.github/workflows/nightly.yml

name: Nightly Checks

on:
  schedule:
    # Every night at midnight
    - cron:  '0 0 * * *'
  workflow_dispatch:
    inputs:
      rev:
        description: "Revision hash to run against"
        required: false
        default: ""

jobs:
  dependencies:
    name: Check for unused dependencies
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
        with:
          ref: "${{ github.event.inputs.rev }}"
      - name: Install latest Rust
        uses: actions-rs/toolchain@v1
        with:
          toolchain: nightly
      - name: Install cargo udeps
        run: cargo install cargo-udeps --locked
      - name: Execute cargo udeps
        run: cargo +nightly udeps

  build:
    name: Execute builds with updated dependencies
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      - name: Setup Rust toolchain
        uses: actions-rs/toolchain@v1
        with:
          toolchain: stable

      - name: Install SoftHSM
        run: |
          sudo apt-get update -y -qq &&
          sudo apt-get install -y -qq libsofthsm2 &&
          mkdir /tmp/tokens
          echo "directories.tokendir = /tmp/tokens" > /tmp/softhsm2.conf

      - name: Install Rust targets
        run: |
          rustup target add armv7-unknown-linux-gnueabi &&
          rustup target add armv7-unknown-linux-gnueabihf &&
          rustup target add arm-unknown-linux-gnueabi &&
          rustup target add aarch64-unknown-linux-gnu &&
          rustup target add i686-unknown-linux-gnu &&
          rustup target add powerpc64-unknown-linux-gnu &&
          rustup target add powerpc64le-unknown-linux-gnu &&
          rustup target add x86_64-pc-windows-msvc &&
          rustup target add x86_64-apple-darwin &&
          rustup target add aarch64-apple-darwin &&
          rustup target add x86_64-unknown-freebsd
          rustup target add loongarch64-unknown-linux-gnu

      - name: Test script
        env:
          PKCS11_SOFTHSM2_MODULE: /usr/lib/softhsm/libsofthsm2.so
          SOFTHSM2_CONF: /tmp/softhsm2.conf
        run: |
          rm Cargo.lock
          ./ci.sh

  audit:
    name: Check for crates with security vulnerabilities
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
        with:
          ref: "${{ github.event.inputs.rev }}"
      - name: Install latest Rust
        uses: actions-rs/toolchain@v1
        with:
          toolchain: nightly
      - name: Install cargo audit
        run: cargo install cargo-audit
      - name: Execute cargo audit
        run: cargo audit