fix(ci): address second AI review — || true, ca-certs, cache@v4, key suffixes
All checks were successful
Test / frontend-typecheck (pull_request) Successful in 2m35s
Test / frontend-tests (pull_request) Successful in 2m39s
PR Review Automation / review (pull_request) Successful in 2m49s
Test / rust-clippy (pull_request) Successful in 4m7s
Test / rust-fmt-check (pull_request) Successful in 13s
Test / rust-tests (pull_request) Successful in 3m37s
All checks were successful
Test / frontend-typecheck (pull_request) Successful in 2m35s
Test / frontend-tests (pull_request) Successful in 2m39s
PR Review Automation / review (pull_request) Successful in 2m49s
Test / rust-clippy (pull_request) Successful in 4m7s
Test / rust-fmt-check (pull_request) Successful in 13s
Test / rust-tests (pull_request) Successful in 3m37s
Dockerfiles: - Remove || true from rustup component add in all three Linux images; rust:1.88-slim default profile already includes both components so the command is a clean no-op, not a failure risk — silencing errors served no purpose and only hid potential toolchain issues - Add ca-certificates explicitly to Dockerfile.linux-amd64 and Dockerfile.windows-cross (rust:1.88-slim includes it, but being explicit is consistent with the arm64 fix and future-proofs against base image changes) Workflows: - Upgrade actions/cache@v3 → @v4 across test.yml and auto-tag.yml (v3 deprecated; v4 has parallel uploads and better large-cache support) - Add linux-amd64 suffix to cargo cache keys in test.yml Rust jobs and auto-tag.yml build-linux-amd64 job; all four jobs target the same architecture and now share a cache, benefiting from cross-job hits (registry cache is source tarballs, not compiled artifacts — no pollution risk between targets) Not changed: - alpine:latest + docker-cli in build-images.yml is correct; the reviewer confused DinD with socket passthrough — docker:24-cli also has no daemon, both use the host socket; the builds already proved alpine works - curl|bash for rustup is the official install method; rustup.rs publishes no checksums for the installer script itself
This commit is contained in:
Shaun Arman
parent
397cef383d
commit
30d26ed0c1
@ -8,6 +8,7 @@ FROM rust:1.88-slim
|
||||
|
||||
RUN apt-get update -qq \
|
||||
&& apt-get install -y -qq --no-install-recommends \
|
||||
ca-certificates \
|
||||
libwebkit2gtk-4.1-dev \
|
||||
libssl-dev \
|
||||
libgtk-3-dev \
|
||||
@ -24,4 +25,4 @@ RUN apt-get update -qq \
|
||||
&& rm -rf /var/lib/apt/lists/*
|
||||
|
||||
RUN rustup target add x86_64-unknown-linux-gnu \
|
||||
&& rustup component add rustfmt clippy || true
|
||||
&& rustup component add rustfmt clippy
|
||||
|
||||
@ -43,6 +43,6 @@ RUN curl -fsSL https://deb.nodesource.com/setup_22.x | bash - \
|
||||
RUN curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y \
|
||||
--default-toolchain 1.88.0 --profile minimal --no-modify-path \
|
||||
&& /root/.cargo/bin/rustup target add aarch64-unknown-linux-gnu \
|
||||
&& (/root/.cargo/bin/rustup component add rustfmt clippy || true)
|
||||
&& /root/.cargo/bin/rustup component add rustfmt clippy
|
||||
|
||||
ENV PATH="/root/.cargo/bin:${PATH}"
|
||||
|
||||
@ -8,6 +8,7 @@ FROM rust:1.88-slim
|
||||
|
||||
RUN apt-get update -qq \
|
||||
&& apt-get install -y -qq --no-install-recommends \
|
||||
ca-certificates \
|
||||
mingw-w64 \
|
||||
curl \
|
||||
nsis \
|
||||
|
||||
@ -141,17 +141,17 @@ jobs:
|
||||
git fetch --depth=1 origin "$GITHUB_SHA"
|
||||
git checkout FETCH_HEAD
|
||||
- name: Cache cargo registry
|
||||
uses: actions/cache@v3
|
||||
uses: actions/cache@v4
|
||||
with:
|
||||
path: |
|
||||
~/.cargo/registry/index
|
||||
~/.cargo/registry/cache
|
||||
~/.cargo/git/db
|
||||
key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
|
||||
key: ${{ runner.os }}-cargo-linux-amd64-${{ hashFiles('**/Cargo.lock') }}
|
||||
restore-keys: |
