diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS new file mode 100644 index 0000000..ccc65e5 --- /dev/null +++ b/.github/CODEOWNERS @@ -0,0 +1 @@ +* @geofmureithi diff --git a/.github/ISSUE_TEMPLATE/bug_report.yml b/.github/ISSUE_TEMPLATE/bug_report.yml index 371176f..60aafc9 100644 --- a/.github/ISSUE_TEMPLATE/bug_report.yml +++ b/.github/ISSUE_TEMPLATE/bug_report.yml @@ -33,10 +33,9 @@ body: label: Steps to reproduce description: Steps to reproduce the behavior placeholder: | - 1. Go to '...' - 2. Click on '....' - 3. Scroll down to '....' - 4. See error + 1. Setup with '....' + 2. Do '....' + 3. See error validations: required: true @@ -51,9 +50,12 @@ body: id: version attributes: label: Version - description: What version of apalis-cron are you running? + description: What version are you running? options: - - 1.0.0-alpha.1 + - 0.7.x + - 1.0.0-alpha.x + - 1.0.0-beta.x + - 1.0.0-rc.x - main branch - Other (specify in additional context) validations: @@ -86,4 +88,4 @@ body: id: context attributes: label: Additional context - description: Add any other context about the problem here. \ No newline at end of file + description: Add any other context about the problem here. diff --git a/.github/ISSUE_TEMPLATE/feature_request.yml b/.github/ISSUE_TEMPLATE/feature_request.yml index 13ffa5e..733046a 100644 --- a/.github/ISSUE_TEMPLATE/feature_request.yml +++ b/.github/ISSUE_TEMPLATE/feature_request.yml @@ -51,7 +51,7 @@ body: id: terms attributes: label: Code of Conduct - description: By submitting this issue, you agree to follow our [Code of Conduct](https://github.com/apalis-dev/apalis-cron/blob/main/CODE_OF_CONDUCT.md) + description: By submitting this issue, you agree to follow our [Code of Conduct](https://github.com/apalis-dev/apalis/blob/main/CODE_OF_CONDUCT.md) options: - label: I agree to follow this project's Code of Conduct - required: true \ No newline at end of file + required: true diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 4449dce..876c9ab 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -9,9 +9,9 @@ updates: time: "06:00" open-pull-requests-limit: 10 reviewers: - - "mureithinjuguna" + - "geofmureithi" assignees: - - "mureithinjuguna" + - "geofmureithi" commit-message: prefix: "deps" include: "scope" @@ -36,4 +36,4 @@ updates: include: "scope" labels: - "dependencies" - - "github-actions" \ No newline at end of file + - "github-actions" diff --git a/.github/workflows/changelog.yml b/.github/workflows/changelog.yml index 9180039..aeb45a4 100644 --- a/.github/workflows/changelog.yml +++ b/.github/workflows/changelog.yml @@ -4,6 +4,7 @@ permissions: on: pull_request: types: [opened, synchronize, reopened, ready_for_review, labeled, unlabeled] + branches: [ main, develop ] jobs: # Enforces the update of a changelog file on every pull request diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 4aa5e80..899096e 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -1,10 +1,12 @@ name: CI +permissions: + contents: read + on: push: - branches: [ main, master ] + branches: [main, develop] pull_request: - branches: [ main, master ] env: CARGO_TERM_COLOR: always @@ -108,50 +110,18 @@ jobs: env: RUSTDOCFLAGS: "-Dwarnings" - security: - name: Security Audit - runs-on: ubuntu-latest - steps: - - name: Checkout sources - uses: actions/checkout@v6 - - - name: Install Rust toolchain - uses: dtolnay/rust-toolchain@stable - - - name: Install cargo-audit - run: cargo install cargo-audit - - - name: Run cargo audit - run: cargo audit - - coverage: - name: Code Coverage + unused-deps: + name: Unused Dependencies runs-on: ubuntu-latest - if: github.event_name == 'push' && github.ref == 'refs/heads/main' steps: - name: Checkout sources uses: actions/checkout@v6 - - name: Install Rust toolchain - uses: dtolnay/rust-toolchain@stable - - - name: Install cargo-tarpaulin - run: cargo install cargo-tarpaulin - - - name: Cache cargo registry - uses: actions/cache@v4 - with: - path: | - ~/.cargo/registry - ~/.cargo/git - target - key: ${{ runner.os }}-cargo-coverage-${{ hashFiles('**/Cargo.lock') }} + - name: Install Rust nightly toolchain + uses: dtolnay/rust-toolchain@nightly - - name: Generate code coverage - run: cargo tarpaulin --all-features --verbose --workspace --timeout 120 --out xml + - name: Install cargo-udeps + uses: taiki-e/install-action@cargo-udeps - - name: Upload to codecov.io - uses: codecov/codecov-action@v5 - with: - file: cobertura.xml - fail_ci_if_error: false + - name: Check for unused dependencies + run: cargo +nightly udeps --all-targets --all-features diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml new file mode 100644 index 0000000..1b37077 --- /dev/null +++ b/.github/workflows/coverage.yml @@ -0,0 +1,47 @@ +name: Coverage + +permissions: + contents: read + +on: + push: + branches: [main] + pull_request: + branches: [main] + +env: + CARGO_TERM_COLOR: always + RUST_BACKTRACE: 1 + +jobs: + coverage: + name: Code Coverage + runs-on: ubuntu-latest + steps: + - name: Checkout sources + uses: actions/checkout@v6 + + - name: Install Rust toolchain + uses: dtolnay/rust-toolchain@stable + + - name: Install cargo-tarpaulin + run: cargo install cargo-tarpaulin + + - name: Cache cargo registry + uses: actions/cache@v4 + with: + path: | + ~/.cargo/registry + ~/.cargo/git + target + key: ${{ runner.os }}-cargo-coverage-${{ hashFiles('**/Cargo.lock') }} + + - name: Generate code coverage + run: cargo tarpaulin --all-features --verbose --workspace --timeout 120 --out xml + + - name: Upload to codecov.io + uses: codecov/codecov-action@v5 + with: + file: cobertura.xml + fail_ci_if_error: false + token: ${{ secrets.CODECOV_TOKEN }} diff --git a/.github/workflows/dep-changelog.yml b/.github/workflows/dep-changelog.yml deleted file mode 100644 index b45dfea..0000000 --- a/.github/workflows/dep-changelog.yml +++ /dev/null @@ -1,32 +0,0 @@ -name: 'pull-request' -on: - pull_request: - types: - - opened - - synchronize - - reopened - - ready_for_review - - labeled - - unlabeled - -jobs: - changelog: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v6 - with: - # Depending on your needs, you can use a token that will re-trigger workflows - # See https://github.com/stefanzweifel/git-auto-commit-action#commits-of-this-action-do-not-trigger-new-workflow-runs - token: ${{ secrets.GITHUB_TOKEN }} - - - uses: dangoslen/dependabot-changelog-helper@v3 - with: - activationLabels: dependencies - changelogPath: './CHANGELOG.md' - dependencyTool: dependabot - - # This step is required for committing the changes to your branch. - # See https://github.com/stefanzweifel/git-auto-commit-action#commits-of-this-action-do-not-trigger-new-workflow-runs - - uses: stefanzweifel/git-auto-commit-action@v4 - with: - commit_message: "Updated Changelog" diff --git a/.github/workflows/issues.yml b/.github/workflows/issues.yml new file mode 100644 index 0000000..5451b49 --- /dev/null +++ b/.github/workflows/issues.yml @@ -0,0 +1,18 @@ +name: Issue assignment + +on: + issues: + types: [opened] + +jobs: + auto-assign: + runs-on: ubuntu-latest + permissions: + issues: write + steps: + - name: "Auto-assign issue" + uses: pozil/auto-assign-issue@v2 + with: + assignees: geofmureithi + numOfAssignee: 1 + allowSelfAssign: yes diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index e361f83..b88747a 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -15,6 +15,8 @@ env: CARGO_TERM_COLOR: always jobs: + test: + uses: ./.github/workflows/ci.yaml validate: name: Validate Release runs-on: ubuntu-latest @@ -55,22 +57,10 @@ jobs: exit 1 fi - - name: Run tests - run: cargo test --all-features - - - name: Check format - run: cargo fmt --all -- --check - - - name: Run clippy - run: cargo clippy --all-targets --all-features - - - name: Build docs - run: cargo doc --all-features --no-deps - publish: name: Publish to crates.io runs-on: ubuntu-latest - needs: validate + needs: [test, validate] environment: release steps: - name: Checkout sources @@ -93,40 +83,3 @@ jobs: - name: Publish to crates.io run: cargo publish - - github-release: - name: Create GitHub Release - runs-on: ubuntu-latest - needs: [validate, publish] - if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/') - steps: - - name: Checkout sources - uses: actions/checkout@v6 - - - name: Generate changelog - id: changelog - run: | - if [[ -f CHANGELOG.md ]]; then - # Extract changelog for this version - VERSION="v${{ needs.validate.outputs.version }}" - sed -n "/^## \[$VERSION\]/,/^## \[/p" CHANGELOG.md | sed '$d' > release_notes.md - if [[ -s release_notes.md ]]; then - echo "Found changelog entry for $VERSION" - else - echo "## Changes" > release_notes.md - echo "See commit history for detailed changes." >> release_notes.md - fi - else - echo "## Changes" > release_notes.md - echo "See commit history for detailed changes." >> release_notes.md - fi - - - name: Create GitHub Release - uses: softprops/action-gh-release@v1 - with: - name: Release v${{ needs.validate.outputs.version }} - body_path: release_notes.md - draft: false - prerelease: ${{ contains(needs.validate.outputs.version, 'alpha') || contains(needs.validate.outputs.version, 'beta') || contains(needs.validate.outputs.version, 'rc') }} - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} \ No newline at end of file diff --git a/.github/workflows/rust-security.yml b/.github/workflows/rust-security.yml deleted file mode 100644 index 0b8264f..0000000 --- a/.github/workflows/rust-security.yml +++ /dev/null @@ -1,65 +0,0 @@ -name: Rust Security - -on: - push: - branches: [ main, master ] - pull_request: - branches: [ main, master ] - schedule: - - cron: '0 3 * * 1' # Run weekly on Monday at 3 AM UTC - -env: - CARGO_TERM_COLOR: always - -jobs: - cargo-deny: - name: Cargo Deny - runs-on: ubuntu-latest - steps: - - name: Checkout sources - uses: actions/checkout@v6 - - - name: Install Rust toolchain - uses: dtolnay/rust-toolchain@stable - - - name: Install cargo-deny - uses: taiki-e/install-action@cargo-deny - - - name: Run cargo deny - run: cargo deny check - - cargo-vet: - name: cargo-vet - runs-on: ubuntu-latest - env: - CARGO_VET_VERSION: 0.10.1 - steps: - - uses: actions/checkout@master - - name: Install Rust - run: rustup update stable && rustup default stable - - uses: actions/cache@v4 - with: - path: ${{ runner.tool_cache }}/cargo-vet - key: cargo-vet-bin-${{ env.CARGO_VET_VERSION }} - - name: Add the tool cache directory to the search path - run: echo "${{ runner.tool_cache }}/cargo-vet/bin" >> $GITHUB_PATH - - name: Ensure that the tool cache is populated with the cargo-vet binary - run: cargo install --root ${{ runner.tool_cache }}/cargo-vet --version ${{ env.CARGO_VET_VERSION }} cargo-vet - - name: Invoke cargo-vet - run: cargo vet --locked - - unused-deps: - name: Unused Dependencies - runs-on: ubuntu-latest - steps: - - name: Checkout sources - uses: actions/checkout@v6 - - - name: Install Rust nightly toolchain - uses: dtolnay/rust-toolchain@nightly - - - name: Install cargo-udeps - uses: taiki-e/install-action@cargo-udeps - - - name: Check for unused dependencies - run: cargo +nightly udeps --all-targets --all-features diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index 4248296..9d5d927 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -1,25 +1,24 @@ name: Security and Dependencies - on: schedule: - # Run security audit daily at 02:00 UTC - - cron: '0 2 * * *' + # Run security checks daily at 03:00 UTC + - cron: "0 3 * * *" push: - branches: [ main, master ] + branches: [main] paths: - - '**/Cargo.toml' - - '**/Cargo.lock' + - "**/Cargo.toml" + - "**/Cargo.lock" pull_request: paths: - - '**/Cargo.toml' - - '**/Cargo.lock' + - "**/Cargo.toml" + - "**/Cargo.lock" env: CARGO_TERM_COLOR: always jobs: - security-audit: - name: Security Audit + audit: + name: "cargo-audit" runs-on: ubuntu-latest steps: - name: Checkout sources @@ -32,26 +31,47 @@ jobs: uses: taiki-e/install-action@cargo-audit - name: Run cargo audit - run: cargo audit - - - name: Run cargo audit (JSON output) run: cargo audit --json > audit-results.json continue-on-error: true - name: Upload audit results uses: actions/upload-artifact@v4 - if: always() with: - name: security-audit-results + name: cargo-audit-results path: audit-results.json - dependency-review: - name: Dependency Review + vet: + name: cargo-vet + runs-on: ubuntu-latest + env: + CARGO_VET_VERSION: 0.10.1 + steps: + - uses: actions/checkout@master + - name: Install Rust + run: rustup update stable && rustup default stable + - uses: actions/cache@v4 + with: + path: ${{ runner.tool_cache }}/cargo-vet + key: cargo-vet-bin-${{ env.CARGO_VET_VERSION }} + - name: Add the tool cache directory to the search path + run: echo "${{ runner.tool_cache }}/cargo-vet/bin" >> $GITHUB_PATH + - name: Ensure that the tool cache is populated with the cargo-vet binary + run: cargo install --root ${{ runner.tool_cache }}/cargo-vet --version ${{ env.CARGO_VET_VERSION }} cargo-vet + - name: Invoke cargo-vet + run: cargo vet --locked + + cargo-deny: + name: Cargo Deny runs-on: ubuntu-latest - if: github.event_name == 'pull_request' steps: - name: Checkout sources uses: actions/checkout@v6 - - name: Dependency Review - uses: actions/dependency-review-action@v4 + - name: Install Rust toolchain + uses: dtolnay/rust-toolchain@stable + + - name: Install cargo-deny + uses: taiki-e/install-action@cargo-deny + + - name: Run cargo deny + run: cargo deny check diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index 78a9f60..b5ed93f 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -2,7 +2,7 @@ name: Mark stale issues and pull requests on: schedule: - - cron: '0 0 * * *' # Run daily at midnight + - cron: '0 3 * * *' # Run daily at 3 AM UTC workflow_dispatch: jobs: @@ -35,4 +35,4 @@ jobs: stale-pr-label: 'stale' exempt-issue-labels: 'pinned,security,good first issue' exempt-pr-labels: 'pinned,security' - operations-per-run: 50 \ No newline at end of file + operations-per-run: 50 diff --git a/CHANGELOG.md b/CHANGELOG.md index 11ff0c8..37e4c52 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,6 +8,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ## [Unreleased] - Add dependabot changelog +- Streamline workflows ### Added - CI/CD pipelines with GitHub Actions diff --git a/Cargo.lock b/Cargo.lock index 24ecb65..f151478 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -859,9 +859,9 @@ dependencies = [ [[package]] name = "log" -version = "0.4.28" +version = "0.4.29" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "34080505efa8e45a4b816c349525ebe327ceaa8559756f0356cba97ef3bf7432" +checksum = "5e5032e24019045c762d3c0f28f5b6b8bbf38563a65908389bf7978758920897" [[package]] name = "md-5" @@ -881,9 +881,9 @@ checksum = "f52b00d39961fc5b2736ea853c9cc86238e165017a493d1d5c8eac6bdc4cc273" [[package]] name = "mio" -version = "1.1.0" +version = "1.1.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "69d83b0086dc8ecf3ce9ae2874b2d1290252e2a30720bea58a5c6639b0092873" +checksum = "a69bcab0ad47271a0234d9422b131806bf3968021e5dc9328caf2d4cd58557fc" dependencies = [ "libc", "wasi", diff --git a/supply-chain/config.toml b/supply-chain/config.toml index 1becd1e..99a123e 100644 --- a/supply-chain/config.toml +++ b/supply-chain/config.toml @@ -361,7 +361,7 @@ version = "0.4.14" criteria = "safe-to-run" [[exemptions.log]] -version = "0.4.28" +version = "0.4.29" criteria = "safe-to-deploy" [[exemptions.md-5]] @@ -373,7 +373,7 @@ version = "2.7.6" criteria = "safe-to-deploy" [[exemptions.mio]] -version = "1.1.0" +version = "1.1.1" criteria = "safe-to-run" [[exemptions.num-bigint-dig]]