aboutsummaryrefslogtreecommitdiffstats
path: root/.github/workflows
diff options
context:
space:
mode:
Diffstat (limited to '.github/workflows')
-rw-r--r--.github/workflows/ci.yml83
-rw-r--r--.github/workflows/codespell.yml28
-rw-r--r--.github/workflows/docker.yaml133
-rw-r--r--.github/workflows/installer.yml38
-rw-r--r--.github/workflows/nix.yml34
-rw-r--r--.github/workflows/release.yml304
-rw-r--r--.github/workflows/rust.yml230
-rw-r--r--.github/workflows/shellcheck.yml18
-rw-r--r--.github/workflows/update-nix-deps.yml21
9 files changed, 806 insertions, 83 deletions
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
deleted file mode 100644
index e478b6ae..00000000
--- a/.github/workflows/ci.yml
+++ /dev/null
@@ -1,83 +0,0 @@
-name: CI
-on:
- pull_request:
- push:
- branches:
- - master
-
-jobs:
- check-msrv:
- name: Check
- strategy:
- matrix:
- toolchain:
- - "1.65"
- - stable
- runs-on: ubuntu-latest
- steps:
- - name: Checkout sources
- uses: actions/checkout@v4
-
- - name: Install toolchain
- uses: dtolnay/rust-toolchain@master
- with:
- toolchain: ${{ matrix.toolchain}}
-
- - uses: Swatinem/rust-cache@v2
-
- - name: Run cargo check
- run: cargo check
- - name: Run cargo check withoult default features
- run: cargo check --no-default-features
-
- test:
- name: Test
- runs-on: ubuntu-latest
- steps:
- - name: Checkout sources
- uses: actions/checkout@v4
-
- - name: Install stable toolchain
- uses: dtolnay/rust-toolchain@stable
-
- - uses: Swatinem/rust-cache@v2
-
- - name: Run cargo test
- run: cargo test --workspace
-
- lints:
- name: Lints
- runs-on: ubuntu-latest
- steps:
- - name: Checkout sources
- uses: actions/checkout@v4
-
- - name: Install stable toolchain
- uses: dtolnay/rust-toolchain@stable
- with:
- components: rustfmt, clippy
-
- - uses: Swatinem/rust-cache@v2
-
- - name: Run cargo fmt
- run: cargo fmt --all --check
-
- - name: Run cargo clippy
- run: cargo clippy --workspace --all-targets -- -D warnings
- - name: Run cargo clippy withoult default features
- run: cargo clippy --workspace --all-targets --no-default-features -- -D warnings
-
- - name: Run cargo doc
- run: cargo doc --no-deps --workspace --document-private-items
- env:
- RUSTDOCFLAGS: -D warnings
-
- typos:
- name: Typos
- runs-on: ubuntu-latest
- steps:
- - name: Checkout sources
- uses: actions/checkout@v4
-
- - name: Run typos
- uses: crate-ci/typos@v1.16.11
diff --git a/.github/workflows/codespell.yml b/.github/workflows/codespell.yml
new file mode 100644
index 00000000..5e8da009
--- /dev/null
+++ b/.github/workflows/codespell.yml
@@ -0,0 +1,28 @@
+# Codespell configuration is within .codespellrc
+---
+name: Codespell
+
+on:
+ push:
+ branches: [main]
+ pull_request:
+ branches: [main]
+
+permissions:
+ contents: read
+
+jobs:
+ codespell:
+ name: Check for spelling errors
+ runs-on: ubuntu-latest
+
+ steps:
+ - name: Checkout
+ uses: actions/checkout@v6
+ - name: Codespell
+ uses: codespell-project/actions-codespell@v2
+ with:
+ # This is regenerated from commit history
+ # we cannot rewrite commit history, and I'd rather not correct it
+ # every time
+ exclude_file: CHANGELOG.md
diff --git a/.github/workflows/docker.yaml b/.github/workflows/docker.yaml
new file mode 100644
index 00000000..e7b3da6a
--- /dev/null
+++ b/.github/workflows/docker.yaml
@@ -0,0 +1,133 @@
+name: build-docker
+
+on:
+ push:
+ branches: [main]
+
+jobs:
+ publish_x86:
+ concurrency:
+ group: ${{ github.ref }}-x86
+ cancel-in-progress: true
+ permissions:
+ packages: write
+
+ runs-on: ubuntu-latest
+ steps:
+ - uses: actions/checkout@v6
+ with:
+ repository: atuinsh/atuin
+ path: "./"
+
+ - name: Get Repo Owner
+ id: get_repo_owner
+ run: echo "REPO_OWNER=$(echo ${{ github.repository_owner }} | tr '[:upper:]' '[:lower:]')" > $GITHUB_ENV
+
+ - name: Set up Docker Buildx
+ uses: docker/setup-buildx-action@v3
+ - name: Login to container Registry
+ uses: docker/login-action@v3
+ with:
+ username: ${{ github.repository_owner }}
+ password: ${{ secrets.GITHUB_TOKEN }}
+ registry: ghcr.io
+
+ - name: Get short sha
+ id: shortsha
+ run: echo "short_sha=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT
+
+ - name: Release build
+ id: release_build
+ uses: docker/build-push-action@v6
+ with:
+ outputs: "type=registry,push=true"
+ platforms: linux/amd64
+ file: ./Dockerfile
+ context: .
