-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add GitHub workflows #2
Changes from all commits
9526b55
437a253
bd190f9
ae4b126
43938ce
d352ff0
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,30 @@ | ||
version: 2 | ||
|
||
updates: | ||
- package-ecosystem: "nuget" | ||
directory: "/" | ||
schedule: | ||
interval: weekly | ||
open-pull-requests-limit: 50 | ||
assignees: | ||
- "guibranco" | ||
reviewers: | ||
- "guibranco" | ||
labels: | ||
- "nuget" | ||
- ".NET" | ||
- "packages" | ||
- "dependencies" | ||
|
||
- package-ecosystem: "github-actions" | ||
directory: "/" | ||
schedule: | ||
interval: weekly | ||
open-pull-requests-limit: 50 | ||
assignees: | ||
- "guibranco" | ||
reviewers: | ||
- "guibranco" | ||
labels: | ||
- "github-actions" | ||
- "dependencies" | ||
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,36 @@ | ||
name: Build | ||
|
||
on: | ||
push: | ||
branches: | ||
- '*' | ||
- '*/*' | ||
- '**' | ||
- '!main' | ||
workflow_dispatch: | ||
|
||
concurrency: | ||
group: ${{ github.workflow }}-${{ github.ref }} | ||
cancel-in-progress: true | ||
|
||
jobs: | ||
build: | ||
name: Build | ||
runs-on: ubuntu-latest | ||
|
||
steps: | ||
- name: Checkout code | ||
uses: actions/checkout@v4 | ||
with: | ||
fetch-depth: 0 | ||
|
||
- name: Setup .NET | ||
uses: actions/setup-dotnet@v4 | ||
with: | ||
dotnet-version: '7.0.x' | ||
|
||
- name: Build solution | ||
run: dotnet build -c Debug | ||
|
||
- name: Run tests | ||
run: dotnet test -c Debug --no-build --no-restore | ||
Comment on lines
+1
to
+36
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. CODE REVIEW
Revised code example: name: Build
on:
push:
branches:
- '**'
- '!main'
workflow_dispatch:
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
build:
name: Build and Test on Ubuntu
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Setup .NET
uses: actions/setup-dotnet@v4
with:
dotnet-version: '7.0.400'
- name: Build solution
run: dotnet build -c Debug
- name: Run tests
run: dotnet test -c Debug --no-build --no-restore |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,33 @@ | ||
name: Deep Source | ||
|
||
on: | ||
push: | ||
branches: | ||
- main | ||
pull_request: | ||
types: [opened, synchronize, reopened] | ||
|
||
jobs: | ||
DeepSource: | ||
name: Deep Source Coverage report | ||
runs-on: ubuntu-latest | ||
steps: | ||
- uses: actions/checkout@v4 | ||
with: | ||
ref: ${{ github.event.pull_request.head.sha }} | ||
|
||
- name: Install DeepSource scanner | ||
run: curl https://deepsource.io/cli | sh | ||
|
||
- name: Setup .NET | ||
uses: actions/setup-dotnet@v4 | ||
with: | ||
dotnet-version: '7.0.x' | ||
|
||
- name: Build and analyze | ||
env: | ||
DEEPSOURCE_DSN: ${{ secrets.DEEPSOURCE_DSN }} | ||
run: | | ||
dotnet build -c Debug --verbosity minimal | ||
dotnet test -c Debug --verbosity minimal --no-build --no-restore /p:CollectCoverage=true /p:CoverletOutputFormat="cobertura" | ||
./bin/deepsource report --analyzer test-coverage --key csharp --value-file ./Tests/POCYamlHandling.Tests/coverage.cobertura.xml | ||
Comment on lines
+1
to
+33
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. CODE REVIEWOverall, this workflow looks solid. Here are some minor improvements for better readability and consistency:
name: Deep Source
on:
push:
branches:
- main
pull_request:
types: [opened, synchronize, reopened]
jobs:
DeepSource:
name: Deep Source Coverage report
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Install DeepSource scanner
run: curl https://deepsource.io/cli | sh -s -- --version 1.6.0
- name: Setup .NET
uses: actions/setup-dotnet@v4
with:
dotnet-version: '7.0.x'
- name: Build and analyze
env:
DEEPSOURCE_DSN: ${{ secrets.DEEPSOURCE_DSN }}
run: |
dotnet build -c Debug --verbosity minimal
dotnet test -c Debug --verbosity minimal --no-build --no-restore /p:CollectCoverage=true /p:CoverletOutputFormat="cobertura"
deepsource report --analyzer test-coverage --key csharp --value-file ./Tests/POCYamlHandling.Tests/coverage.cobertura.xml This enhances readability and maintains version consistency for the DeepSource scanner. |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,75 @@ | ||
name: Infisical secrets check | ||
|
||
on: | ||
workflow_dispatch: | ||
pull_request: | ||
|
||
