.github/workflows/code-quality.yml

name: Code Quality

on:
  workflow_call:
    secrets:
      sonarcloud_token:
        required: true

env:
  CARGO_TERM_COLOR: always

jobs:
  Template:
    runs-on: ubuntu-latest
    
    steps:
    - uses: actions/checkout@v2
      with:
        fetch-depth: 0

    - name: Setup Environment
      run: |
        echo "SONAR_ORGANIZATION=${{ github.repository_owner }}" >> $GITHUB_ENV
        echo "SONAR_PROJECT_KEY=${{ github.repository_owner }}_${{ github.event.repository.name }}" >> $GITHUB_ENV
    
    - name: Cache `cargo` Registry
      uses: actions/cache@v2
      with:
        path: ~/.cargo/registry
        key: ${{ runner.os }}-cargo-registry-${{ hashFiles('**/Cargo.lock') }}
        restore-keys: |
          ${{ runner.os }}-cargo-registry-

    - name: Cache `cargo` Index
      uses: actions/cache@v2
      with:
        path: ~/.cargo/git
        key: ${{ runner.os }}-cargo-index-${{ hashFiles('**/Cargo.lock') }}
        restore-keys: |
          ${{ runner.os }}-cargo-index-

    - name: Cache `cargo` Build
      uses: actions/cache@v2
      with:
        path: target
        key: ${{ runner.os }}-cargo-build-${{ hashFiles('**/Cargo.lock') }}
        restore-keys: |
          ${{ runner.os }}-cargo-build-

    - name: Setup Rust
      uses: actions-rs/toolchain@v1
      with:
        toolchain: nightly
        override: true
        components: rustfmt, clippy

    - name: Install Tools
      run: |
        cargo install cargo-audit
        cargo install cargo-udeps
        cargo install cargo-sonar
    
    - name: Run `clippy`
      run: cargo clippy --message-format=json > clippy.json || true

    - name: Run `cargo-audit`
      run: cargo audit --json > audit.json || true

    - name: Run `cargo-udeps`
      run: cargo +nightly udeps --quiet --workspace --output json > udeps.json || true
    
    - name: Run `cargo-sonar`
      run: cargo sonar --clippy --audit --udeps
    
    - name: Upload to sonarcloud.io
      uses: sonarsource/sonarqube-scan-action@v2.3.0
      env:
        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        SONAR_TOKEN: ${{ secrets.sonarcloud_token }}
        SONAR_ORGANIZATION: ${{ env.SONAR_ORGANIZATION }}
        SONAR_PROJECT_KEY: ${{ env.SONAR_PROJECT_KEY }}
      with:
        args: >
          -Dsonar.host.url=https://sonarcloud.io
          -Dsonar.projectKey=${{ env.SONAR_PROJECT_KEY }}
          -Dsonar.organization=${{ env.SONAR_ORGANIZATION }}
          -Dsonar.sources=src
          -Dsonar.language=rust
          -Dsonar.externalIssuesReportPaths=sonar-issues.json

    - name: Archive Results
      uses: actions/upload-artifact@v3
      with:
        name: code-quality-report
        path: sonar-issues.json