+ provenance: false
+ build-args: |
+ Version=dev
+ GitCommit=${{ steps.shortsha.outputs.short_sha }}
+ tags: |
+ ghcr.io/${{ env.REPO_OWNER }}/atuin:${{ steps.shortsha.outputs.short_sha }}-amd64
+
+ publish_aarch64:
+ concurrency:
+ group: ${{ github.ref }}-aarch64
+ cancel-in-progress: true
+ permissions:
+ packages: write
+
+ runs-on: ubuntu-24.04-arm
+ steps:
+ - uses: actions/checkout@v6
+ with:
+ repository: atuinsh/atuin
+ path: "./"
+
+ - name: Get Repo Owner
+ id: get_repo_owner
+ run: echo "REPO_OWNER=$(echo ${{ github.repository_owner }} | tr '[:upper:]' '[:lower:]')" > $GITHUB_ENV
+
+ - name: Set up Docker Buildx
+ uses: docker/setup-buildx-action@v3
+ - name: Login to container Registry
+ uses: docker/login-action@v3
+ with:
+ username: ${{ github.repository_owner }}
+ password: ${{ secrets.GITHUB_TOKEN }}
+ registry: ghcr.io
+
+ - name: Get short sha
+ id: shortsha
+ run: echo "short_sha=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT
+
+ - name: Release build
+ id: release_build
+ uses: docker/build-push-action@v6
+ with:
+ outputs: "type=registry,push=true"
+ platforms: linux/arm64
+ file: ./Dockerfile
+ context: .
+ provenance: false
+ build-args: |
+ Version=dev
+ GitCommit=${{ steps.shortsha.outputs.short_sha }}
+ tags: |
+ ghcr.io/${{ env.REPO_OWNER }}/atuin:${{ steps.shortsha.outputs.short_sha }}-aarch64
+
+ publish_manifest:
+ runs-on: ubuntu-latest
+ needs: [publish_x86, publish_aarch64]
+ steps:
+ - uses: actions/checkout@v6
+ with:
+ repository: atuinsh/atuin
+ path: "./"
+
+ - name: Get Repo Owner
+ id: get_repo_owner
+ run: echo "REPO_OWNER=$(echo ${{ github.repository_owner }} | tr '[:upper:]' '[:lower:]')" > $GITHUB_ENV
+
+ - name: Login to container Registry
+ uses: docker/login-action@v3
+ with:
+ username: ${{ github.repository_owner }}
+ password: ${{ secrets.GITHUB_TOKEN }}
+ registry: ghcr.io
+
+ - name: Get short sha
+ id: shortsha
+ run: echo "short_sha=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT
+
+ - name: Create manifest
+ run: |
+ docker manifest create ghcr.io/${{ env.REPO_OWNER }}/atuin:${{ steps.shortsha.outputs.short_sha }} \
+ --amend ghcr.io/${{ env.REPO_OWNER }}/atuin:${{ steps.shortsha.outputs.short_sha }}-amd64 \
+ --amend ghcr.io/${{ env.REPO_OWNER }}/atuin:${{ steps.shortsha.outputs.short_sha }}-aarch64
+ docker manifest annotate --arch amd64 --os linux ghcr.io/${{ env.REPO_OWNER }}/atuin:${{ steps.shortsha.outputs.short_sha }} ghcr.io/${{ env.REPO_OWNER }}/atuin:${{ steps.shortsha.outputs.short_sha }}-amd64
+ docker manifest annotate --arch arm64 --os linux ghcr.io/${{ env.REPO_OWNER }}/atuin:${{ steps.shortsha.outputs.short_sha }} ghcr.io/${{ env.REPO_OWNER }}/atuin:${{ steps.shortsha.outputs.short_sha }}-aarch64