concurrency: | ||
group: ${{ github.workflow }}-${{ github.ref }} | ||
cancel-in-progress: true | ||
|
||
jobs: | ||
|
||
secrets-scan: | ||
runs-on: ubuntu-latest | ||
steps: | ||
|
||
- name: Checkout repo | ||
uses: actions/checkout@v4 | ||
with: | ||
fetch-depth: 0 | ||
|
||
- name: Set Infisical package source | ||
shell: bash | ||
run: curl -1sLf 'https://dl.cloudsmith.io/public/infisical/infisical-cli/setup.deb.sh' | sudo -E bash | ||
|
||
- name: Install Infisical | ||
shell: bash | ||
run: | | ||
sudo apt-get update && sudo apt-get install -y infisical | ||
|
||
- name: Run scan | ||
shell: bash | ||
run: infisical scan --redact -f csv -r secrets-result.csv 2>&1 | tee >(sed -r 's/\x1b\[[0-9;]*m//g' > secrets-result.log) | ||
|
||
- name: Read secrets-result.log | ||
uses: guibranco/github-file-reader-action-v2@v2.2.583 | ||
if: always() | ||
id: log | ||
with: | ||
path: secrets-result.log | ||
|
||
- name: Read secrets-result.log | ||
uses: guibranco/github-file-reader-action-v2@v2.2.583 | ||
if: failure() | ||
id: report | ||
with: | ||
path: secrets-result.csv | ||
|
||
- name: Update PR with comment | ||
uses: mshick/add-pr-comment@v2 | ||
if: always() | ||
with: | ||
refresh-message-position: true | ||
message-id: 'secrets-result' | ||
message: | | ||
**Infisical secrets check:** :white_check_mark: No secrets leaked! | ||
|
||
**Scan results:** | ||
``` | ||
${{ steps.log.outputs.contents }} | ||
``` | ||
|
||
message-failure: | | ||
**Infisical secrets check:** :rotating_light: Secrets leaked! | ||
|
||
**Scan results:** | ||
``` | ||
${{ steps.log.outputs.contents }} | ||
``` | ||
**Scan report:** | ||
``` | ||
${{ steps.report.outputs.contents }} | ||
``` | ||
message-cancelled: | | ||
**Infisical secrets check:** :o: Secrets check cancelled! | ||
Comment on lines
+1
to
+75
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. CODE REVIEWFeedback:
Improvements:
- name: Read secrets-result.log
uses: guibranco/github-file-reader-action-v2@v2.2.583
if: always()
id: log
with:
path: secrets-result.log
- name: Read secrets-result.csv
uses: guibranco/github-file-reader-action-v2@v2.2.583
if: failure()
id: report
with:
path: secrets-result.csv |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,24 @@ | ||
name: Linter check | ||
|
||
on: | ||
workflow_dispatch: | ||
pull_request: | ||
|
||
jobs: | ||
linter-check: | ||
runs-on: ubuntu-latest | ||
steps: | ||
|
||
- name: Checkout repo | ||
uses: actions/checkout@v4 | ||
|
||
- name: Setup .NET | ||
uses: actions/setup-dotnet@v4 | ||
|
||
- name: Dotnet restore | ||
run: dotnet tool restore | ||
|
||
- name: CSharpier format check | ||
run: | | ||
dotnet csharpier . --check | ||
echo "run 'dotnet build' to fix the formatting of the code automatically" | ||
Comment on lines
+1
to
+24
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. CODE REVIEW
name: Linter check
on:
workflow_dispatch:
pull_request:
jobs:
linter-check:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Setup .NET environment
uses: actions/setup-dotnet@v2
- name: Restore .NET tools
run: dotnet tool restore
- name: Check CSharpier formatting
run: |
dotnet csharpier . --check || echo "Run 'dotnet build' to automatically fix the formatting of the code." |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
name: Label based on PR size | ||
|
||
on: | ||
workflow_dispatch: | ||
pull_request: | ||
|
||
jobs: | ||
size-label: | ||
permissions: write-all | ||
runs-on: ubuntu-latest | ||
|
||
steps: | ||
|
||
- name: size-label | ||
uses: "pascalgn/size-label-action@v0.5.2" | ||
env: | ||
GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" | ||
Comment on lines
+1
to
+17
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. CODE REVIEW
name: Label based on PR size
on:
workflow_dispatch:
pull_request:
jobs:
size-label:
permissions: write-all
runs-on: ubuntu-latest
steps:
- name: Apply size label
uses: pascalgn/size-label-action@v0.5.2
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
CODE REVIEW
Open Pull Requests Limit: 50 might be excessive and could overwhelm. Consider reducing the limit.
Assignees and Reviewers: Ensure redundancy; having only one person might delay responses.
YAML Formatting: Consistent indentation enhances readability.
Example improvements: