rustnet/.github/workflows/rust.yml

name: Rust

on:
  push:
    branches: [ "main" ]
    paths:
      - 'src/**'
      - 'Cargo.toml'
      - 'Cargo.lock'
      - 'assets/services'
      - 'assets/oui.gz'
      - 'build.rs'
      - 'benches/**'
      - 'Dockerfile'
      - '.github/workflows/rust.yml'
  pull_request:
    branches: [ "main" ]
    paths:
      - 'src/**'
      - 'Cargo.toml'
      - 'Cargo.lock'
      - 'assets/services'
      - 'assets/oui.gz'
      - 'build.rs'
      - 'benches/**'
      - 'Dockerfile'
      - '.github/workflows/rust.yml'
  workflow_dispatch:

permissions:
  contents: read

env:
  CARGO_TERM_COLOR: always

jobs:
  build:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
    - name: Install dependencies
      run: sudo apt-get update && sudo apt-get install -y libpcap-dev libelf-dev zlib1g-dev clang llvm pkg-config
    - name: Check formatting
      run: cargo fmt --check
    - name: Run clippy
      run: cargo clippy -- -D warnings
    - name: Build
      run: cargo build --verbose
    - name: Run tests
      run: cargo test --verbose
    - name: Install cargo-audit
      run: cargo install cargo-audit --locked
    - name: Run security audit
      run: cargo audit

  docker:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
    - name: Set up Docker Buildx
      uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4
    - name: Build Docker image
      uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294 # v7
      with:
        context: .
        push: false
        load: true
        tags: rustnet:ci-test
    - name: Verify Docker image
      run: docker run --rm rustnet:ci-test --version