ci: replace codecov with sonarcloud

.github/PULL_REQUEST_TEMPLATE.md

@@ -49,4 +49,4 @@ write a little note why.
 - [ ] Added relevant `godoc` [comments](https://blog.golang.org/godoc-documenting-go-code).
 - [ ] Provide a [commit message](https://github.com/cosmos/ibc-go/blob/main/docs/dev/pull-requests.md#commit-messages) to be used for the changelog entry in the PR description for review.
 - [ ] Re-reviewed `Files changed` in the Github PR explorer.
-- [ ] Review `Codecov Report` in the comment section below once CI passes.
+- [ ] Review `SonarCloud Report` in the comment section below once CI passes.

.github/workflows/callbacks.yml

@@ -48,3 +48,11 @@ jobs:
         run: |
           cd modules/apps/callbacks
           go test -v -mod=readonly ./...
+      - name: sonarcloud
+        if: ${{ env.GIT_DIFF && !github.event.pull_request.draft && env.SONAR_TOKEN != null }}
+        uses: SonarSource/sonarcloud-github-action@master
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+        with:
+          projectBaseDir: modules/apps/callbacks/

.github/workflows/capability.yml

@@ -34,3 +34,11 @@ jobs:
         run: |
           cd modules/capability
           go test -v -mod=readonly ./...
+      - name: sonarcloud
+        if: ${{ env.GIT_DIFF && !github.event.pull_request.draft && env.SONAR_TOKEN != null }}
+        uses: SonarSource/sonarcloud-github-action@master
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+        with:
+          projectBaseDir: modules/capability/

.github/workflows/e2e-wasm.yaml

@@ -49,19 +49,25 @@ jobs:
     # we skip the job in this case.
     if: ${{ !github.event.pull_request.draft && !github.event.pull_request.head.repo.fork && github.actor != 'dependabot[bot]' }}
     needs: determine-image-tag # we are required to have a docker tag before we can build any images.
-    uses: ./.github/workflows/e2e-test-workflow-call.yml
-    # unless we explicitly tell the workflow to inherit secrets, required secrets such as GITHUB_TOKEN will not be
-    # provided to the workflow. This would cause privileged operations to fail.
-    secrets: inherit
-    with:
-      # with each test, we build an image from the current code.
-      build-and-push-docker-image-wasm: true
-      # if the test fails, we upload logs so that we can download them from the UI.
-      upload-logs: true
-      chain-image: ghcr.io/cosmos/ibc-go-wasm-simd
-      # with regular tests, both images are the same.
-      chain-a-tag: '${{ needs.determine-image-tag.outputs.simd-tag }}'
-      chain-b-tag: '${{ needs.determine-image-tag.outputs.simd-tag }}'
-      chain-binary: 'simd'
-      # only run the grandpa test suite for wasm tests.
-      test-entry-point: 'TestGrandpaTestSuite'
+    steps:
+      - uses: ./.github/workflows/e2e-test-workflow-call.yml
+        # unless we explicitly tell the workflow to inherit secrets, required secrets such as GITHUB_TOKEN will not be
+        # provided to the workflow. This would cause privileged operations to fail.
+        secrets: inherit
+        with:
+          # with each test, we build an image from the current code.
+          build-and-push-docker-image-wasm: true
+          # if the test fails, we upload logs so that we can download them from the UI.
+          upload-logs: true
+          chain-image: ghcr.io/cosmos/ibc-go-wasm-simd
+          # with regular tests, both images are the same.
+          chain-a-tag: '${{ needs.determine-image-tag.outputs.simd-tag }}'
+          chain-b-tag: '${{ needs.determine-image-tag.outputs.simd-tag }}'
+          chain-binary: 'simd'
+          # only run the grandpa test suite for wasm tests.
+          test-entry-point: 'TestGrandpaTestSuite'
+      - uses: actions/upload-artifact@v4
+          if: env.GIT_DIFF
+          with:
+            name: '${{ github.sha }}-e2e-wasm-coverage'
+            path: ./${{ matrix.part }}profile.out

