jerus-org · jerusdp · Mar 15, 2026 · Mar 15, 2026 · Mar 15, 2026 · Mar 15, 2026
@@ -4,52 +4,13 @@ parameters:
   min_rust_version:
     type: string
     default: "1.82"
-  fingerprint:
-    type: string
-    default: SHA256:OkxsH8Z6Iim6WDJBaII9eTT9aaO1f3eDc6IpsgYYPVg
-  validation_flag:
-    type: boolean
-    default: false
-    description: "If true, the validation pipeline will be executed."
-  success_flag:
-    type: boolean
-    default: false
-    description: "If true, the success pipeline will be executed."
-  release_flag:
-    type: boolean
-    default: false
-    description: "If true, the success pipeline will be executed."
 
 orbs:
-  toolkit: jerus-org/circleci-toolkit@4.4.3
-
-# Custom executors removed - using toolkit rolling executors instead
+  toolkit: jerus-org/circleci-toolkit@4.11.0
 
 workflows:
-  check_last_commit:
-    when:
-      and:
-        - not:
-            equal: [scheduled_pipeline, << pipeline.trigger_source >>]
-        - not: << pipeline.parameters.success_flag >>
-        - not: << pipeline.parameters.validation_flag >>
-        - not: << pipeline.parameters.release_flag >>
-
-    jobs:
-      - toolkit/choose_pipeline:
-          name: choose pipeline based on committer
-          context: bot-check
-
   validation:
-    when:
-      and:
-        - not:
-            equal: [scheduled_pipeline, << pipeline.trigger_source >>]
-        - not: << pipeline.parameters.success_flag >>
-        - << pipeline.parameters.validation_flag >>
-        - not: << pipeline.parameters.release_flag >>
     jobs:
-      # Signature verification for trusted PRs (with write access for comments)
       - toolkit/verify_commit_signatures:
           name: verify_commit_signatures_trusted
           context: bot-check
@@ -60,99 +21,56 @@ workflows:
               ignore:
                 - main
                 - /pull\/[0-9]+/
-      # Signature verification for forked PRs (read-only, no comments)
       - toolkit/verify_commit_signatures:
           name: verify_commit_signatures_forked
           post_comment: false
           update_pcu: false
-          filters:
-            branches:
-              only: /pull\/[0-9]+/
-      - toolkit/label:
-          min_rust_version: << pipeline.parameters.min_rust_version >>
-          context: pcu-app
           filters:
             branches:
               only:
-                - main
-      - toolkit/code_coverage:
-          min_rust_version: << pipeline.parameters.min_rust_version >>
-      - toolkit/required_builds:
-          min_rust_version: << pipeline.parameters.min_rust_version >>
-      - toolkit/test_doc_build:
+                - /pull\/[0-9]+/
+      - toolkit/required_builds_rolling:
           min_rust_version: << pipeline.parameters.min_rust_version >>
       - toolkit/optional_builds:
           min_rust_version: << pipeline.parameters.min_rust_version >>
-      - toolkit/common_tests:
+          filters:
+            branches:
+              ignore: main
+      - toolkit/test_doc_build:
           min_rust_version: << pipeline.parameters.min_rust_version >>
+          filters:
+            branches:
+              ignore: main
       - toolkit/idiomatic_rust:
           min_rust_version: << pipeline.parameters.min_rust_version >>
-      - toolkit/update_prlog:
+          filters:
+            branches:
+              ignore: main
+      - toolkit/common_tests_rolling:
+          min_rust_version: << pipeline.parameters.min_rust_version >>
+      - toolkit/security:
+          name: security audit only
+          sonarcloud: false
+          filters:
+            branches:
+              only:
+                - main
+                - /pull\/[0-9]+/
+      - toolkit/security:
+          name: security with sonarcloud
+          context: SonarCloud
           filters:
             branches:
               ignore:
                 - /pull\/[0-9]+/
                 - main
-          requires:
-            - verify_commit_signatures_trusted
-            - toolkit/required_builds
-            - toolkit/common_tests
-            - toolkit/idiomatic_rust
-            - toolkit/code_coverage
-          context:
-            - release
-            - bot-check
-          ssh_fingerprint: << pipeline.parameters.fingerprint >>
-          min_rust_version: << pipeline.parameters.min_rust_version >>
-
-  on_success:
-    when:
-      and:
-        - not:
-            equal: [scheduled_pipeline, << pipeline.trigger_source >>]
-        - << pipeline.parameters.success_flag >>
-        - not: << pipeline.parameters.validation_flag >>
-        - not: << pipeline.parameters.release_flag >>
-
-    jobs:
-      - toolkit/end_success
-
-  release:
-    when:
-      or:
-        - and:
-            - equal: [scheduled_pipeline, << pipeline.trigger_source >>]
-            - equal: ["release check", << pipeline.schedule.name >>]
-        - and:
-            - not: << pipeline.parameters.success_flag >>
-            - not: << pipeline.parameters.validation_flag >>
-            - << pipeline.parameters.release_flag >>
-    jobs:
-      - toolkit/save_next_version:
-          min_rust_version: << pipeline.parameters.min_rust_version >>
-
-      - toolkit/make_release:
-          context:
-            - release
-            - bot-check
-          requires:
-            - toolkit/save_next_version
-          pre-steps:
-            - attach_workspace:
-                at: /tmp/workspace
-            - run:
-                name: Set SEMVER based on next-version file
-                command: |
-                  set +ex
-                  export SEMVER=$(cat /tmp/workspace/next-version)
-                  echo $SEMVER
-                  echo "export SEMVER=$SEMVER" >> "$BASH_ENV"
-          ssh_fingerprint: << pipeline.parameters.fingerprint >>
-          min_rust_version: << pipeline.parameters.min_rust_version >>
-          when_use_workspace: false
-
-      - toolkit/no_release:
+      - toolkit/code_coverage:
           min_rust_version: << pipeline.parameters.min_rust_version >>
+          package: lambda_sqs
+          filters:
+            branches:
+              ignore:
+                - /pull\/[0-9]+/
+                - main
           requires:
-            - toolkit/save_next_version:
-                - failed
+            - security with sonarcloud
@@ -0,0 +1,60 @@
+version: 2.1
+
+parameters:
+  lambda_sqs_version:
+    type: string
+    default: ""
+    description: "Override lambda_sqs crate version (empty = nextsv auto-detect)"
+  workspace_version:
+    type: string
+    default: ""
+    description: "Override workspace v* version (empty = nextsv auto-detect)"
+
+orbs:
+  toolkit: jerus-org/circleci-toolkit@4.11.0
+
+jobs:
+  tools:
+    executor: toolkit/rust_env_rolling
+    steps:
+      - run:
+          name: Verify tools
+          command: |
+            set -ex
+            nextsv --version
+            pcu --version
+            cargo release --version
+            jq --version
+
+workflows:
+  release:
+    jobs:
+      - tools
+
+      - toolkit/calculate_versions:
+          name: calculate-versions
+          requires: [tools]
+          crates: "lambda_sqs:lambda_sqs-v"
+          crate_version_overrides: "lambda_sqs:<< pipeline.parameters.lambda_sqs_version >>"
+          workspace_version_override: << pipeline.parameters.workspace_version >>
+
+      - approve-release:
+          type: approval
+          requires: [calculate-versions]
+
+      - toolkit/release_crate:
+          name: release-lambda_sqs
+          requires: [approve-release]
+          package: lambda_sqs
+          crate_tag_prefix: lambda_sqs-v
+          context:
+            - release
+            - bot-check
+            - pcu-app
+
+      - toolkit/release_prlog:
+          requires: [release-lambda_sqs]
+          context:
+            - release
+            - bot-check
+            - pcu-app
@@ -0,0 +1,30 @@
+version: 2.1
+
+parameters:
+  update_pcu:
+    type: boolean
+    default: false
+    description: "If true, pcu is updated from its main github branch before running."
+
+orbs:
+  toolkit: jerus-org/circleci-toolkit@4.11.0
+
+workflows:
+  update_prlog:
+    jobs:
+      - toolkit/update_prlog:
+          name: update-prlog-on-main
+          context:
+            - release
+            - bot-check
+            - pcu-app
+          min_rust_version: "1.82"
+          target_branch: "main"
+          pcu_from_merge: --from-merge
+          update_pcu: << pipeline.parameters.update_pcu >>
+          pcu_verbosity: "-vvv"
+      - toolkit/label:
+          min_rust_version: "1.82"
+          context: pcu-app
+          requires:
+            - update-prlog-on-main
@@ -1,38 +1,17 @@
-[package]
-name = "lambda_sqs"
+[workspace]
+members = ["crates/lambda_sqs"]
+resolver = "2"
+
+[workspace.package]
 version = "0.3.1"
-description = """
-Handles an SQS event and provides a vec of your type for processing. 
-"""
-edition = "2021"
 authors = ["Jeremiah Russell <jrussell@jerus.ie>"]
 license = "MIT OR Apache-2.0"
-rust-version = "1.81"
 repository = "https://github.com/jerus-org/lambda_sqs"
-readme = "README.md"
-documentation = "https://docs.rs/lambda-sqs"
-categories = ["web-programming"]
-keywords = ["aws", "sqs", "lambda"]
-exclude = [
-    ".circleci/config.yml",
-    ".fossa.yml",
-    ".github/workflows/fossa.yml",
-    ".github/workflows/rust_security_audit.yml",
-    ".gitignore",
-    ".vscode/settings.json",
-    ".whitesource",
-    "markdownlint.jsonc",
-    "renovate.json",
-]
+edition = "2021"
+rust-version = "1.82"
 
