated index.js file.
    • 73e365c Bump tj-actions/changed-files from 43 to 44
    • 60d6e1a Bump tj-actions/changed-files from 42 to 43
    • 58bc1d1 Freshen generated index.js file.
    • 1341c61 Bump eslint from 8.56.0 to 8.57.0
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
    • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
    • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
    • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
    • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
    • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    dependencies github_actions 
    opened by dependabot[bot] 0
  • Bump the github-actions-updates group with 1 update

    Bump the github-actions-updates group with 1 update

    Bumps the github-actions-updates group with 1 update: dependabot/fetch-metadata.

    Updates dependabot/fetch-metadata from 1 to 2

    Release notes

    Sourced from dependabot/fetch-metadata's releases.

    v2.0.0 - Switch to node20

    What's Changed

    Full Changelog: https://github.com/dependabot/fetch-metadata/compare/v1.7.0...v2.0.0

    v1.7.0

    What's Changed

    New Contributors

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
    • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
    • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
    • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
    • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
    • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    dependencies github_actions 
    opened by dependabot[bot] 0
Releases(v0.2.5)
Owner
Ame
「3D • ART • Software」
Ame
An MEV back-running template for ethers-rs

MEV price prediction I show how to predict ChainLink price updates from the mempool. For the sake of illustration I work with AAVE V2 price oracles. E

Andrea Simeoni 54 Apr 19, 2023
A template for your next Rust project.

Opinionated Rust Template A template for your next Rust project. To start coding run: cargo generate tomkarw/opinionated-rust-template Only requires j

Tom Karwowski 8 Dec 1, 2022
A rust project template for general purpose.

Rust 项目的初始化模版 开发项目时,会有不少关于项目的ci, lint, typo等配置,通过该模板创建项目,帮助快速构建这些配置: github action 配置,用于在CI对代码进行完整的检查和构建 pre-commit 配置,用于在commit时进行代码规范检查,如: cargo fmt

fan-tastic-z 8 Sep 30, 2024
A template for starting a flipperzero-rs project for the Flipper Zero🐬

flipperzero-template ?? A template for kick-starting a Rust + FlipperZero project using flipperzero-rs ?? ❤️ ?? . Currently supports SDK 14.0 (flipper

Rust for Flipper Zero 5 Apr 4, 2023
Simple CI program for running fuzzing over TezEdge.

Fuzzing CI This program is designed to run fuzzing on selected branches of a source project, restarting it as a new commit arrives. Building cargo bui

TezEdge 5 Aug 6, 2021
Selendra is a multichains interoperable nominated Proof-of-Stake network for developing and running Substrate-based and EVM compatible blockchain applications.

Selendra An interoperable nominated Proof-of-Stake network for developing and running Substrate-based and EVM compatible blockchain applications. Read

Selendra 16 Nov 29, 2022
use your GitHub SSH keys to authenticate to sshd

aeneid If you squint, GitHub is basically a free, zero-ops IdP that provides SSH public keys. Let's use it to authenticate to OpenSSH! What / How? The

Nikhil Jha 21 Dec 6, 2022
Retrieving SSH and GPS keys from GitHub and GitLab

Dormarch Retrieving SSH and GPS keys from GitHub and GitLab Usage After having installed Dormarch, you can see all the options with dormarch -h. To re

Riccardo Padovani 2 Dec 24, 2021
Authorize an ssh session using your keys on GitHub.

GitHub AuthorizedKeysCommand (hubakc) Heavily inspired by https://github.com/sequencer/gitakc . It allows someone login to the server using their ssh

Wenzhuo Liu 5 Nov 11, 2022
Provision your authorized_keys via HTTPS/GitHub/GitLab

Keyps Key Provisioning Service Provision authorized_keys from HTTPS/GitHub/GitLab and automatically keep them up to date. Motivation Problem Provision

Samuel Rounce 6 Apr 27, 2023