Update GitHub workflows

Updates the github workflows to separate the clippy analysis from the rest.  This way the clippy analysis can be done on a schedule.  Also update the clippy analysis to upload the results to GitHub as security issues.

.github/workflows/rust-clippy.yml

@@ -0,0 +1,50 @@
+name: Rust Clippy Analysis
+
+on:
+  push:
+    branches: [ "master" ]
+  pull_request:
+    branches: [ "master" ]
+  schedule:
+    - cron: "18 21 * * 6"
+
+env:
+  CARGO_TERM_COLOR: always
+
+jobs:
+    rust-clippy:
+      name: Run rust-clippy analysis
+      runs-on: ubuntu-latest
+      permissions:
+        contents: read
+        security-events: write
+        actions: read
+      steps:
+        - name: Checkout code
+          uses: actions/checkout@v3
+
+        - name: Install Rust Toolchain
+          uses: dtolnay/rust-toolchain@stable
+          with:
+            toolchain: stable
+            components: clippy
+
+        - name: Cache build dependencies
+          uses: Swatinem/rust-cache@v2
+
+        - name: Install clippy-sarif
+          run: cargo install clippy-sarif sarif-fmt
+
+        - name: Run rust-clippy
+          run:
+            cargo clippy
+            --all-features
+            --tests
+            --message-format=json | clippy-sarif | tee rust-clippy-results.sarif | sarif-fmt
+          continue-on-error: true
+
+        - name: Upload analysis results ot GitHub
+          uses: github/codeql-action/upload-sarif@v2
+          with:
+            sarif_file: rust-clippy-results.sarif
+            wait-for-processing: true

.github/workflows/rust.yml

@@ -10,40 +10,44 @@ env:
   CARGO_TERM_COLOR: always
 
 jobs:
-  lint:
+  rust-fmt-check:
+    name: Run Rust-fmt check
     runs-on: ubuntu-latest
+    permissions:
+      contents: read
     steps:
-      - uses: actions/checkout@v3
+      - name: Checkout code
-      - uses: actions-rs/toolchain@v1
+        uses: actions/checkout@v3
+
+      - name: Install Rust Toolchain
+        uses: dtolnay/rust-toolchain@stable
         with:
           toolchain: stable
-          profile: minimal
+          components: rustfmt
-          components: rustfmt,clippy
+
-      - uses: Swatinem/rust-cache@v2
+      - name: Cache build dependencies
-      - name: Formatting
+        uses: Swatinem/rust-cache@v2
+
+      - name: Run rust-fmt --check
         run: cargo fmt --check --all
-      - name: Linting
-        run: cargo clippy --all --tests
 
   test:
+    name: Run unit and integration tests
     runs-on: ubuntu-latest
+    permissions:
+      contents: read
     steps:
-      - uses: actions/checkout@v3
+      - name: Checkout code
-      - uses: actions-rs/toolchain@v1
+        uses: actions/checkout@v3
+
+      - name: Install Rust Toolchain
+        uses: dtolnay/rust-toolchain@stable
         with:
           toolchain: stable
-          profile: minimal
+          components: rustfmt
-      - uses: Swatinem/rust-cache@v2
-      - run: cargo test
 
-  build:
+      - name: Cache build dependencies
-    runs-on: ubuntu-latest
+        uses: Swatinem/rust-cache@v2
-    steps:
+
-    - uses: actions/checkout@v3
+      - name: Run cargo-test
-    - uses: actions-rs/toolchain@v1
+        run: cargo test
-      with:
-        toolchain: stable
-        profile: minimal
-    - uses: Swatinem/rust-cache@v2
-    - name: Build
-      run: cargo build