Set persist-credentials: false #3271
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: FixPR | |
# spell-checker:ignore Swatinem dtolnay | |
# Trigger automated fixes for PRs being merged (with associated commits) | |
env: | |
BRANCH_TARGET: main | |
on: | |
# * only trigger on pull request closed to specific branches | |
# ref: https://github.community/t/trigger-workflow-only-on-pull-request-merge/17359/9 | |
pull_request: | |
branches: | |
- main # == env.BRANCH_TARGET ## unfortunately, env context variables are only available in jobs/steps (see <https://github.community/t/how-to-use-env-context/16975/2>) | |
types: [ closed ] | |
jobs: | |
code_deps: | |
# Refresh dependencies (ie, 'Cargo.lock') and show updated dependency tree | |
if: github.event.pull_request.merged == true ## only for PR merges | |
name: Update/dependencies | |
runs-on: ${{ matrix.job.os }} | |
strategy: | |
matrix: | |
job: | |
- { os: ubuntu-latest , features: feat_os_unix } | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
persist-credentials: false | |
- name: Initialize job variables | |
id: vars | |
shell: bash | |
run: | | |
# surface MSRV from CICD workflow | |
RUST_MIN_SRV=$(grep -P "^\s+RUST_MIN_SRV:" .github/workflows/CICD.yml | grep -Po "(?<=\x22)\d+[.]\d+(?:[.]\d+)?(?=\x22)" ) | |
echo "RUST_MIN_SRV=${RUST_MIN_SRV}" >> $GITHUB_OUTPUT | |
- uses: dtolnay/rust-toolchain@master | |
with: | |
toolchain: ${{ steps.vars.outputs.RUST_MIN_SRV }} | |
- uses: Swatinem/rust-cache@v2 | |
- name: Ensure updated 'Cargo.lock' | |
shell: bash | |
run: | | |
# Ensure updated 'Cargo.lock' | |
# * 'Cargo.lock' is required to be in a format that `cargo` of MinSRV can interpret (eg, v1-format for MinSRV < v1.38) | |
cargo fetch --locked --quiet || cargo +${{ steps.vars.outputs.RUST_MIN_SRV }} update | |
- name: Info | |
shell: bash | |
run: | | |
# Info | |
## environment | |
echo "## environment" | |
echo "CI='${CI}'" | |
## tooling info display | |
echo "## tooling" | |
which gcc >/dev/null 2>&1 && (gcc --version | head -1) || true | |
rustup -V 2>/dev/null | |
rustup show active-toolchain | |
cargo -V | |
rustc -V | |
cargo tree -V | |
## dependencies | |
echo "## dependency list" | |
cargo fetch --locked --quiet | |
## * using the 'stable' toolchain is necessary to avoid "unexpected '--filter-platform'" errors | |
RUSTUP_TOOLCHAIN=stable cargo tree --locked --no-dedupe -e=no-dev --prefix=none --features ${{ matrix.job.features }} | grep -vE "$PWD" | sort --unique | |
- name: Commit any changes (to '${{ env.BRANCH_TARGET }}') | |
uses: EndBug/add-and-commit@v9 | |
with: | |
new_branch: ${{ env.BRANCH_TARGET }} | |
default_author: github_actions | |
message: "maint ~ refresh 'Cargo.lock'" | |
add: Cargo.lock | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
code_format: | |
# Recheck/refresh code formatting | |
if: github.event.pull_request.merged == true ## only for PR merges | |
name: Update/format | |
runs-on: ${{ matrix.job.os }} | |
strategy: | |
fail-fast: false | |
matrix: | |
job: | |
- { os: ubuntu-latest , features: feat_os_unix } | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
persist-credentials: false | |
- name: Initialize job variables | |
id: vars | |
shell: bash | |
run: | | |
# target-specific options | |
# * CARGO_FEATURES_OPTION | |
CARGO_FEATURES_OPTION='' ; | |
if [ -n "${{ matrix.job.features }}" ]; then CARGO_FEATURES_OPTION='--features "${{ matrix.job.features }}"' ; fi | |
echo "CARGO_FEATURES_OPTION=${CARGO_FEATURES_OPTION}" >> $GITHUB_OUTPUT | |
- uses: dtolnay/rust-toolchain@master | |
with: | |
toolchain: stable | |
components: rustfmt | |
- uses: Swatinem/rust-cache@v2 | |
- name: "`cargo fmt`" | |
shell: bash | |
run: | | |
cargo fmt | |
- name: "`cargo fmt` tests" | |
shell: bash | |
run: | | |
# `cargo fmt` of tests | |
find tests -name "*.rs" -print0 | xargs -0 cargo fmt -- | |
- name: Commit any changes (to '${{ env.BRANCH_TARGET }}') | |
uses: EndBug/add-and-commit@v9 | |
with: | |
new_branch: ${{ env.BRANCH_TARGET }} | |
default_author: github_actions | |
message: "maint ~ rustfmt (`cargo fmt`)" | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |