ci: overhaul CI/CD pipeline and add tooling configs

- Add ci.yml: test matrix (ubuntu/macos/windows), lint, conventional commits check (cocogitto), cargo-deny, MSRV, and semver jobs - Add release.yml: tag-triggered publish to crates.io + GitHub release - Remove stale rust.yml and rust-clippy.yml workflows - Add deny.toml for cargo-deny license/advisory/ban/source checks - Add cog.toml for cocogitto conventional commits and changelog generation - Add Justfile with test, check, fmt, commits, release, push-tag targets - Add CHANGELOG.md seed file - Add PULL_REQUEST_TEMPLATE.md with conventional commits checklist - Update dependabot.yml: weekly schedule with grouped patch/minor updates
2026-06-05 15:26:53 -04:00 · 2026-05-13 14:16:08 -04:00
parent 01ef25b953
commit 52910538df
10 changed files with 521 additions and 192 deletions
@@ -0,0 +1,121 @@
+name: CI
+
+on:
+  push:
+    branches: ["master"]
+  pull_request:
+  workflow_call:
+
+env:
+  CARGO_TERM_COLOR: always
+  RUSTFLAGS: "-D warnings"
+
+jobs:
+  test:
+    name: Test (${{ matrix.os }})
+    runs-on: ${{ matrix.os }}
+    strategy:
+      fail-fast: false
+      matrix:
+        os: [ubuntu-latest, macos-latest, windows-latest]
+
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Install stable toolchain
+        uses: dtolnay/rust-toolchain@stable
+
+      - name: Cache dependencies
+        uses: Swatinem/rust-cache@v2
+
+      - name: Build
+        run: cargo build --all-targets
+
+      - name: Run tests
+        run: cargo test
+
+  lint:
+    name: Lint
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Install stable toolchain with clippy and rustfmt
+        uses: dtolnay/rust-toolchain@stable
+        with:
+          components: clippy, rustfmt
+
+      - name: Cache dependencies
+        uses: Swatinem/rust-cache@v2
+
+      - name: Check formatting
+        run: cargo fmt --check --all
+
+      - name: Clippy
+        run: cargo clippy --all-targets -- -W clippy::pedantic
+
+  commits:
+    name: Conventional commits
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          # Full history is required for cog check to validate all commits.
+          fetch-depth: 0
+
+      - name: Check conventional commits
+        uses: cocogitto/cocogitto-action@v3
+        with:
+          check: true
+          # On PRs check only the commits introduced by the PR.
+          # On pushes to master check only commits since the previous HEAD.
+          from: ${{ github.event_name == 'pull_request' && github.event.pull_request.base.sha || github.event.before }}
+
+  deny:
+    name: Cargo deny
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Check licenses, advisories, and bans
+        uses: EmbarkStudios/cargo-deny-action@v2
+
+  msrv:
+    name: MSRV (1.80)
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Install Rust 1.80
+        uses: dtolnay/rust-toolchain@1.80
+
+      - name: Cache dependencies
+        uses: Swatinem/rust-cache@v2
+
+      - name: Check MSRV builds
+        run: cargo check
+
+  semver:
+    name: Semver compatibility
+    runs-on: ubuntu-latest
+    # Only meaningful on PRs — compares the PR branch against the published
+    # crate version to catch accidental breaking API changes.
+    if: github.event_name == 'pull_request'
+
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Install stable toolchain
+        uses: dtolnay/rust-toolchain@stable
+
+      - name: Cache dependencies
+        uses: Swatinem/rust-cache@v2
+
+      - name: Check semver compatibility
+        uses: obi1kenobi/cargo-semver-checks-action@v2
+        with:
+          package: dredge-tool