update java runtime #3731
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: .NET Core | |
| on: | |
| push: | |
| branches: [ main ] | |
| pull_request: | |
| types: [opened, synchronize, reopened, closed] | |
| branches: [ main ] | |
| jobs: | |
| build: | |
| runs-on: windows-2022 | |
| outputs: | |
| nbgv: ${{ steps.nbgv.outputs.SemVer2 }} | |
| env: | |
| DOTNET_CLI_TELEMETRY_OPTOUT: 1 | |
| DOTNET_SKIP_FIRST_TIME_EXPERIENCE: 1 | |
| DOTNET_NOLOGO: true | |
| DOTNET_GENERATE_ASPNET_CERTIFICATE: false | |
| solutionpath: src/Whipstaff.sln | |
| unittestprojectpath: src/Whipstaff.UnitTests/Whipstaff.UnitTests.csproj | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v3 | |
| with: | |
| fetch-depth: 0 | |
| - name: Verify the ref context | |
| run: echo 'Ref Context is ${{ github.ref }}' | |
| - name: Verify the head ref context | |
| run: echo 'Head Ref Context is ${{ github.head_ref }}' | |
| # java is used by sonar scanner | |
| - name: Setup Java 11 | |
| uses: actions/setup-java@v3 | |
| with: | |
| distribution: 'temurin' # See 'Supported distributions' for available options | |
| java-version: '17' | |
| - name: Install Windows SDK 10.0.16299 | |
| shell: pwsh | |
| run: | | |
| Invoke-WebRequest -Uri https://go.microsoft.com/fwlink/p/?linkid=864422 -OutFile winsdk.exe | |
| $startInfo = New-Object System.Diagnostics.ProcessStartInfo | |
| $startInfo.FileName = "winsdk.exe" | |
| $startInfo.Arguments = "/norestart /quiet" | |
| $process = New-Object System.Diagnostics.Process | |
| $process.StartInfo = $startInfo | |
| $process.Start() | |
| $process.WaitForExit() | |
| - name: Install .NET 7 | |
| uses: actions/setup-dotnet@v3 | |
| with: | |
| dotnet-version: 7.0.x | |
| - name: Install DotNet workloads | |
| shell: bash | |
| run: | | |
| dotnet workload install android ios tvos macos maui | |
| #- name: Download Sonar Scanner MsBuild | |
| # uses: robinraju/release-downloader@v1.6 | |
| # with: | |
| # repository: "SonarSource/sonar-scanner-msbuild" | |
| # latest: true | |
| # fileName: "sonar-scanner-msbuild-*-net46.zip" | |
| # out-file-path: "downloads/sonar" | |
| #- name: Extract Sonar Scanner MsBuild | |
| # run: | | |
| # Get-ChildItem *.zip | Expand-Archive -DestinationPath ../../tools/sonar | |
| # del *.zip | |
| # working-directory: downloads/sonar | |
| - name: Add MSBuild to PATH | |
| uses: glennawatson/setup-msbuild@v1.0.3 | |
| with: | |
| prerelease: true | |
| # This mitigates an issue with websdk projects loading analyzers from old packages. | |
| - name: Cleanup nuget local storage | |
| run: dotnet nuget locals all --clear | |
| - name: NBGV | |
| id: nbgv | |
| uses: dotnet/nbgv@master | |
| with: | |
| setAllVars: true | |
| - name: Install dotnet tools | |
| run: dotnet tool restore | |
| - name: Prepare Artifact Directory | |
| run: | | |
| mkdir artifacts | |
| mkdir artifacts\appinspector | |
| mkdir artifacts\nupkg | |
| mkdir artifacts\outdated | |
| mkdir artifacts\sbom | |
| mkdir artifacts\snitch | |
| mkdir artifacts\omd | |
| - name: Restore Packages | |
| run: | | |
| dotnet restore ${{ env.solutionpath }} /bl:artifacts\\binlog\\restore.binlog | |
| - name: List Deprecated Packages | |
| run: | | |
| dotnet list ${{ env.solutionpath }} package --deprecated | |
| # TODO: pipe to text file, echo text file and error level fail build if not empty file? | |
| - name: List Vulnerable Packages | |
| run: | | |
| dotnet list ${{ env.solutionpath }} package --vulnerable | |
| # TODO: pipe to text file, echo text file and error level fail build if not empty file? | |
| - name: NPM package restore | |
| run: | | |
| pushd src\Whipstaff.Example.WebMvcApp\ | |
| npm install | |
| popd | |
| - name: Run Sonar Scanner begin | |
| if: env.SONAR_TOKEN != '' && env.SONAR_PROJECT_KEY != '' && env.SONAR_ORGANISATION_KEY != '' | |
| run: | | |
| dotnet sonarscanner begin /k:"${{ env.SONAR_PROJECT_KEY }}" /d:sonar.login="${{ env.SONAR_TOKEN }}" /d:sonar.host.url="https://sonarcloud.io" /o:"${{ env.SONAR_ORGANISATION_KEY }}" /d:sonar.cs.opencover.reportsPaths="../artifacts/unittestcoverage/**/*.xml" | |
| # .\..\tools\sonar\SonarScanner.MSBuild.exe begin /k:"${{ env.SONAR_PROJECT_KEY }}" /d:sonar.login="${{ env.SONAR_TOKEN }}" /d:sonar.host.url="https://sonarcloud.io" /o:"${{ env.SONAR_ORGANISATION_KEY }}" /d:sonar.cs.opencover.reportsPaths="../artifacts/unittestcoverage/**/*.xml" | |
| working-directory: src | |
| env: | |
| SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
