From 340f92e2954bb1a9bd01f4fed54468cc84a70c45 Mon Sep 17 00:00:00 2001 From: mmeest Date: Thu, 7 Aug 2025 13:26:51 +0300 Subject: [PATCH 01/11] Replacing codeclimate to qlty --- .github/workflows/ruby.yml | 66 +++++++++++++++----------------------- .qlty.yml | 44 +++++++++++++++++++++++++ 2 files changed, 70 insertions(+), 40 deletions(-) create mode 100644 .qlty.yml diff --git a/.github/workflows/ruby.yml b/.github/workflows/ruby.yml index fa6a47f..b682766 100644 --- a/.github/workflows/ruby.yml +++ b/.github/workflows/ruby.yml @@ -25,35 +25,17 @@ jobs: bundle env head -n1 $(which bundle) - - name: Set ENV for codeclimate (pull_request) + - name: Setup qlty.sh run: | - git fetch --no-tags --prune --depth=1 origin +refs/heads/$GITHUB_HEAD_REF:refs/remotes/origin/$GITHUB_HEAD_REF - echo "GIT_BRANCH=$GITHUB_HEAD_REF" >> $GITHUB_ENV - echo "GIT_COMMIT_SHA=$(git rev-parse origin/$GITHUB_HEAD_REF)" >> $GITHUB_ENV - if: github.event_name == 'pull_request' - - - name: Set ENV for codeclimate (push) - run: | - echo "GIT_BRANCH=$GITHUB_REF" >> $GITHUB_ENV - echo "GIT_COMMIT_SHA=$GITHUB_SHA" >> $GITHUB_ENV - if: github.event_name == 'push' - - - name: Prepare CodeClimate - env: - CC_TEST_REPORTER_ID: ${{ secrets.CC_TEST_REPORTER_ID }} - run: | - curl -LSs 'https://codeclimate.com/downloads/test-reporter/test-reporter-latest-linux-amd64' >./cc-test-reporter; - chmod +x ./cc-test-reporter - ./cc-test-reporter before-build + curl -sSL https://qlty.sh/install.sh | bash + qlty --version - name: Run Tests env: RAILS_ENV: test - COVERAGE: true DISABLE_SPRING: 1 run: | gem install bundler -v '>= 2.2.10' - gem install simplecov -v '<= 0.17.1' gem install builder gem install nokogiri -v '~> 1.11.3' gem install savon @@ -62,40 +44,44 @@ jobs: gem install minitest -v '~> 5.14' bundle install rake - - name: Save coverage - run: ./cc-test-reporter format-coverage --output coverage/codeclimate.${{ matrix.ruby }}.json + + - name: Run qlty.sh analysis + run: | + qlty analyze --format json --output qlty-report.json - uses: actions/upload-artifact@v3.1.3 with: - name: coverage-${{ matrix.ruby }} - path: coverage/codeclimate.${{ matrix.ruby }}.json + name: qlty-report-${{ matrix.ruby }} + path: qlty-report.json - upload_coverage: + quality_check: strategy: matrix: os: [ ubuntu-20.04 ] ruby: [ '2.7' ] runs-on: ubuntu-20.04 - env: - CC_TEST_REPORTER_ID: ${{ secrets.CC_TEST_REPORTER_ID }} - CC_TEST_REPORTER_URL: https://codeclimate.com/downloads/test-reporter/test-reporter-latest-linux-amd64 - needs: test steps: - - name: Download test coverage reporter - run: curl -L $CC_TEST_REPORTER_URL > cc-test-reporter - - - name: Give test coverage reporter executable permissions - run: chmod +x cc-test-reporter + - uses: actions/checkout@v4 + + - name: Setup qlty.sh + run: | + curl -sSL https://qlty.sh/install.sh | bash + qlty --version - uses: actions/download-artifact@v3.0.2 with: - name: coverage-${{ matrix.ruby }} - path: coverage + name: qlty-report-${{ matrix.ruby }} + path: reports - - name: Aggregate & upload results to Code Climate + - name: Process qlty.sh results run: | - ./cc-test-reporter sum-coverage coverage/codeclimate.