backfill/.github/workflows/security.yml at 6f2729f3efce911a784849723d9364c1126ae2b4 · ceejbot/backfill · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
---
name: Security

on:
    push:
        branches: [latest]
        paths:
            - Cargo.toml
            - Cargo.lock
    workflow_dispatch:

env:
    CARGO_TERM_COLOR: always

jobs:
    test:
        runs-on: ubuntu-latest

        steps:
            - uses: actions/checkout@v5

            - name: Install Rust
              uses: actions-rust-lang/setup-rust-toolchain@v1
              with:
                  toolchain: stable
                  profile: minimal

            - name: get cargo-audit the fast way
              shell: bash
              run: |
                  if [[ -z $(which cargo-audit) ]]; then
                    curl -sLo cargo-audit.tgz https://github.com/rustsec/rustsec/releases/download/cargo-audit%2Fv0.21.2/cargo-audit-x86_64-unknown-linux-gnu-v0.21.2.tgz
                    tar xfz cargo-audit.tgz
                    mv cargo-audit-x86_64-unknown-linux-gnu-v0.21.2/cargo-audit ~/.cargo/bin/cargo-audit
                  fi

            - name: run cargo audit
              shell: bash
              run: cargo audit