From 4d0be6e88eb4584b3c198b57d30a131480793dbe Mon Sep 17 00:00:00 2001 From: CPerezz Date: Mon, 20 Feb 2023 11:16:48 +0100 Subject: [PATCH] fix(clippy): allow unprivileged runs of clippy --- .github/workflows/lints-beta.yml | 41 +++++++++++++++++++++--------- .github/workflows/lints-stable.yml | 35 +++++++++++++++++++------ 2 files changed, 56 insertions(+), 20 deletions(-) diff --git a/.github/workflows/lints-beta.yml b/.github/workflows/lints-beta.yml index e7fffa7a76..3ecb1b7fac 100644 --- a/.github/workflows/lints-beta.yml +++ b/.github/workflows/lints-beta.yml @@ -5,22 +5,39 @@ name: Beta lints on: push jobs: - clippy-beta: - name: Clippy (beta) + clippy: + name: Clippy timeout-minutes: 30 runs-on: ubuntu-latest - continue-on-error: true steps: - - uses: actions/checkout@v3 - - uses: actions-rs/toolchain@v1 + - uses: actions/checkout@v2 with: - components: clippy - override: false - - name: Run Clippy (beta) - uses: actions-rs/clippy-check@v1 - continue-on-error: true + persist-credentials: false + + - name: Check workflow permissions + id: check_permissions + uses: scherermichael-oss/action-has-permission@1.0.6 + with: + required-permission: write + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + - name: Run clippy action to produce annotations + uses: actions-rs/clippy-check@v1.0.7 + if: ${{ steps.check_permissions.outputs.has-permission }} with: - name: Clippy (beta) + # GitHub displays the clippy job and its results as separate entries + name: Clippy (stable) Results token: ${{ secrets.GITHUB_TOKEN }} - args: --all-features --all-targets -- -W clippy::all + args: --all-features --all-targets -- -D warnings + + - uses: actions-rs/toolchain@v1.0.1 + if: ${{ !steps.check_permissions.outputs.has-permission }} + with: + toolchain: stable + override: true + + - name: Run clippy manually without annotations + if: ${{ !steps.check_permissions.outputs.has-permission }} + run: cargo clippy --all-features --all-targets -- -D warnings diff --git a/.github/workflows/lints-stable.yml b/.github/workflows/lints-stable.yml index 7666dae1df..6f9dffab5d 100644 --- a/.github/workflows/lints-stable.yml +++ b/.github/workflows/lints-stable.yml @@ -5,19 +5,38 @@ on: pull_request jobs: clippy: - name: Clippy (1.56.1) + name: Clippy timeout-minutes: 30 runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 - - uses: actions-rs/toolchain@v1 + - uses: actions/checkout@v2 with: - components: clippy - override: false - - name: Run clippy - uses: actions-rs/clippy-check@v1 + persist-credentials: false + + - name: Check workflow permissions + id: check_permissions + uses: scherermichael-oss/action-has-permission@1.0.6 + with: + required-permission: write + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + - name: Run clippy action to produce annotations + uses: actions-rs/clippy-check@v1.0.7 + if: ${{ steps.check_permissions.outputs.has-permission }} with: - name: Clippy (1.56.1) + # GitHub displays the clippy job and its results as separate entries + name: Clippy (stable) Results token: ${{ secrets.GITHUB_TOKEN }} args: --all-features --all-targets -- -D warnings + + - uses: actions-rs/toolchain@v1.0.1 + if: ${{ !steps.check_permissions.outputs.has-permission }} + with: + toolchain: stable + override: true + + - name: Run clippy manually without annotations + if: ${{ !steps.check_permissions.outputs.has-permission }} + run: cargo clippy --all-features --all-targets -- -D warnings