Add GitHub workflows #2
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,30 @@ | ||
| version: 2 | ||
|
|
||
| updates: | ||
| - package-ecosystem: "nuget" | ||
| directory: "/" | ||
| schedule: | ||
| interval: weekly | ||
| open-pull-requests-limit: 50 | ||
| assignees: | ||
| - "guibranco" | ||
| reviewers: | ||
| - "guibranco" | ||
| labels: | ||
| - "nuget" | ||
| - ".NET" | ||
| - "packages" | ||
| - "dependencies" | ||
|
|
||
| - package-ecosystem: "github-actions" | ||
| directory: "/" | ||
| schedule: | ||
| interval: weekly | ||
| open-pull-requests-limit: 50 | ||
| assignees: | ||
| - "guibranco" | ||
| reviewers: | ||
| - "guibranco" | ||
| labels: | ||
| - "github-actions" | ||
| - "dependencies" | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,36 @@ | ||
| name: Build | ||
|
|
||
| on: | ||
| push: | ||
| branches: | ||
| - '*' | ||
| - '*/*' | ||
| - '**' | ||
| - '!main' | ||
| workflow_dispatch: | ||
|
|
||
| concurrency: | ||
| group: ${{ github.workflow }}-${{ github.ref }} | ||
| cancel-in-progress: true | ||
|
|
||
| jobs: | ||
| build: | ||
| name: Build | ||
| runs-on: ubuntu-latest | ||
|
|
||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v4 | ||
| with: | ||
| fetch-depth: 0 | ||
|
|
||
| - name: Setup .NET | ||
| uses: actions/setup-dotnet@v4 | ||
| with: | ||
| dotnet-version: '7.0.x' | ||
|
|
||
| - name: Build solution | ||
| run: dotnet build -c Debug | ||
|
|
||
| - name: Run tests | ||
| run: dotnet test -c Debug --no-build --no-restore | ||
|
Comment on lines
+1
to
+36
There was a problem hiding this comment. CODE REVIEW
Revised code example: name: Build
on:
push:
branches:
- '**'
- '!main'
workflow_dispatch:
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
build:
name: Build and Test on Ubuntu
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Setup .NET
uses: actions/setup-dotnet@v4
with:
dotnet-version: '7.0.400'
- name: Build solution
run: dotnet build -c Debug
- name: Run tests
run: dotnet test -c Debug --no-build --no-restore |
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,33 @@ | ||
| name: Deep Source | ||
|
|
||
| on: | ||
| push: | ||
| branches: | ||
| - main | ||
| pull_request: | ||
| types: [opened, synchronize, reopened] | ||
|
|
||
| jobs: | ||
| DeepSource: | ||
| name: Deep Source Coverage report | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - uses: actions/checkout@v4 | ||
| with: | ||
| ref: ${{ github.event.pull_request.head.sha }} | ||
|
|
||
| - name: Install DeepSource scanner | ||
| run: curl https://deepsource.io/cli | sh | ||
|
|
||
| - name: Setup .NET | ||
| uses: actions/setup-dotnet@v4 | ||
| with: | ||
| dotnet-version: '7.0.x' | ||
|
|
||
| - name: Build and analyze | ||
| env: | ||
| DEEPSOURCE_DSN: ${{ secrets.DEEPSOURCE_DSN }} | ||
| run: | | ||
| dotnet build -c Debug --verbosity minimal | ||
| dotnet test -c Debug --verbosity minimal --no-build --no-restore /p:CollectCoverage=true /p:CoverletOutputFormat="cobertura" | ||
| ./bin/deepsource report --analyzer test-coverage --key csharp --value-file ./Tests/POCYamlHandling.Tests/coverage.cobertura.xml | ||
|
Comment on lines
+1
to
+33
There was a problem hiding this comment. CODE REVIEWOverall, this workflow looks solid. Here are some minor improvements for better readability and consistency:
name: Deep Source
on:
push:
branches:
- main
pull_request:
types: [opened, synchronize, reopened]
jobs:
DeepSource:
name: Deep Source Coverage report
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Install DeepSource scanner
run: curl https://deepsource.io/cli | sh -s -- --version 1.6.0
- name: Setup .NET
uses: actions/setup-dotnet@v4
with:
dotnet-version: '7.0.x'
- name: Build and analyze
env:
DEEPSOURCE_DSN: ${{ secrets.DEEPSOURCE_DSN }}
run: |
dotnet build -c Debug --verbosity minimal
dotnet test -c Debug --verbosity minimal --no-build --no-restore /p:CollectCoverage=true /p:CoverletOutputFormat="cobertura"
deepsource report --analyzer test-coverage --key csharp --value-file ./Tests/POCYamlHandling.Tests/coverage.cobertura.xmlThis enhances readability and maintains version consistency for the DeepSource scanner. |
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,75 @@ | ||
| name: Infisical secrets check | ||
|
|
||
| on: | ||
| workflow_dispatch: | ||
| pull_request: | ||
|
|
||
| concurrency: | ||
| group: ${{ github.workflow }}-${{ github.ref }} | ||
| cancel-in-progress: true | ||
|
|
