name: CI on: push: branches: [ main, develop ] pull_request: branches: [ main ] env: CARGO_TERM_COLOR: always RUST_BACKTRACE: 1 jobs: # Build and test on multiple platforms test: strategy: fail-fast: false matrix: include: - name: "Debian Trixie (x86_64)" os: ubuntu-22.04 rust: stable target: x86_64-unknown-linux-gnu container: debian:trixie - name: "Ubuntu Noble (x86_64)" os: ubuntu-22.04 rust: stable target: x86_64-unknown-linux-gnu container: ubuntu:noble - name: "Debian Trixie (aarch64)" os: ubuntu-22.04 rust: stable target: aarch64-unknown-linux-gnu container: debian:trixie runs-on: ${{ matrix.os }} container: ${{ matrix.container }} steps: - name: Checkout code uses: actions/checkout@v4 with: submodules: recursive - name: Install system dependencies run: | apt-get update apt-get install -y \ build-essential \ pkg-config \ libssl-dev \ libdbus-1-dev \ libglib2.0-dev \ ostree \ bubblewrap \ curl \ git - name: Install Rust toolchain uses: actions-rs/toolchain@v1 with: toolchain: ${{ matrix.rust }} target: ${{ matrix.target }} override: true - name: Cache Rust dependencies uses: actions/cache@v3 with: path: | ~/.cargo/registry ~/.cargo/git target key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }} - name: Build project run: | cargo build --target ${{ matrix.target }} --verbose - name: Run unit tests run: | cargo test --target ${{ matrix.target }} --verbose - name: Run integration tests run: | cargo test --target ${{ matrix.target }} --test integration_tests --verbose - name: Check code quality run: | cargo clippy --target ${{ matrix.target }} -- -D warnings cargo fmt --target ${{ matrix.target }} -- --check # Security and quality checks security: runs-on: ubuntu-22.04 container: debian:trixie steps: - name: Checkout code uses: actions/checkout@v4 - name: Install Rust toolchain uses: actions-rs/toolchain@v1 with: toolchain: stable override: true - name: Install security tools run: | apt-get update apt-get install -y cargo-audit - name: Run security audit run: | cargo audit --version cargo audit - name: Check for known vulnerabilities run: | cargo audit --deny warnings # Performance benchmarking benchmark: runs-on: ubuntu-22.04 container: debian:trixie steps: - name: Checkout code uses: actions/checkout@v4 - name: Install Rust toolchain uses: actions-rs/toolchain@v1 with: toolchain: stable override: true - name: Install benchmark dependencies run: | apt-get update apt-get install -y \ build-essential \ pkg-config \ libssl-dev \ libdbus-1-dev \ libglib2.0-dev - name: Run performance benchmarks run: | cargo bench --verbose - name: Upload benchmark results uses: actions/upload-artifact@v3 with: name: benchmark-results path: target/criterion # Documentation build docs: runs-on: ubuntu-22.04 container: debian:trixie steps: - name: Checkout code uses: actions/checkout@v4 - name: Install Rust toolchain uses: actions-rs/toolchain@v1 with: toolchain: stable override: true - name: Install documentation dependencies run: | apt-get update apt-get install -y \ build-essential \ pkg-config \ libssl-dev \ libdbus-1-dev \ libglib2.0-dev - name: Build documentation run: | cargo doc --no-deps --verbose - name: Upload documentation uses: actions/upload-artifact@v3 with: name: documentation path: target/doc # Debian package build debian-package: runs-on: ubuntu-22.04 container: debian:trixie steps: - name: Checkout code uses: actions/checkout@v4 - name: Install build dependencies run: | apt-get update apt-get install -y \ build-essential \ devscripts \ debhelper \ dh-cargo \ cargo \ pkg-config \ libssl-dev \ libdbus-1-dev \ libglib2.0-dev - name: Build Debian package run: | ./build-debian-trixie.sh - name: Upload Debian package uses: actions/upload-artifact@v3 with: name: debian-package path: deb_packages/ # Integration testing with real OSTree ostree-integration: runs-on: ubuntu-22.04 container: debian:trixie steps: - name: Checkout code uses: actions/checkout@v4 - name: Install Rust toolchain uses: actions-rs/toolchain@v1 with: toolchain: stable override: true - name: Install OSTree testing dependencies run: | apt-get update apt-get install -y \ build-essential \ pkg-config \ libssl-dev \ libdbus-1-dev \ libglib2.0-dev \ ostree \ bubblewrap \ qemu-system-x86_64 \ qemu-utils - name: Build apt-ostree run: | cargo build --release - name: Run OSTree integration tests run: | # Test with real OSTree repository mkdir -p /tmp/test-ostree ostree init --repo=/tmp/test-ostree ./target/release/apt-ostree status - name: Upload test artifacts uses: actions/upload-artifact@v3 with: name: ostree-test-results path: /tmp/test-ostree/ # Code coverage coverage: runs-on: ubuntu-22.04 container: debian:trixie steps: - name: Checkout code uses: actions/checkout@v4 - name: Install Rust toolchain uses: actions-rs/toolchain@v1 with: toolchain: stable override: true - name: Install coverage tools run: | apt-get update apt-get install -y \ build-essential \ pkg-config \ libssl-dev \ libdbus-1-dev \ libglib2.0-dev \ cargo-tarpaulin - name: Generate coverage report run: | cargo tarpaulin --out Html --output-dir coverage - name: Upload coverage report uses: actions/upload-artifact@v3 with: name: coverage-report path: coverage/ # Final status check status: needs: [test, security, benchmark, docs, debian-package, ostree-integration, coverage] runs-on: ubuntu-latest if: always() steps: - name: Check job status run: | echo "All CI jobs completed" echo "Check individual job results above"