From d3f6fe471d83cd225b4b2afdc4183ff7df9c22b3 Mon Sep 17 00:00:00 2001 From: Micah Thomas Date: Wed, 28 Feb 2024 19:44:44 -0700 Subject: [PATCH] chore: update github actions --- .github/workflows/exporter.yaml | 60 ++++++--------- .github/workflows/security-audit.yaml | 8 +- .github/workflows/server.yaml | 103 +++++++++----------------- 3 files changed, 61 insertions(+), 110 deletions(-) diff --git a/.github/workflows/exporter.yaml b/.github/workflows/exporter.yaml index 354ee09..ffe1032 100644 --- a/.github/workflows/exporter.yaml +++ b/.github/workflows/exporter.yaml @@ -6,7 +6,7 @@ on: - main pull_request: branches: - - '*' + - "*" env: CARGO_TERM_COLOR: always @@ -33,37 +33,24 @@ jobs: POSTGRES_HOST: localhost steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Setup .env run: ./scripts/create_env.sh - - name: Cache dependencies - id: cache-dependencies - uses: actions/cache@v3 - with: - path: | - ~/.cargo/registry - ~/.cargo/git - target - key: ${{ runner.os }}-cargo-exporter-${{ hashFiles('**/Cargo.lock') }} - - name: Install stable toolchain - uses: actions-rs/toolchain@v1 + uses: dtolnay/rust-toolchain@stable with: - profile: minimal toolchain: stable - override: true + + - uses: Swatinem/rust-cache@v2 - name: Check Format - uses: actions-rs/cargo@v1 - with: - command: fmt - args: --all -- --check + run: cargo fmt --all -- --check - uses: taiki-e/install-action@nextest - name: Cache sqlx-cli - uses: actions/cache@v3 + uses: actions/cache@v4 id: cache-sqlx with: path: | @@ -71,16 +58,13 @@ jobs: ~/.cargo/bin/cargo-sqlx key: ${{ runner.os }}-sqlx-${{ env.SQLX_VERSION }} - name: Install sqlx-cli - uses: actions-rs/cargo@v1 if: steps.cache-sqlx.outputs.cache-hit == false - with: - command: install - args: | - sqlx-cli - --force - --version=${{ env.SQLX_VERSION }} - --features ${{ env.SQLX_FEATURES }} - --no-default-features + run: | + cargo install sqlx-cli \ + --force \ + --version=${{ env.SQLX_VERSION }} \ + --features ${{ env.SQLX_FEATURES }} \ + --no-default-features \ --locked - name: Migrate database @@ -89,11 +73,9 @@ jobs: ./scripts/init_db.sh - name: Lint - uses: actions-rs/clippy-check@v1 if: github.actor != 'dependabot[bot]' - with: - token: ${{ secrets.GITHUB_TOKEN }} - args: -- -D warnings + run: | + cargo clippy -- -D warnings - name: Check sqlx offline query if: github.actor != 'dependabot[bot]' @@ -120,7 +102,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Exporter Google Sheet Credentials env: @@ -131,19 +113,19 @@ jobs: - name: Login id: auth - uses: google-github-actions/auth@v0 + uses: google-github-actions/auth@v2 with: token_format: access_token workload_identity_provider: ${{ secrets.GCP_IDENTITY_PROVIDER }} service_account: ${{ secrets.GCP_DEPLOY_SERVICE_ACCOUNT }} - name: Set up Cloud SDK - uses: google-github-actions/setup-gcloud@v0 + uses: google-github-actions/setup-gcloud@v2 with: install_components: beta - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 - name: Docker Image Metadata id: meta @@ -156,14 +138,14 @@ jobs: type=sha - name: Login to GAR - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: registry: us-central1-docker.pkg.dev username: oauth2accesstoken password: ${{ steps.auth.outputs.access_token }} - name: Build production image - uses: docker/build-push-action@v3 + uses: docker/build-push-action@v5 with: context: . provenance: false diff --git a/.github/workflows/security-audit.yaml b/.github/workflows/security-audit.yaml index 8e9e814..3f1d1fe 100644 --- a/.github/workflows/security-audit.yaml +++ b/.github/workflows/security-audit.yaml @@ -3,10 +3,10 @@ name: security on: push: paths: - - '**/Cargo.toml' - - '**/Cargo.lock' + - "**/Cargo.toml" + - "**/Cargo.lock" schedule: - - cron: '0 0 * * *' + - cron: "0 0 * * *" jobs: audit: @@ -14,6 +14,6 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v1 - - uses: actions-rs/audit-check@v1 + - uses: rustsec/audit-check@v1 with: token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/server.yaml b/.github/workflows/server.yaml index 2d6a058..dfcf75e 100644 --- a/.github/workflows/server.yaml +++ b/.github/workflows/server.yaml @@ -6,7 +6,7 @@ on: - main pull_request: branches: - - '*' + - "*" env: CARGO_TERM_COLOR: always @@ -33,38 +33,25 @@ jobs: POSTGRES_HOST: localhost steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Setup .env run: ./scripts/create_env.sh - - name: Cache dependencies - id: cache-dependencies - uses: actions/cache@v3 - with: - path: | - ~/.cargo/registry - ~/.cargo/git - target - key: ${{ runner.os }}-cargo-server-${{ hashFiles('**/Cargo.lock') }} - - name: Install stable toolchain - uses: actions-rs/toolchain@v1 + uses: dtolnay/rust-toolchain@stable with: - profile: minimal - components: rustfmt, clippy toolchain: stable - override: true + components: llvm-tools-preview + + - uses: Swatinem/rust-cache@v2 - name: Check Format - uses: actions-rs/cargo@v1 - with: - command: fmt - args: --all -- --check + run: cargo fmt --all -- --check - uses: taiki-e/install-action@nextest - name: Cache sqlx-cli - uses: actions/cache@v3 + uses: actions/cache@v4 id: cache-sqlx with: path: | @@ -72,16 +59,13 @@ jobs: ~/.cargo/bin/cargo-sqlx key: ${{ runner.os }}-sqlx-${{ env.SQLX_VERSION }} - name: Install sqlx-cli - uses: actions-rs/cargo@v1 if: steps.cache-sqlx.outputs.cache-hit == false - with: - command: install - args: | - sqlx-cli - --force - --version=${{ env.SQLX_VERSION }} - --features ${{ env.SQLX_FEATURES }} - --no-default-features + run: | + cargo install sqlx-cli \ + --force \ + --version=${{ env.SQLX_VERSION }} \ + --features ${{ env.SQLX_FEATURES }} \ + --no-default-features \ --locked - name: Migrate database @@ -90,11 +74,9 @@ jobs: ./scripts/init_db.sh - name: Lint - uses: actions-rs/clippy-check@v1 if: github.actor != 'dependabot[bot]' - with: - token: ${{ secrets.GITHUB_TOKEN }} - args: -- -D warnings + run: | + cargo clippy -- -D warnings - name: Check sqlx offline query if: github.actor != 'dependabot[bot]' @@ -121,23 +103,23 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Login id: auth - uses: google-github-actions/auth@v0 + uses: google-github-actions/auth@v2 with: token_format: access_token workload_identity_provider: ${{ secrets.GCP_IDENTITY_PROVIDER }} service_account: ${{ secrets.GCP_DEPLOY_SERVICE_ACCOUNT }} - name: Set up Cloud SDK - uses: google-github-actions/setup-gcloud@v0 + uses: google-github-actions/setup-gcloud@v2 with: install_components: beta - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 - name: Docker Image Metadata id: meta @@ -150,14 +132,14 @@ jobs: type=sha - name: Login to GAR - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: registry: us-central1-docker.pkg.dev username: oauth2accesstoken password: ${{ steps.auth.outputs.access_token }} - name: Build production image - uses: docker/build-push-action@v3 + uses: docker/build-push-action@v5 with: context: . provenance: false @@ -195,7 +177,7 @@ jobs: --set-secrets=APP__BIGCOMMERCE__CLIENT_ID=APP__BIGCOMMERCE__CLIENT_ID:1 \ --set-secrets=APP__APPLICATION__JWT_SECRET=APP__APPLICATION__JWT_SECRET:1 \ --set-secrets=APP__LIQ_PAY__PUBLIC_KEY=APP__LIQ_PAY__PUBLIC_KEY:2 \ - --set-secrets=APP__LIQ_PAY__PRIVATE_KEY=APP__LIQ_PAY__PRIVATE_KEY:2 + --set-secrets=APP__LIQ_PAY__PRIVATE_KEY=APP__LIQ_PAY__PRIVATE_KEY:2 coverage: name: coverage @@ -219,33 +201,23 @@ jobs: POSTGRES_HOST: localhost steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Setup .env run: ./scripts/create_env.sh - - name: Cache dependencies - id: cache-dependencies - uses: actions/cache@v3 - with: - path: | - ~/.cargo/registry - ~/.cargo/git - target - key: ${{ runner.os }}-cargo-server-${{ hashFiles('**/Cargo.lock') }} - - name: Install stable toolchain - uses: actions-rs/toolchain@v1 + uses: dtolnay/rust-toolchain@stable with: - profile: minimal toolchain: stable - override: true components: llvm-tools-preview + - uses: Swatinem/rust-cache@v2 + - uses: taiki-e/install-action@cargo-llvm-cov - uses: taiki-e/install-action@nextest - name: Cache sqlx-cli - uses: actions/cache@v3 + uses: actions/cache@v4 id: cache-sqlx with: path: | @@ -253,16 +225,13 @@ jobs: ~/.cargo/bin/cargo-sqlx key: ${{ runner.os }}-sqlx-${{ env.SQLX_VERSION }} - name: Install sqlx-cli - uses: actions-rs/cargo@v1 if: steps.cache-sqlx.outputs.cache-hit == false - with: - command: install - args: | - sqlx-cli - --force - --version=${{ env.SQLX_VERSION }} - --features ${{ env.SQLX_FEATURES }} - --no-default-features + run: | + cargo install sqlx-cli \ + --force \ + --version=${{ env.SQLX_VERSION }} \ + --features ${{ env.SQLX_FEATURES }} \ + --no-default-features \ --locked - name: Migrate database @@ -276,7 +245,7 @@ jobs: cargo llvm-cov nextest --all-features --lcov --output-path lcov.info - name: Upload coverage to Coveralls - uses: coverallsapp/github-action@1.1.3 + uses: coverallsapp/github-action@v2 with: github-token: ${{ secrets.GITHUB_TOKEN }} - path-to-lcov: apps/server/lcov.info + file: apps/server/lcov.info