*.json - ./cc-test-reporter upload-coverage + if [ -f reports/qlty-report.json ]; then + echo "Quality analysis completed" + cat reports/qlty-report.json + else + echo "No quality report found" + exit 1 + fi diff --git a/.qlty.yml b/.qlty.yml new file mode 100644 index 0000000..5305ab8 --- /dev/null +++ b/.qlty.yml @@ -0,0 +1,44 @@ +version: "1.0" +languages: + - ruby + +# RuboCop configuration +rubocop: + enabled: true + config_file: "https://raw.githubusercontent.com/internetee/style-guide/master/ruby/.rubocop.yml" + version: "~> 1.0" + +# Duplication detection +duplication: + enabled: true + threshold: 5 + languages: + - ruby + +# Exclude patterns +exclude_patterns: + - "bin/" + - "test/" + - "vendor/" + - "node_modules/" + - "*.gem" + +# Additional quality checks +checks: + - name: "method_length" + enabled: true + max_length: 20 + + - name: "class_length" + enabled: true + max_length: 150 + + - name: "cyclomatic_complexity" + enabled: true + max_complexity: 10 + +# Output configuration +output: + format: "json" + file: "qlty-report.json" + console: true From 3520671c1ef0485b28fd676630d82210c8eba7c9 Mon Sep 17 00:00:00 2001 From: mmeest Date: Thu, 7 Aug 2025 13:50:27 +0300 Subject: [PATCH 02/11] adding test coverage upload --- .github/workflows/ruby.yml | 147 +++++++++++++++++++++---------------- 1 file changed, 84 insertions(+), 63 deletions(-) diff --git a/.github/workflows/ruby.yml b/.github/workflows/ruby.yml index b682766..a4c38c9 100644 --- a/.github/workflows/ruby.yml +++ b/.github/workflows/ruby.yml @@ -1,87 +1,108 @@ name: Github Testing on: [push] +permissions: + contents: read + id-token: write jobs: + bundle_audit: + runs-on: ubuntu-24.04 + steps: + - uses: actions/checkout@v4 + - uses: ruby/setup-ruby@v1 + with: + ruby-version: 3.2.2 + bundler-cache: true + - name: config bundler + run: | + bundle config set without 'development staging production' + bundle config set deployment 'true' + bundle env + head -n1 $(which bundle) + - name: Bundle Audit Check + run: bundle exec bundle-audit check --update + + brakeman: + runs-on: ubuntu-24.04 + steps: + - uses: actions/checkout@v4 + - uses: ruby/setup-ruby@v1 + with: + ruby-version: 3.2.2 + bundler-cache: true + - name: config bundler + run: | + bundle config set without 'development staging production' + bundle config set deployment 'true' + bundle env + head -n1 $(which bundle) + - name: Run Brakeman + run: bundle exec brakeman --quiet --skip-libs --exit-on-warn --ignore-config=.brakeman-ignore + test: strategy: fail-fast: false matrix: - os: [ubuntu-20.04] - ruby: [ 2.7 ] + os: [ubuntu-24.04] + ruby: ['3.2.2'] runs-on: ${{ matrix.os }} - continue-on-error: ${{ endsWith(matrix.ruby, 'head') || matrix.ruby == 'debug' }} - steps: + env: + RAILS_ENV: test + COVERAGE: true + DISABLE_SPRING: 1 - - uses: actions/checkout@v4 - - uses: ruby/setup-ruby@v1 - with: - ruby-version: ${{ matrix.ruby }} - bundler-cache: true # runs 'bundle install' and caches installed gems automatically - - name: config bundler - run: | - bundle config set without 'development staging production' - bundle config set deployment '[secure]' - bundle env - head -n1 $(which bundle) - - - name: Setup qlty.sh - run: | - curl -sSL https://qlty.sh/install.sh | bash - qlty --version + steps: + - uses: actions/checkout@v4 - - name: Run Tests - env: - RAILS_ENV: test - DISABLE_SPRING: 1 - run: | - gem install bundler -v '>= 2.2.10' - gem install builder - gem install nokogiri -v '~> 1.11.3' - gem install savon - gem install webmock - gem install mocha - gem install minitest -v '~> 5.14' - bundle install - rake + - uses: ruby/setup-ruby@v1 + with: + ruby-version: ${{ matrix.ruby }} + bundler-cache: true - - name: Run qlty.sh analysis - run: | - qlty analyze --format json --output qlty-report.json + - name: config bundler + run: | + bundle config set without 'development staging production' + bundle config set deployment 'true' + bundle env + head -n1 $(which bundle) - - uses: actions/upload-artifact@v3.1.3 - with: - name: qlty-report-${{ matrix.ruby }} - path: qlty-report.json + - name: Install dependencies + run: | + gem install bundler -v '>= 2.2.10' + gem install builder + gem install nokogiri -v '~> 1.11.3' + gem install savon + gem install webmock + gem install mocha + gem install minitest -v '~> 5.14' + gem install simplecov -v '<= 0.17.1' + bundle install - quality_check: - strategy: - matrix: - os: [ ubuntu-20.04 ] - ruby: [ '2.7' ] - runs-on: ubuntu-20.04 - needs: test + - name: Run Tests + run: rake - steps: - - uses: actions/checkout@v4 - - name: Setup qlty.sh run: | curl -sSL https://qlty.sh/install.sh | bash qlty --version - - uses: actions/download-artifact@v3.0.2 + - name: Run qlty.sh analysis + run: | + qlty analyze --format json --output qlty-report.json + + - name: Upload coverage to qlty.sh + uses: qltysh/qlty-action/coverage@v1 with: - name: qlty-report-${{ matrix.ruby }} - path: reports + oidc: true + files: coverage/.resultset.json - - name: Process qlty.sh results - run: | - if [ -f reports/qlty-report.json ]; then - echo "Quality analysis completed" - cat reports/qlty-report.json - else - echo "No quality report found" - exit 1 - fi + - uses: actions/upload-artifact@v4 + with: + name: qlty-report-${{ matrix.ruby }} + path: qlty-report.json + - uses: actions/upload-artifact@v4 + with: + name: coverage-${{ matrix.ruby }} + path: coverage/ From 20309a8bdba78fed60629c951fe14578a3c4f283 Mon Sep 17 00:00:00 2001 From: mmeest Date: Thu, 7 Aug 2025 14:01:03 +0300 Subject: [PATCH 03/11] changed simplecov workflow --- .github/workflows/ruby.yml | 4 ++++ .simplecov | 7 +++++-- test/test_helper.rb | 6 +----- 3 files changed, 10 insertions(+), 7 deletions(-) diff --git a/.github/workflows/ruby.yml b/.github/workflows/ruby.yml index a4c38c9..1fc27b9 100644 --- a/.github/workflows/ruby.yml +++ b/.github/workflows/ruby.yml @@ -20,6 +20,8 @@ jobs: bundle config set deployment 'true' bundle env head -n1 $(which bundle) + - name: Install bundle-audit + run: gem install bundle-audit - name: Bundle Audit Check run: bundle exec bundle-audit check --update @@ -37,6 +39,8 @@ jobs: bundle config set deployment 'true' bundle env head -n1 $(which bundle) + - name: Install brakeman + run: gem install brakeman - name: Run Brakeman run: bundle exec brakeman --quiet --skip-libs --exit-on-warn --ignore-config=.brakeman-ignore