Skip to content

ci: pin rust-toolchain action to @v1 and pass toolchain: 1.84.1 explicitly#35

Merged
Emmyt24 merged 3 commits into
Octo-Protocol-org:mainfrom
Senorespecial:fix/ci/rust-toolchain-v1
Jun 28, 2026
Merged

ci: pin rust-toolchain action to @v1 and pass toolchain: 1.84.1 explicitly#35
Emmyt24 merged 3 commits into
Octo-Protocol-org:mainfrom
Senorespecial:fix/ci/rust-toolchain-v1

Conversation

@Senorespecial

Copy link
Copy Markdown
Contributor

Summary

Decouples dtolnay/rust-toolchain action version from Rust toolchain version. The action reference changes from dtolnay/rust-toolchain@1.84.1 (single fully-qualified ref) to dtolnay/rust-toolchain@v1 with with: toolchain: 1.84.1 (major-version tag + explicit toolchain input). The Rust toolchain is still effectively pinned to 1.84.1, matching rust-toolchain.toml's channel = "1.84.1".

Why

  1. Action upgrades vs toolchain upgrades: a future bump of the action (@v1 -> @v2) is now decoupled from a future bump of Rust (1.84.1 -> 1.85). Today they're tangled in a single string.
  2. cargo install channel-name leak: when the action was called with dtolnay/rust-toolchain@1.84.1 and the job depended on rustup's default channel-name derivation semantics, downstream calls like cargo install cargo-audit could end up resolving against stable-x86_64-pc-windows-msvc on an ubuntu runner, surfacing as error: target tuple in channel name 'stable-x86_64-pc-windows-msvc'. With the explicit with.toolchain: 1.84.1 input, rustup always re-derives the host triple (1.84.1-x86_64-unknown-linux-gnu on Linux, -apple-darwin on macOS, -pc-windows-msvc on Windows) and cargo install accepts it.

Closes #33.

Diff

       - name: Install Rust toolchain
-        uses: dtolnay/rust-toolchain@1.84.1
+        # Pin the action to its major-version tag and pass the Rust toolchain version
+        # explicitly via `with.toolchain`. Decouples action upgrades from toolchain
+        # version pinning. The explicit `toolchain: 1.84.1` input matches the project's
+        # already-pinned `rust-toolchain.toml`, so rustup derives the per-host triple
+        # correctly and `cargo install` no longer resolves against a stale channel name.
+        # See Octo-Protocol-org/Octo-Protocol#33.
+        uses: dtolnay/rust-toolchain@v1
         with:
+          toolchain: 1.84.1
           components: rustfmt, clippy

What is intentionally NOT touched

  • rust-toolchain.toml -- its channel = "1.84.1" is already correct and matches with.toolchain on the runner. The repo-level pin is unchanged.
  • Swatinem/rust-cache@v2 -- the cache action interoperates with the rust-toolchain action unchanged.
  • The deny / audit / secret-scan jobs -- they're already wired with first-party actions (EmbarkStudios/cargo-deny-action@v2, rustsec/audit-check@v2, gitleaks/gitleaks-action@v2) and don't need this.

Acceptance criteria

  • cargo install cargo-audit on ubuntu-latest no longer errors with target tuple in channel name 'stable-x86_64-pc-windows-msvc'.
  • rustup show active-toolchain on a runner says 1.84.1-x86_64-unknown-linux-gnu (or the matching per-runner host triple).
  • All four CI jobs (fmt · clippy · test, cargo-deny, cargo-audit, gitleaks) flip from failure to success on the next run.
  • PR ci: enforce --locked on workspace cargo invocations #34's CI status flips to "all green" once retried, since ci: enforce --locked on workspace cargo invocations #34 depends only on Cargo.lock parity (a separate concern).

Cross-links (in order)

Senorespecial and others added 3 commits June 22, 2026 10:30
…citly

The `rust-toolchain` install step in `.github/workflows/ci.yml` currently
uses a fully-qualified action reference: `dtolnay/rust-toolchain@1.84.1`.

