Add Codecov, SonarQube, REUSE Compliance, and golangci-lint workflows

The commit includes the addition of four new workflows to the .forgejo workflows directory. These are Codecov for code coverage handling, SonarQube for continuous inspection of code quality, REUSE Compliance Check for license compliance, and golangci-lint for running linters on Go code. The workflows all target the 'main' branch and are triggered by 'push' and 'pull_request' events.
2024-11-21 21:30:51 +01:00 · 2024-03-07 21:36:57 +01:00 · 2024-03-07 21:36:57 +01:00 · b2d6a3418e
commit b2d6a3418e
parent c3eb80a183
4 changed files with 150 additions and 0 deletions
--- a/.forgejo/workflows/codecov.yml
+++ b/.forgejo/workflows/codecov.yml
@ -0,0 +1,41 @@
+# SPDX-FileCopyrightText: 2023 Winni Neessen <wn@neessen.dev>
+#
+# SPDX-License-Identifier: CC0-1.0
+
+name: Codecov workflow
+on:
+  push:
+    branches:
+      - main
+    paths:
+      - '**.go'
+      - 'go.*'
+      - '.forgejo/**'
+      - 'codecov.yml'
+  pull_request:
+    branches:
+      - main
+    paths:
+      - '**.go'
+      - 'go.*'
+      - '.forgejo/**'
+      - 'codecov.yml'
+env:
+  API_KEY: ${{ secrets.API_KEY }}
+jobs:
+  run:
+    runs-on: docker
+    steps:
+    - name: Checkout Code
+      uses: actions/checkout@master
+    - name: Setup go
+      uses: actions/setup-go@v4
+      with:
+        go-version: '1.22'
+    - name: Run Tests
+      run: |
+        go test -v -shuffle=on -race --coverprofile=coverage.coverprofile --covermode=atomic ./...
+    - name: Upload coverage to Codecov
+      uses: codecov/codecov-action@v3
+      with:
+        token: ${{ secrets.CODECOV_TOKEN }} # not required for public repos
--- a/.forgejo/workflows/golangci-lint.yml
+++ b/.forgejo/workflows/golangci-lint.yml
@ -0,0 +1,49 @@
+# SPDX-FileCopyrightText: 2022 Winni Neessen <wn@neessen.dev>
+#
+# SPDX-License-Identifier: CC0-1.0
+
+name: golangci-lint
+on:
+  push:
+    tags:
+      - v*
+    branches:
+      - main
+  pull_request:
+permissions:
+  contents: read
+  # Optional: allow read access to pull request. Use with `only-new-issues` option.
+  # pull-requests: read
+jobs:
+  golangci:
+    name: lint
+    runs-on: docker
+    steps:
+      - uses: actions/setup-go@v4
+        with:
+          go-version: '1.22'
+      - uses: actions/checkout@v3
+      - name: golangci-lint
+        uses: golangci/golangci-lint-action@v3
+        with:
+          # Optional: version of golangci-lint to use in form of v1.2 or v1.2.3 or `latest` to use the latest version
+          version: latest
+
+          # Optional: working directory, useful for monorepos
+          # working-directory: somedir
+
+          # Optional: golangci-lint command line arguments.
+          # args: --issues-exit-code=0
+
+          # Optional: show only new issues if it's a pull request. The default value is `false`.
+          # only-new-issues: true
+
+          # Optional: if set to true then the all caching functionality will be complete disabled,
+          #           takes precedence over all other caching options.
+          # skip-cache: true
+
+          # Optional: if set to true then the action don't cache or restore ~/go/pkg.
+          # skip-pkg-cache: true
+
+          # Optional: if set to true then the action don't cache or restore ~/.cache/go-build.
+          # skip-build-cache: true
--- a/.forgejo/workflows/reuse.yml
+++ b/.forgejo/workflows/reuse.yml
@ -0,0 +1,15 @@
+# SPDX-FileCopyrightText: 2023 Winni Neessen <wn@neessen.dev>
+#
+# SPDX-License-Identifier: CC0-1.0
+
+name: REUSE Compliance Check
+
+on: [push, pull_request]
+
+jobs:
+  test:
+    runs-on: docker
+    steps: 
+    - uses: actions/checkout@v2
+    - name: REUSE Compliance Check
+      uses: fsfe/reuse-action@v1
--- a/.forgejo/workflows/sonarqube.yml
+++ b/.forgejo/workflows/sonarqube.yml
@ -0,0 +1,45 @@
+# SPDX-FileCopyrightText: 2023 Winni Neessen <wn@neessen.dev>
+#
+# SPDX-License-Identifier: CC0-1.0
+
+name: SonarQube
+on:
+  push:
+    branches:
+      - main # or the name of your main branch
+  pull_request:
+    branches:
+      - main # or the name of your main branch
+env:
+  API_KEY: ${{ secrets.API_KEY }}
+jobs:
+  build:
+    name: Build
+    runs-on: docker
+    steps:
+      - uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+          
+      - name: Setup Go
+        uses: actions/setup-go@v3
+        with:
+          go-version: '1.22'
+          
+      - name: Run unit Tests
+        run: |
+          go test -v -shuffle=on -race --coverprofile=./cov.out ./...
+
+      - name: Install jq
+        run: |
+          apt-get update; apt-get -y install jq; which jq
+
+      - uses: sonarsource/sonarqube-scan-action@master
+        env:
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+          SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
+          
+      - uses: sonarsource/sonarqube-quality-gate-action@master
+        timeout-minutes: 5
+        env:
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}