Rust::com enable the CI Job for rust lint check by bharatGoswami8 · Pull Request #523 · eclipse-score/communication

bharatGoswami8 · 2026-06-10T09:46:06Z

GitHub Actions workflow that runs Rust linter on pull requests to enforce code quality standards.

Key Features

Only runs when PR has .rs rust files or workflow of lint changed
Only fails on warnings/errors in files you changed, not pre-existing issues
Treats Warnings as Errors
Job summary shows issue count + code snippets from changed files
Full Build log available for download

When It Runs

Pull requests with .rs rust files or workflow of lint changes
Pushes to main
Merge queue checks

Fail Job Example available here - https://github.com/bharatGoswami8/communication/actions/runs/27337081555/job/80763973850?pr=1

LittleHuba

Hi,
I'll do some general feedback first.
Please change the trigger conditions. Avoid hiding this behind the rust-api label, since this puts load on maintainers to label PRs correctly. We only use the labeling approach for QNX since it helps with the security implications of pull-request-target triggers.

Better filter PRs for changes to specific path patterns. E.g. PRs that touch files with ending .rs. That would achieve the same but automatically.

bharatGoswami8 · 2026-06-11T10:07:42Z

Hi, I'll do some general feedback first. Please change the trigger conditions. Avoid hiding this behind the rust-api label, since this puts load on maintainers to label PRs correctly. We only use the labeling approach for QNX since it helps with the security implications of pull-request-target triggers.

Better filter PRs for changes to specific path patterns. E.g. PRs that touch files with ending .rs. That would achieve the same but automatically.

@LittleHuba , I have updated pre-check condition now Job will run only when either rust files or workflow of lint is changed or updated on PR.

LittleHuba

I see a lot of code duplication with the clang-tidy and the codeql workflows. We should try to reduce this.

One option is to work on #554

LittleHuba · 2026-06-17T09:42:39Z

+#Clippy linting for Rust
+build --aspects=@score_rust_policies//clippy:linters.bzl%clippy_strict
+build --output_groups=+rules_lint_human
+build:lint --@aspect_rules_lint//lint:fail_on_violation=true


Just calling the config lint invites future name clashes.
Why not call it clippy? this follows the concept we also use for clang-tidy.

Also scoping all three config lines to test:clippy makes more sense. We want to avoid worldwide flags as much as we can.

Also, this config ideally goes into our quality/static_analysis directory. Look for the clang-tidy config as an example.

Moved this into static_analysis folder but i feel keeping build is fine for clippy as currently few of Rust target has manual bezel target tag.
And if no test target added by developer (may be initial Implementation PR kind of), then it may not give clippy warnings.

LittleHuba · 2026-06-17T09:45:07Z

 bazel_dep(name = "rules_cc", version = "0.2.17")
 bazel_dep(name = "rules_python", version = "1.8.5")
 bazel_dep(name = "rules_rust", version = "0.68.1-score")
+bazel_dep(name = "score_rust_policies", version = "0.0.5")


Is this really a non-dev-dependency?
You only need this for clippy. And clippy is only used by developers and not our users.

It is a dev-dependency, i have updated flag.

LittleHuba · 2026-06-17T09:46:53Z

+          # For pull requests and merge groups, check for Rust file or workflow changes
+          if [[ "$EVENT_NAME" == "pull_request" || "$EVENT_NAME" == "merge_group" ]]; then
+            CHANGED_FILES=$(git diff --name-only "origin/${BASE_REF}...HEAD" 2>/dev/null || true)
+
+            CHANGED_RUST=$(echo "$CHANGED_FILES" | grep -E '\.rs$' || true)
+            CHANGED_WORKFLOW=$(echo "$CHANGED_FILES" | grep -E '^\.github/workflows/clippy_lint\.yml$' || true)
+
+            if [[ -n "$CHANGED_RUST" ]]; then
+              should_run='true'
+              echo "Found Rust file changes:"
+              echo "$CHANGED_RUST"
+            fi
+
+            if [[ -n "$CHANGED_WORKFLOW" ]]; then
+              should_run='true'
+              echo "Found workflow file changes:"
+              echo "$CHANGED_WORKFLOW"
+            fi
+
+            if [[ "$should_run" == "false" ]]; then
+              echo "No Rust or workflow files changed - skipping Clippy check"
+            fi
+          elif [[ "$EVENT_NAME" == "push" ]]; then
+            # For pushes to main, always run
+            should_run='true'
+          elif [[ "$EVENT_NAME" == "workflow_call" ]]; then
+            # For workflow_call, always run (manual or nightly)
+            should_run='true'
+          fi
+
+          echo "should-run=${should_run}" >> $GITHUB_OUTPUT
+          echo "Clippy check: should-run=${should_run}"


Please make it reusable and align it with the clang-format and clang-tidy workflows.

