Skip to content

Bump github/codeql-action from 3.27.7 to 3.27.9 (#3205) #972

Bump github/codeql-action from 3.27.7 to 3.27.9 (#3205)

Bump github/codeql-action from 3.27.7 to 3.27.9 (#3205) #972

Workflow file for this run

name: build
on:
push:
branches: [ master ]
tags: [ 'v*' ]
pull_request:
branches: [ master ]
workflow_dispatch:
env:
DOTNET_CLI_TELEMETRY_OPTOUT: true
DOTNET_GENERATE_ASPNET_CERTIFICATE: false
DOTNET_NOLOGO: true
DOTNET_SKIP_FIRST_TIME_EXPERIENCE: true
DOTNET_SYSTEM_CONSOLE_ALLOW_ANSI_COLOR_REDIRECTION: 1
NUGET_XMLDOC_MODE: skip
TERM: xterm
permissions:
contents: read
jobs:
build:
name: ${{ matrix.os }}
runs-on: ${{ matrix.os }}
outputs:
dotnet-sdk-version: ${{ steps.setup-dotnet.outputs.dotnet-version }}
dotnet-validate-version: ${{ steps.get-dotnet-tools-versions.outputs.dotnet-validate-version }}
permissions:
attestations: write
contents: read
id-token: write
strategy:
fail-fast: false
matrix:
os:
- macos-latest
- ubuntu-latest
- windows-latest
steps:
- name: Checkout code
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Setup .NET SDKs
uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25 # v4.1.0
with:
dotnet-version: |
6.0.x
8.0.x
- name: Setup .NET SDK
uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25 # v4.1.0
id: setup-dotnet
- name: Setup NuGet cache
uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4.2.0
with:
path: ~/.nuget/packages
key: ${{ runner.os }}-nuget-${{ hashFiles('**/*.csproj', '**/*.props') }}
restore-keys: ${{ runner.os }}-nuget-
- name: Build, Package and Test
shell: pwsh
run: |
./build.ps1
- name: Upload Coverage Reports
if: always()
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
with:
name: coverage-${{ runner.os }}
path: ./artifacts/coverage
if-no-files-found: ignore
- name: Upload coverage to Codecov
uses: codecov/codecov-action@7f8b4b4bde536c465e797be725718b88c5d95e0e # v5.1.1
with:
files: ./artifacts/coverage/coverage.cobertura.xml
flags: ${{ runner.os }}
token: ${{ secrets.CODECOV_TOKEN }}
- name: Attest artifacts
uses: actions/attest-build-provenance@7668571508540a607bdfd90a87a560489fe372eb # v2.1.0
if: |
runner.os == 'Windows' &&
github.event.repository.fork == false &&
(github.ref_name == github.event.repository.default_branch || startsWith(github.ref, 'refs/tags/v'))
with:
subject-path: ./artifacts/package/release/*
- name: Publish NuGet packages
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
with:
name: packages-${{ runner.os }}
path: ./artifacts/package/release
if-no-files-found: error
- name: Get .NET tools versions
id: get-dotnet-tools-versions
shell: pwsh
run: |
$manifest = (Get-Content "./.config/dotnet-tools.json" | Out-String | ConvertFrom-Json)
$dotnetValidateVersion = $manifest.tools.'dotnet-validate'.version
"dotnet-validate-version=${dotnetValidateVersion}" >> $env:GITHUB_OUTPUT
validate-packages:
needs: build
runs-on: ubuntu-latest
steps:
- name: Download packages
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: packages-Windows
- name: Setup .NET SDK
uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25 # v4.1.0
with:
dotnet-version: ${{ needs.build.outputs.dotnet-sdk-version }}
- name: Validate NuGet packages
shell: pwsh
env:
DOTNET_VALIDATE_VERSION: ${{ needs.build.outputs.dotnet-validate-version }}
run: |
dotnet tool install --global dotnet-validate --version ${env:DOTNET_VALIDATE_VERSION}
$packages = Get-ChildItem -Filter "*.nupkg" | ForEach-Object { $_.FullName }
$invalidPackages = 0
foreach ($package in $packages) {
dotnet validate package local $package
if ($LASTEXITCODE -ne 0) {
$invalidPackages++
}
}
if ($invalidPackages -gt 0) {
Write-Output "::error::$invalidPackages NuGet package(s) failed validation."
exit 1
}
publish-myget:
needs: [ build, validate-packages ]
runs-on: ubuntu-latest
if: |
github.event.repository.fork == false &&
(github.ref_name == github.event.repository.default_branch ||
startsWith(github.ref, 'refs/tags/v'))
environment:
name: MyGet.org
url: https://www.myget.org/gallery/domaindrivendev
steps:
- name: Download packages
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: packages-Windows
- name: Setup .NET SDK
uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25 # v4.1.0
with:
dotnet-version: ${{ needs.build.outputs.dotnet-sdk-version }}
- name: Push NuGet packages to MyGet.org
run: |
dotnet nuget push "*.nupkg" --api-key ${{ secrets.MYGET_TOKEN }} --skip-duplicate --source https://www.myget.org/F/domaindrivendev/api/v2
publish-nuget:
needs: [ build, validate-packages ]
runs-on: ubuntu-latest
if: |
github.event.repository.fork == false &&
startsWith(github.ref, 'refs/tags/v')
environment:
name: NuGet.org
url: https://www.nuget.org/profiles/domaindrivendev
steps:
- name: Download packages
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: packages-Windows
- name: Setup .NET SDK
uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25 # v4.1.0
with:
dotnet-version: ${{ needs.build.outputs.dotnet-sdk-version }}
- name: Push NuGet packages to NuGet.org
run: |
dotnet nuget push "*.nupkg" --api-key ${{ secrets.NUGET_TOKEN }} --skip-duplicate --source https://api.nuget.org/v3/index.json