From d725b6847651d3154255167256540af472afb2fa Mon Sep 17 00:00:00 2001
From: Remi Gacogne <remi.gacogne@powerdns.com>
Date: Mon, 15 Dec 2025 12:09:41 +0100
Subject: [PATCH] ci: Run the daily Rust dependencies audit for all stable
 branches

Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
---
 .github/workflows/daily-rust-audit.yml | 24 ++++++++++++++++++++++--
 1 file changed, 22 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/daily-rust-audit.yml b/.github/workflows/daily-rust-audit.yml
index d351efb444..d2bbd27f92 100644
--- a/.github/workflows/daily-rust-audit.yml
+++ b/.github/workflows/daily-rust-audit.yml
@@ -16,20 +16,40 @@ jobs:
   audit:
     if: ${{ vars.SCHEDULED_MISC_DAILIES }}
     runs-on: ubuntu-latest
+    name: Rust deps (${{ matrix.branch }})
+    strategy:
+      matrix:
+        branch:
+          - master
+          - rel/dnsdist-2.0.x
+          - rel/rec-5.3.x
+          - rel/rec-5.2.x
+          - rel/rec-5.1.x
+      fail-fast: false
     steps:
       - uses: actions/checkout@v5
         with:
-          fetch-depth: 5
+          fetch-depth: 1
           submodules: recursive
           persist-credentials: false
+          ref: ${{ matrix.branch }}
 
-      - name: Check recursor's Rust library dependencies
+      - name: Check recursor's Rust library dependencies (settings)
+        if: ${{ ! startsWith(matrix.branch, 'rel/dnsdist-') && (matrix.branch == 'rel/rec-5.1.x' || matrix.branch == 'rel/rec-5.2.x') }}
+        uses: rustsec/audit-check@69366f33c96575abad1ee0dba8212993eecbe998
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
+          working-directory: pdns/recursordist/settings/rust
+
+      - name: Check recursor's Rust library dependencies (rec-rust-lib)
+        if: ${{ ! startsWith(matrix.branch, 'rel/dnsdist-') && (matrix.branch != 'rel/rec-5.1.x' && matrix.branch != 'rel/rec-5.2.x') }}
         uses: rustsec/audit-check@69366f33c96575abad1ee0dba8212993eecbe998
         with:
           token: ${{ secrets.GITHUB_TOKEN }}
           working-directory: pdns/recursordist/rec-rust-lib/rust
 
       - name: Check DNSdist's Rust library dependencies
+        if: ${{ ! startsWith(matrix.branch, 'rel/rec-') }}
         uses: rustsec/audit-check@69366f33c96575abad1ee0dba8212993eecbe998
         with:
           token: ${{ secrets.GITHUB_TOKEN }}
-- 
2.47.3