Merge pull request #1 from sir-gon/develop

[Github Actions] coverage splitted

Author: sir-gon

.dockerignore

@@ -0,0 +1,2 @@
+.git
+target

.editorconfig

@@ -0,0 +1,45 @@
+# top-most EditorConfig file
+root = true
+
+# Unix-style newlines with a newline ending every file
+[*]
+charset = utf-8
+end_of_line = lf
+insert_final_newline = true
+indent_style = space
+trim_trailing_whitespace = true
+indent_size = 2
+max_line_length = 80
+
+# # Already default setting
+# [*.sh]
+# indent_size = 4
+
+# # Already default setting
+# Same as in .clang-format
+# [{*.cpp, *.hpp, *.S}]
+# indent_size = 4
+
+# # Already default setting
+# [{*.ld, *.lds}]
+# indent_size = 4
+
+[*.nix]
+indent_size = 2
+
+[*.toml]
+indent_size = 2
+
+[*.yml]
+indent_size = 2
+
+[*.json]
+indent_size = 2
+
+[{CMakeLists.txt,*.cmake}]
+indent_size = 2
+
+[{Makefile,**.mk}]
+# Use tabs for indentation (Makefiles require tabs)
+indent_style = tab
+indent_size = 2

.github/workflows/gitleaks.yml

@@ -0,0 +1,32 @@
+---
+
+name: gitleaks
+
+on: # yamllint disable-line rule:truthy
+  pull_request:
+  push:
+  workflow_dispatch:
+  schedule:
+    #        ┌───────────── minute (0 - 59)
+    #        │  ┌───────────── hour (0 - 23)
+    #        │  │ ┌───────────── day of the month (1 - 31)
+    #        │  │ │ ┌───────────── month (1 - 12 or JAN-DEC)
+    #        │  │ │ │ ┌───────────── day of the week (0 - 6 or SUN-SAT)
+    #        │  │ │ │ │
+    #        │  │ │ │ │
+    #        │  │ │ │ │
+    #        *  * * * *
+    - cron: "0 6 * * *" # run once a day at 6 AM
+jobs:
+  scan:
+    name: gitleaks
+    runs-on: ubuntu-24.04
+    steps:
+      - uses: actions/checkout@v5
+        with:
+          fetch-depth: 0
+      - uses: gitleaks/gitleaks-action@v2
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          # Only required for Organizations, not personal accounts.
+          # GITLEAKS_LICENSE: ${{ secrets.GITLEAKS_LICENSE}}

.github/workflows/markdown-lint.yml

@@ -0,0 +1,40 @@
+---
+name: Markdown Lint
+
+on: # yamllint disable-line rule:truthy
+  push:
+    branches: ["main"]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: ["main"]
+  workflow_dispatch:
+
+permissions: read-all
+
+jobs:
+  markdownlint:
+    name: Markdown Lint
+    runs-on: ubuntu-24.04
+
+    strategy:
+      matrix:
+        node-version: [22.x]
+        # See supported Node.js release schedule
+        # at https://nodejs.org/en/about/releases/
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5
+
+      - name: Set up Node.js ${{ matrix.node-version }}
+        uses: actions/setup-node@v5
+        with:
+          node-version: ${{ matrix.node-version }}
+
+      - name: Install dependencies
+        run: npm install -g markdownlint-cli
+
+      - name: Lint
+        run: >
+          markdownlint '**/*.md' --ignore node_modules
+          && echo '✔  Your code looks good.'

