Skip to content
build

Bump the typescript-eslint group in /src/API with 2 updates #4456

Sign in to view logs

Bump the typescript-eslint group in /src/API with 2 updates

Bump the typescript-eslint group in /src/API with 2 updates #4456

Workflow file for this run

.github/workflows/build.yml at 89ed5ba
name: build
on:
push:
branches: [ main ]
paths-ignore:
- '**/*.gitattributes'
- '**/*.gitignore'
- '**/*.md'
pull_request:
branches:
- main
- dotnet-vnext
- dotnet-nightly
workflow_dispatch:
env:
APPLICATION_URL_PROD: https://api.martincostello.com
AZURE_WEBAPP_NAME: api-martincostello
CONTAINER_REGISTRY: '${{ github.repository_owner }}.azurecr.io'
DOTNET_CLI_TELEMETRY_OPTOUT: true
DOTNET_GENERATE_ASPNET_CERTIFICATE: false
DOTNET_NOLOGO: true
DOTNET_SYSTEM_CONSOLE_ALLOW_ANSI_COLOR_REDIRECTION: 1
NUGET_XMLDOC_MODE: skip
TERM: xterm
permissions:
contents: read
jobs:
build:
name: ${{ matrix.os }}
runs-on: ${{ matrix.os }}
env:
PUBLISH_CONTAINER: ${{ github.event.repository.fork == false && github.ref_name == github.event.repository.default_branch && matrix.os == 'ubuntu-latest' }}
outputs:
container-tag: ${{ steps.publish-container.outputs.container-tag }}
permissions:
attestations: write
contents: read
id-token: write
strategy:
fail-fast: false
matrix:
os: [ macos-latest, ubuntu-latest, windows-latest ]
include:
- os: macos-latest
os-name: macos
- os: ubuntu-latest
os-name: linux
- os: windows-latest
os-name: windows
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Setup .NET SDK
uses: actions/setup-dotnet@v4
- name: Setup Node
uses: actions/setup-node@v4
with:
node-version: '20'
- name: Get npm cache directory
id: npm-cache-dir
shell: pwsh
run: echo "dir=$(npm config get cache)" >> ${env:GITHUB_OUTPUT}
- name: Setup npm cache
uses: actions/cache@v4
id: npm-cache
with:
path: ${{ steps.npm-cache-dir.outputs.dir }}
key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
restore-keys: ${{ runner.os }}-node-
- name: Setup NuGet cache
uses: actions/cache@v4
with:
path: ~/.nuget/packages
key: ${{ runner.os }}-nuget-${{ hashFiles('**/*.csproj', '**/*.props') }}
restore-keys: ${{ runner.os }}-nuget-
- name: Build, test and publish
id: build
shell: pwsh
run: ./build.ps1
- uses: codecov/codecov-action@v4
name: Upload coverage to Codecov
with:
file: ./artifacts/coverage/coverage.cobertura.xml
flags: ${{ matrix.os-name }}
token: ${{ secrets.CODECOV_TOKEN }}
- name: Docker log in
uses: docker/login-action@v3
if: env.PUBLISH_CONTAINER == 'true'
with:
registry: ${{ env.CONTAINER_REGISTRY }}
username: ${{ secrets.ACR_REGISTRY_USERNAME }}
password: ${{ secrets.ACR_REGISTRY_PASSWORD }}
- name: Publish container
id: publish-container
if: runner.os == 'Linux'
shell: pwsh
env:
ContainerRegistry: ${{ env.PUBLISH_CONTAINER == 'true' && env.CONTAINER_REGISTRY || '' }}
run: |
dotnet publish ./src/API --arch x64 --os linux -p:PublishProfile=DefaultContainer
- name: Generate SBOM for binaries
uses: anchore/sbom-action@v0
with:
artifact-name: 'publish-${{ matrix.os-name }}.spdx.json'
output-file: ./artifacts/publish.spdx.json
path: ./artifacts/publish
- name: Generate SBOM for container
uses: anchore/sbom-action@v0
if: steps.publish-container.outputs.container-tag != ''
with:
image: ${{ steps.publish-container.outputs.container-tag }}
output-file: ./artifacts/container.spdx.json
- name: Attest container image
uses: actions/attest-build-provenance@v1
if: steps.publish-container.outputs.container-digest != ''
with:
push-to-registry: true
subject-digest: ${{ steps.publish-container.outputs.container-digest }}
subject-name: ${{ steps.publish-container.outputs.container-image }}
- name: Attest SBOM for container
uses: actions/attest-sbom@v1
if: steps.publish-container.outputs.container-digest != ''
with:
push-to-registry: true
sbom-path: ./artifacts/container.spdx.json
