feat: add auto-formatting step with rustfmt to CI/CD pipeline #31
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI/CD Pipeline | |
| on: | |
| push: | |
| branches: ["main"] | |
| pull_request: | |
| branches: ["main"] | |
| env: | |
| CARGO_TERM_COLOR: always | |
| RUST_BACKTRACE: 1 | |
| jobs: | |
| format: | |
| name: Auto-format Code | |
| runs-on: ubuntu-latest | |
| if: github.event_name == 'push' && github.ref == 'refs/heads/main' | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| with: | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Setup Rust | |
| uses: dtolnay/rust-toolchain@stable | |
| with: | |
| components: rustfmt | |
| - name: Run cargo fmt | |
| run: cargo fmt --all | |
| - name: Check for changes | |
| id: git-check | |
| run: | | |
| git diff --exit-code || echo "has_changes=true" >> $GITHUB_OUTPUT | |
| - name: Commit and push if changed | |
| if: steps.git-check.outputs.has_changes == 'true' | |
| run: | | |
| git config user.name "github-actions[bot]" | |
| git config user.email "github-actions[bot]@users.noreply.github.com" | |
| git add -A | |
| git commit -m "style: auto-format code with rustfmt [skip ci]" | |
| git push | |
| test: | |
| name: Test | |
| runs-on: ubuntu-latest | |
| needs: format | |
| if: always() | |
| services: | |
| postgres: | |
| image: postgres:17-alpine | |
| env: | |
| POSTGRES_USER: postgres | |
| POSTGRES_PASSWORD: dev | |
| POSTGRES_DB: e2ee | |
| ports: | |
| - 5432:5432 | |
| options: >- | |
| --health-cmd pg_isready | |
| --health-interval 10s | |
| --health-timeout 5s | |
| --health-retries 5 | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Setup Rust | |
| uses: dtolnay/rust-toolchain@stable | |
| with: | |
| components: rustfmt, clippy | |
| - name: Cache Cargo dependencies | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| ~/.cargo/bin | |
| ~/.cargo/registry/index | |
| ~/.cargo/registry/cache | |
| ~/.cargo/git/db | |
| target | |
| key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }} | |
| restore-keys: | | |
| ${{ runner.os }}-cargo- | |
| - name: Install PostgreSQL client | |
| run: sudo apt-get update && sudo apt-get install -y postgresql-client | |
| - name: Wait for PostgreSQL | |
| run: | | |
| until pg_isready -h localhost -p 5432 -U postgres; do | |
| echo "Waiting for PostgreSQL..." | |
| sleep 2 | |
| done | |
| - name: Setup database schema | |
| env: | |
| PGPASSWORD: dev | |
| run: | | |
| psql -h localhost -U postgres -d e2ee -f sql_models/seed.sql | |
| - name: Clippy | |
| run: cargo clippy --all-targets --all-features -- -D warnings | |
| - name: Build | |
| env: | |
| DATABASE_URL: postgres://postgres:dev@localhost:5432/e2ee | |
| run: cargo build --verbose | |
| - name: Run tests | |
| env: | |
| DATABASE_URL: postgres://postgres:dev@localhost:5432/e2ee | |
| run: cargo test --verbose | |
| docker: | |
| name: Build Docker Image | |
| runs-on: ubuntu-latest | |
| needs: test | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Build Docker image | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: . | |
| file: ./Dockerfile | |
| push: false | |
| tags: hushnet-backend:latest | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| - name: Test Docker Compose | |
| run: | | |
| docker compose up -d | |
| # Wait for services to be healthy | |
| echo "Waiting for services to be healthy..." | |
| timeout 60 bash -c 'until docker compose ps | grep -q "healthy"; do sleep 2; done' | |
| # Test backend health | |
| curl -f http://localhost:8080/ || exit 1 | |
| echo "✅ Docker Compose test passed" | |
| # Cleanup | |
| docker compose down -v | |
| security: | |
| name: Security Audit | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Setup Rust | |
| uses: dtolnay/rust-toolchain@stable | |
| - name: Cache Cargo dependencies | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| ~/.cargo/bin | |
| ~/.cargo/registry/index | |
| ~/.cargo/registry/cache | |
| ~/.cargo/git/db | |
| key: ${{ runner.os }}-cargo-audit-${{ hashFiles('**/Cargo.lock') }} | |
| - name: Install cargo-audit | |
| run: cargo install cargo-audit || true | |
| - name: Run security audit | |
| run: cargo audit | |
| coverage: | |
| name: Code Coverage | |
| runs-on: ubuntu-latest | |
| services: | |
| postgres: | |
| image: postgres:17-alpine | |
| env: | |
| POSTGRES_USER: postgres | |
| POSTGRES_PASSWORD: dev | |
| POSTGRES_DB: e2ee | |
| ports: | |
| - 5432:5432 | |
| options: >- | |
| --health-cmd pg_isready | |
| --health-interval 10s | |
| --health-timeout 5s | |
| --health-retries 5 | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Setup Rust | |
| uses: dtolnay/rust-toolchain@stable | |
| - name: Install PostgreSQL client | |
| run: sudo apt-get update && sudo apt-get install -y postgresql-client | |
| - name: Install tarpaulin | |
| run: cargo install cargo-tarpaulin || true | |
| - name: Wait for PostgreSQL | |
| run: | | |
| until pg_isready -h localhost -p 5432 -U postgres; do | |
| echo "Waiting for PostgreSQL..." | |
| sleep 2 | |
| done | |
| - name: Setup database schema | |
| env: | |
| PGPASSWORD: dev | |
| run: | | |
| psql -h localhost -U postgres -d e2ee -f sql_models/seed.sql | |
| - name: Generate coverage | |
| env: | |
| DATABASE_URL: postgres://postgres:dev@localhost:5432/e2ee | |
| run: cargo tarpaulin --verbose --all-features --workspace --timeout 300 --out xml | |
| - name: Upload coverage to Codecov | |
| uses: codecov/codecov-action@v4 | |
| with: | |
| files: ./cobertura.xml | |
| fail_ci_if_error: false |