That conflates two concerns: action version and Rust toolchain version.
This PR decouples them by pinning the action to its major-version tag
(`dtolnay/rust-toolchain@v1`) and moving the version into the explicit
`with.toolchain` input. Practical effects:

- Action upgrades (e.g. 1.84.1 -> 1.85.x of the action) are now a separate
  decision from Rust toolchain upgrades.
- The Rust toolchain is still effectively pinned to `1.84.1` (matches
  `rust-toolchain.toml`'s channel = "1.84.1"), so behavior on the runner
  remains identical for non-upgrade paths.
- rustup now derives the per-host triple correctly from `with.toolchain`
  ("1.84.1"), which closes the channel-name CI failure surfaced as
  `error: target tuple in channel name 'stable-x86_64-pc-windows-msvc'`
  on `ubuntu-latest` for `cargo install cargo-audit`.

Closes Octo-Protocol-org#33.

Cross-links (in order):
- PR Octo-Protocol-org#31 (Senorespecial/Octo-Protocol -> Octo-Protocol-org/Octo-Protocol): feat(dashboard): add gas sponsorship status indicator to wallet cards (Octo-Protocol-org#14)
- Octo-Protocol-org#32: api: surface fees_spent_today_stroops in GET /v1/wallets/:id/sponsorship
- PR Octo-Protocol-org#34: ci: enforce --locked on workspace cargo invocations
- Octo-Protocol-org#33: ci: install of cargo-audit errors out with stable-x86_64-pc-windows-msvc on ubuntu-latest

Files: .github/workflows/ci.yml (one block edit).
…nge)

Single trailing comment line added to .github/workflows/ci.yml to bump
the file SHA so a `push` event fires a fresh CI run on PR Octo-Protocol-org#35. The
commit has zero semantic effect on the toolchain action, the cargo
invocations, or any step behavior.

Purpose: distinguish a transient `Swatinem/rust-cache@v2` / rustup
cache poisoning from a real `dtolnay/rust-toolchain@v1` regression.
If the failure mode persists across this and the previous run, the
fix isn't the action pin -- it's the cache layer or `cargo install
cargo-audit` resolver, and a sibling PR is needed. If the failure
flips green on this run, the diagnosis is "transient cache"; merge
PR Octo-Protocol-org#35 as-is and proceed with the original cross-link plan
(Octo-Protocol-org#14/Octo-Protocol-org#32/Octo-Protocol-org#33/Octo-Protocol-org#34).
…-org#35 (Octo-Protocol-org#35)

Pure whitespace/comment addition. No semantic change. The intent is to bump the
file SHA so a fresh push event fires a new workflow run; this distinguishes a
transient rustup cache issue from a real toolchain-action regression across two
clean runs.
@Emmyt24 Emmyt24 merged commit 9bb1afd into Octo-Protocol-org:main Jun 28, 2026
0 of 4 checks passed
Emmyt24 pushed a commit that referenced this pull request Jun 28, 2026
…red-cache:true

Replaces the moving major tag `Swatinem/rust-cache@v2` with the SHA of the latest
v2.x release (v2.9.1 = 23869a5b) and adds:
- cache-on-failure: false  – never persist a poisoned cache from a failed job; the
                             warm-cache vector was the leading hypothesis for why
                             PR #35 kept failing identically across two clean
                             runs (target triple in channel name).
- shared-cache: true       – reuse the main-branch cache for PR builds so warm
                             caches start from a known-good baseline rather than
                             a fresh per-PR reproduction.

This seals the cache layer leak that #34 (--locked) and #35 (@v1 + toolchain
pin) alone did not. Cross-links:
  closes #33
  validates/refines #34 (Senorespecial:fix/ci/lockfile-locked)
  builds on #35 (Senorespecial:fix/ci/rust-toolchain-v1)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

2 participants