Skip to content

Update licenses #95

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 2 commits into from
Nov 1, 2022
Merged

Update licenses #95

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
734166b
Update licenses
mocsharp Oct 31, 2022
15345e2
Check nuget vulnerability scan result
mocsharp Oct 31, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
49 changes: 28 additions & 21 deletions .github/workflows/ci.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@ jobs:
uses: tecoli-com/actions-use-homebrew-tools@v1
with:
tools: licensefinder

- name: Enable NuGet cache
uses: actions/cache@v3.0.11
with:
Expand All @@ -72,17 +72,24 @@ jobs:
run: dotnet build -c ${{ env.BUILD_CONFIG }} --nologo ${{ env.SOLUTION }}
working-directory: ./src

- name: Nuget Vulnerabiilty Scan
run: |
dotnet list package --vulnerable 2>&1 | tee vulnerable.txt
echo "Analyzing dotnet list package command log output..."
sh -c "! grep 'has the following vulnerable packages' vulnerable.txt"
working-directory: ./src

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v2

- name: Secret detection
uses: gitleaks/gitleaks-action@v1.6.0

- name: Perform License Scanning
run: license_finder -r

- name: Check License Header
uses: apache/skywalking-eyes@main
uses: apache/skywalking-eyes@v0.4.0

unit-test:
runs-on: ubuntu-latest
Expand All @@ -108,34 +115,34 @@ jobs:
- uses: actions/checkout@v3
with:
fetch-depth: 0

- name: Install SonarCloud scanner
if: steps.cache-sonar-scanner.outputs.cache-hit != 'true'
run: dotnet tool install --global dotnet-sonarscanner

- name: Restore dependencies
run: dotnet restore
working-directory: ./src

- name: Begin SonarScanner
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
run: dotnet sonarscanner begin /k:"Project-MONAI_monai-deploy-messaging" /o:"project-monai" /d:sonar.login="${{ secrets.SONAR_TOKEN }}" /d:sonar.host.url="https://sonarcloud.io" /d:sonar.cs.opencover.reportsPaths="${{ env.TEST_RESULTS }}/**/*.xml"
working-directory: ./src

- name: Build
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
run: dotnet build -c ${{ env.BUILD_CONFIG }} --nologo "${{ env.SOLUTION }}"
working-directory: ./src

- name: Test
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
run: find ~+ -type f -name "*.Test.csproj" | xargs -L1 dotnet test -c ${{ env.BUILD_CONFIG }} -v=minimal -r "${{ env.TEST_RESULTS }}" --collect:"XPlat Code Coverage" --settings coverlet.runsettings
run: find ~+ -type f -name "*.Test.csproj" | xargs -L1 dotnet test -c ${{ env.BUILD_CONFIG }} -v=minimal -r "${{ env.TEST_RESULTS }}" --collect:"XPlat Code Coverage" --settings coverlet.runsettings
working-directory: ./src

- name: End SonarScanner
Expand All @@ -144,7 +151,7 @@ jobs:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
run: dotnet sonarscanner end /d:sonar.login="${{ secrets.SONAR_TOKEN }}"
working-directory: ./src

- uses: codecov/codecov-action@v3
with:
token: ${{ secrets.CODECOV_TOKEN }}
Expand All @@ -157,7 +164,7 @@ jobs:

build:
runs-on: ${{ matrix.os }}

outputs:
majorMinorPatch: ${{ steps.gitversion.outputs.majorMinorPatch }}

Expand All @@ -171,7 +178,7 @@ jobs:
packages: write
checks: write
security-events: write

steps:
- name: Checkout repository
uses: actions/checkout@v3
Expand Down Expand Up @@ -217,14 +224,14 @@ jobs:
dotnet pack --no-build -c ${{ env.BUILD_CONFIG }} -o $PACKAGEDIR -p:PackageVersion=${{ steps.gitversion.outputs.nuGetVersionV2 }}
ls -lR $PACKAGEDIR
working-directory: ./src

- name: Zip Plug-ins
if: ${{ matrix.os == 'ubuntu-latest' }}
run: |
./package.sh
ls -lR release/
working-directory: ./src/Plugins

- name: Upload Nuget
if: ${{ matrix.os == 'ubuntu-latest' }}
uses: actions/upload-artifact@v3.1.1
Expand Down Expand Up @@ -252,7 +259,7 @@ jobs:

- name: List artifacts
run: ls -ldR ${{steps.download.outputs.download-path}}/**/*

- name: Install grp
run: dotnet tool install gpr -g

Expand All @@ -262,10 +269,10 @@ jobs:
with:
dotnet-version: "6.0.x"
source-url: https://nuget.pkg.github.com/Project-MONAI/index.json

- name: Publish to GitHub
run: gpr push '${{ steps.download.outputs.download-path }}/nuget/*.nupkg' --repository ${{ github.repository }} -k ${{ secrets.GITHUB_TOKEN }}

release-nuget:
name: Official Release to GitHub Packages
runs-on: ubuntu-latest
Expand All @@ -277,7 +284,7 @@ jobs:

- name: List artifacts
run: ls -ldR ${{steps.download.outputs.download-path}}/**/*

- name: Install grp
run: dotnet tool install gpr -g

Expand All @@ -287,10 +294,10 @@ jobs:
with:
dotnet-version: "6.0.x"
source-url: https://nuget.pkg.github.com/Project-MONAI/index.json

- name: Publish to GitHub
run: gpr push '${{ steps.download.outputs.download-path }}/nuget/*.nupkg' --repository ${{ github.repository }} -k ${{ secrets.GITHUB_TOKEN }}

release:
name: Official Release to NuGet.org
if: ${{ github.event.inputs.nuget || contains(github.ref, 'refs/heads/release') }}
Expand All @@ -309,7 +316,7 @@ jobs:

- name: List artifacts
run: ls -ldR ${{steps.download.outputs.download-path}}/**/*

- name: Publish to NuGet.org
run: dotnet nuget push ${{ steps.download.outputs.download-path }}/nuget/*.nupkg -s https://api.nuget.org/v3/index.json --api-key ${{ secrets.NUGET }} --skip-duplicate

Expand Down
6 changes: 3 additions & 3 deletions doc/dependency_decisions.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,14 +32,14 @@
- :who: mocsharp
:why: MIT (https://github.com/dotnet/aspnetcore/raw/main/LICENSE.txt)
:versions:
- 6.0.9
- 6.0.10
:when: 2022-08-29 18:11:22.090772006 Z
- - :approve
- Microsoft.Extensions.Diagnostics.HealthChecks.Abstractions
- :who: mocsharp
:why: MIT (https://github.com/dotnet/aspnetcore/raw/main/LICENSE.txt)
:versions:
- 6.0.9
- 6.0.10
:when: 2022-08-29 18:11:22.090772006 Z
- - :approve
- Microsoft.Extensions.Configuration
Expand Down Expand Up @@ -774,7 +774,7 @@
- :who: mocsharp
:why: MIT (https://github.com/coverlet-coverage/coverlet/raw/master/LICENSE)
:versions:
- 3.1.2
- 3.2.0
:when: 2022-08-16 21:40:21.855388365 Z
- - :approve
- runtime.debian.8-x64.runtime.native.System.Security.Cryptography.OpenSsl
Expand Down
Loading