Merge branch 'devel' into dependabot/go_modules/go.uber.org/mock-0.6.0

arrestle · web-flow · commit e80c8e1c9d29 · 2025-10-17T12:43:39.000-04:00
diff --git a/.github/codecov.yml b/.github/codecov.yml
diff --git a/.github/workflows/coverage_reporting.yml b/.github/workflows/coverage_reporting.yml
@@ -8,6 +8,7 @@ on:  # yamllint disable-line rule:truthy
 
 env:
   DESIRED_GO_VERSION: '1.23'
+  DESIRED_PYTHON_VERSION: '3.12'
 
 jobs:
   go_test_coverage:
@@ -43,31 +44,55 @@ jobs:
       - name: Run receptor tests with coverage
         run: make coverage
 
-      - name: Upload coverage reports to Codecov
-        uses: codecov/codecov-action@v5
-        with:
-          fail_ci_if_error: true
-          verbose: true
+      - name: SonarCube Static Scans (on push)
+        uses: SonarSource/sonarqube-scan-action@v6
+        if: github.event_name == 'push' && github.repository == 'ansible/receptor'
         env:
-          CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
+          SONAR_TOKEN: ${{ secrets[format('{0}', vars.SONAR_TOKEN_SECRET_NAME)] }}
+        with:
+          args: >
+            -Dsonar.go.coverage.reportPaths=coverage.txt
 
-      - name: get k8s logs
-        if: ${{ failure() }}
-        run: .github/workflows/artifact-k8s-logs.sh
+      - name: Upload Code Coverage Report from Receptor Unit Tests
+        uses: actions/upload-artifact@v4
+        with:
+          name: receptor-coverage-report
+          path: coverage.txt
 
-      - name: remove sockets before archiving logs
-        if: ${{ failure() }}
-        run: find /tmp/receptor-testing -name controlsock -delete
+      - name: Save off PR Number
+        run: echo "PR ${{ github.event.number }}" > pr_number.txt
 
-      - name: Artifact receptor data
-        uses: actions/upload-artifact@v4.4.3
-        if: ${{ failure() }}
+      - name: Upload PR Number
+        uses: actions/upload-artifact@v4
         with:
-          name: test-logs
-          path: /tmp/receptor-testing
+          name: pr_number
+          path: pr_number.txt
+
+      - name: get k8s logs
+        if: ${{ failure() }}
+        run: .github/workflows/artifact-k8s-logs.sh
 
