WIP: Change: Ci: following guidelines

.github/install-openvas-dependencies.sh

@@ -10,6 +10,7 @@ apt-get update && apt-get install --no-install-recommends --no-install-suggests
     clang-tools \
     cmake \
     curl \
+    git \
     lcov \
     libgnutls28-dev \
     libgpgme-dev \

.github/workflows/build.yml

@@ -0,0 +1,25 @@
+name: "Build"
+
+on: [workflow_call]
+
+jobs:
+  OpenVAS:
+    runs-on: ubuntu-latest
+    container: greenbone/gvm-libs:stable
+    steps:
+      - uses: actions/checkout@v4
+      - name: install dependencies
+        run: |
+          sh .github/install-openvas-dependencies.sh
+      - name: build 
+        run: |
+          cmake -Bbuild -DCMAKE_C_COMPILER=/usr/share/clang/scan-build-14/libexec/ccc-analyzer
+          scan-build -o ~/scan-build-report cmake --build build
+      - name: Upload scan-build report
+        uses: actions/upload-artifact@v3
+        with:
+          name: scan-build-report
+          path: ~/scan-build-report/
+          retention-days: 7
+  OpenVAS_Daemon:
+    uses: ./.github/workflows/build-rust.yml

.github/workflows/ci.yml

@@ -0,0 +1,40 @@
+name: "Linting"
+
+on: [workflow_call]
+
+jobs:
+  OpenVAS:
+    runs-on: ubuntu-latest
+    container: greenbone/gvm-libs:stable
+    steps:
+      - uses: actions/checkout@v4
+      - name: install dependencies
+        run: |
+          sh .github/install-openvas-dependencies.sh
+      - name: Formatting
+        run: |
+          clang-format --dry-run --Werror -i -style=file {src,misc,nasl}/*.{c,h}
+      - name: unit-tests
+        run: |
+          cmake -Bbuild -DCMAKE_BUILD_TYPE=Release
+          CTEST_OUTPUT_ON_FAILURE=1 cmake --build build -- tests test
+  OpenVAS_Daemon:
+    runs-on: ubuntu-latest
+    defaults:
+      run:
+        working-directory: rust
+    steps:
+      - uses: actions/checkout@v4
+      - run: sudo apt update && sudo apt-get install -y libpcap-dev
+      - run: rustup update stable && rustup default stable || rustup default stable 
+      - run: cargo install cargo-audit
+      - run: cargo install typos-cli
+      - name: unit-tests
+        run: cargo test --lib --tests --workspace
+      - name: Clippy
+        run: cargo clippy -- -D warnings
+      - name: Audit
+        run: cargo audit
+      - run: typos
+      - name: Formatting
+        run: cargo fmt --check

.github/workflows/control.yml

@@ -0,0 +1,31 @@
+name: CI
+
+on:
+  push:
+    branches: [ main]
+    tags: ["v*"]
+  pull_request:
+  workflow_dispatch:
+  repository_dispatch:
+  schedule:
+    # rebuild image every sunday
+    - cron: "0 0 * * 0"
+
+jobs:
+  init:
+    uses: ./.github/workflows/init.yaml
+  build:
+    uses: ./.github/workflows/build.yml
+  linting:
+    uses: ./.github/workflows/ci.yml
+  container:
+    needs: [build, init]
+    env:
+      IS_LATEST_TAG: ${{init.init.outputs.is_latest_tag}}
+      IS_VERSION_TAG: ${{init.init.outputs.is_version_tag}}
+    uses: ./.github/workflows/push-container.yml
+  # although it seems a bit odd, but that way we ensure
+  # that we test the latest greatest thing.
+  smoketests:
+    needs: [container]
+    uses: ./.github/workflows/smoketest.yaml

.github/workflows/init.yaml

@@ -0,0 +1,54 @@
+name: Initialize
+
+on: [workflow_call]
+
+jobs:
+  init:
+    runs-on: ubuntu-latest
+    outputs:
+      is_latest_tag: ${{ steps.version.outputs.is_latest_tag }}
+      is_version_tag: ${{ steps.version.outputs.is_version_tag }}
+      docker_tag: ${{ steps.version.output.docker_tag }}
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+      - name: "set IS_VERSION_TAG"
+        run: |
+          echo "IS_VERSION_TAG=${{ github.ref_type == 'tag' && startsWith(github.ref_name, 'v') }}" >> $GITHUB_ENV
+          # set defaults
+          echo "IS_LATEST_TAG=false" >> $GITHUB_ENV
+      - name: "set IS_LATEST_TAG"
+        if: ( env.IS_VERSION_TAG == 'true' )
+        run: |
+          # find the latest version that is not ourself
+          export LATEST_VERSION=$(git tag -l | grep -v '${{ github.ref_name }}' | sort -r --version-sort)
+          # get major minor patch versions
+          IFS='.' read -r latest_major latest_minor latest_patch << EOF
+          $LATEST_VERSION
+          EOF
+          IFS='.' read -r tag_major tag_minor tag_patch << EOF
+          ${{ github.ref_name }}
+          EOF
+          # remove leading v
+          latest_major=$(echo $latest_major | cut -c2-)
+          tag_major=$(echo $tag_major | cut -c2-)
+          echo "$tag_major >= $latest_major"
+          if [[ $tag_major -ge $latest_major && ($tag_minor -ne 0 || $tag_patch -ne 0) ]]; then
+            # set this tag to latest and stable
+            echo "IS_LATEST_TAG=true" >> $GITHUB_ENV
+          fi
+          echo "VERSION=$tag_major.$tag_minor.$tag_patch" >> $GITHUB_ENV
+      - name: "set DOCKER_TAG = edge"
+        if: ( env.IS_VERSION_TAG != 'true' )
+        run: |
+          echo "DOCKER_TAG=edge" >> $GITHUB_ENV
+      - name: "set DOCKER_TAG = ${{ env.VERSION }}"
+        if: ( env.IS_VERSION_TAG == 'true' )
+        run: |
+          echo "DOCKER_TAG=$VERSION" >> $GITHUB_ENV
+      - name: set output
+        id: version
+        run: |
+          echo "is_latest_tag=$IS_LATEST_TAG" >> "$GITHUB_OUTPUT"
+          echo "is_version_tag=$IS_VERSION_TAG" >> "$GITHUB_OUTPUT"
+          echo "docker_tag=$DOCKER_TAG" >> "$GITHUB_OUTPUT"

.github/workflows/container.yml → .github/workflows/push-container.yml

@@ -1,49 +1,13 @@
 name: Container
 
-on:
-  push:
-    branches: [main, stable, oldstable, middleware]
-    tags: ["v*"]
-  pull_request:
-    branches: [main, stable, oldstable, middleware]
-  workflow_dispatch:
-  repository_dispatch:
+on: [workflow_call]
 
 jobs:
-  rs-build-binaries:
-    uses: ./.github/workflows/build-rust.yml
-
   production-image:
     runs-on: ubuntu-latest
-    needs: [rs-build-binaries]
     steps:
       - name: Checkout
         uses: actions/checkout@v4
-      - name: "set IS_VERSION_TAG"
-        run: |
-          echo "IS_VERSION_TAG=${{ github.ref_type == 'tag' && startsWith(github.ref_name, 'v') }}" >> $GITHUB_ENV
-          # set defaults
-          echo "IS_LATEST_TAG=false" >> $GITHUB_ENV
-      - name: "set IS_LATEST_TAG"
-        if: ( env.IS_VERSION_TAG )
-        run: |
-          # find the latest version that is not ourself
-          export LATEST_VERSION=$(git tag -l | grep -v '${{ github.ref_name }}' | sort -r --version-sort)
-          # get major minor patch versions
-          IFS='.' read -r latest_major latest_minor latest_patch << EOF
-          $LATEST_VERSION
-          EOF
-          IFS='.' read -r tag_major tag_minor tag_patch << EOF
-          ${{ github.ref_name }}
-          EOF
-          # remove leading v
-          latest_major=$(echo $latest_major | cut -c2-)
-          tag_major=$(echo $tag_major | cut -c2-)
-          echo "$tag_major >= $latest_major"
-          if [[ $tag_major -ge $latest_major && ($tag_minor -ne 0 || $tag_patch -ne 0) ]]; then
-            # set this tag to latest and stable
-            echo "IS_LATEST_TAG=true" >> $GITHUB_ENV
-          fi
       - name: "Setup meta information (IS_VERSION_TAG: ${{ env.IS_VERSION_TAG }}, IS_LATEST_TAG: ${{ env.IS_LATEST_TAG }} )"
         id: meta
         uses: docker/metadata-action@v5