diff --git a/.simplecov b/.simplecov index 7b9150e..232133e 100644 --- a/.simplecov +++ b/.simplecov @@ -1,3 +1,6 @@ -SimpleCov.start do - add_filter '/test/' +if ENV['COVERAGE'] + require 'simplecov' + SimpleCov.start do + add_filter '/test/' + end end \ No newline at end of file diff --git a/test/test_helper.rb b/test/test_helper.rb index e6c27d4..cc5b0e1 100644 --- a/test/test_helper.rb +++ b/test/test_helper.rb @@ -1,8 +1,4 @@ -if ENV['COVERAGE'] - require 'simplecov' - SimpleCov.start -end - +# SimpleCov is configured in .simplecov file $LOAD_PATH.unshift File.expand_path('../../lib', __FILE__) require 'e_invoice' require 'minitest/autorun' From 4a20ea7eee19c9f5c770d02018be0957fc028ebf Mon Sep 17 00:00:00 2001 From: mmeest Date: Thu, 7 Aug 2025 14:11:33 +0300 Subject: [PATCH 04/11] replaced gem install workflow for bundle-audit and brakeman --- .github/workflows/ruby.yml | 6 ++---- estonian_e_invoice.gemspec | 2 ++ 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/ruby.yml b/.github/workflows/ruby.yml index 1fc27b9..bf3a278 100644 --- a/.github/workflows/ruby.yml +++ b/.github/workflows/ruby.yml @@ -20,8 +20,6 @@ jobs: bundle config set deployment 'true' bundle env head -n1 $(which bundle) - - name: Install bundle-audit - run: gem install bundle-audit - name: Bundle Audit Check run: bundle exec bundle-audit check --update @@ -39,8 +37,6 @@ jobs: bundle config set deployment 'true' bundle env head -n1 $(which bundle) - - name: Install brakeman - run: gem install brakeman - name: Run Brakeman run: bundle exec brakeman --quiet --skip-libs --exit-on-warn --ignore-config=.brakeman-ignore @@ -89,10 +85,12 @@ jobs: - name: Setup qlty.sh run: | curl -sSL https://qlty.sh/install.sh | bash + export PATH="$HOME/.qlty/bin:$PATH" qlty --version - name: Run qlty.sh analysis run: | + export PATH="$HOME/.qlty/bin:$PATH" qlty analyze --format json --output qlty-report.json - name: Upload coverage to qlty.sh diff --git a/estonian_e_invoice.gemspec b/estonian_e_invoice.gemspec index d1e098e..4666ad3 100644 --- a/estonian_e_invoice.gemspec +++ b/estonian_e_invoice.gemspec @@ -36,4 +36,6 @@ Gem::Specification.new do |spec| spec.add_development_dependency 'rake', '~> 13.0' spec.add_development_dependency 'simplecov' spec.add_development_dependency 'webmock' + spec.add_development_dependency 'bundle-audit' + spec.add_development_dependency 'brakeman' end From 349396d321221eac44398d13f84e86e522c01785 Mon Sep 17 00:00:00 2001 From: mmeest Date: Thu, 7 Aug 2025 14:21:22 +0300 Subject: [PATCH 05/11] added bundle install and replaced qlty.sh command --- .github/workflows/ruby.yml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/.github/workflows/ruby.yml b/.github/workflows/ruby.yml index bf3a278..50aa859 100644 --- a/.github/workflows/ruby.yml +++ b/.github/workflows/ruby.yml @@ -20,6 +20,8 @@ jobs: bundle config set deployment 'true' bundle env head -n1 $(which bundle) + - name: Install dependencies + run: bundle install - name: Bundle Audit Check run: bundle exec bundle-audit check --update @@ -37,6 +39,8 @@ jobs: bundle config set deployment 'true' bundle env head -n1 $(which bundle) + - name: Install