ci: pin rust-toolchain action to @v1 and pass toolchain: 1.84.1 explicitly#35
Merged
Emmyt24 merged 3 commits intoJun 28, 2026
Merged
Conversation
…citly
The `rust-toolchain` install step in `.github/workflows/ci.yml` currently
uses a fully-qualified action reference: `dtolnay/rust-toolchain@1.84.1`.
That conflates two concerns: action version and Rust toolchain version.
This PR decouples them by pinning the action to its major-version tag
(`dtolnay/rust-toolchain@v1`) and moving the version into the explicit
`with.toolchain` input. Practical effects:
- Action upgrades (e.g. 1.84.1 -> 1.85.x of the action) are now a separate
decision from Rust toolchain upgrades.
- The Rust toolchain is still effectively pinned to `1.84.1` (matches
`rust-toolchain.toml`'s channel = "1.84.1"), so behavior on the runner
remains identical for non-upgrade paths.
- rustup now derives the per-host triple correctly from `with.toolchain`
("1.84.1"), which closes the channel-name CI failure surfaced as
`error: target tuple in channel name 'stable-x86_64-pc-windows-msvc'`
on `ubuntu-latest` for `cargo install cargo-audit`.
Closes Octo-Protocol-org#33.
Cross-links (in order):
- PR Octo-Protocol-org#31 (Senorespecial/Octo-Protocol -> Octo-Protocol-org/Octo-Protocol): feat(dashboard): add gas sponsorship status indicator to wallet cards (Octo-Protocol-org#14)
- Octo-Protocol-org#32: api: surface fees_spent_today_stroops in GET /v1/wallets/:id/sponsorship
- PR Octo-Protocol-org#34: ci: enforce --locked on workspace cargo invocations
- Octo-Protocol-org#33: ci: install of cargo-audit errors out with stable-x86_64-pc-windows-msvc on ubuntu-latest
Files: .github/workflows/ci.yml (one block edit).
…nge) Single trailing comment line added to .github/workflows/ci.yml to bump the file SHA so a `push` event fires a fresh CI run on PR Octo-Protocol-org#35. The commit has zero semantic effect on the toolchain action, the cargo invocations, or any step behavior. Purpose: distinguish a transient `Swatinem/rust-cache@v2` / rustup cache poisoning from a real `dtolnay/rust-toolchain@v1` regression. If the failure mode persists across this and the previous run, the fix isn't the action pin -- it's the cache layer or `cargo install cargo-audit` resolver, and a sibling PR is needed. If the failure flips green on this run, the diagnosis is "transient cache"; merge PR Octo-Protocol-org#35 as-is and proceed with the original cross-link plan (Octo-Protocol-org#14/Octo-Protocol-org#32/Octo-Protocol-org#33/Octo-Protocol-org#34).
…-org#35 (Octo-Protocol-org#35) Pure whitespace/comment addition. No semantic change. The intent is to bump the file SHA so a fresh push event fires a new workflow run; this distinguishes a transient rustup cache issue from a real toolchain-action regression across two clean runs.
Emmyt24
pushed a commit
that referenced
this pull request
Jun 28, 2026
…red-cache:true
Replaces the moving major tag `Swatinem/rust-cache@v2` with the SHA of the latest
v2.x release (v2.9.1 = 23869a5b) and adds:
- cache-on-failure: false – never persist a poisoned cache from a failed job; the
warm-cache vector was the leading hypothesis for why
PR #35 kept failing identically across two clean
runs (target triple in channel name).
- shared-cache: true – reuse the main-branch cache for PR builds so warm
caches start from a known-good baseline rather than
a fresh per-PR reproduction.
This seals the cache layer leak that #34 (--locked) and #35 (@v1 + toolchain
pin) alone did not. Cross-links:
closes #33
validates/refines #34 (Senorespecial:fix/ci/lockfile-locked)
builds on #35 (Senorespecial:fix/ci/rust-toolchain-v1)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Decouples
dtolnay/rust-toolchainaction version from Rust toolchain version. The action reference changes fromdtolnay/rust-toolchain@1.84.1(single fully-qualified ref) todtolnay/rust-toolchain@v1withwith: toolchain: 1.84.1(major-version tag + explicit toolchain input). The Rust toolchain is still effectively pinned to1.84.1, matchingrust-toolchain.toml's channel = "1.84.1".Why
@v1->@v2) is now decoupled from a future bump of Rust (1.84.1->1.85). Today they're tangled in a single string.cargo installchannel-name leak: when the action was called withdtolnay/rust-toolchain@1.84.1and the job depended on rustup's default channel-name derivation semantics, downstream calls likecargo install cargo-auditcould end up resolving againststable-x86_64-pc-windows-msvcon an ubuntu runner, surfacing aserror: target tuple in channel name 'stable-x86_64-pc-windows-msvc'. With the explicitwith.toolchain: 1.84.1input, rustup always re-derives the host triple (1.84.1-x86_64-unknown-linux-gnuon Linux,-apple-darwinon macOS,-pc-windows-msvcon Windows) andcargo installaccepts it.Closes #33.
Diff
What is intentionally NOT touched
rust-toolchain.toml-- itschannel = "1.84.1"is already correct and matcheswith.toolchainon the runner. The repo-level pin is unchanged.Swatinem/rust-cache@v2-- the cache action interoperates with the rust-toolchain action unchanged.EmbarkStudios/cargo-deny-action@v2,rustsec/audit-check@v2,gitleaks/gitleaks-action@v2) and don't need this.Acceptance criteria
cargo install cargo-auditonubuntu-latestno longer errors withtarget tuple in channel name 'stable-x86_64-pc-windows-msvc'.rustup show active-toolchainon a runner says1.84.1-x86_64-unknown-linux-gnu(or the matching per-runner host triple).fmt · clippy · test,cargo-deny,cargo-audit,gitleaks) flip fromfailuretosuccesson the next run.Cross-links (in order)