Merge pull request #10 from bartvdbraak/feat/pr-checks

Add PR checks using GitHub workflow
2025-04-28 15:21:21 +00:00 · 2023-11-07 23:58:17 +01:00 · 2023-11-07 23:58:17 +01:00 · 48821825c8
commit 48821825c8
parent 06fb411108 13675f7ff8
4 changed files with 48 additions and 6 deletions
--- a/.github/workflows/checks.yml
+++ b/.github/workflows/checks.yml
@ -0,0 +1,31 @@
+name: Checks
+
+on:
+  pull_request:
+    branches:
+      - main
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v4
+    - uses: dtolnay/rust-toolchain@stable
+
+    - name: Install cargo-audit
+      run: cargo install cargo-audit
+
+    - name: Format code with rustfmt
+      run: cargo fmt --all -- --check
+
+    - name: Lint code with clippy
+      run: cargo clippy --all -- --deny warnings
+
+    - name: Check for known vulnerabilities with cargo-audit
+      run: cargo audit
+
+    - name: Build project
+      run: cargo build --all --release
+
+    - name: Run tests
+      run: cargo test --all
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@ -5,9 +5,22 @@ on:
  push:
    tags:
      - 'v[0-9]+.[0-9]+.[0-9]+'
-
+      
 jobs:
+  pre-check:
+    name: Pre-check
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - run: |
+          if [[ "$(git describe --tags --abbrev=0)" != "v$(grep -m1 -F 'version =' Cargo.toml | cut -d\" -f2)" ]]; then
+            echo "Error: The git tag does not match the Cargo.toml version."
+            exit 1
+          fi
+          echo "Success: The git tag matches the Cargo.toml version."
+
  build:
+    needs: pre-check
    strategy:
      matrix:
        name:
--- a/Cargo.toml
+++ b/Cargo.toml
@ -2,6 +2,7 @@
 name = "keyweave"
 version = "0.1.0"
 edition = "2021"
+authors = ["Bart van der Braak <bart@vanderbraak.nl>"]

 [dependencies]
 azure_identity = "0.17.0"
--- a/src/main.rs
+++ b/src/main.rs
@ -6,7 +6,7 @@ use std::fs::File;
 use std::io::Write;

 #[derive(Parser)]
-#[clap(version = "0.1.0", author = "Bart van der Braak <bart@vanderbraak.nl>")]
+#[clap(author, version, about, long_about = None)]
 struct Opts {
    #[clap(
        short,
@ -39,10 +39,7 @@ async fn fetch_secrets_from_key_vault(
    filter: Option<&str>,
 ) -> Result<Vec<(String, String)>, Box<dyn std::error::Error>> {
    let credential = DefaultAzureCredential::default();
-    let client = KeyvaultClient::new(
-        &vault_url,
-        std::sync::Arc::new(credential),
-    )?.secret_client();
+    let client = KeyvaultClient::new(vault_url, std::sync::Arc::new(credential))?.secret_client();

    let mut secret_values = Vec::new();
    let mut secret_pages = client.list_secrets().into_stream();