dependencies + run: bundle install - name: Run Brakeman run: bundle exec brakeman --quiet --skip-libs --exit-on-warn --ignore-config=.brakeman-ignore @@ -91,7 +95,7 @@ jobs: - name: Run qlty.sh analysis run: | export PATH="$HOME/.qlty/bin:$PATH" - qlty analyze --format json --output qlty-report.json + qlty check --format json --output qlty-report.json - name: Upload coverage to qlty.sh uses: qltysh/qlty-action/coverage@v1 From 88a1593faaaff92aa4f14346a674a7400ea22803 Mon Sep 17 00:00:00 2001 From: mmeest Date: Thu, 7 Aug 2025 14:29:10 +0300 Subject: [PATCH 06/11] added gem install for brakeman and bundle-audit --- .github/workflows/ruby.yml | 14 +++++++------- estonian_e_invoice.gemspec | 2 -- 2 files changed, 7 insertions(+), 9 deletions(-) diff --git a/.github/workflows/ruby.yml b/.github/workflows/ruby.yml index 50aa859..5b6dd0f 100644 --- a/.github/workflows/ruby.yml +++ b/.github/workflows/ruby.yml @@ -20,10 +20,10 @@ jobs: bundle config set deployment 'true' bundle env head -n1 $(which bundle) - - name: Install dependencies - run: bundle install + - name: Install bundle-audit + run: gem install bundle-audit - name: Bundle Audit Check - run: bundle exec bundle-audit check --update + run: gem exec bundle-audit check --update brakeman: runs-on: ubuntu-24.04 @@ -39,10 +39,10 @@ jobs: bundle config set deployment 'true' bundle env head -n1 $(which bundle) - - name: Install dependencies - run: bundle install + - name: Install brakeman + run: gem install brakeman - name: Run Brakeman - run: bundle exec brakeman --quiet --skip-libs --exit-on-warn --ignore-config=.brakeman-ignore + run: gem exec brakeman --quiet --skip-libs --exit-on-warn --ignore-config=.brakeman-ignore test: strategy: @@ -95,7 +95,7 @@ jobs: - name: Run qlty.sh analysis run: | export PATH="$HOME/.qlty/bin:$PATH" - qlty check --format json --output qlty-report.json + qlty check --output qlty-report.json - name: Upload coverage to qlty.sh uses: qltysh/qlty-action/coverage@v1 diff --git a/estonian_e_invoice.gemspec b/estonian_e_invoice.gemspec index 4666ad3..d1e098e 100644 --- a/estonian_e_invoice.gemspec +++ b/estonian_e_invoice.gemspec @@ -36,6 +36,4 @@ Gem::Specification.new do |spec| spec.add_development_dependency 'rake', '~> 13.0' spec.add_development_dependency 'simplecov' spec.add_development_dependency 'webmock' - spec.add_development_dependency 'bundle-audit' - spec.add_development_dependency 'brakeman' end From 5a171f049e087cecdfcab513ac22c084f659fd8f Mon Sep 17 00:00:00 2001 From: mmeest Date: Thu, 7 Aug 2025 14:44:14 +0300 Subject: [PATCH 07/11] removed brakeman --- .github/workflows/ruby.yml | 21 +-------------------- 1 file changed, 1 insertion(+), 20 deletions(-) diff --git a/.github/workflows/ruby.yml b/.github/workflows/ruby.yml index 5b6dd0f..3eb5389 100644 --- a/.github/workflows/ruby.yml +++ b/.github/workflows/ruby.yml @@ -25,25 +25,6 @@ jobs: - name: Bundle Audit Check run: gem exec bundle-audit check --update - brakeman: - runs-on: ubuntu-24.04 - steps: - - uses: actions/checkout@v4 - - uses: ruby/setup-ruby@v1 - with: - ruby-version: 3.2.2 - bundler-cache: true - - name: config bundler - run: | - bundle config set without 