       - name: Archive receptor binary
         uses: actions/upload-artifact@v4.4.3
         with:
           name: receptor
           path: /usr/local/bin/receptor
+
+      - name: Set up nox
+        uses: wntrblm/nox@2025.05.01
+        with:
+          python-versions: ${{ env.DESIRED_PYTHON_VERSION }}
+
+      - name: Provision nox environment for coverage
+        run: nox --install-only --session coverage
+        working-directory: ./receptorctl
+
+      - name: Run `receptorctl` nox coverage session
+        run: nox --no-install --session coverage
+        working-directory: ./receptorctl
+
+      - name: Upload Code Coverage Report from Receptorctl Unit Tests
+        uses: actions/upload-artifact@v4
+        with:
+          name: receptorctl-coverage-report
+          path: receptorctl/receptorctl_coverage.xml
diff --git a/.github/workflows/pull_request.yml b/.github/workflows/pull_request.yml
@@ -168,49 +168,3 @@ jobs:
             echo "Output did not contain expected value"
             exit 1
           fi
-
-  receptorctl-test-coverage:
-    name: Receptorctl test coverage
-    needs: receptor
-    runs-on: ubuntu-latest
-    strategy:
-      fail-fast: false
-      matrix:
-        session:
-          - coverage
-    steps:
-      - name: Download the `receptor` binary
-        uses: actions/download-artifact@v4
-        with:
-          name: receptor-${{ env.DESIRED_GO_VERSION }}
-          path: /usr/local/bin/
-
-      - name: Set executable bit on the `receptor` binary
-        run: sudo chmod a+x /usr/local/bin/receptor
-
-      - name: Set up nox
-        uses: wntrblm/nox@2025.05.01
-        with:
-          python-versions: ${{ env.DESIRED_PYTHON_VERSION }}
-
-      - name: Check out the source code from Git
-        uses: actions/checkout@v4
-        with:
-          fetch-depth: 0  # Needed for the automation in Nox to find the last tag
-
-      - name: Provision nox environment for ${{ matrix.session }}
-        run: nox --install-only --session ${{ matrix.session }}
-        working-directory: ./receptorctl
-
-      - name: Run `receptorctl` nox ${{ matrix.session }} session
-        run: nox --no-install --session ${{ matrix.session }}
-        working-directory: ./receptorctl
-
-      - name: Upload coverage reports to Codecov
-        uses: codecov/codecov-action@v5
-        with:
-          directory: receptorctl
-          files: receptorctl_coverage.xml
-          fail_ci_if_error: true
-          token: ${{ secrets.CODECOV_TOKEN }}
-          verbose: true
diff --git a/.github/workflows/sonar_checks.yml b/.github/workflows/sonar_checks.yml
@@ -0,0 +1,97 @@
+name: SonarQube Static Scans (PR)
+
+on:
+  workflow_run:
+    workflows:
+      - Codecov
+    types:
+      - completed
+
+permissions: read-all
+jobs:
+  sonarcloud:
+    name: SonarQube Static Scans (PR)
+    runs-on: ubuntu-latest
+    env:
+        go_version: '1.23'
+    if: github.event.workflow_run.conclusion == 'success' && github.event.workflow_run.event == 'pull_request'
+
+    steps:
+      - name: Checkout Code
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Fetch receptor coverage report
+        uses: actions/download-artifact@v4
+        with:
+          name: receptor-coverage-report
+          path: .
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          run-id: ${{ github.event.workflow_run.id }}
+
+      - name: Fetch receptorctl coverage report
+        uses: actions/download-artifact@v4
+        with:
+          name: receptorctl-coverage-report
+          path: .
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          run-id: ${{ github.event.workflow_run.id }}
+
+      - name: Fetch PR Number
+        uses: actions/download-artifact@v4
+        with:
+          name: pr_number
+          path: .
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          run-id: ${{ github.event.workflow_run.id }}
+
+      - name: Extract PR Number
+        run: |
+          cat pr_number.txt
+          echo $(head -n1 pr_number.txt | awk '{print $2}')
+          echo "PR_NUMBER=$(head -n1 pr_number.txt | awk '{print $2}')" >> $GITHUB_ENV
+
+      - name: Get Additional PR Information
+        uses: octokit/request-action@v2.x
+        id: pr_info
+        with:
+          route: GET /repos/{repo}/pulls/{number}
+          repo: ${{ github.event.repository.full_name }}
+          number: ${{ env.PR_NUMBER }}
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Set Additional PR Information
+        run: |
+          echo "PR_BASE=${{ fromJson(steps.pr_info.outputs.data).base.ref }}" >> $GITHUB_ENV
+          echo "PR_HEAD=${{ fromJson(steps.pr_info.outputs.data).head.ref }}" >> $GITHUB_ENV
+
+      - name: Checkout Code for PR
+        run: |
+          gh pr checkout ${{ env.PR_NUMBER }}
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: SonarQube Scan for receptor
+        uses: SonarSource/sonarqube-scan-action@v6
+        env:
+          SONAR_TOKEN: ${{ secrets[format('{0}', vars.SONAR_TOKEN_SECRET_NAME)] }}
+        with:
+          args: >
+            -Dsonar.scm.revision=${{ github.event.workflow_run.head_sha }}
+            -Dsonar.pullrequest.key=${{ env.PR_NUMBER }}
+            -Dsonar.pullrequest.branch=${{ env.PR_HEAD }}
+            -Dsonar.pullrequest.base=${{ env.PR_BASE }}
+
+      - name: SonarQube Scan for receptorctl
+        uses: SonarSource/sonarqube-scan-action@v6
+        env:
+          SONAR_TOKEN: ${{ secrets[format('{0}', vars.SONAR_TOKEN_SECRET_NAME)] }}
+        with:
+          projectBaseDir: receptorctl
+          args: >
+            -Dsonar.scm.revision=${{ github.event.workflow_run.head_sha }}
+            -Dsonar.pullrequest.key=${{ env.PR_NUMBER }}
+            -Dsonar.pullrequest.branch=${{ env.PR_HEAD }}
+            -Dsonar.pullrequest.base=${{ env.PR_BASE }}
diff --git a/.sonarcloud.properties b/.sonarcloud.properties
diff --git a/README.md b/README.md
@@ -1,7 +1,5 @@
 # Receptor
 
-[![codecov](https://codecov.io/gh/ansible/receptor/branch/devel/graph/badge.svg?token=RAW5Bvh3hM)](https://codecov.io/gh/ansible/receptor)
-
 Receptor is an overlay network intended to ease the distribution of work across a large and dispersed collection of workers.  Receptor nodes establish peer-to-peer connections with each other via existing networks.  Once connected, the Receptor mesh provides datagram (UDP-like) and stream (TCP-like) capabilities to applications, as well as robust unit-of-work handling with resiliency against transient network failures.
 
 See the readthedocs page for Receptor at:
diff --git a/sonar-project.properties b/sonar-project.properties
@@ -0,0 +1,52 @@
+# SonarQube Cloud project configuration for Receptor
+# Complete documentation: https://docs.sonarqube.org/latest/analysis/analysis-parameters/
+
+# =============================================================================
+# PROJECT IDENTIFICATION (REQUIRED)
+# =============================================================================
+
+# The unique project identifier. This is mandatory.
+# Do not duplicate or reuse!
+# Available characters: [a-zA-Z0-9_:\.\-]
+# Must have least one non-digit.
+sonar.projectKey=ansible_receptor
+sonar.organization=ansible
+
+# Project metadata
+sonar.projectName=receptor
+
+# =============================================================================
+# SOURCE AND TEST CONFIGURATION
+# =============================================================================
+
+# Source directories to analyze
+sonar.sources=.
+sonar.exclusions=\
+    **/*_test.go,\
+    **/receptorctl/**,\
+    **/mock_*,\
+    **/tests/**
+
+# Test directories
+sonar.tests=.
+sonar.test.inclusions=**/*_test.go
+
+# Set branch-specific new code definition
+#
+# This is important to always check against the main branch for new PRs,
+# otherwise the PR may fail during backporting, since the old version of the code
+# may not respect the minimum requirements for the existing Quality Gate.
+sonar.newCode.referenceBranch=devel
+
+# =============================================================================
+# LANGUAGE CONFIGURATION
+# =============================================================================
+
+# File encoding
+sonar.sourceEncoding=UTF-8
+
+# =============================================================================
+# REPORTS AND COVERAGE
+# =============================================================================
+
+sonar.go.coverage.reportPaths=coverage.txt
