programs/.github/workflows/ci.yml at main · resq-software/programs · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
# Copyright 2026 ResQ Software
# SPDX-License-Identifier: Apache-2.0
#
# Thin CI wrapper. Dispatches to the org-wide reusable rust-ci workflow
# in resq-software/.github; the top-level `required` job aggregates the
# result into a single status-check context consumed by the org ruleset
# `default-branch-baseline`.
#
# Security scanning runs separately in security.yml.

name: CI

on:
  push:
    branches: [main]
  pull_request:

permissions:
  contents: read

concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true

jobs:
  rust:
    uses: resq-software/.github/.github/workflows/rust-ci.yml@40fa987f5bc78d7569b9b76274f24d032ac0d7c8
    with:
      toolchain: stable
      run-fmt: true
      run-clippy: true
      run-test: true
      run-deny: false
      run-coverage: false

  required:
    name: required
    runs-on: ubuntu-latest
    needs: [rust]
    if: always()
    steps:
      - name: Aggregate
        env:
          RUST_RESULT: ${{ needs.rust.result }}
        run: |
          set -eu
          case "$RUST_RESULT" in
            success|skipped|"") echo "ok: rust=$RUST_RESULT" ;;
            *) echo "::error::rust reusable returned: $RUST_RESULT"; exit 1 ;;
          esac