chore(deps): update rust crate reqwest to v0.12.28 - autoclosed #726
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: ci | |
| on: | |
| workflow_dispatch: | |
| pull_request: | |
| push: | |
| tags: ["*"] | |
| branches: ["main"] | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| env: | |
| CARGO_TERM_COLOR: always | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| jobs: | |
| build: | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| os: | |
| - macos-latest | |
| - ubuntu-latest | |
| runs-on: ${{ matrix.os }} | |
| timeout-minutes: 10 | |
| steps: | |
| - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 | |
| with: | |
| submodules: recursive | |
| - uses: jdx/mise-action@146a28175021df8ca24f8ee1828cc2a60f980bd5 # v3 | |
| - uses: Swatinem/rust-cache@779680da715d629ac1d338a641029a2f4372abb5 # v2 | |
| - name: Install Rust components | |
| run: rustup component add rustfmt clippy | |
| - name: Build | |
| run: cargo build | |
| - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4 | |
| with: | |
| name: fnox-${{ matrix.os }} | |
| path: target/debug/fnox | |
| ci-bats: | |
| needs: build | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| os: | |
| - macos-latest | |
| - ubuntu-latest | |
| tranche: [0, 1, 2] | |
| runs-on: ${{ matrix.os }} | |
| timeout-minutes: 20 | |
| steps: | |
| - run: brew install parallel vault | |
| if: ${{ matrix.os == 'macos-latest' }} | |
| - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 | |
| with: | |
| submodules: recursive | |
| - uses: jdx/mise-action@146a28175021df8ca24f8ee1828cc2a60f980bd5 # v3 | |
| - uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4 | |
| with: | |
| name: fnox-${{ matrix.os }} | |
| path: target/debug | |
| - run: chmod +x target/debug/fnox | |
| - name: Setup age key for fnox | |
| if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository | |
| run: mkdir -p ~/.config/fnox && echo "${{ secrets.AGE_SECRET }}" > ~/.config/fnox/age.txt | |
| - name: Setup services (Ubuntu) | |
| if: ${{ matrix.os == 'ubuntu-latest' }} | |
| run: | | |
| # Install gnome-keyring for keychain tests | |
| sudo apt-get update | |
| sudo apt-get install -y gnome-keyring libsecret-tools | |
| # Start D-Bus session daemon | |
| mkdir -p ~/.dbus-session | |
| dbus-daemon --session --fork --print-address=1 > ~/.dbus-session/bus-address | |
| DBUS_SESSION_BUS_ADDRESS=$(cat ~/.dbus-session/bus-address) | |
| export DBUS_SESSION_BUS_ADDRESS | |
| echo "DBUS_SESSION_BUS_ADDRESS=$DBUS_SESSION_BUS_ADDRESS" >> "$GITHUB_ENV" | |
| # Start gnome-keyring daemon for keychain tests | |
| echo "foobar" | gnome-keyring-daemon --unlock --components=secrets --daemonize | |
| # Start Vaultwarden with HTTPS (self-signed certificate) | |
| # Generate self-signed certificate | |
| mkdir -p /tmp/vaultwarden-certs | |
| openssl req -x509 -nodes -days 365 -newkey rsa:2048 \ | |
| -keyout /tmp/vaultwarden-certs/key.pem \ | |
| -out /tmp/vaultwarden-certs/cert.pem \ | |
| -subj "/CN=localhost" \ | |
| -addext "subjectAltName=DNS:localhost,IP:127.0.0.1" 2>/dev/null || true | |
| # Start Vaultwarden with HTTPS enabled | |
| docker run -d --name vaultwarden \ | |
| -p 8080:80 \ | |
| -e DOMAIN=https://localhost:8080 \ | |
| -e SIGNUPS_ALLOWED=true \ | |
| -e DISABLE_ADMIN_TOKEN=true \ | |
| -e I_REALLY_WANT_VOLATILE_STORAGE=true \ | |
| -e ROCKET_TLS='{certs="/data/certs/cert.pem",key="/data/certs/key.pem"}' \ | |
| -v /tmp/vaultwarden-certs:/data/certs:ro \ | |
| vaultwarden/server:latest | |
| # Start Vault | |
| docker run -d --name vault --cap-add=IPC_LOCK \ | |
| -p 8200:8200 \ | |
| -e VAULT_DEV_ROOT_TOKEN_ID=fnox-test-token \ | |
| -e VAULT_DEV_LISTEN_ADDRESS=0.0.0.0:8200 \ | |
| -e VAULT_ADDR=http://127.0.0.1:8200 \ | |
| hashicorp/vault:latest | |
| # Start Infisical (self-hosted with PostgreSQL and Redis) | |
| docker compose -f test/docker-compose.infisical-ci.yml up -d | |
| # Wait for services to be ready | |
| sleep 5 | |
| echo "VAULT_ADDR=http://localhost:8200" >> "$GITHUB_ENV" | |
| echo "VAULT_TOKEN=fnox-test-token" >> "$GITHUB_ENV" | |
| - name: Setup Bitwarden for tests | |
| if: ${{ matrix.os == 'ubuntu-latest' }} | |
| run: | | |
| source ./test/setup-bitwarden-ci.sh | |
| echo "BW_SESSION=$BW_SESSION" >> "$GITHUB_ENV" | |
| - name: Install Infisical CLI | |