.github/workflows/e2e.yaml

@@ -48,19 +48,25 @@ jobs:
     # we skip the job in this case.
     if: ${{ !github.event.pull_request.draft && !github.event.pull_request.head.repo.fork && github.actor != 'dependabot[bot]' }}
     needs: determine-image-tag # we are required to have a docker tag before we can build any images.
-    uses: ./.github/workflows/e2e-test-workflow-call.yml
-    # unless we explicitly tell the workflow to inherit secrets, required secrets such as GITHUB_TOKEN will not be
-    # provided to the workflow. This would cause privileged operations to fail.
-    secrets: inherit
-    with:
-      # with each test, we build an image from the current code.
-      build-and-push-docker-image: true
-      # if the test fails, we upload logs so that we can download them from the UI.
-      upload-logs: true
-      chain-image: ghcr.io/cosmos/ibc-go-simd
-      # with regular tests, both images are the same.
-      chain-a-tag: '${{ needs.determine-image-tag.outputs.simd-tag }}'
-      chain-b-tag: '${{ needs.determine-image-tag.outputs.simd-tag }}'
-      chain-binary: 'simd'
-      # on regular PRs we won't run upgrade tests.
-      test-exclusions: 'TestUpgradeTestSuite,TestGrandpaTestSuite,TestIBCWasmUpgradeTestSuite'
+    steps:
+      - uses: ./.github/workflows/e2e-test-workflow-call.yml
+        # unless we explicitly tell the workflow to inherit secrets, required secrets such as GITHUB_TOKEN will not be
+        # provided to the workflow. This would cause privileged operations to fail.
+        secrets: inherit
+        with:
+          # with each test, we build an image from the current code.
+          build-and-push-docker-image: true
+          # if the test fails, we upload logs so that we can download them from the UI.
+          upload-logs: true
+          chain-image: ghcr.io/cosmos/ibc-go-simd
+          # with regular tests, both images are the same.
+          chain-a-tag: '${{ needs.determine-image-tag.outputs.simd-tag }}'
+          chain-b-tag: '${{ needs.determine-image-tag.outputs.simd-tag }}'
+          chain-binary: 'simd'
+          # on regular PRs we won't run upgrade tests.
+          test-exclusions: 'TestUpgradeTestSuite,TestGrandpaTestSuite,TestIBCWasmUpgradeTestSuite'
+      - uses: actions/upload-artifact@v4
+          if: env.GIT_DIFF
+          with:
+            name: '${{ github.sha }}-e2e-coverage'
+            path: ./${{ matrix.part }}profile.out

.github/workflows/repo-analysis.yaml

@@ -0,0 +1,60 @@
+
+name: Repo analysis
+#  Tests / Code Coverage workflow runs unit tests and uploads a code coverage report
+#  This workflow is run on pushes to main & every Pull Requests where a .go, .mod, .sum have been changed
+on:
+  workflow_run:
+    workflows: ["Tests / Code Coverage", "Tests / E2E", "Tests / E2E Wasm"]
+    branches: [main]
+    types: 
+      - completed
+  pull_request:
+  push:
+    branches:
+      - main
+
+repo-analysis:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: technote-space/[email protected]
+        id: git_diff
+        with:
+          PATTERNS: |
+            **/*.go
+            go.mod
+            go.sum
+            **/go.mod
+            **/go.sum
+      - uses: actions/download-artifact@v4
+        if: env.GIT_DIFF
+        with:
+          name: '${{ github.sha }}-00-coverage'
+      - uses: actions/download-artifact@v4
+        if: env.GIT_DIFF
+        with:
+          name: '${{ github.sha }}-01-coverage'
+      - uses: actions/download-artifact@v4
+        if: env.GIT_DIFF
+        with:
+          name: '${{ github.sha }}-02-coverage'
+      - uses: actions/download-artifact@v4
+        if: env.GIT_DIFF
+        with:
+          name: '${{ github.sha }}-03-coverage'
+      - uses: actions/download-artifact@v4
+        if: env.GIT_DIFF
+        with:
+          name: '${{ github.sha }}-e2e-coverage'
+        continue-on-error: true
+      - uses: actions/download-artifact@v4
+        if: env.GIT_DIFF
+        with:
+          name: '${{ github.sha }}-e2e-wasm-coverage'
+        continue-on-error: true
+      - name: sonarcloud
+        if: ${{ env.GIT_DIFF && !github.event.pull_request.draft }}
+        uses: SonarSource/sonarcloud-github-action@master
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