I have created .github/actions/setup-bazel-lint/action.yml but only part we kept Bazel setup block which was common but other detail both workflow have different as per the processing.

LittleHuba · 2026-06-17T09:49:40Z

+
+  clippy:
+    needs: precheck
+    if: ${{ needs.precheck.outputs.should-run == 'true' }}


This will make this workflow impossible to make mandatory.

Once we make it mandatory, it must always run. So having an if condition here, would block any PR that does not touch a Rust file indefinitely blocked by the CI because the merge-queue would get a timeout.

Instead, run the action and return all good when no files were touched. If files are touched, do the actual check.

Removed the precheck and changed as per your suggestion.

LittleHuba · 2026-06-17T09:52:39Z

+        id: run-clippy
+        continue-on-error: true
+        run: |
+          bazel build --config=lint //score/mw/com/... \


Even though we do not have Rust targets outside //score/mw/com currently, people will likely forget to extend the scope when they add such code.

Since we use aspec_rules_lint for this, we anyway have a fast aspect-based way of finding out what targets to check. So just extend the scope to our complete relevant scope.

Suggested change

bazel build --config=lint //score/mw/com/... \

bazel build --config=lint //score/... \

* Added workflow yml * Updated bzlrc file

* Auto enable CI Job when changes in rust file or workflow

* Created common action for clang and clippy * Updated clippy config on static config

bharatGoswami8 self-assigned this Jun 10, 2026

bharatGoswami8 added the rust-api label Jun 10, 2026

bharatGoswami8 force-pushed the enable_clippy_lint_CI_job branch 5 times, most recently from b6c1fc2 to 9d1d7a7 Compare June 11, 2026 06:07

bharatGoswami8 marked this pull request as ready for review June 11, 2026 06:12

bharatGoswami8 requested review from LittleHuba, bemerybmw, castler, crimson11, hoe-jo and limdor as code owners June 11, 2026 06:12

bharatGoswami8 requested a review from darkwisebear June 11, 2026 06:13

bharatGoswami8 force-pushed the enable_clippy_lint_CI_job branch from 9d1d7a7 to a7398da Compare June 11, 2026 06:15

bharatGoswami8 changed the title ~~Rust::com enable the CI Job for clippy lint check~~ Rust::com enable the CI Job for rust lint check Jun 11, 2026

LittleHuba reviewed Jun 11, 2026

View reviewed changes

bharatGoswami8 requested a review from LittleHuba June 11, 2026 10:07

bharatGoswami8 force-pushed the enable_clippy_lint_CI_job branch 2 times, most recently from 237b0d2 to ce4547e Compare June 17, 2026 03:13

LittleHuba requested changes Jun 17, 2026

View reviewed changes

bharatGoswami8 force-pushed the enable_clippy_lint_CI_job branch 2 times, most recently from 0bde4b4 to 692266c Compare June 18, 2026 09:34

bharatGoswami8 requested a review from LittleHuba June 18, 2026 09:43

bharatGoswami8 force-pushed the enable_clippy_lint_CI_job branch 2 times, most recently from b0b0c18 to ce9966b Compare June 18, 2026 12:51

bharatGoswami8 added 2 commits June 19, 2026 09:11

Rust::com enable the CI Job for clippy lint check

2ef1a08

* Added workflow yml * Updated bzlrc file

Rust::com Updated rust lint yaml file

6dea65f

* Auto enable CI Job when changes in rust file or workflow

bharatGoswami8 force-pushed the enable_clippy_lint_CI_job branch from ce9966b to 3bbef58 Compare June 19, 2026 03:45

Clippy CI jon workflow updated

580388c

* Created common action for clang and clippy * Updated clippy config on static config

bharatGoswami8 force-pushed the enable_clippy_lint_CI_job branch from 3bbef58 to 580388c Compare June 19, 2026 03:52

	bazel build --config=lint //score/mw/com/... \
	bazel build --config=lint //score/... \

Conversation

bharatGoswami8 commented Jun 10, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

LittleHuba left a comment

Choose a reason for hiding this comment

Uh oh!

bharatGoswami8 commented Jun 11, 2026

Uh oh!

LittleHuba left a comment

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

bharatGoswami8 Jun 18, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

bharatGoswami8 commented Jun 10, 2026 •

edited

Loading

bharatGoswami8 Jun 18, 2026 •

edited

Loading