upgrade nuget.protocol (#13) #78
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build & Release | |
| on: | |
| push: | |
| pull_request: | |
| branches: [ main ] | |
| workflow_dispatch: | |
| env: | |
| build-version-number: 0.1.${{ github.run_number }} | |
| jobs: | |
| sca: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Setup .NET Core SDK | |
| uses: actions/setup-dotnet@v3 | |
| with: | |
| dotnet-version: "6.0.x" | |
| - name: dotnet SCA | |
| run: | | |
| dotnet tool restore | |
| dotnet restore | |
| dotnet list package --vulnerable --include-transitive | tee results.log | |
| FOUND_VULN=`grep -c 'has the following vulnerable packages' results.log` || true | |
| FOUND_CRIT=`grep -c 'Critical' results.log` || true | |
| FOUND_HIGH=`grep -c 'High' results.log` || true | |
| if [[ "$FOUND_VULN" != "0" ]] | |
| then | |
| if [ "$FOUND_CRIT" == "0" -a "$FOUND_HIGH" == "0"] | |
| then | |
| echo "### Vulnerable packages found ###" | |
| exit 0 | |
| fi | |
| echo "### Critical/High vulnerable packages found ###" | |
| exit 1 | |
| fi | |
| echo "## No problems found ##" | |
| exit 0 | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Setup .NET Core SDK | |
| uses: actions/setup-dotnet@v3 | |
| with: | |
| dotnet-version: "6.0.x" | |
| - name: dotnet tool restore | |
| run: dotnet tool restore | |
| - name: Run build | |
| run: dotnet fake run "build.fsx" -t "All" | |
| - name: Archive tool nupkg | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: kvps-cli.nupkg | |
| path: ./package/kvps*.nupkg | |
| - name: Archive Test results | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: tests.results | |
| path: | | |
| ./tests/**/TestResults/* | |
| - name: Archive Code coverage | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: codecoverage | |
| path: ./publish/codecoverage/*.* | |
| - name: Unit test results | |
| uses: dorny/test-reporter@v1 | |
| if: always() | |
| with: | |
| name: unit test results | |
| path: ${{ github.workspace }}/tests/kvps.tests/TestResults/test_results.trx | |
| reporter: dotnet-trx | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Code coverage results | |
| uses: 5monkeys/cobertura-action@master | |
| with: | |
| path: ${{ github.workspace }}/tests/kvps.tests/TestResults/coverage.info | |
| repo_token: ${{ secrets.GITHUB_TOKEN }} | |
| minimum_coverage: 1 | |
| fail_below_threshold: true | |
| show_line: true | |
| show_branch: true | |
| show_missing: true | |
| show_class_names: true | |
| link_missing_lines: true | |
| report_name: code coverage results | |
| nuget-release: | |
| name: nuget release | |
| runs-on: ubuntu-latest | |
| needs: [ sca, build ] | |
| #if: github.ref == 'refs/heads/main' || github.ref == 'refs/heads/dev' | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Setup .NET Core SDK | |
| uses: actions/setup-dotnet@v3 | |
| with: | |
| dotnet-version: "6.0.x" | |
| - name: Download package | |
| uses: actions/download-artifact@v3 | |
| with: | |
| name: kvps-cli.nupkg | |
| path: ${{ github.workspace }}/artifacts | |
| - name: Push nuget package | |
| run: dotnet nuget push "artifacts/*.nupkg" --api-key ${{ secrets.NUGET_PAT }} --source "nuget.org" | |
| gh-release: | |
| name: gh release | |
| runs-on: ubuntu-latest | |
| needs: [ nuget-release ] | |
| if: github.event_name == 'push' && github.ref == 'refs/heads/main' | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Create Release | |
| uses: ncipollo/release-action@v1 | |
| with: | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| tag: v${{ env.build-version-number }} | |
| prerelease: true | |
| generateReleaseNotes: true |