'development staging production' - bundle config set deployment 'true' - bundle env - head -n1 $(which bundle) - - name: Install brakeman - run: gem install brakeman - - name: Run Brakeman - run: gem exec brakeman --quiet --skip-libs --exit-on-warn --ignore-config=.brakeman-ignore - test: strategy: fail-fast: false @@ -95,7 +76,7 @@ jobs: - name: Run qlty.sh analysis run: | export PATH="$HOME/.qlty/bin:$PATH" - qlty check --output qlty-report.json + qlty check - name: Upload coverage to qlty.sh uses: qltysh/qlty-action/coverage@v1 From db73ad14863c983412a3cca3559946e08ee9aa81 Mon Sep 17 00:00:00 2001 From: mmeest Date: Thu, 7 Aug 2025 14:52:19 +0300 Subject: [PATCH 08/11] added qlty setup steps --- .github/workflows/ruby.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/workflows/ruby.yml b/.github/workflows/ruby.yml index 3eb5389..1b7bdb9 100644 --- a/.github/workflows/ruby.yml +++ b/.github/workflows/ruby.yml @@ -73,6 +73,11 @@ jobs: export PATH="$HOME/.qlty/bin:$PATH" qlty --version + - name: Initialize qlty.sh + run: | + export PATH="$HOME/.qlty/bin:$PATH" + qlty init + - name: Run qlty.sh analysis run: | export PATH="$HOME/.qlty/bin:$PATH" From ed0b0351c4d8749288fd6981d748146015f83ac1 Mon Sep 17 00:00:00 2001 From: mmeest Date: Thu, 7 Aug 2025 14:57:21 +0300 Subject: [PATCH 09/11] added --non-interactive status --- .github/workflows/ruby.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ruby.yml b/.github/workflows/ruby.yml index 1b7bdb9..d1a8a4d 100644 --- a/.github/workflows/ruby.yml +++ b/.github/workflows/ruby.yml @@ -76,12 +76,12 @@ jobs: - name: Initialize qlty.sh run: | export PATH="$HOME/.qlty/bin:$PATH" - qlty init + qlty init --non-interactive - name: Run qlty.sh analysis run: | export PATH="$HOME/.qlty/bin:$PATH" - qlty check + qlty check --non-interactive - name: Upload coverage to qlty.sh uses: qltysh/qlty-action/coverage@v1 From 937bb8c8a86c4d001c5f6dc84bada5cc86d17684 Mon Sep 17 00:00:00 2001 From: mmeest Date: Thu, 7 Aug 2025 15:03:38 +0300 Subject: [PATCH 10/11] update qlty check --- .github/workflows/ruby.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ruby.yml b/.github/workflows/ruby.yml index d1a8a4d..cd97b42 100644 --- a/.github/workflows/ruby.yml +++ b/.github/workflows/ruby.yml @@ -76,12 +76,12 @@ jobs: - name: Initialize qlty.sh run: | export PATH="$HOME/.qlty/bin:$PATH" - qlty init --non-interactive + qlty init --no - name: Run qlty.sh analysis run: | export PATH="$HOME/.qlty/bin:$PATH" - qlty check --non-interactive + qlty check --no - name: Upload coverage to qlty.sh uses: qltysh/qlty-action/coverage@v1 From 9a95927d3999729edd0a6016e60c2a27044d6399 Mon Sep 17 00:00:00 2001 From: mmeest Date: Thu, 7 Aug 2025 15:21:31 +0300 Subject: [PATCH 11/11] qlty check update --- .github/workflows/ruby.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ruby.yml b/.github/workflows/ruby.yml index cd97b42..49eb21f 100644 --- a/.github/workflows/ruby.yml +++ b/.github/workflows/ruby.yml @@ -81,7 +81,7 @@ jobs: - name: Run qlty.sh analysis run: | export PATH="$HOME/.qlty/bin:$PATH" - qlty check --no + qlty check - name: Upload coverage to qlty.sh uses: qltysh/qlty-action/coverage@v1