+ docker manifest inspect ghcr.io/${{ env.REPO_OWNER }}/atuin:${{ steps.shortsha.outputs.short_sha }}
+
+ docker manifest push ghcr.io/${{ env.REPO_OWNER }}/atuin:${{ steps.shortsha.outputs.short_sha }}
diff --git a/.github/workflows/installer.yml b/.github/workflows/installer.yml
new file mode 100644
index 00000000..33fbe50d
--- /dev/null
+++ b/.github/workflows/installer.yml
@@ -0,0 +1,38 @@
+name: Install
+
+on:
+ push:
+ branches: [main]
+ pull_request:
+ paths: .github/workflows/installer.yml
+
+env:
+ CARGO_TERM_COLOR: always
+
+jobs:
+ install:
+ strategy:
+ matrix:
+ os: [ubuntu-latest, macos-14]
+ runs-on: ${{ matrix.os }}
+
+ steps:
+ - uses: actions/checkout@v6
+
+ - name: Install zsh for ubuntu
+ if: matrix.os == 'ubuntu-latest'
+ run: |
+ sudo apt install zsh
+
+ - name: Test install script on bash
+ run: |
+ /bin/bash -c "$(curl --proto '=https' --tlsv1.2 -sSf https://setup.atuin.sh)"
+ [ -d "$HOME/.atuin" ] && source $HOME/.atuin/bin/env
+ atuin --help
+
+ - name: Test install script on zsh
+ shell: zsh {0}
+ run: |
+ /bin/bash -c "$(curl --proto '=https' --tlsv1.2 -sSf https://setup.atuin.sh)"
+ [ -d "$HOME/.atuin" ] && source $HOME/.atuin/bin/env
+ atuin --help
diff --git a/.github/workflows/nix.yml b/.github/workflows/nix.yml
new file mode 100644
index 00000000..b148d979
--- /dev/null
+++ b/.github/workflows/nix.yml
@@ -0,0 +1,34 @@
+# Verify the Nix build is working
+# Failures will usually occur due to an out of date Rust version
+# That can be updated to the latest version in nixpkgs-unstable with `nix flake update`
+name: Nix
+on:
+ push:
+ branches: [ main ]
+ paths-ignore:
+ - 'ui/**'
+ pull_request:
+ branches: [ main ]
+ paths-ignore:
+ - 'ui/**'
+
+jobs:
+ check:
+ runs-on: ubuntu-latest
+
+ steps:
+ - uses: actions/checkout@v6
+ - uses: cachix/install-nix-action@v31
+
+ - name: Run nix flake check
+ run: nix flake check --print-build-logs
+
+ build-test:
+ runs-on: ubuntu-latest
+
+ steps:
+ - uses: actions/checkout@v6
+ - uses: cachix/install-nix-action@v31
+
+ - name: Run nix build
+ run: nix build --print-build-logs
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
new file mode 100644
index 00000000..5da97452
--- /dev/null
+++ b/.github/workflows/release.yml
@@ -0,0 +1,304 @@
+# This file was autogenerated by dist: https://axodotdev.github.io/cargo-dist
+#
+# Copyright 2022-2024, axodotdev
+# SPDX-License-Identifier: MIT or Apache-2.0
+#
+# CI that:
+#
+# * checks for a Git Tag that looks like a release
+# * builds artifacts with dist (archives, installers, hashes)
+# * uploads those artifacts to temporary workflow zip
+# * on success, uploads the artifacts to a GitHub Release
+#
+# Note that the GitHub Release will be created with a generated
+# title/body based on your changelogs.
