# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.
# rust-clippy is a tool that runs a bunch of lints to catch common
# mistakes in your Rust code and help improve your Rust code.
# More details at https://github.com/rust-lang/rust-clippy 
# and https://rust-lang.github.io/rust-clippy/

name: rust-clippy analyze

on:
  push:
    branches: [ "master" ]
  pull_request:
    # The branches below must be a subset of the branches above
    branches: [ "master" ]
  schedule:
    - cron: '39 20 * * 3'

jobs:
  rust-clippy-analyze:
    name: Run rust-clippy analyzing
    runs-on: ubuntu-latest
    permissions:
      contents: read
      security-events: write
    steps:
      - name: Checkout code
        uses: actions/checkout@v2

      - name: Install Rust toolchain
        uses: actions-rs/toolchain@16499b5e05bf2e26879000db0c1d13f7e13fa3af #@v1
        with:
          profile: minimal
          toolchain: stable
          components: clippy
          override: true

      - name: Install required cargo
        run: cargo install clippy-sarif sarif-fmt

      - name: Run rust-clippy
        run:
          cargo clippy
          --all-features
          --message-format=json | clippy-sarif | tee rust-clippy-results.sarif | sarif-fmt
        continue-on-error: true

      - name: Upload analysis results to GitHub
        uses: github/codeql-action/upload-sarif@v1
        with:
          sarif_file: rust-clippy-results.sarif
          wait-for-processing: true