-[dependencies]
+[workspace.dependencies]
 serde = { version = "1.0.228", features = ["derive"] }
 serde_json = "1.0.149"
 lambda_runtime = "1.0.2"
-
-[dev-dependencies]
 tokio = "1.49.0"
-
-[package.metadata.docs.rs]
-all-features = true
-rustdoc-args = ["--cfg", "docsrs"]
@@ -0,0 +1,5 @@
+# Changelog
+
+All notable changes to this project will be documented in this file.
+
+This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
@@ -0,0 +1,35 @@
+[package]
+name = "lambda_sqs"
+version.workspace = true
+description = """
+Handles an SQS event and provides a vec of your type for processing.
+"""
+edition.workspace = true
+authors.workspace = true
+license.workspace = true
+rust-version.workspace = true
+repository.workspace = true
+readme = "README.md"
+documentation = "https://docs.rs/lambda-sqs"
+categories = ["web-programming"]
+keywords = ["aws", "sqs", "lambda"]
+include = [
+    "**/*.rs",
+    "Cargo.toml",
+    "README.md",
+    "LICENSE-MIT",
+    "LICENSE-APACHE",
+    "CHANGELOG.md",
+]
+
+[dependencies]
+serde.workspace = true
+serde_json.workspace = true
+lambda_runtime.workspace = true
+
+[dev-dependencies]
+tokio.workspace = true
+
+[package.metadata.docs.rs]
+all-features = true
+rustdoc-args = ["--cfg", "docsrs"]