+
+name: Release
+permissions:
+ "contents": "write"
+
+# This task will run whenever you push a git tag that looks like a version
+# like "1.0.0", "v0.1.0-prerelease.1", "my-app/0.1.0", "releases/v1.0.0", etc.
+# Various formats will be parsed into a VERSION and an optional PACKAGE_NAME, where
+# PACKAGE_NAME must be the name of a Cargo package in your workspace, and VERSION
+# must be a Cargo-style SemVer Version (must have at least major.minor.patch).
+#
+# If PACKAGE_NAME is specified, then the announcement will be for that
+# package (erroring out if it doesn't have the given version or isn't dist-able).
+#
+# If PACKAGE_NAME isn't specified, then the announcement will be for all
+# (dist-able) packages in the workspace with that version (this mode is
+# intended for workspaces with only one dist-able package, or with all dist-able
+# packages versioned/released in lockstep).
+#
+# If you push multiple tags at once, separate instances of this workflow will
+# spin up, creating an independent announcement for each one. However, GitHub
+# will hard limit this to 3 tags per commit, as it will assume more tags is a
+# mistake.
+#
+# If there's a prerelease-style suffix to the version, then the release(s)
+# will be marked as a prerelease.
+on:
+ pull_request:
+ push:
+ tags:
+ - '**[0-9]+.[0-9]+.[0-9]+*'
+
+jobs:
+ # Run 'dist plan' (or host) to determine what tasks we need to do
+ plan:
+ runs-on: "ubuntu-22.04"
+ outputs:
+ val: ${{ steps.plan.outputs.manifest }}
+ tag: ${{ !github.event.pull_request && github.ref_name || '' }}
+ tag-flag: ${{ !github.event.pull_request && format('--tag={0}', github.ref_name) || '' }}
+ publishing: ${{ !github.event.pull_request }}
+ env:
+ GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ steps:
+ - uses: actions/checkout@v6
+ with:
+ persist-credentials: false
+ submodules: recursive
+ - name: Install dist
+ # we specify bash to get pipefail; it guards against the `curl` command
+ # failing. otherwise `sh` won't catch that `curl` returned non-0
+ shell: bash
+ run: "curl --proto '=https' --tlsv1.2 -LsSf https://github.com/axodotdev/cargo-dist/releases/download/v0.31.0/cargo-dist-installer.sh | sh"
+ - name: Cache dist
+ uses: actions/upload-artifact@v6
+ with:
+ name: cargo-dist-cache
+ path: ~/.cargo/bin/dist
+ # sure would be cool if github gave us proper conditionals...
+ # so here's a doubly-nested ternary-via-truthiness to try to provide the best possible
+ # functionality based on whether this is a pull_request, and whether it's from a fork.
+ # (PRs run on the *source* but secrets are usually on the *target* -- that's *good*
+ # but also really annoying to build CI around when it needs secrets to work right.)
+ - id: plan
+ run: |
+ dist ${{ (!github.event.pull_request && format('host --steps=create --tag={0}', github.ref_name)) || 'plan' }} --output-format=json > plan-dist-manifest.json
+ echo "dist ran successfully"
+ cat plan-dist-manifest.json
+ echo "manifest=$(jq -c "." plan-dist-manifest.json)" >> "$GITHUB_OUTPUT"
+ - name: "Upload dist-manifest.json"
+ uses: actions/upload-artifact@v6
+ with:
+ name: artifacts-plan-dist-manifest
+ path: plan-dist-manifest.json
+
+ # Build and packages all the platform-specific things
+ build-local-artifacts:
+ name: build-local-artifacts (${{ join(matrix.targets, ', ') }})
+ # Let the initial task tell us to not run (currently very blunt)
+ needs:
+ - plan
+ if: ${{ fromJson(needs.plan.outputs.val).ci.github.artifacts_matrix.include != null && (needs.plan.outputs.publishing == 'true' || fromJson(needs.plan.outputs.val).ci.github.pr_run_mode == 'upload') }}
+ strategy:
+ fail-fast: false
+ # Target platforms/runners are computed by dist in create-release.
+ # Each member of the matrix has the following arguments:
+ #
+ # - runner: the github runner
+ # - dist-args: cli flags to pass to dist
+ # - install-dist: expression to run to install dist on the runner
+ #
+ # Typically there will be:
+ # - 1 "global" task that builds universal installers
+ # - N "local" tasks that build each platform's binaries and platform-specific installers
+ matrix: ${{ fromJson(needs.plan.outputs.val).ci.github.artifacts_matrix }}
+ runs-on: ${{ matrix.runner }}
+ container: ${{ matrix.container && matrix.container.image || null }}
+ env:
+ GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ BUILD_MANIFEST_NAME: target/distrib/${{ join(matrix.targets, '-') }}-dist-manifest.json
+ permissions:
+ "attestations": "write"
+ "contents": "read"
+ "id-token": "write"
+ steps:
+ - name: enable windows longpaths
+ run: |
+ git config --global core.longpaths true
+ - uses: actions/checkout@v6
+ with:
+ persist-credentials: false
+ submodules: recursive
+ - name: Install Rust non-interactively if not already installed
+ if: ${{ matrix.container }}
+ run: |
+ if ! command -v cargo > /dev/null 2>&1; then
+ curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y
+ echo "$HOME/.cargo/bin" >> $GITHUB_PATH
+ fi
+ - name: Install dist
+ run: ${{ matrix.install_dist.run }}
+ # Get the dist-manifest
+ - name: Fetch local artifacts
+ uses: actions/download-artifact@v7
+ with:
+ pattern: artifacts-*
+ path: target/distrib/
+ merge-multiple: true
+ - name: Install dependencies
+ run: |
+ ${{ matrix.packages_install }}
+ - name: Build artifacts
+ run: |
+ # Actually do builds and make zips and whatnot
+ dist build ${{ needs.plan.outputs.tag-flag }} --print=linkage --output-format=json ${{ matrix.dist_args }} > dist-manifest.json
+ echo "dist ran successfully"
+ - name: Attest
+ uses: actions/attest-build-provenance@v3
+ with:
+ subject-path: "target/distrib/*${{ join(matrix.targets, ', ') }}*"
+ - id: cargo-dist
+ name: Post-build
+ # We force bash here just because github makes it really hard to get values up
+ # to "real" actions without writing to env-vars, and writing to env-vars has
+ # inconsistent syntax between shell and powershell.
+ shell: bash
+ run: |
+ # Parse out what we just built and upload it to scratch storage
+ echo "paths<<EOF" >> "$GITHUB_OUTPUT"
+ dist print-upload-files-from-manifest --manifest dist-manifest.json >> "$GITHUB_OUTPUT"
+ echo "EOF" >> "$GITHUB_OUTPUT"
+
+ cp dist-manifest.json "$BUILD_MANIFEST_NAME"
+ - name: "Upload artifacts"
+ uses: actions/upload-artifact@v6
+ with:
+ name: artifacts-build-local-${{ join(matrix.targets, '_') }}
+ path: |
+ ${{ steps.cargo-dist.outputs.paths }}
+ ${{ env.BUILD_MANIFEST_NAME }}
+
+ # Build and package all the platform-agnostic(ish) things
+ build-global-artifacts:
+ needs:
+ - plan
+ - build-local-artifacts
+ runs-on: "ubuntu-22.04"
+ env:
+ GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ BUILD_MANIFEST_NAME: target/distrib/global-dist-manifest.json
+ steps:
+ - uses: actions/checkout@v6
+ with:
+ persist-credentials: false
+ submodules: recursive
+ - name: Install cached dist
+ uses: actions/download-artifact@v7
+ with:
+ name: cargo-dist-cache
+ path: ~/.cargo/bin/
+ - run: chmod +x ~/.cargo/bin/dist
+ # Get all the local artifacts for the global tasks to use (for e.g. checksums)
+ - name: Fetch local artifacts
+ uses: actions/download-artifact@v7
+ with:
+ pattern: artifacts-*
+ path: target/distrib/
+ merge-multiple: true