subject-digest: ${{ steps.publish-container.outputs.container-digest }}
subject-name: ${{ steps.publish-container.outputs.container-image }}
- name: Upload any crash dumps
shell: pwsh
if: |
!cancelled() &&
steps.build.outcome == 'failure' &&
github.event.repository.fork == false &&
github.event.sender.login != 'dependabot[bot]'
env:
AZURE_STORAGE_CONNECTION_STRING: ${{ secrets.CRASH_DUMPS_STORAGE_CONNECTION_STRING }}
PSCOMPRESSION_VERSION: '2.0.6'
run: |
$dumps = Get-ChildItem -Path ${env:GITHUB_WORKSPACE} -Filter "*.dmp" -Recurse
if ($null -ne $dumps) {
$container = ${env:GITHUB_REPOSITORY}.Replace("/", "-")
az storage container create --name $container --public-access off | Out-Null
Install-Module PSCompression -RequiredVersion ${env:PSCOMPRESSION_VERSION} -AcceptLicense -Force -Scope CurrentUser
$dumps | ForEach-Object {
$zipPath = $_.FullName + ".zip"
$zipName = $_.Name + ".zip"
Write-Output "Compressing crash dump $($_.Name)..."
Compress-ZipArchive -Path $_.FullName -Destination $zipPath
az storage blob upload `
--container-name $container `
--file $zipPath `
--name $zipName `
--metadata "GITHUB_RUN_ATTEMPT=${env:GITHUB_RUN_ATTEMPT}" "GITHUB_WORKFLOW=${env:GITHUB_SERVER_URL}/${env:GITHUB_REPOSITORY}/actions/runs/${env:GITHUB_RUN_ID}" "RUNNER_OS=${env:RUNNER_OS}" `
--overwrite true
if ($LASTEXITCODE -eq 0) {
Write-Output "::notice::Uploaded crash dump $($_.Name) to Azure Storage."
}
}
}
deploy:
if: github.event.repository.fork == false && github.ref_name == github.event.repository.default_branch
name: deploy-production
needs: build
runs-on: ubuntu-latest
concurrency: production_environment
environment:
name: production
url: ${{ env.APPLICATION_URL_PROD }}
permissions:
id-token: write
steps:
- name: Azure log in
uses: azure/login@v2
with:
client-id: ${{ secrets.AZURE_CLIENT_ID }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
- name: Deploy container to Azure App Service
uses: azure/webapps-deploy@v3
with:
app-name: ${{ env.AZURE_WEBAPP_NAME }}
images: ${{ needs.build.outputs.container-tag }}
- name: Check application health
shell: pwsh
env:
APPLICATION_URL: ${{ env.APPLICATION_URL_PROD }}
run: |
$delay = 10
$limit = 10
$success = $false
for ($i = 0; $i -lt $limit; $i++) {
$response = $null
try {
$response = Invoke-WebRequest -Uri "${env:APPLICATION_URL}/version" -Method Get -UseBasicParsing
} catch {
$response = $_.Exception.Response
}
if (($null -ne $response) -And ($response.StatusCode -eq 200)) {
$json = $response.Content | ConvertFrom-Json
$version = $json.applicationVersion
if ((-Not [string]::IsNullOrWhiteSpace($version)) -And $version.Contains(${env:GITHUB_SHA})) {
$success = $true
break
}
}
Start-Sleep -Seconds $delay
}
if (-Not $success) {
throw "${env:APPLICATION_URL} did not return a successful status code and the expected version within the time limit after $limit attempts."
}
test:
name: test-production
needs: deploy
runs-on: ubuntu-latest
concurrency: production_environment
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Setup .NET SDK
uses: actions/setup-dotnet@v4
- name: Setup Node
uses: actions/setup-node@v4
with:
node-version: '20'
- name: Get npm cache directory
id: npm-cache-dir
shell: pwsh
run: echo "dir=$(npm config get cache)" >> ${env:GITHUB_OUTPUT}
- name: Setup npm cache
uses: actions/cache@v4
id: npm-cache
with:
path: ${{ steps.npm-cache-dir.outputs.dir }}
key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
restore-keys: ${{ runner.os }}-node-
- name: Setup NuGet cache
uses: actions/cache@v4
with:
path: ~/.nuget/packages
key: ${{ runner.os }}-nuget-${{ hashFiles('**/*.csproj', '**/*.props') }}
restore-keys: ${{ runner.os }}-nuget-
- name: Run end-to-end tests
shell: pwsh
run: dotnet test ./tests/API.Tests --configuration Release --filter Category=EndToEnd --logger "GitHubActions;report-warnings=false"
env:
WEBSITE_URL: ${{ env.APPLICATION_URL_PROD }}