.github/workflows/test.yml

@@ -104,53 +104,7 @@ jobs:
           cat pkgs.txt.part.${{ matrix.part }} | xargs go test -mod=readonly -timeout 30m -coverprofile=${{ matrix.part }}profile.out -covermode=atomic -tags='ledger test_ledger_mock'
         if: env.GIT_DIFF
       - uses: actions/upload-artifact@v4
+        if: env.GIT_DIFF
         with:
           name: '${{ github.sha }}-${{ matrix.part }}-coverage'
           path: ./${{ matrix.part }}profile.out
-
-  upload-coverage-report:
-    runs-on: ubuntu-latest
-    needs: tests
-    steps:
-      - uses: actions/checkout@v4
-      - uses: technote-space/[email protected]
-        with:
-          PATTERNS: |
-            **/**.go
-            go.mod
-            go.sum
-      - uses: actions/download-artifact@v4
-        with:
-          name: '${{ github.sha }}-00-coverage'
-        if: env.GIT_DIFF
-      - uses: actions/download-artifact@v4
-        with:
-          name: '${{ github.sha }}-01-coverage'
-        if: env.GIT_DIFF
-      - uses: actions/download-artifact@v4
-        with:
-          name: '${{ github.sha }}-02-coverage'
-        if: env.GIT_DIFF
-      - uses: actions/download-artifact@v4
-        with:
-          name: '${{ github.sha }}-03-coverage'
-        if: env.GIT_DIFF
-      - run: |
-          cat ./*profile.out | grep -v "mode: atomic" >> coverage.txt
-        if: env.GIT_DIFF
-      - name: filter out DONTCOVER
-        run: |
-          excludelist="$(find ./ -type f -name '*.go' | xargs grep -l 'DONTCOVER')"
-          excludelist+=" $(find ./ -type f -name '*.pb.go')"
-          excludelist+=" $(find ./ -type f -name '*.pb.gw.go')"
-          excludelist+=" $(find ./ -type f -path './tests/mocks/*.go')"
-          for filename in ${excludelist}; do
-            filename=$(echo $filename | sed 's/^./github.com\/cosmos\/cosmos-sdk/g')
-            echo "Excluding ${filename} from coverage report..."
-            sed -i.bak "/$(echo $filename | sed 's/\//\\\//g')/d" coverage.txt
-          done
-        if: env.GIT_DIFF
-      - uses: codecov/codecov-action@v4
-        with:
-          file: ./coverage.txt
-        if: env.GIT_DIFF

.github/workflows/wasm-client.yml

@@ -55,3 +55,11 @@ jobs:
         run: |
           cd modules/light-clients/08-wasm
           go test -v -mod=readonly ./...
+      - name: sonarcloud
+        if: ${{ env.GIT_DIFF && !github.event.pull_request.draft && env.SONAR_TOKEN != null }}
+        uses: SonarSource/sonarcloud-github-action@master
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+        with:
+          projectBaseDir: modules/lightclients/08-wasm/

README.md

@@ -17,8 +17,8 @@
   <a href="https://goreportcard.com/report/github.com/cosmos/ibc-go">
     <img alt="Go report card" src="https://goreportcard.com/badge/github.com/cosmos/ibc-go" />
   </a>
-  <a href="https://codecov.io/gh/cosmos/ibc-go">
-    <img alt="Code Coverage" src="https://codecov.io/gh/cosmos/ibc-go/branch/main/graph/badge.svg" />
+  <a href="https://sonarcloud.io/summary/overall?id=cosmos_ibc-go">
+    <img alt="Code Coverage" src="https://sonarcloud.io/api/project_badges/measure?project=cosmos_ibc-go&metric=coverage" />
   </a>
 </div>
 <div align="center">

docs/dev/development-setup.md

@@ -52,7 +52,7 @@ When testing a function under a variety of different inputs, we prefer to use [t
 
 All unit tests should use the testing package. Please see the testing package [README](../../testing/README.md) for more information.
 
-Test coverage is continuously deployed at [codecov](https://app.codecov.io/github/cosmos/ibc-go). PRs that improve test coverage are welcome, but in general the test coverage should be used as a guidance for finding API use cases that are not covered by tests. We don't recommend adding tests that only improve coverage but not actually test a meaning use case.
+Test coverage is continuously deployed at [SonarCloud](https://sonarcloud.io/project/overview?id=cosmos_ibc-go). PRs that improve test coverage are welcome, but in general the test coverage should be used as a guidance for finding API use cases that are not covered by tests. We don't recommend adding tests that only improve coverage but not actually test a meaning use case.
 
 ## Documentation
 

modules/apps/callbacks/sonar-project.properties

@@ -0,0 +1,14 @@
+sonar.projectKey=ibc-go-callbacks
+sonar.organization=cosmos
+
+sonar.projectName=ibc-go - Callbacks
+sonar.project.monorepo.enabled=true
+
+sonar.sources=.
+sonar.exclusions=**/*_test.go
+sonar.tests=.
+sonar.test.inclusions=**/*_test.go
+sonar.go.coverage.reportPaths=coverage.out
+
+sonar.sourceEncoding=UTF-8
+sonar.scm.provider=git

modules/capability/sonar-project.properties

@@ -0,0 +1,14 @@
+sonar.projectKey=ibc-go-capability
+sonar.organization=cosmos
+
+sonar.projectName=ibc-go - Capability
+sonar.project.monorepo.enabled=true
+
+sonar.sources=.
+sonar.exclusions=**/*_test.go
+sonar.tests=.
+sonar.test.inclusions=**/*_test.go
+sonar.go.coverage.reportPaths=coverage.out
+
+sonar.sourceEncoding=UTF-8
+sonar.scm.provider=git

modules/light-clients/08-wasm/sonar-project.properties

@@ -0,0 +1,14 @@
+sonar.projectKey=ibc-go-08-wasm
+sonar.organization=cosmos
+
+sonar.projectName=ibc-go - 08-wasm
+sonar.project.monorepo.enabled=true
+
+sonar.sources=.
+sonar.exclusions=**/*_test.go
+sonar.tests=.
+sonar.test.inclusions=**/*_test.go
+sonar.go.coverage.reportPaths=coverage.out
+
+sonar.sourceEncoding=UTF-8
+sonar.scm.provider=git

sonar-project.properties

@@ -0,0 +1,20 @@
+sonar-projects.propertiessonar.projectKey=cosmos_ibc-go
+sonar.organization=cosmos
+
+sonar.projectName=ibc-go
+sonar.project.monorepo.enabled=true
+
+sonar.sources=.
+sonar.exclusions=**/*_test.go,**/testing/**,e2e/**,**/*.pb.go,**/*.pb.gw.go,**/*.pulsar.go,docs/**,**/*.md,scripts/**,
+sonar.tests=.
+sonar.test.inclusions=**/*_test.go,**/testing/**,e2e/**,**/testutil/**
+sonar.go.coverage.reportPaths=coverage.out,*profile.out
+
+sonar.python.version=3
+sonar.sourceEncoding=UTF-8
+sonar.scm.provider=git
+
+# Exclude C/C++/Objective-C files from analysis
+sonar.c.file.suffixes=-
+sonar.cpp.file.suffixes=-
+sonar.objc.file.suffixes=-