firezone/.github/workflows/_rust.yml

---
name: Rust
"on":
  workflow_call:

defaults:
  run:
    working-directory: ./rust

permissions:
  contents: 'read'
  id-token: 'write'

# Never tolerate warnings.
env:
  RUSTFLAGS: "-Dwarnings"
  RUSTDOCFLAGS: "-D warnings"

jobs:
  bench:
    name: bench-${{ matrix.runs-on }}
    strategy:
      fail-fast: false
      matrix:
        runs-on: [
          windows-2019 # Only platform with a benchmark right now
        ]
    runs-on: ${{ matrix.runs-on }}
    steps:
      - uses: actions/checkout@v4
      - uses: ./.github/actions/setup-rust
        id: setup-rust
      - run: cargo bench ${{ steps.setup-rust.outputs.bench-packages }}
        env:
          RUST_LOG: "debug"
        name: "cargo bench"
        shell: bash

  static-analysis:
    name: static-analysis-${{ matrix.runs-on }}
    strategy:
      fail-fast: false
      matrix:
        # TODO: https://github.com/rust-lang/cargo/issues/5220
        runs-on: [
          ubuntu-22.04,
          macos-14,
          windows-2022
        ]
    runs-on: ${{ matrix.runs-on }}
    steps:
      - uses: actions/checkout@v4
      - uses: ./.github/actions/setup-rust
        id: setup-rust
      - uses: ./.github/actions/setup-tauri
        timeout-minutes: 5
      - uses: taiki-e/install-action@cargo-udeps
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
      - run: |
          rustup install --no-self-update nightly-2024-06-01 --profile minimal # The exact nightly version doesn't matter, just pin a random one.
          cargo +nightly-2024-06-01 udeps --all-targets --all-features ${{ steps.setup-rust.outputs.packages }}
        name: Check for unused dependencies
      - run: cargo fmt -- --check
      - run: cargo doc --all-features --no-deps --document-private-items ${{ steps.setup-rust.outputs.packages }}
        name: "cargo doc"
        shell: bash
      - run: cargo clippy --all-targets --all-features ${{ steps.setup-rust.outputs.packages }}
        name: "cargo clippy"
        shell: bash

  test:
    name: test-${{ matrix.runs-on }}
    strategy:
      fail-fast: false
      matrix:
        # TODO: https://github.com/rust-lang/cargo/issues/5220
        runs-on: [
          ubuntu-20.04,
          ubuntu-22.04,
          macos-12,
          macos-13,
          macos-14,
          windows-2019,
          windows-2022
        ]
    runs-on: ${{ matrix.runs-on }}
    steps:
      - uses: actions/checkout@v4
      - uses: ./.github/actions/setup-rust
        id: setup-rust
      - uses: ./.github/actions/setup-tauri
      - uses: taiki-e/install-action@v2
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
          tool: ripgrep
      - name: "cargo test"
        shell: bash
        run: |

          # First, run all tests.
          cargo test --all-features ${{ steps.setup-rust.outputs.packages }} -- --include-ignored --nocapture

          # Assert that we sample certain transitions
          rg SendICMPPacketToCidrResource $TESTCASES_DIR
          rg SendICMPPacketToDnsResource $TESTCASES_DIR
          rg SendDnsQueries $TESTCASES_DIR

          # Backup dumped state and transition samples
          mv $TESTCASES_DIR $TESTCASES_BACKUP_DIR

          # Re-run only the regression seeds
          PROPTEST_CASES=0 cargo test --all-features ${{ steps.setup-rust.outputs.packages }} -- tunnel_test --nocapture

           # Assert that sampled state and transitions don't change between runs
          for file in "$TESTCASES_DIR"/*.{state,transitions}; do
            filename=$(basename "$file")

            if ! diff "$file" "$TESTCASES_BACKUP_DIR/$filename"; then
              echo "Found non-deterministic testcase: $filename"
              exit 1
            fi
          done
        env:
          # <https://github.com/rust-lang/cargo/issues/5999>
          # Needed to create tunnel interfaces in unit tests
          CARGO_TARGET_X86_64_UNKNOWN_LINUX_GNU_RUNNER: "sudo --preserve-env"
          PROPTEST_VERBOSE: 0 # Otherwise the output is very long.
          PROPTEST_CASES: 1000 # Default is only 256.
          CARGO_PROFILE_TEST_OPT_LEVEL: 1 # Otherwise the tests take forever.
          TESTCASES_DIR: "connlib/tunnel/testcases"
          TESTCASES_BACKUP_DIR: "connlib/tunnel/testcases_backup"

  # Runs the Tauri client smoke test, built in debug mode. We can't run it in release
  # mode because of a known issue: <https://github.com/firezone/firezone/blob/456e044f882c2bb314e19cc44c0d19c5ad817b7c/rust/windows-client/src-tauri/src/client.rs#L162-L164>
  gui-smoke-test:
    name: gui-smoke-test-${{ matrix.runs-on }}
    strategy:
      fail-fast: false
      matrix:
        runs-on: [
          ubuntu-20.04,
          ubuntu-22.04,
          windows-2019,
          windows-2022
        ]
    runs-on: ${{ matrix.runs-on }}
    defaults:
      run:
        # Must be in this dir for `pnpm` to work
        working-directory: ./rust/gui-client
      # The Windows client ignores RUST_LOG because it uses a settings file instead
    steps:
      - uses: actions/checkout@v4
      - uses: ./.github/actions/setup-node
      - uses: ./.github/actions/setup-rust
      - uses: ./.github/actions/setup-tauri
        timeout-minutes: 5
        with:
          runtime: true
      - name: pnpm install
        run: |
          pnpm install
          cp "node_modules/flowbite/dist/flowbite.min.js" "src/"
      - name: Compile TypeScript
        run: pnpm tsc
      - name: Compile Tailwind
        run: pnpm tailwindcss -i src/input.css -o src/output.css
      - name: Build client
        run: cargo build -p firezone-gui-client --all-targets
      - uses: taiki-e/install-action@v2
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
          tool: dump_syms,minidump-stackwalk
      - name: Run smoke test
        working-directory: ./rust
        run: cargo run -p gui-smoke-test

  headless-client:
    name: headless-client-${{ matrix.test }}-${{ matrix.runs-on }}
    strategy:
      fail-fast: false
      matrix:
        # TODO: Add Windows as part of issue #3782
        runs-on: [ubuntu-20.04, ubuntu-22.04]
        test: [linux-group, token-path]
    runs-on: ${{ matrix.runs-on }}
    steps:
      - uses: actions/checkout@v4
      - uses: ./.github/actions/setup-rust
      - uses: ./.github/actions/setup-tauri
        timeout-minutes: 5
      - run: scripts/tests/${{ matrix.test }}.sh
        name: "test script"
        shell: bash
        working-directory: ./