github-personal/firezone
1
0
Fork 0
mirror of https://github.com/outbackdingo/firezone.git synced 2026-01-27 10:18:54 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
af7f4c9992c0724464175d8bc892caf4135101a2
firezone/.github/workflows/_rust.yml
Thomas Eizinger eeadde0c86 ci: bump Ubuntu runners to 24.04 (#10288) 
Ubuntu 22.04 is over 3 years old and therefore ships with quite an old
kernel. Our production VMs (for relays) all run Ubuntu 24.04 so it makes
sense to build and test them on the same kernel / OS release. For
consistency reasons, we therefore bump all runners to 24.04.
2025-09-04 02:04:55 +00:00

178 lines
7.0 KiB
YAML
Raw Blame History

---
name: Rust
"on":
workflow_call:
defaults:
run:
working-directory: ./rust
permissions:
contents: "read"
id-token: "write"
# Never tolerate warnings. Duplicated in `_tauri.yml`
env:
RUSTFLAGS: "-Dwarnings --cfg tokio_unstable"
RUSTDOCFLAGS: "-D warnings"
jobs:
static-analysis:
name: static-analysis-${{ matrix.runs-on }}
strategy:
fail-fast: false
matrix:
# TODO: https://github.com/rust-lang/cargo/issues/5220
runs-on: [ubuntu-24.04, macos-14, windows-2022]
runs-on: ${{ matrix.runs-on }}
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- uses: ./.github/actions/setup-rust
id: setup-rust
with:
sccache_azure_connection_string: ${{ secrets.SCCACHE_AZURE_CONNECTION_STRING }}
- uses: ./.github/actions/setup-tauri-v2
timeout-minutes: 15
- uses: taiki-e/install-action@d31232495ad76f47aad66e3501e47780b49f0f3e # v2.57.5
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
tool: cargo-udeps,cargo-deny
- uses: taiki-e/install-action@d31232495ad76f47aad66e3501e47780b49f0f3e # v2.57.5
if: ${{ runner.os == 'Linux' }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
tool: bpf-linker
- run: cargo clippy --all-targets --all-features ${{ steps.setup-rust.outputs.compile-packages }}
name: cargo clippy
shell: bash
- run: cargo doc --all-features --no-deps --document-private-items ${{ steps.setup-rust.outputs.compile-packages }}
name: cargo doc
shell: bash
- run: cargo fmt -- --check
- run: cargo +${{ steps.setup-rust.outputs.nightly_version }} udeps --all-targets --all-features ${{ steps.setup-rust.outputs.compile-packages }}
name: cargo udeps
- run: cargo deny check --hide-inclusion-graph --deny unnecessary-skip
shell: bash
test:
name: test-${{ matrix.runs-on }}
strategy:
fail-fast: false
matrix:
# TODO: https://github.com/rust-lang/cargo/issues/5220
runs-on:
[
ubuntu-22.04,
ubuntu-24.04,
macos-13,
macos-14,
macos-15,
windows-2022,
windows-2025,
]
runs-on: ${{ matrix.runs-on }}
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- uses: ./.github/actions/setup-rust
id: setup-rust
with:
sccache_azure_connection_string: ${{ secrets.SCCACHE_AZURE_CONNECTION_STRING }}
- uses: ./.github/actions/setup-tauri-v2
- uses: taiki-e/install-action@d31232495ad76f47aad66e3501e47780b49f0f3e # v2.57.5
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
tool: ripgrep
- uses: taiki-e/install-action@d31232495ad76f47aad66e3501e47780b49f0f3e # v2.57.5
if: ${{ runner.os == 'Linux' }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
tool: bpf-linker
- name: "cargo test"
shell: bash
run: |
set -x
# First, run all tests.
cargo test --all-features ${{ steps.setup-rust.outputs.test-packages }} -- --include-ignored --nocapture
