Skip to content
Lint

feat: Enhance observability with Prometheus metrics, add CLI authenti… #167

Sign in to view logs

feat: Enhance observability with Prometheus metrics, add CLI authenti…

feat: Enhance observability with Prometheus metrics, add CLI authenti… #167

Workflow file for this run

.github/workflows/lint.yml at 1157186
name: Lint
on:
push:
branches: [main]
pull_request:
branches: [main]
permissions:
checks: write
contents: read
issues: write
pull-requests: write
env:
CARGO_TERM_COLOR: always
SQLX_OFFLINE: true
LC_ALL: en_US.UTF-8
LANG: en_US.UTF-8
LANGUAGE: en_US
CARGO_HOME: ${{ github.workspace }}/.cargo
jobs:
clippy:
name: Lint
container:
image: rust:latest
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Install Just
uses: extractions/setup-just@v2
- name: Add Cargo bin to PATH
run: echo "${{ github.workspace }}/.cargo/bin" >> $GITHUB_PATH
- name: Cache Cargo
uses: actions/cache@v4
with:
path: |
/usr/local/cargo
/usr/local/rustup
${{ env.CARGO_HOME }}/bin
${{ env.CARGO_HOME }}/git
${{ env.CARGO_HOME }}/registry
key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
- name: Cache Dependencies
uses: Swatinem/rust-cache@v2
with:
cache-on-failure: true
- name: Create .env file
run: cp .env.template .env
- name: Install
run: just install
- name: Check
run: just check
audit:
name: Security audit
container:
image: rust:latest
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Add Cargo bin to PATH
run: echo "${{ github.workspace }}/.cargo/bin" >> $GITHUB_PATH
- name: Cache Cargo
uses: actions/cache@v4
with:
path: |
/usr/local/cargo
/usr/local/rustup
${{ env.CARGO_HOME }}/bin
${{ env.CARGO_HOME }}/git
${{ env.CARGO_HOME }}/registry
key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
- name: Cache dependencies
uses: Swatinem/rust-cache@v2
with:
cache-on-failure: true
- name: Generate lockfile
run: cargo generate-lockfile
- name: Get security ignore list
id: secignore
run: |
ignore_values=$(grep -v '^\s*#' .secignore | tr '\n' ',' | sed 's/,$//')
echo "ignore=$ignore_values" >> $GITHUB_OUTPUT
- name: Audit check
uses: rustsec/audit-check@v2.0.0
with:
token: ${{ secrets.GITHUB_TOKEN }}
ignore: ${{ steps.secignore.outputs.ignore }}