-
-
Notifications
You must be signed in to change notification settings - Fork 0
259 lines (216 loc) · 7.45 KB
/
ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
name: "CI & CD: Build & Test & Lint .NET Solution, Create & Validate & Publish Nuget Package and Create Release"
on:
push:
branches:
- "master"
tags:
- "v[0-9]+.[0-9]+.[0-9]+"
pull_request:
branches:
- "**"
workflow_dispatch:
env:
NuGetArtifactName: "NuGet package"
NuGetDirectory: ${{ github.workspace }}/nupkgs
NuGetVersion: 0.0.0
jobs:
job_build_test:
name: Build & Test
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Setup .NET
uses: actions/setup-dotnet@v4
with:
global-json-file: "./global.json"
- name: Build solution
run: dotnet build
- name: Test solution
run: dotnet test --no-build --logger GitHubActions
# Logger: https://github.com/Tyrrrz/GitHubActionsTestLogger
- name: Verify results
if: failure()
uses: actions/upload-artifact@v4
with:
name: verify-test-results
path: |
**/*.received.*
job_lint:
name: Lint
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Setup .NET
uses: actions/setup-dotnet@v4
with:
global-json-file: "./global.json"
- name: Restore .NET tools
run: dotnet tool restore
- name: Run linting
run: dotnet csharpier --check .
job_analyze_codeql:
name: Run CodeQL scanning
runs-on: ubuntu-latest
permissions:
actions: read
contents: read
security-events: write
steps:
- uses: actions/checkout@v4
- name: Initialize CodeQL
uses: github/codeql-action/init@v3
with:
languages: csharp
- name: Auto-build by CodeQL
uses: github/codeql-action/autobuild@v3
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3
job_analyze_sonarcloud:
name: Run SonarCloud scanning
runs-on: windows-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0 # Required for SonarCloud.
- name: Setup .NET
uses: actions/setup-dotnet@v4
with:
global-json-file: "./global.json"
- name: Install dotnet-coverage
run: dotnet tool install dotnet-coverage --global
- name: Cache SonarCloud packages
uses: actions/cache@v4
with:
path: ~\sonar\cache
key: ${{ runner.os }}-sonar
restore-keys: ${{ runner.os }}-sonar
- name: Cache SonarCloud scanner
id: cache-sonar-scanner
uses: actions/cache@v4
with:
path: .\.sonar\scanner
key: ${{ runner.os }}-sonar-scanner
restore-keys: ${{ runner.os }}-sonar-scanner
- name: Install SonarCloud scanner
if: steps.cache-sonar-scanner.outputs.cache-hit != 'true'
shell: powershell
run: |
New-Item -Path .\.sonar\scanner -ItemType Directory
dotnet tool update dotnet-sonarscanner --tool-path .\.sonar\scanner
- name: Start SonarCloud analyze
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
shell: powershell
run: |
.\.sonar\scanner\dotnet-sonarscanner begin `
/k:"jerone_Jvw.DevToys.SemverCalculator" `
/o:"jerone" `
/d:sonar.token="${{ secrets.SONAR_TOKEN }}" `
/d:sonar.host.url="https://sonarcloud.io" `
/d:sonar.exclusions="**/Pack/**/*.xml" `
/d:sonar.verbose=true `
/d:sonar.cs.vscoveragexml.reportsPaths=coverage.xml
- name: Build solution
run: dotnet build --no-incremental
- name: Test solution
run: dotnet-coverage collect "dotnet test" -f xml -o "coverage.xml"
# https://docs.sonarsource.com/sonarcloud/enriching/test-coverage/dotnet-test-coverage/#dotnetcoverage
- name: End SonarCloud analyze
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
shell: powershell
run: |
.\.sonar\scanner\dotnet-sonarscanner end /d:sonar.token="${{ secrets.SONAR_TOKEN }}"
job_nuget_pack:
name: Pack NuGet package
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Setup .NET
uses: actions/setup-dotnet@v4
with:
global-json-file: "./global.json"
- name: Set version variable
if: ${{ github.ref_type == 'tag' }}
env:
TAG: ${{ github.ref_name }}
run: echo "NuGetVersion=${TAG#v}" >> $GITHUB_ENV
- name: Build package
run: dotnet build --configuration Release /p:Version=$NuGetVersion
working-directory: "Jvw.DevToys.SemverCalculator"
- name: Pack NuGet package
run: dotnet pack --no-build --output ${{ env.NuGetDirectory }} /p:PackageVersion=$NuGetVersion
working-directory: "Jvw.DevToys.SemverCalculator"
- name: Upload NuGet package
uses: actions/upload-artifact@v4
with:
name: ${{ env.NuGetArtifactName }}
path: ${{ env.NuGetDirectory }}/*.nupkg
job_nuget_validate:
name: Validate NuGet package
runs-on: ubuntu-latest
needs: [job_nuget_pack]
steps:
- uses: actions/checkout@v4
with:
sparse-checkout: "global.json" # Only need this file for this job.
sparse-checkout-cone-mode: false
- name: Setup .NET
uses: actions/setup-dotnet@v4
with:
global-json-file: "./global.json"
- name: Install NuGet validator
run: dotnet tool install Meziantou.Framework.NuGetPackageValidation.Tool --global
- uses: actions/download-artifact@v4
with:
name: ${{ env.NuGetArtifactName }}
path: ${{ env.NuGetDirectory }}
- name: Validate NuGet package
shell: pwsh
run: meziantou.validate-nuget-package (Get-ChildItem "${{ env.NuGetDirectory }}/*.nupkg")
job_nuget_publish:
name: Publish NuGet package
runs-on: ubuntu-latest
needs:
[
job_build_test,
job_lint,
job_nuget_validate,
job_analyze_codeql,
job_analyze_sonarcloud,
]
if: github.ref_type == 'tag' && startsWith(github.ref, 'refs/tags/v')
steps:
- uses: actions/checkout@v4
with:
sparse-checkout: "global.json" # Only need this file for this job.
sparse-checkout-cone-mode: false
- name: Setup .NET
uses: actions/setup-dotnet@v4
with:
global-json-file: "./global.json"
- uses: actions/download-artifact@v4
with:
name: ${{ env.NuGetArtifactName }}
path: ${{ env.NuGetDirectory }}
- name: Publish NuGet package
run: dotnet nuget push ${{ env.NuGetDirectory }}/*.nupkg -k ${{ secrets.NUGET_APIKEY }} -s https://api.nuget.org/v3/index.json
job_release:
name: Create release on GitHub
runs-on: ubuntu-latest
needs: [job_nuget_publish]
permissions:
contents: write # Needed to create a release.
steps:
- uses: actions/checkout@v4
- uses: actions/download-artifact@v4
with:
name: ${{ env.NuGetArtifactName }}
path: ${{ env.NuGetDirectory }}
- name: Create release
uses: ncipollo/release-action@v1
with:
generateReleaseNotes: true
artifacts: ${{ env.NuGetDirectory }}/*.nupkg