Skip to content

CICD: Introduce check-only for Redox CI #10950

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
sylvestre merged 1 commit into from
Feb 15, 2026
+18 −9
Merged

CICD: Introduce check-only for Redox CI #10950

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
27 changes: 18 additions & 9 deletions .github/workflows/CICD.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -630,11 +630,11 @@ jobs:
- { os: ubuntu-latest , target: x86_64-unknown-linux-gnu , features: "feat_os_unix,test_risky_names", use-cross: use-cross, skip-publish: true }
- { os: ubuntu-latest , target: x86_64-unknown-linux-gnu , features: "feat_os_unix,uudoc" , use-cross: no, workspace-tests: true }
- { os: ubuntu-latest , target: x86_64-unknown-linux-musl , features: feat_os_unix_musl , use-cross: use-cross }
- { os: ubuntu-latest , target: x86_64-unknown-redox , features: feat_os_unix_redox , use-cross: redoxer , skip-tests: true }
- { os: ubuntu-latest , target: x86_64-unknown-redox , features: feat_os_unix_redox , use-cross: redoxer , skip-tests: true , check-only: true }
- { os: ubuntu-latest , target: wasm32-wasip1, default-features: false, features: "basenc,cksum", skip-tests: true }
- { os: macos-latest , target: aarch64-apple-darwin , features: feat_os_macos, workspace-tests: true } # M1 CPU
# PR #7964: Mac should still build even if the feature is not enabled. Do not publish this.
- { os: macos-latest , target: aarch64-apple-darwin , workspace-tests: true, skip-publish: true } # M1 CPU
# PR #7964: chcon should not break build without the feature. cargo check is enough to detect it.
- { os: macos-latest , target: aarch64-apple-darwin , workspace-tests: true, check-only: true } # M1 CPU
- { os: macos-latest , target: x86_64-apple-darwin , features: feat_os_macos, workspace-tests: true }
- { os: windows-latest , target: i686-pc-windows-msvc , features: feat_os_windows }
- { os: windows-latest , target: x86_64-pc-windows-gnu , features: feat_os_windows }
Expand Down Expand Up @@ -849,8 +849,16 @@ jobs:
echo "## dependency list"
cargo fetch --locked --quiet --target $(rustc --print host-tuple)
cargo tree --locked --target=${{ matrix.job.target }} ${{ matrix.job.cargo-options }} ${{ steps.vars.outputs.CARGO_FEATURES_OPTION }} ${{ steps.vars.outputs.CARGO_DEFAULT_FEATURES_OPTION }} --no-dedupe -e=no-dev --prefix=none | grep -vE "$PWD" | sort --unique
- name: Check
shell: bash
if: matrix.job.skip-publish != true && matrix.job.check-only == true
run: |
# expr breaks redox
sed -i.b '/"expr",/d' Cargo.toml
${{ steps.vars.outputs.CARGO_CMD }} ${{ steps.vars.outputs.CARGO_CMD_OPTIONS }} check \
--target=${{ matrix.job.target }} ${{ matrix.job.cargo-options }} ${{ steps.vars.outputs.CARGO_FEATURES_OPTION }} ${{ steps.vars.outputs.CARGO_DEFAULT_FEATURES_OPTION }}
- name: Test
if: matrix.job.skip-tests != true
if: matrix.job.skip-tests != true && matrix.job.check-only != true
shell: bash
run: |
## Test
Expand All @@ -861,13 +869,13 @@ jobs:
RUST_BACKTRACE: "1"
- name: Build
shell: bash
if: matrix.job.skip-publish != true
if: matrix.job.skip-publish != true && matrix.job.check-only != true
run: |
## Build
${{ steps.vars.outputs.CARGO_CMD }} ${{ steps.vars.outputs.CARGO_CMD_OPTIONS }} build --release --config=profile.release.strip=true \
--target=${{ matrix.job.target }} ${{ matrix.job.cargo-options }} ${{ steps.vars.outputs.CARGO_FEATURES_OPTION }} ${{ steps.vars.outputs.CARGO_DEFAULT_FEATURES_OPTION }}
- name: Package
if: matrix.job.skip-publish != true
if: matrix.job.skip-publish != true && matrix.job.check-only != true
shell: bash
run: |
## Package artifact(s)
Expand Down Expand Up @@ -901,7 +909,7 @@ jobs:
tar --zstd -cf docs.tar.zst share
- name: Publish
uses: softprops/action-gh-release@v2
if: steps.vars.outputs.DEPLOY && matrix.job.skip-publish != true
if: steps.vars.outputs.DEPLOY && matrix.job.skip-publish != true && matrix.job.check-only != true
with:
draft: true
files: |
Expand All @@ -911,7 +919,7 @@ jobs:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Publish latest commit
uses: softprops/action-gh-release@v2
if: github.event_name == 'push' && github.ref == 'refs/heads/main' && matrix.job.skip-publish != true
if: github.event_name == 'push' && github.ref == 'refs/heads/main' && matrix.job.skip-publish != true && matrix.job.check-only != true
with:
tag_name: latest-commit
body: |
Expand Down Expand Up @@ -1317,8 +1325,9 @@ jobs:
run: |
test -f target/debug/chcon || test -f target/debug/chcon.exe
test -f target/debug/runcon || test -f target/debug/runcon.exe
# check is enough to detect workspace breakage by chcon
- name: Verify workspace builds with stubs
run: cargo build --features ${{ matrix.job.features }}
run: cargo check --features ${{ matrix.job.features }}

test_safe_traversal:
name: Safe Traversal Security Check
Expand Down
Loading