From b2d6a3418e95a1f45fbd5c11407abc9868234c71 Mon Sep 17 00:00:00 2001
From: Winni Neessen <winfried.neessen@cleverbridge.com>
Date: Thu, 7 Mar 2024 21:36:57 +0100
Subject: [PATCH] Add Codecov, SonarQube, REUSE Compliance, and golangci-lint
 workflows

The commit includes the addition of four new workflows to the .forgejo workflows directory. These are Codecov for code coverage handling, SonarQube for continuous inspection of code quality, REUSE Compliance Check for license compliance, and golangci-lint for running linters on Go code. The workflows all target the 'main' branch and are triggered by 'push' and 'pull_request' events.
---
 .forgejo/workflows/codecov.yml       | 41 +++++++++++++++++++++++
 .forgejo/workflows/golangci-lint.yml | 49 ++++++++++++++++++++++++++++
 .forgejo/workflows/reuse.yml         | 15 +++++++++
 .forgejo/workflows/sonarqube.yml     | 45 +++++++++++++++++++++++++
 4 files changed, 150 insertions(+)
 create mode 100644 .forgejo/workflows/codecov.yml
 create mode 100644 .forgejo/workflows/golangci-lint.yml
 create mode 100644 .forgejo/workflows/reuse.yml
 create mode 100644 .forgejo/workflows/sonarqube.yml

diff --git a/.forgejo/workflows/codecov.yml b/.forgejo/workflows/codecov.yml
new file mode 100644
index 0000000..bfbb3cb
--- /dev/null
+++ b/.forgejo/workflows/codecov.yml
@@ -0,0 +1,41 @@
+# SPDX-FileCopyrightText: 2023 Winni Neessen <wn@neessen.dev>
+#
+# SPDX-License-Identifier: CC0-1.0
+
+name: Codecov workflow
+on:
+  push:
+    branches:
+      - main
+    paths:
+      - '**.go'
+      - 'go.*'
+      - '.forgejo/**'
+      - 'codecov.yml'
+  pull_request:
+    branches:
+      - main
+    paths:
+      - '**.go'
+      - 'go.*'
+      - '.forgejo/**'
+      - 'codecov.yml'
+env:
+  API_KEY: ${{ secrets.API_KEY }}
+jobs:
+  run:
+    runs-on: docker
+    steps:
+    - name: Checkout Code
+      uses: actions/checkout@master
+    - name: Setup go
+      uses: actions/setup-go@v4
+      with:
+        go-version: '1.22'
+    - name: Run Tests
+      run: |
+        go test -v -shuffle=on -race --coverprofile=coverage.coverprofile --covermode=atomic ./...
+    - name: Upload coverage to Codecov
+      uses: codecov/codecov-action@v3
+      with:
+        token: ${{ secrets.CODECOV_TOKEN }} # not required for public repos
diff --git a/.forgejo/workflows/golangci-lint.yml b/.forgejo/workflows/golangci-lint.yml
new file mode 100644
index 0000000..a2bc22a
--- /dev/null
+++ b/.forgejo/workflows/golangci-lint.yml
@@ -0,0 +1,49 @@
+# SPDX-FileCopyrightText: 2022 Winni Neessen <wn@neessen.dev>
+#
+# SPDX-License-Identifier: CC0-1.0
+
+name: golangci-lint
+on:
+  push:
+    tags:
+      - v*
+    branches:
+      - main
+  pull_request:
+permissions:
+  contents: read
+  # Optional: allow read access to pull request. Use with `only-new-issues` option.
+  # pull-requests: read
+jobs:
+  golangci:
+    name: lint
+    runs-on: docker
+    steps:
+      - uses: actions/setup-go@v4
+        with:
+          go-version: '1.22'
+      - uses: actions/checkout@v3
+      - name: golangci-lint
+        uses: golangci/golangci-lint-action@v3
+        with:
+          # Optional: version of golangci-lint to use in form of v1.2 or v1.2.3 or `latest` to use the latest version
+          version: latest
+
+          # Optional: working directory, useful for monorepos
+          # working-directory: somedir
+
+          # Optional: golangci-lint command line arguments.
+          # args: --issues-exit-code=0
+
+          # Optional: show only new issues if it's a pull request. The default value is `false`.
+          # only-new-issues: true
+
+          # Optional: if set to true then the all caching functionality will be complete disabled,
+          #           takes precedence over all other caching options.
+          # skip-cache: true
+
+          # Optional: if set to true then the action don't cache or restore ~/go/pkg.
+          # skip-pkg-cache: true
+
+          # Optional: if set to true then the action don't cache or restore ~/.cache/go-build.
+          # skip-build-cache: true
diff --git a/.forgejo/workflows/reuse.yml b/.forgejo/workflows/reuse.yml
new file mode 100644
index 0000000..accbbf5
--- /dev/null
+++ b/.forgejo/workflows/reuse.yml
@@ -0,0 +1,15 @@
+# SPDX-FileCopyrightText: 2023 Winni Neessen <wn@neessen.dev>
+#
+# SPDX-License-Identifier: CC0-1.0
+
+name: REUSE Compliance Check
+
+on: [push, pull_request]
+
+jobs:
+  test:
+    runs-on: docker
+    steps: 
+    - uses: actions/checkout@v2
+    - name: REUSE Compliance Check
+      uses: fsfe/reuse-action@v1
diff --git a/.forgejo/workflows/sonarqube.yml b/.forgejo/workflows/sonarqube.yml
new file mode 100644
index 0000000..b658a85
--- /dev/null
+++ b/.forgejo/workflows/sonarqube.yml
@@ -0,0 +1,45 @@
+# SPDX-FileCopyrightText: 2023 Winni Neessen <wn@neessen.dev>
+#
+# SPDX-License-Identifier: CC0-1.0
+
+name: SonarQube
+on:
+  push:
+    branches:
+      - main # or the name of your main branch
+  pull_request:
+    branches:
+      - main # or the name of your main branch
+env:
+  API_KEY: ${{ secrets.API_KEY }}
+jobs:
+  build:
+    name: Build
+    runs-on: docker
+    steps:
+      - uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+          
+      - name: Setup Go
+        uses: actions/setup-go@v3
+        with:
+          go-version: '1.22'
+          
+      - name: Run unit Tests
+        run: |
+          go test -v -shuffle=on -race --coverprofile=./cov.out ./...
+
+      - name: Install jq
+        run: |
+          apt-get update; apt-get -y install jq; which jq
+
+      - uses: sonarsource/sonarqube-scan-action@master
+        env:
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+          SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
+          
+      - uses: sonarsource/sonarqube-quality-gate-action@master
+        timeout-minutes: 5
+        env:
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}