Skip to content

chore: Add SonarCube security scan workflow. #30

chore: Add SonarCube security scan workflow.

chore: Add SonarCube security scan workflow. #30

on:
pull_request:
push:
branches:
- main
name: Test with Code Coverage
permissions:
contents: read
issues: read
checks: write
pull-requests: write
env:
CARGO_TERM_COLOR: always
jobs:
test:
name: Test
env:
PROJECT_NAME_UNDERSCORE: test2
CARGO_INCREMENTAL: 0
RUSTFLAGS: -Ccodegen-units=1 -Copt-level=0 -Clink-dead-code -Coverflow-checks=off -Zpanic_abort_tests -Cpanic=abort
RUSTDOCFLAGS: -Cpanic=abort
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: dtolnay/rust-toolchain@nightly
with:
components: llvm-tools-preview
- name: Cache dependencies
uses: actions/cache@v4
env:
cache-name: cache-dependencies
with:
path: |
~/.cargo/.crates.toml
~/.cargo/.crates2.json
~/.cargo/bin
~/.cargo/registry/index
~/.cargo/registry/cache
target
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ hashFiles('Cargo.lock') }}
- name: Install grcov
uses: taiki-e/install-action@v2
with:
tool: grcov,cargo-llvm-cov
- name: Run tests
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
cargo test --all-features
- name: Set env
run: echo "CARGO2JUNIT_VERSION=$(curl -sL https://api.github.com/repos/yonasBSD/cargo2junit/releases/latest | jq -r ".tag_name" | cut -d'v' -f2)" >> $GITHUB_ENV
- name: Generate test result and coverage report
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
wget https://github.com/yonasBSD/cargo2junit/releases/download/v${CARGO2JUNIT_VERSION}/cargo2junit_${CARGO2JUNIT_VERSION}_amd64.deb
sudo dpkg -i cargo2junit_${CARGO2JUNIT_VERSION}_amd64.deb
rm cargo2junit_${CARGO2JUNIT_VERSION}_amd64.deb
cargo clean
cargo test $CARGO_OPTIONS -- -Z unstable-options --format json | cargo2junit > results.xml;
cargo llvm-cov --all-features --workspace --codecov --output-path ./codecov.json
- name: Upload test results
uses: EnricoMi/publish-unit-test-result-action@v2
with:
check_name: Test Results
github_token: ${{ secrets.GITHUB_TOKEN }}
files: results.xml
- name: Run xtask coverage
uses: actions-rs/cargo@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
command: xtask
args: coverage
#- name: Upload Coverage Report
# uses: codecov/codecov-action@v5
# with:
# verbose: true
# token: ${{ secrets.CODECOV_TOKEN }}
# files: ${{ github.workspace }}/codecov.json
# - name: Upload to codecov.io
# uses: codecov/codecov-action@v5
# with:
# files: coverage/*.lcov
# fail_ci_if_error: true