|
||||
${{ runner.os }}-cargo-
|
||||
${{ runner.os }}-cargo-linux-amd64-
|
||||
- name: Cache npm
|
||||
uses: actions/cache@v3
|
||||
uses: actions/cache@v4
|
||||
with:
|
||||
path: ~/.npm
|
||||
key: ${{ runner.os }}-npm-${{ hashFiles('**/package-lock.json') }}
|
||||
@ -234,7 +234,7 @@ jobs:
|
||||
git fetch --depth=1 origin "$GITHUB_SHA"
|
||||
git checkout FETCH_HEAD
|
||||
- name: Cache cargo registry
|
||||
uses: actions/cache@v3
|
||||
uses: actions/cache@v4
|
||||
with:
|
||||
path: |
|
||||
~/.cargo/registry/index
|
||||
@ -244,7 +244,7 @@ jobs:
|
||||
restore-keys: |
|
||||
${{ runner.os }}-cargo-windows-
|
||||
- name: Cache npm
|
||||
uses: actions/cache@v3
|
||||
uses: actions/cache@v4
|
||||
with:
|
||||
path: ~/.npm
|
||||
key: ${{ runner.os }}-npm-${{ hashFiles('**/package-lock.json') }}
|
||||
@ -418,7 +418,7 @@ jobs:
|
||||
git fetch --depth=1 origin "$GITHUB_SHA"
|
||||
git checkout FETCH_HEAD
|
||||
- name: Cache cargo registry
|
||||
uses: actions/cache@v3
|
||||
uses: actions/cache@v4
|
||||
with:
|
||||
path: |
|
||||
~/.cargo/registry/index
|
||||
@ -428,7 +428,7 @@ jobs:
|
||||
restore-keys: |
|
||||
${{ runner.os }}-cargo-arm64-
|
||||
- name: Cache npm
|
||||
uses: actions/cache@v3
|
||||
uses: actions/cache@v4
|
||||
with:
|
||||
path: ~/.npm
|
||||
key: ${{ runner.os }}-npm-${{ hashFiles('**/package-lock.json') }}
|
||||
|
||||
@ -28,15 +28,15 @@ jobs:
|
||||
fi
|
||||
git checkout FETCH_HEAD
|
||||
- name: Cache cargo registry
|
||||
uses: actions/cache@v3
|
||||
uses: actions/cache@v4
|
||||
with:
|
||||
path: |
|
||||
~/.cargo/registry/index
|
||||
~/.cargo/registry/cache
|
||||
~/.cargo/git/db
|
||||
key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
|
||||
key: ${{ runner.os }}-cargo-linux-amd64-${{ hashFiles('**/Cargo.lock') }}
|
||||
restore-keys: |
|
||||
${{ runner.os }}-cargo-
|
||||
${{ runner.os }}-cargo-linux-amd64-
|
||||
- run: cargo fmt --manifest-path src-tauri/Cargo.toml --check
|
||||
|
||||
rust-clippy:
|
||||
@ -63,15 +63,15 @@ jobs:
|
||||
fi
|
||||
git checkout FETCH_HEAD
|
||||
- name: Cache cargo registry
|
||||
uses: actions/cache@v3
|
||||
uses: actions/cache@v4
|
||||
with:
|
||||
path: |
|
||||
~/.cargo/registry/index
|
||||
~/.cargo/registry/cache
|
||||
~/.cargo/git/db
|
||||
key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
|
||||
key: ${{ runner.os }}-cargo-linux-amd64-${{ hashFiles('**/Cargo.lock') }}
|
||||
restore-keys: |
|
||||
${{ runner.os }}-cargo-
|
||||
${{ runner.os }}-cargo-linux-amd64-
|
||||
- run: cargo clippy --locked --manifest-path src-tauri/Cargo.toml -- -D warnings
|
||||
|
||||
rust-tests:
|
||||
@ -98,15 +98,15 @@ jobs:
|
||||
fi
|
||||
git checkout FETCH_HEAD
|
||||
- name: Cache cargo registry
|
||||
uses: actions/cache@v3
|
||||
uses: actions/cache@v4
|
||||
with:
|
||||
path: |
|
||||
~/.cargo/registry/index
|
||||
~/.cargo/registry/cache
|
||||
~/.cargo/git/db
|
||||
key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
|
||||
key: ${{ runner.os }}-cargo-linux-amd64-${{ hashFiles('**/Cargo.lock') }}
|
||||
restore-keys: |
|
||||
${{ runner.os }}-cargo-
|
||||
${{ runner.os }}-cargo-linux-amd64-
|
||||
- run: cargo test --locked --manifest-path src-tauri/Cargo.toml -- --test-threads=1
|
||||
|
||||
frontend-typecheck:
|
||||
@ -134,7 +134,7 @@ jobs:
|
||||
fi
|
||||
git checkout FETCH_HEAD
|
||||
- name: Cache npm
|
||||
uses: actions/cache@v3
|
||||
uses: actions/cache@v4
|
||||
with:
|
||||
path: ~/.npm
|
||||
key: ${{ runner.os }}-npm-${{ hashFiles('**/package-lock.json') }}
|
||||
@ -168,7 +168,7 @@ jobs:
|
||||
fi
|
||||
git checkout FETCH_HEAD
|
||||
- name: Cache npm
|
||||
uses: actions/cache@v3
|
||||
uses: actions/cache@v4
|
||||
with:
|
||||
path: ~/.npm
|
||||
key: ${{ runner.os }}-npm-${{ hashFiles('**/package-lock.json') }}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user