Skip to content
CI/CD Pipeline

fix copy paste error #3

Sign in to view logs

fix copy paste error

fix copy paste error #3

Workflow file for this run

.github/workflows/main.yaml at 90b1001
name: CI/CD Pipeline
on:
push:
branches: [ main, develop ]
pull_request:
branches: [ main ]
env:
CARGO_TERM_COLOR: always
jobs:
test:
name: Test
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Install Rust
uses: dtolnay/rust-toolchain@stable
with:
components: clippy, rustfmt
- name: Cache dependencies
uses: actions/cache@v3
with:
path: |
~/.cargo/cache
~/.cargo/registry
target/
key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
- name: Check formatting
run: cargo fmt --all -- --check
- name: Run clippy
run: cargo clippy --all-targets --all-features -- -D warnings
- name: Build
run: cargo build --verbose
- name: Run tests
run: cargo test --verbose
- name: Generate coverage report
run: |
cargo install cargo-tarpaulin
cargo tarpaulin --out xml --output-dir coverage/
- name: Upload coverage to Codecov
uses: codecov/codecov-action@v3
with:
file: coverage/cobertura.xml
fail_ci_if_error: true
dependency-scan:
name: Dependency Scan
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Install Rust
uses: dtolnay/rust-toolchain@stable
- name: Cache dependencies
uses: actions/cache@v3
with:
path: |
~/.cargo/cache
~/.cargo/registry
target/
key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
- name: Install cargo-audit
run: cargo install cargo-audit
- name: Run security audit
run: cargo audit
- name: Install cargo-outdated
run: cargo install cargo-outdated
- name: Check for outdated dependencies
run: cargo outdated --exit-code 1
sonarqube:
name: SonarQube Analysis
runs-on: ubuntu-latest
needs: test
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Install Rust
uses: dtolnay/rust-toolchain@stable
- name: Cache dependencies
uses: actions/cache@v3
with:
path: |
~/.cargo/cache
~/.cargo/registry
target/
key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
- name: Generate coverage report for SonarQube
run: |
cargo install cargo-tarpaulin
cargo tarpaulin --out xml --output-dir coverage/
- name: Analyze with SonarCloud
# You can pin the exact commit or the version.
# uses: SonarSource/[email protected]
uses: SonarSource/sonarcloud-github-action@4006f663ecaf1f8093e8e4abb9227f6041f52216
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} # Generate a token on Sonarcloud.io, add it to the secrets of this repo with the name SONAR_TOKEN (Settings > Secrets > Actions > add new repository secret)
with:
# Additional arguments for the SonarScanner CLI
args:
# Unique keys of your project and organization. You can find them in SonarCloud > Information (bottom-left menu)
# mandatory
-Dsonar.projectKey=git-next-tag-rust
-Dsonar.organization=joostvdg
# Comma-separated paths to directories containing main source files.
#-Dsonar.sources= # optional, default is project base directory
# Comma-separated paths to directories containing test source files.
#-Dsonar.tests= # optional. For more info about Code Coverage, please refer to https://docs.sonarcloud.io/enriching/test-coverage/overview/
# Adds more detail to both client and server-side analysis logs, activating DEBUG mode for the scanner, and adding client-side environment variables and system properties to the server-side log of analysis report processing.
#-Dsonar.verbose= # optional, default is false
# When you need the analysis to take place in a directory other than the one from which it was launched, default is .
projectBaseDir: .
build-docker:
name: Build Docker Image
runs-on: ubuntu-latest
needs: [test, dependency-scan]
if: github.ref == 'refs/heads/main'
steps:
- uses: actions/checkout@v4
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Build Docker image
uses: docker/build-push-action@v5
with:
context: .
platforms: linux/amd64,linux/arm64
push: false
tags: git-next-tag:latest
cache-from: type=gha
cache-to: type=gha,mode=max