# Poor man's test coverage testing: Grep the generated logs for specific patterns / lines.
rg --count --no-ignore SendIcmpPacket "$TESTCASES_DIR"
rg --count --no-ignore SendUdpPacket "$TESTCASES_DIR"
rg --count --no-ignore ConnectTcp "$TESTCASES_DIR"
rg --count --no-ignore SendDnsQueries "$TESTCASES_DIR"
rg --count --no-ignore "Packet for DNS resource" "$TESTCASES_DIR"
rg --count --no-ignore "Packet for CIDR resource" "$TESTCASES_DIR"
rg --count --no-ignore "Packet for Internet resource" "$TESTCASES_DIR"
rg --count --no-ignore "Truncating DNS response" "$TESTCASES_DIR"
rg --count --no-ignore "ICMP Error error=V4Unreachable" "$TESTCASES_DIR"
rg --count --no-ignore "ICMP Error error=V6Unreachable" "$TESTCASES_DIR"
rg --count --no-ignore "ICMP Error error=V4TimeExceeded" "$TESTCASES_DIR"
rg --count --no-ignore "ICMP Error error=V6TimeExceeded" "$TESTCASES_DIR"
rg --count --no-ignore "Forwarding query for DNS resource to corresponding site" "$TESTCASES_DIR"
rg --count --no-ignore "Revoking resource authorization" "$TESTCASES_DIR"
rg --count --no-ignore "Re-seeding records for DNS resources" "$TESTCASES_DIR"
# Make sure we are recovering from ICE disconnect
rg --count --no-ignore "State change \(got new possible\): Disconnected -> Checking" "$TESTCASES_DIR"
env:
# <https://github.com/rust-lang/cargo/issues/5999>
# Needed to create tunnel interfaces in unit tests
CARGO_TARGET_X86_64_UNKNOWN_LINUX_GNU_RUNNER: "sudo --preserve-env"
PROPTEST_VERBOSE: 0 # Otherwise the output is very long.
PROPTEST_CASES: ${{ runner.os == 'Windows' && '0' || '256' }} # Default is only 256. Windows is very slow in GitHub Actions, so only run the regression cases there.
CARGO_PROFILE_TEST_OPT_LEVEL: 1 # Otherwise the tests take forever.
TESTCASES_DIR: "connlib/tunnel/testcases"
fuzz:
name: fuzz
strategy:
fail-fast: false
matrix:
fuzz-target: [ip_packet]
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- uses: ./.github/actions/setup-rust
id: setup-rust
with:
sccache_azure_connection_string: ${{ secrets.SCCACHE_AZURE_CONNECTION_STRING }}
- uses: taiki-e/install-action@d31232495ad76f47aad66e3501e47780b49f0f3e # v2.57.5
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
tool: cargo-fuzz
- run: rustup run ${{ steps.setup-rust.outputs.nightly_version }} cargo fuzz run --target x86_64-unknown-linux-gnu --fuzz-dir tests/fuzz ${{ matrix.fuzz-target }} -- -max_total_time=120
env:
CARGO_PROFILE_RELEASE_LTO: false
headless-client:
name: headless-client-${{ matrix.test }}-${{ matrix.runs-on }}
strategy:
fail-fast: false
matrix:
include:
- { runs-on: windows-2022, test: token-path-windows.ps1 }
- { runs-on: windows-2025, test: token-path-windows.ps1 }
- { runs-on: ubuntu-22.04, test: linux-group.sh }
- { runs-on: ubuntu-24.04, test: linux-group.sh }
- { runs-on: ubuntu-22.04, test: token-path-linux.sh }
- { runs-on: ubuntu-24.04, test: token-path-linux.sh }
runs-on: ${{ matrix.runs-on }}
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- uses: ./.github/actions/setup-rust
with:
sccache_azure_connection_string: ${{ secrets.SCCACHE_AZURE_CONNECTION_STRING }}
- uses: ./.github/actions/setup-tauri-v2
timeout-minutes: 15
- run: scripts/tests/${{ matrix.test }}
name: "test script"
working-directory: ./
Reference in New Issue View Git Blame Copy Permalink