+ - id: cargo-dist
+ shell: bash
+ run: |
+ dist build ${{ needs.plan.outputs.tag-flag }} --output-format=json "--artifacts=global" > dist-manifest.json
+ echo "dist ran successfully"
+
+ # Parse out what we just built and upload it to scratch storage
+ echo "paths<<EOF" >> "$GITHUB_OUTPUT"
+ jq --raw-output ".upload_files[]" dist-manifest.json >> "$GITHUB_OUTPUT"
+ echo "EOF" >> "$GITHUB_OUTPUT"
+
+ cp dist-manifest.json "$BUILD_MANIFEST_NAME"
+ - name: "Upload artifacts"
+ uses: actions/upload-artifact@v6
+ with:
+ name: artifacts-build-global
+ path: |
+ ${{ steps.cargo-dist.outputs.paths }}
+ ${{ env.BUILD_MANIFEST_NAME }}
+ # Determines if we should publish/announce
+ host:
+ needs:
+ - plan
+ - build-local-artifacts
+ - build-global-artifacts
+ # Only run if we're "publishing", and only if plan, local and global didn't fail (skipped is fine)
+ if: ${{ always() && needs.plan.result == 'success' && needs.plan.outputs.publishing == 'true' && (needs.build-global-artifacts.result == 'skipped' || needs.build-global-artifacts.result == 'success') && (needs.build-local-artifacts.result == 'skipped' || needs.build-local-artifacts.result == 'success') }}
+ env:
+ GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ runs-on: "ubuntu-22.04"
+ outputs:
+ val: ${{ steps.host.outputs.manifest }}
+ steps:
+ - uses: actions/checkout@v6
+ with:
+ persist-credentials: false
+ submodules: recursive
+ - name: Install cached dist
+ uses: actions/download-artifact@v7
+ with:
+ name: cargo-dist-cache
+ path: ~/.cargo/bin/
+ - run: chmod +x ~/.cargo/bin/dist
+ # Fetch artifacts from scratch-storage
+ - name: Fetch artifacts
+ uses: actions/download-artifact@v7
+ with:
+ pattern: artifacts-*
+ path: target/distrib/
+ merge-multiple: true
+ - id: host
+ shell: bash
+ run: |
+ dist host ${{ needs.plan.outputs.tag-flag }} --steps=upload --steps=release --output-format=json > dist-manifest.json
+ echo "artifacts uploaded and released successfully"
+ cat dist-manifest.json
+ echo "manifest=$(jq -c "." dist-manifest.json)" >> "$GITHUB_OUTPUT"
+ - name: "Upload dist-manifest.json"
+ uses: actions/upload-artifact@v6
+ with:
+ # Overwrite the previous copy
+ name: artifacts-dist-manifest
+ path: dist-manifest.json
+ # Create a GitHub Release while uploading all files to it
+ - name: "Download GitHub Artifacts"
+ uses: actions/download-artifact@v7
+ with:
+ pattern: artifacts-*
+ path: artifacts
+ merge-multiple: true
+ - name: Cleanup
+ run: |
+ # Remove the granular manifests
+ rm -f artifacts/*-dist-manifest.json
+ - name: Create GitHub Release
+ env:
+ PRERELEASE_FLAG: "${{ fromJson(steps.host.outputs.manifest).announcement_is_prerelease && '--prerelease' || '' }}"
+ ANNOUNCEMENT_TITLE: "${{ fromJson(steps.host.outputs.manifest).announcement_title }}"
+ ANNOUNCEMENT_BODY: "${{ fromJson(steps.host.outputs.manifest).announcement_github_body }}"
+ RELEASE_COMMIT: "${{ github.sha }}"
+ run: |
+ # Write and read notes from a file to avoid quoting breaking things
+ echo "$ANNOUNCEMENT_BODY" > $RUNNER_TEMP/notes.txt
+
+ gh release create "${{ needs.plan.outputs.tag }}" --target "$RELEASE_COMMIT" $PRERELEASE_FLAG --title "$ANNOUNCEMENT_TITLE" --notes-file "$RUNNER_TEMP/notes.txt" artifacts/*
+
+ announce:
+ needs:
+ - plan
+ - host
+ # use "always() && ..." to allow us to wait for all publish jobs while
+ # still allowing individual publish jobs to skip themselves (for prereleases).
+ # "host" however must run to completion, no skipping allowed!
+ if: ${{ always() && needs.host.result == 'success' }}
+ runs-on: "ubuntu-22.04"
+ env:
+ GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ steps:
+ - uses: actions/checkout@v6
+ with:
+ persist-credentials: false
+ submodules: recursive
diff --git a/.github/workflows/rust.yml b/.github/workflows/rust.yml
new file mode 100644
index 00000000..b996c582
--- /dev/null
+++ b/.github/workflows/rust.yml
@@ -0,0 +1,230 @@
+name: Rust
+
+on:
+ push:
+ branches: [main]
+ paths-ignore:
+ - "ui/**"
+ pull_request:
+ branches: [main]
+ paths-ignore:
+ - "ui/**"
+
+env:
+ CARGO_TERM_COLOR: always
+
+jobs:
+ build:
+ strategy:
+ matrix:
+ os: [ubuntu-latest, macos-14, windows-latest]
+ runs-on: ${{ matrix.os }}
+
+ steps:
+ - uses: actions/checkout@v6
+
+ - name: Install rust
+ uses: dtolnay/rust-toolchain@master
+ with:
+ toolchain: 1.94.0
+
+ - uses: actions/cache@v5
+ with:
+ path: |
+ ~/.cargo/registry
+ ~/.cargo/git
+ target
+ key: ${{ runner.os }}-cargo-release-${{ hashFiles('**/Cargo.lock') }}
+
+ - name: Run cargo build common
+ run: cargo build -p atuin-common --locked --release
+
+ - name: Run cargo build client
+ run: cargo build -p atuin-client --locked --release
+
+ - name: Run cargo build server
+ run: cargo build -p atuin-server --locked --release
+
+ - name: Run cargo build main
+ run: cargo build --all --locked --release
+
+ cross-compile:
+ strategy:
+ matrix:
+ # There was an attempt to make cross-compiles also work on FreeBSD, but that failed with:
+ #
+ # warning: libelf.so.2, needed by <...>/libkvm.so, not found (try using -rpath or -rpath-link)
+ target: [x86_64-unknown-illumos]
+ runs-on: ubuntu-latest
+ steps:
+ - uses: actions/checkout@v6
+
+ - name: Install cross
+ uses: taiki-e/install-action@v2
+ with:
+ tool: cross
+
+ - uses: actions/cache@v5
+ with:
+ path: |
+ ~/.cargo/registry
+ ~/.cargo/git
+ target
+ key: ${{ matrix.target }}-cross-compile-${{ hashFiles('**/Cargo.lock') }}
+
+ - name: Run cross build common
+ run: cross build -p atuin-common --locked --target ${{ matrix.target }}
+
+ - name: Run cross build client
+ run: cross build -p atuin-client --locked --target ${{ matrix.target }}
+
+ - name: Run cross build server
+ run: cross build -p atuin-server --locked --target ${{ matrix.target }}
+
+ - name: Run cross build main
+ run: |
+ cross build --all --locked --target ${{ matrix.target }}
+
+ unit-test:
+ strategy:
+ matrix:
+ os: [ubuntu-latest, macos-14, windows-latest]
+ runs-on: ${{ matrix.os }}
+
+ steps:
+ - uses: actions/checkout@v6
+
+ - name: Install rust
+ uses: dtolnay/rust-toolchain@master
+ with:
+ toolchain: 1.94.0
+
+ - uses: taiki-e/install-action@v2
+ name: Install nextest
+ with:
+ tool: cargo-nextest
+
+ - uses: actions/cache@v5
+ with:
+ path: |
+ ~/.cargo/registry
+ ~/.cargo/git
+ target
+ key: ${{ runner.os }}-cargo-debug-${{ hashFiles('**/Cargo.lock') }}
+
+ - name: Run cargo test
+ run: cargo nextest run --lib --bins
+
+ check:
+ strategy:
+ matrix:
+ os: [ubuntu-latest, macos-14, windows-latest]
+ runs-on: ${{ matrix.os }}
+
+ steps:
+ - uses: actions/checkout@v6
+
+ - name: Install rust
+ uses: dtolnay/rust-toolchain@master
+ with:
+ toolchain: 1.94.0
+
+ - uses: actions/cache@v5
+ with:
+ path: |