| if: ${{ matrix.os == 'ubuntu-latest' }} | |
| run: | | |
| curl -1sLf 'https://artifacts-cli.infisical.com/setup.deb.sh' | sudo -E bash | |
| sudo apt-get update && sudo apt-get install -y infisical | |
| - name: Setup Infisical for tests | |
| if: ${{ matrix.os == 'ubuntu-latest' }} | |
| run: | | |
| source ./test/setup-infisical-ci.sh | |
| { | |
| echo "INFISICAL_TOKEN=$INFISICAL_TOKEN" | |
| echo "INFISICAL_CLIENT_ID=$INFISICAL_CLIENT_ID" | |
| echo "INFISICAL_CLIENT_SECRET=$INFISICAL_CLIENT_SECRET" | |
| echo "INFISICAL_PROJECT_ID=$INFISICAL_PROJECT_ID" | |
| echo "INFISICAL_API_URL=http://localhost:8081/api" | |
| } >> "$GITHUB_ENV" | |
| - name: Setup services (macOS) | |
| if: ${{ matrix.os == 'macos-latest' }} | |
| run: | | |
| # Start Vault in dev mode in background | |
| vault server -dev -dev-root-token-id=fnox-test-token -dev-listen-address=127.0.0.1:8200 & | |
| { | |
| echo "VAULT_ADDR=http://127.0.0.1:8200" | |
| echo "VAULT_TOKEN=fnox-test-token" | |
| } >> "$GITHUB_ENV" | |
| # Wait for Vault to be ready | |
| sleep 2 | |
| - name: Run bats tests - tranche ${{ matrix.tranche }} | |
| uses: nick-fields/retry@ce71cc2ab81d554ebbe88c79ab5975992d79ba08 # v3 | |
| env: | |
| TRANCHE: ${{ matrix.tranche }} | |
| TRANCHE_COUNT: 3 | |
| KEEPASS_PASSWORD: fnox-test-password | |
| with: | |
| timeout_minutes: 10 | |
| max_attempts: 3 | |
| command: mise run test:bats | |
| ci-other: | |
| needs: build | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| os: | |
| - macos-latest | |
| - ubuntu-latest | |
| runs-on: ${{ matrix.os }} | |
| timeout-minutes: 20 | |
| steps: | |
| - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 | |
| with: | |
| submodules: recursive | |
| - uses: jdx/mise-action@146a28175021df8ca24f8ee1828cc2a60f980bd5 # v3 | |
| - uses: Swatinem/rust-cache@779680da715d629ac1d338a641029a2f4372abb5 # v2 | |
| - name: Install gnome-keyring for tests (Ubuntu) | |
| if: ${{ matrix.os == 'ubuntu-latest' }} | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y gnome-keyring libsecret-tools | |
| - name: Setup gnome-keyring (Ubuntu) | |
| if: ${{ matrix.os == 'ubuntu-latest' }} | |
| run: | | |
| # Start D-Bus session daemon | |
| mkdir -p ~/.dbus-session | |
| dbus-daemon --session --fork --print-address=1 > ~/.dbus-session/bus-address | |
| DBUS_SESSION_BUS_ADDRESS=$(cat ~/.dbus-session/bus-address) | |
| export DBUS_SESSION_BUS_ADDRESS | |
| echo "DBUS_SESSION_BUS_ADDRESS=$DBUS_SESSION_BUS_ADDRESS" >> "$GITHUB_ENV" | |
| # Start gnome-keyring daemon for keychain tests | |
| echo "foobar" | gnome-keyring-daemon --unlock --components=secrets --daemonize | |
| - name: Install Rust components | |
| run: rustup component add rustfmt clippy | |
| - uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4 | |
| with: | |
| name: fnox-${{ matrix.os }} | |
| path: target/debug | |
| - run: chmod +x target/debug/fnox | |
| - name: Setup age key for fnox | |
| if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository | |
| run: mkdir -p ~/.config/fnox && echo "${{ secrets.AGE_SECRET }}" > ~/.config/fnox/age.txt | |
| - name: Redact secrets in CI output | |
| if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository | |
| run: | | |
| fnox ci-redact | |
| # shellcheck disable=SC2016 | |
| fnox run -- sh -c 'echo MY_UNIMPORTANT_SECRET: $MY_UNIMPORTANT_SECRET' | |
| - name: Run tests | |
| run: cargo test | |
| - name: Check formatting | |
| run: mise run lint | |
| - name: Run clippy | |
| run: cargo clippy -- -D warnings | |
| msrv: | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 10 | |
| steps: | |
| - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 | |
| with: | |
| submodules: recursive | |
| - uses: Swatinem/rust-cache@779680da715d629ac1d338a641029a2f4372abb5 # v2 | |
| - uses: jdx/mise-action@146a28175021df8ca24f8ee1828cc2a60f980bd5 # v3 | |
| - run: cargo msrv verify | |
| final: | |
| needs: | |
| - ci-bats | |
| - ci-other | |
| - msrv | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 1 | |
| if: always() | |
| steps: | |
| - name: Check job results | |
| if: | | |
| needs.ci-bats.result != 'success' || | |
| needs.ci-other.result != 'success' || | |
| needs.msrv.result != 'success' | |
| run: exit 1 | |
| - run: echo "All CI jobs completed successfully" |