.github/workflows/rust-coverage.yml

@@ -1,6 +1,13 @@
+---
 name: Coverage
 
-on: [pull_request, push]
+on: # yamllint disable-line rule:truthy
+  push:
+    branches: ["main"]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: ["main"]
+  workflow_dispatch:
 
 jobs:
   coverage:
@@ -13,11 +20,70 @@ jobs:
         run: rustup update stable
       - name: Install cargo-llvm-cov
         uses: taiki-e/install-action@cargo-llvm-cov
+      - name: Install Clippy
+        run: rustup component add clippy
+      - name: Install cargo-sonar and run Clippy
+        run: |
+            cargo install cargo-sonar
+            cargo clippy --message-format json > my-clippy-report.json
+            cargo sonar --clippy --clippy-path my-clippy-report.json
       - name: Generate code coverage
-        run: cargo llvm-cov --all-features --workspace --lcov --output-path lcov.info
-      - name: Upload coverage to Codecov
-        uses: codecov/codecov-action@v3
+        run: >
+          cargo llvm-cov
+          --all-features
+          --workspace
+          --lcov
+          --output-path lcov.info
+      - name: Upload coverage artifact
+        uses: actions/upload-artifact@v4
         with:
-          token: ${{ secrets.CODECOV_TOKEN }} # not required for public repos
-          files: lcov.info
-          fail_ci_if_error: true
+          name: coverage-report
+          path: |
+            lcov.info
+            sonar-issues.json
+
+  codecov:
+    name: Upload to Codecov
+    runs-on: ubuntu-24.04
+    needs: coverage
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v5
+        with:
+          fetch-depth: 0
+      - name: Download coverage artifact
+        uses: actions/download-artifact@v5
+        with:
+          name: coverage-report
+
+      - name: Upload coverage reports to Codecov with GitHub Action
+        uses: codecov/codecov-action@v5
+        with:
+          files: coverage.out
+          token: ${{ secrets.CODECOV_TOKEN }} # required
+          verbose: true # optional (default = false)
+
+  sonarqube:
+    name: SonarQube
+    runs-on: ubuntu-latest
+    needs: coverage
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v5
+        with:
+          fetch-depth: 0
+      - name: Download coverage artifact
+        uses: actions/download-artifact@v5
+        with:
+          name: coverage-report
+      - name: SonarCloud Scan
+        uses: SonarSource/sonarqube-scan-action@master
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+        with:
+          args: >
+            -Dsonar.externalIssuesReportPaths=sonar-issues.json
+            -Dcommunity.rust.lcov.reportPaths=lcov.info

.github/workflows/rust.yml

@@ -1,22 +1,29 @@
+---
 name: Rust
 
-on:
+on: # yamllint disable-line rule:truthy
   push:
-    branches: [ "main" ]
+    branches: ["main"]
   pull_request:
-    branches: [ "main" ]
+    # The branches below must be a subset of the branches above
+    branches: ["main"]
+  workflow_dispatch:
 
 env:
   CARGO_TERM_COLOR: always
 
 jobs:
   build:
-
-    runs-on: ubuntu-24.04
+    name: "RUST Build and Test"
+    strategy:
+      fail-fast: false
+      matrix:
+        os: ["windows-2022", "ubuntu-24.04", "macos-14"]
+    runs-on: ${{ matrix.os }}
 
     steps:
-    - uses: actions/checkout@v4
-    - name: Build
-      run: cargo build --verbose
-    - name: Run tests
-      run: cargo test --verbose
+      - uses: actions/checkout@v4
+      - name: Build
+        run: cargo build --verbose
+      - name: Run tests
+        run: cargo test --verbose

.github/workflows/yamllint.yml

@@ -0,0 +1,27 @@
+---
+
+name: YAML lint
+
+on: # yamllint disable-line rule:truthy
+  push:
+    branches: ["main"]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: ["main"]
+  workflow_dispatch:
+
+jobs:
+  lint:
+    name: YAML lint
+    runs-on: ubuntu-24.04
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5
+
+      - name: Install yamllint
+        run: pip install yamllint
+
+      - name: Lint YAML files
+        run: >
+          yamllint --strict .
+          && echo '✔  Your code looks good.'

.gitignore

@@ -1,3 +1,5 @@
+my-clippy-report.json
+sonar-issues.json
 /target