||
| jobs: | ||
|
|
||
| secrets-scan: | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
|
|
||
| - name: Checkout repo | ||
| uses: actions/checkout@v4 | ||
| with: | ||
| fetch-depth: 0 | ||
|
|
||
| - name: Set Infisical package source | ||
| shell: bash | ||
| run: curl -1sLf 'https://dl.cloudsmith.io/public/infisical/infisical-cli/setup.deb.sh' | sudo -E bash | ||
|
|
||
| - name: Install Infisical | ||
| shell: bash | ||
| run: | | ||
| sudo apt-get update && sudo apt-get install -y infisical | ||
|
|
||
| - name: Run scan | ||
| shell: bash | ||
| run: infisical scan --redact -f csv -r secrets-result.csv 2>&1 | tee >(sed -r 's/\x1b\[[0-9;]*m//g' > secrets-result.log) | ||
|
|
||
| - name: Read secrets-result.log | ||
| uses: guibranco/github-file-reader-action-v2@v2.2.583 | ||
| if: always() | ||
| id: log | ||
| with: | ||
| path: secrets-result.log | ||
|
|
||
| - name: Read secrets-result.log | ||
| uses: guibranco/github-file-reader-action-v2@v2.2.583 | ||
| if: failure() | ||
| id: report | ||
| with: | ||
| path: secrets-result.csv | ||
|
|
||
| - name: Update PR with comment | ||
| uses: mshick/add-pr-comment@v2 | ||
| if: always() | ||
| with: | ||
| refresh-message-position: true | ||
| message-id: 'secrets-result' | ||
| message: | | ||
| **Infisical secrets check:** :white_check_mark: No secrets leaked! | ||
|
|
||
| **Scan results:** | ||
| ``` | ||
| ${{ steps.log.outputs.contents }} | ||
| ``` | ||
|
|
||
| message-failure: | | ||
| **Infisical secrets check:** :rotating_light: Secrets leaked! | ||
|
|
||
| **Scan results:** | ||
| ``` | ||
| ${{ steps.log.outputs.contents }} | ||
| ``` | ||
| **Scan report:** | ||
| ``` | ||
| ${{ steps.report.outputs.contents }} | ||
| ``` | ||
| message-cancelled: | | ||
| **Infisical secrets check:** :o: Secrets check cancelled! | ||
|
Comment on lines
+1
to
+75
There was a problem hiding this comment. CODE REVIEWFeedback:
Improvements:
- name: Read secrets-result.log
uses: guibranco/github-file-reader-action-v2@v2.2.583
if: always()
id: log
with:
path: secrets-result.log
- name: Read secrets-result.csv
uses: guibranco/github-file-reader-action-v2@v2.2.583
if: failure()
id: report
with:
path: secrets-result.csv |
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,24 @@ | ||
| name: Linter check | ||
|
|
||
| on: | ||
| workflow_dispatch: | ||
| pull_request: | ||
|
|
||
| jobs: | ||
| linter-check: | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
|
|
||
| - name: Checkout repo | ||
| uses: actions/checkout@v4 | ||
|
|
||
| - name: Setup .NET | ||
| uses: actions/setup-dotnet@v4 | ||
|
|
||
| - name: Dotnet restore | ||
| run: dotnet tool restore | ||
|
|
||
| - name: CSharpier format check | ||
| run: | | ||
| dotnet csharpier . --check | ||
| echo "run 'dotnet build' to fix the formatting of the code automatically" | ||
|
Comment on lines
+1
to
+24
There was a problem hiding this comment. CODE REVIEW
name: Linter check
on:
workflow_dispatch:
pull_request:
jobs:
linter-check:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Setup .NET environment
uses: actions/setup-dotnet@v2
- name: Restore .NET tools
run: dotnet tool restore
- name: Check CSharpier formatting
run: |
dotnet csharpier . --check || echo "Run 'dotnet build' to automatically fix the formatting of the code." |
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,17 @@ | ||
| name: Label based on PR size | ||
|
|
||
| on: | ||
| workflow_dispatch: | ||
| pull_request: | ||
|
|
||
| jobs: | ||
| size-label: | ||
| permissions: write-all | ||
| runs-on: ubuntu-latest | ||
|
|
||
| steps: | ||
|
|
||
| - name: size-label | ||
| uses: "pascalgn/size-label-action@v0.5.2" | ||
| env: | ||
| GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" | ||
|
Comment on lines
+1
to
+17
There was a problem hiding this comment. CODE REVIEW
name: Label based on PR size
on:
workflow_dispatch:
pull_request:
jobs:
size-label:
permissions: write-all
runs-on: ubuntu-latest
steps:
- name: Apply size label
uses: pascalgn/size-label-action@v0.5.2
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |
||
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
CODE REVIEW
Open Pull Requests Limit: 50 might be excessive and could overwhelm. Consider reducing the limit.
Assignees and Reviewers: Ensure redundancy; having only one person might delay responses.
YAML Formatting: Consistent indentation enhances readability.
Example improvements: