1
0
Fork 0
mirror of https://github.com/imjasonh/rustvulncheck synced 2026-07-08 20:25:28 +00:00

Add CI workflow for tests and enrichment dry-run

Two jobs:
- test: builds and runs cargo test
- enrichment-dry-run: runs the pipeline against 10 real advisories
  using the Actions GITHUB_TOKEN, uploads vuln_db.json as artifact

https://claude.ai/code/session_01AeNG3herWfKhos9uZVUY5d
This commit is contained in:
Claude 2026-03-25 01:34:22 +00:00
parent 430816c717
commit ce7f533cb0
No known key found for this signature in database

72
.github/workflows/ci.yml vendored Normal file
View file

@ -0,0 +1,72 @@
name: CI
on:
push:
branches: [main]
pull_request:
branches: [main]
permissions:
contents: read
jobs:
test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Install Rust
uses: dtolnay/rust-toolchain@stable
- name: Cache cargo registry & build
uses: actions/cache@v4
with:
path: |
~/.cargo/registry
~/.cargo/git
target
key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
restore-keys: |
${{ runner.os }}-cargo-
- name: Build
run: cargo build --verbose
- name: Run tests
run: cargo test --verbose
enrichment-dry-run:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Install Rust
uses: dtolnay/rust-toolchain@stable
- name: Cache cargo registry & build
uses: actions/cache@v4
with:
path: |
~/.cargo/registry
~/.cargo/git
target
key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
restore-keys: |
${{ runner.os }}-cargo-
- name: Build
run: cargo build
- name: Run enrichment pipeline (10 advisories)
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: cargo run -- --limit 10 --output vuln_db.json
- name: Show output
run: cat vuln_db.json
- name: Upload enriched DB artifact
uses: actions/upload-artifact@v4
with:
name: vuln-db
path: vuln_db.json