+ ~/.cargo/registry
+ ~/.cargo/git
+ target
+ key: ${{ runner.os }}-cargo-debug-${{ hashFiles('**/Cargo.lock') }}
+
+ - name: Run cargo check (all features)
+ run: cargo check --all-features --workspace
+
+ - name: Run cargo check (no features)
+ run: cargo check --no-default-features --workspace
+
+ - name: Run cargo check (sync)
+ run: cargo check --no-default-features --features sync --workspace
+
+ - name: Run cargo check (server)
+ run: cargo check -p atuin-server
+
+ - name: Run cargo check (client only)
+ run: cargo check --no-default-features --features client --workspace
+
+ integration-test:
+ runs-on: ubuntu-latest
+
+ services:
+ postgres:
+ image: postgres
+ env:
+ POSTGRES_USER: atuin
+ POSTGRES_PASSWORD: pass
+ POSTGRES_DB: atuin
+ ports:
+ - 5432:5432
+
+ steps:
+ - uses: actions/checkout@v6
+
+ - name: Install rust
+ uses: dtolnay/rust-toolchain@master
+ with:
+ toolchain: 1.94.0
+
+ - uses: taiki-e/install-action@v2
+ name: Install nextest
+ with:
+ tool: cargo-nextest
+
+ - uses: actions/cache@v5
+ with:
+ path: |
+ ~/.cargo/registry
+ ~/.cargo/git
+ target
+ key: ${{ runner.os }}-cargo-debug-${{ hashFiles('**/Cargo.lock') }}
+
+ - name: Run cargo test
+ run: cargo nextest run --test '*'
+ env:
+ ATUIN_DB_URI: postgres://atuin:pass@localhost:5432/atuin
+
+ clippy:
+ runs-on: ubuntu-latest
+
+ steps:
+ - uses: actions/checkout@v6
+
+ - name: Install latest rust
+ uses: dtolnay/rust-toolchain@master
+ with:
+ toolchain: 1.94.0
+ components: clippy
+
+ - uses: actions/cache@v5
+ with:
+ path: |
+ ~/.cargo/registry
+ ~/.cargo/git
+ target
+ key: ${{ runner.os }}-cargo-debug-${{ hashFiles('**/Cargo.lock') }}
+
+ - name: Run clippy
+ run: cargo clippy -- -D warnings -D clippy::redundant_clone
+
+ format:
+ runs-on: ubuntu-latest
+
+ steps:
+ - uses: actions/checkout@v6
+
+ - name: Install latest rust
+ uses: dtolnay/rust-toolchain@master
+ with:
+ toolchain: 1.94.0
+ components: rustfmt
+
+ - name: Format
+ run: cargo fmt -- --check
diff --git a/.github/workflows/shellcheck.yml b/.github/workflows/shellcheck.yml
new file mode 100644
index 00000000..7c983232
--- /dev/null
+++ b/.github/workflows/shellcheck.yml
@@ -0,0 +1,18 @@
+name: Shellcheck
+
+on:
+ push:
+ branches: [ main ]
+ pull_request:
+ branches: [ main ]
+
+jobs:
+ shellcheck:
+ runs-on: ubuntu-latest
+
+ steps:
+ - uses: actions/checkout@v6
+ - name: Run shellcheck
+ uses: ludeeus/action-shellcheck@master
+ env:
+ SHELLCHECK_OPTS: "-e SC2148"
diff --git a/.github/workflows/update-nix-deps.yml b/.github/workflows/update-nix-deps.yml
new file mode 100644
index 00000000..8c43e549
--- /dev/null
+++ b/.github/workflows/update-nix-deps.yml
@@ -0,0 +1,21 @@
+name: Update Nix Deps
+on:
+ workflow_dispatch: # allows manual triggering
+ schedule:
+ - cron: '0 0 1 * *' # runs monthly on the first day of the month at 00:00
+
+jobs:
+ lockfile:
+ runs-on: ubuntu-latest
+ if: github.repository == 'atuinsh/atuin'
+ steps:
+ - name: Checkout repository
+ uses: actions/checkout@v6
+ - name: Install Nix
+ uses: DeterminateSystems/nix-installer-action@main
+ - name: Update flake.lock
+ uses: DeterminateSystems/update-flake-lock@main
+ with:
+ pr-title: "chore(deps): update flake.lock"
+ pr-labels: |
+ dependencies