cargo-deny #270

	---
	name: CI

	on:
	push:
	branches:
	- main
	tags:
	- 'v*'
	pull_request:

	jobs:
	formatting-and-quality:
	name: Formatting and Quality
	runs-on: ubuntu-latest

	steps:
	- uses: actions/checkout@v3
	- uses: cachix/install-nix-action@v20

	- name: Format
	run: nix develop --command treefmt --fail-on-change

	- name: cargo-deny
	run: nix develop --command cargo-deny check

	- name: Clippy
	run: nix build -L .#clippy

	- name: Start MinIO
	run: \|
	podman run \
	-d \
	-p 9000:9000 \
	-e "MINIO_ACCESS_KEY=minioadmin" \
	-e "MINIO_SECRET_KEY=minioadmin" \
	minio/minio \
	server \
	/data

	- name: Test
	run: nix build -L --no-sandbox .#test

	build:
	name: Build
	needs:
	- formatting-and-quality
	runs-on: ubuntu-latest

	strategy:
	matrix:
	package:
	- satori-agent
	- satori-archiver
	- satorictl
	- satori-event-processor

	steps:
	- uses: actions/checkout@v3
	- uses: cachix/install-nix-action@v20

	- name: Build
	run: nix build -L .#${{ matrix.package }}

	- name: Build and push container image
	if: ${{ github.ref_name == 'main' \|\| github.ref_type == 'tag' }}
	run: \|
	set -x

	local_cr="docker-archive://$(nix build .#${{ matrix.package }}-container-image --no-link --print-out-paths)"
	remote_cr="docker://ghcr.io/dannixon/${{ matrix.package }}"

	skopeo copy --dest-creds="dannixon:${{ github.token }}" "$local_cr" "$remote_cr:${{ github.ref_name }}"
	skopeo copy --dest-creds="dannixon:${{ github.token }}" "$local_cr" "$remote_cr:${{ github.sha }}"
	if [[ "${{ github.ref_type }}" == 'tag' ]]; then
	skopeo copy --dest-creds="dannixon:${{ github.token }}" "$local_cr" "$remote_cr:latest"
	fi

Provide feedback