From a56b8fd7ea17caee9541964f75344db9f4d0f8e6 Mon Sep 17 00:00:00 2001
From: Alan Molina <mmolina.alan@gmail.com>
Date: Sat, 13 Jul 2024 17:34:40 -0300
Subject: [PATCH] adding new code-quality ci steps

---
 .github/workflows/code-coverage.yml | 36 ++++++++++++++
 .github/workflows/code-quality.yml  | 76 +++++++++--------------------
 .github/workflows/unit-tests.yml    | 12 +++--
 sonar-project.properties            |  2 +-
 4 files changed, 67 insertions(+), 59 deletions(-)
 create mode 100644 .github/workflows/code-coverage.yml

diff --git a/.github/workflows/code-coverage.yml b/.github/workflows/code-coverage.yml
new file mode 100644
index 0000000..b5e766b
--- /dev/null
+++ b/.github/workflows/code-coverage.yml
@@ -0,0 +1,36 @@
+name: Code Coverage
+
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+    types: [opened, synchronize, reopened]
+
+env:
+  CARGO_TERM_COLOR: always
+
+jobs:
+  check:
+    name: Check
+    runs-on: ubuntu-latest
+    container:
+      image: xd009642/tarpaulin:develop-nightly
+      options: --security-opt seccomp=unconfined
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Run `cargo-tarpaulin`
+        run: |
+          cargo +nightly tarpaulin --verbose --all-features --workspace --timeout 120 --out xml --fail-under 50
+
+      - name: Upload to codecov.io
+        uses: codecov/codecov-action@v1.0.2
+        with:
+          token: ${{ secrets.CODECOV_TOKEN }}
+
+      - name: Archive Results
+        uses: actions/upload-artifact@v1
+        with:
+          name: code-coverage-report
+          path: cobertura.xml
diff --git a/.github/workflows/code-quality.yml b/.github/workflows/code-quality.yml
index 9d0e54e..6918191 100644
--- a/.github/workflows/code-quality.yml
+++ b/.github/workflows/code-quality.yml
@@ -7,9 +7,12 @@ on:
   pull_request:
     types: [opened, synchronize, reopened]
 
+env:
+  CARGO_TERM_COLOR: always
+
 jobs:
   rust:
-    name: Custom Tools for Rust
+    name: Check
     runs-on: ubuntu-latest
     
     steps:
@@ -47,64 +50,31 @@ jobs:
         components: rustfmt, clippy
 
     - name: Install Tools
-      env:
-        CARGO_TERM_COLOR: always
       run: |
-        cargo install --force cargo-audit
-        cargo install --force cargo-deny
-        cargo install --force cargo-outdated
+        cargo install cargo-audit
+        cargo install cargo-udeps
+        cargo install cargo-sonar
     
     - name: Run `clippy`
-      env:
-        CARGO_TERM_COLOR: always
-      run: cargo clippy --message-format=json > clippy.json
+      run: cargo clippy --message-format=json > clippy.json || true
 
     - name: Run `cargo-audit`
-      env:
-        CARGO_TERM_COLOR: always
-      run: cargo audit --json > audit.json
+      run: cargo audit --json > audit.json || true
 
-    - name: Run `cargo-deny`
-      env:
-        CARGO_TERM_COLOR: always
-      run: cargo deny --format json check 2> deny.json
-
-    - name: Run `cargo-outdated`
-      env:
-        CARGO_TERM_COLOR: always
-      run: cargo outdated --workspace --depth 1 --format json > outdated.json
-    
-    - name: Convert to Report
-      env:
-        CARGO_TERM_COLOR: always
-      run: |
-        cargo install cargo-sonar
-        cargo sonar --clippy --audit --deny --outdated
+    - name: Run `cargo-udeps`
+      run: cargo +nightly udeps --quiet --workspace --output json > udeps.json || true
     
-    - name: Upload Report Artifact
-      uses: actions/upload-artifact@v2
-      with:
-        name: sonar-issues
-        path: sonar-issues.json
-
-  sonarcloud:
-    name: SonarCloud
-    runs-on: ubuntu-latest
-    needs: rust
+    - name: Run `cargo-sonar`
+      run: cargo sonar --clippy --audit --udeps
     
-    steps:
-      - uses: actions/checkout@v3
-        with:
-          fetch-depth: 0
+    - name: Upload to sonarcloud.io
+      uses: sonarsource/sonarqube-scan-action@v2.3.0
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        SONAR_TOKEN: ${{ secrets.SONARCLOUD_TOKEN }}
 
-      - name: Download Report Artifact
-        uses: actions/download-artifact@v2
-        with:
-          name: sonar-issues
-          path: ./
-      
-      - name: SonarQube Scan
-        uses: sonarsource/sonarqube-scan-action@v2.3.0
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          SONAR_TOKEN: ${{ secrets.SONARCLOUD_TOKEN }}
+    - name: Archive Results
+      uses: actions/upload-artifact@v1
+      with:
+        name: code-quality-report
+        path: sonar-issues.json
\ No newline at end of file
diff --git a/.github/workflows/unit-tests.yml b/.github/workflows/unit-tests.yml
index 2513cdd..e16b8ee 100644
--- a/.github/workflows/unit-tests.yml
+++ b/.github/workflows/unit-tests.yml
@@ -1,25 +1,27 @@
-name: Unit tests
+name: Unit Tests
 
 on:
-  pull_request:
+  push:
     branches:
       - main
+  pull_request:
+    types: [opened, synchronize, reopened]
 
 env:
   CARGO_TERM_COLOR: always
 
 jobs:
   test:
-    name: coverage
+    name: Coverage
     runs-on: ubuntu-latest
     container:
       image: xd009642/tarpaulin:develop-nightly
       options: --security-opt seccomp=unconfined
     steps:
-      - name: Checkout repository
+      - name: Checkout Repository
         uses: actions/checkout@v2
 
-      - name: Generate code coverage
+      - name: Generate Code Coverage
         run: |
           cargo +nightly tarpaulin --verbose --all-features --workspace --timeout 120 --out xml --fail-under 50
 
diff --git a/sonar-project.properties b/sonar-project.properties
index bf64007..965e25f 100644
--- a/sonar-project.properties
+++ b/sonar-project.properties
@@ -1,6 +1,6 @@
+sonar.host.url=https://sonarcloud.io
 sonar.projectKey=postech-5soat-grupo-25_tech-challenge-pedido-produto
 sonar.organization=postech-5soat-grupo-25
 sonar.sources=src
-sonar.host.url=https://sonarcloud.io
 sonar.language=rust
 sonar.externalIssuesReportPaths=sonar-issues.json