Implement memory zeroization before dropping private key #722
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# yaml-language-server: $schema=https://json.schemastore.org/github-workflow | |
name: test | |
permissions: | |
contents: read | |
on: | |
pull_request: | |
push: | |
branches: | |
- main | |
workflow_dispatch: | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.ref }} | |
cancel-in-progress: true | |
env: | |
CARGO_INCREMENTAL: 0 | |
CARGO_TERM_COLOR: always | |
RUST_BACKTRACE: short | |
jobs: | |
run: | |
strategy: | |
# Don't give up on the whole matrix if one variant fails. | |
fail-fast: false | |
matrix: | |
# Keep targets archs in sync with `latest-dependencies.yaml`. Use | |
# specific versions of runner OS here and latest ones in | |
# `latest-dependencies.yaml`. | |
include: | |
- target: aarch64-apple-darwin | |
runner_os: macos-14 | |
- target: aarch64-apple-darwin | |
runner_os: macos-15 | |
- target: armv7-unknown-linux-gnueabihf | |
runner_os: ubuntu-20.04 | |
- target: armv7-unknown-linux-gnueabihf | |
runner_os: ubuntu-22.04 | |
- target: armv7-unknown-linux-gnueabihf | |
runner_os: ubuntu-24.04 | |
- target: x86_64-apple-darwin | |
runner_os: macos-13 | |
- target: x86_64-apple-darwin | |
runner_os: macos-14 | |
- target: x86_64-apple-darwin | |
runner_os: macos-15 | |
- target: x86_64-pc-windows-msvc | |
runner_os: windows-2019 | |
- target: x86_64-pc-windows-msvc | |
runner_os: windows-2022 | |
- target: x86_64-unknown-linux-gnu | |
runner_os: ubuntu-20.04 | |
- target: x86_64-unknown-linux-gnu | |
runner_os: ubuntu-22.04 | |
- target: x86_64-unknown-linux-gnu | |
runner_os: ubuntu-24.04 | |
- target: x86_64-unknown-linux-musl | |
runner_os: ubuntu-20.04 | |
- target: x86_64-unknown-linux-musl | |
runner_os: ubuntu-22.04 | |
- target: x86_64-unknown-linux-musl | |
runner_os: ubuntu-24.04 | |
runs-on: ${{ matrix.runner_os }} | |
steps: | |
- name: Adjust build settings for Windows | |
if: contains(matrix.target, '-windows-') | |
# Required for Windows builds: for version numbers with pre-release part | |
# as suffix, the resulting paths would get too long to build otherwise. | |
run: >- | |
echo "CARGO_TARGET_DIR=D:\t" >> $env:GITHUB_ENV | |
- name: Install Rust toolchain | |
# Use specific Rust version that is the minimum supported `rust-version` | |
# (MSRV) from `Cargo.toml`. | |
uses: dtolnay/rust-toolchain@1.80 | |
- name: Install cross-compilation tools | |
uses: taiki-e/setup-cross-toolchain-action@v1 | |
with: | |
target: ${{ matrix.target }} | |
- name: Install Cargo helpers | |
run: >- | |
cargo install cargo-hack | |
# Check out the repository before the remaining steps that depend on it. | |
# All preceding steps are independent of the repository contents. | |
- name: Check out repository | |
uses: actions/checkout@v4 | |
- name: Cache Rust toolchain and build artifacts | |
uses: Swatinem/rust-cache@v2 | |
with: | |
# The cache should not be shared between different workflows, jobs, and targets. | |
shared-key: ${{ github.workflow }}-${{ github.job }}-${{ matrix.target }}-${{ matrix.runner_os }} | |
- name: Build with feature combinations | |
run: >- | |
cargo hack --each-feature build --locked | |
- name: Run tests (bins/lib/tests/examples) with feature combinations | |
run: >- | |
cargo hack --each-feature test --locked | |
--bins --lib --tests --examples | |
# Compile and run doctests, which have been excluded in the previous | |
# step(s). | |
# | |
# Doctests may use any features and there is no easy way to activate | |
# certain features only for some doctests, so we run them without | |
# `cargo-hack`. | |
- name: Run doctests with all features enabled | |
run: >- | |
cargo test --locked --all-features | |
--doc | |
- name: Build package with all features enabled | |
run: >- | |
cargo package --locked --all-features |