| SONAR_PROJECT_KEY: ${{ secrets.SONAR_PROJECT_KEY }} | |
| SONAR_ORGANISATION_KEY: ${{ secrets.SONAR_ORGANISATION_KEY }} | |
| - name: Run Build | |
| run: | | |
| msbuild /t:build,pack /p:Configuration=Release /maxcpucount /bl:artifacts\\binlog\\build.binlog /p:ContinuousIntegrationBuild=true /p:PackageOutputPath=..\..\artifacts\nuget | |
| working-directory: src | |
| - name: Run Unit Tests | |
| run: | | |
| dotnet test ${{ env.unittestprojectpath }} --configuration Release --no-build /bl:artifacts\\binlog\\unittest.binlog --nologo --logger GitHubActions --blame-hang-timeout 60000 --results-directory artifacts\unittestcoverage --collect:"XPlat Code Coverage" /p:CollectCoverage=true /p:DeterministicSourcePaths=false -- DataCollectionRunSettings.DataCollectors.DataCollector.Configuration.Format=opencover | |
| - name: Run Sonar Scanner end | |
| if: env.SONAR_TOKEN != '' && env.SONAR_PROJECT_KEY != '' && env.SONAR_ORGANISATION_KEY != '' | |
| run: | | |
| dotnet sonarscanner end /d:sonar.login="${{ env.SONAR_TOKEN }}" | |
| # .\..\tools\sonar\SonarScanner.MSBuild.exe end /d:sonar.login="${{ env.SONAR_TOKEN }}" | |
| working-directory: src | |
| env: | |
| SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
| SONAR_PROJECT_KEY: ${{ secrets.SONAR_PROJECT_KEY }} | |
| SONAR_ORGANISATION_KEY: ${{ secrets.SONAR_ORGANISATION_KEY }} | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Upload Code Coverage | |
| run: | | |
| Invoke-WebRequest -Uri https://uploader.codecov.io/latest/windows/codecov.exe -Outfile codecov.exe | |
| .\codecov.exe -s 'artifacts/unittestcoverage' -f '*.xml' -v -t '${{ env.CODECOV_TOKEN }}' | |
| env: | |
| CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} | |
| - name: Report Unit Test Coverage | |
| run: | | |
| $opencoverxmlpath = Get-ChildItem 'artifacts/unittestcoverage/**/*.xml' | Select-Object -First 1 | |
| $unitTestCoverage = (Select-Xml -Path $opencoverxmlpath -XPath 'CoverageSession/Summary/@branchCoverage').Node.Value | |
| $coverageMessage = "Unit Test Coverage: $unitTestCoverage" | |
| echo "::notice::$coverageMessage" | |
| echo $coverageMessage >> $GITHUB_STEP_SUMMARY | |
| #- name: Train Intellicode Model | |
| # uses: microsoft/vs-intellicode@v1 | |
| # if: github.ref == 'refs/heads/main' | |
| # with: | |
| # directory: src | |
| - name: List licenses | |
| run: | | |
| dotnet dotnet-project-licenses -i src --export-license-texts --output-directory artifacts/licenses | |
| - name: Generate SBOM | |
| run: | | |
| dotnet sbom-tool generate -b artifacts/nuget -bc src -pn Whipstaff -pv $Env:NBGV_SimpleVersion -ps "DHGMS Solutions" -nsb https://sbom.dhgms.com -m artifacts\sbom | |
| - name: List outdated packages | |
| run: | | |
| dotnet outdated -o artifacts\outdated\outdated.json src | |
| - name: VirusTotal Monitor Scan | |
| if: ${{ env.VIRUSTOTAL_API_KEY != 0 }} | |
| uses: crazy-max/ghaction-virustotal@v3 | |
| with: | |
| vt_api_key: ${{ env.VIRUSTOTAL_API_KEY }} | |
| vt_monitor: true | |
| monitor_path: /ghaction-virustotal | |
| files: | | |
| ./artifacts/nuget/*.nupkg | |
| env: | |
| VIRUSTOTAL_API_KEY: ${{ secrets.VIRUSTOTAL_API_KEY }} | |
| - name: Generate App Inspector Report | |
| run: | | |
| dotnet appinspector analyze -s src -f html -o artifacts\appinspector\appinspector.html | |
| # only store binlog on failure | |
| - name: store binlogs | |
| if: ${{ failure() }} | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: binlogs | |
| path: artifacts/binlog | |
| - name: store unit test coverage | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: unittestcoverage | |
| path: artifacts/unittestcoverage | |
| - name: store docfx | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: docfx | |
| path: artifacts/docfx | |
| - name: store nuget packages | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: nuget | |
| path: artifacts/nuget | |
| - name: store omd | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: omd | |
| path: artifacts/omd | |
| - name: store licenses | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: licenses | |
| path: artifacts/licenses | |
| - name: store sbom | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: sbom | |
| path: artifacts/sbom | |
| - name: store outdated | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: outdated | |
| path: artifacts/outdated | |
| - name: store snitch | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: snitch | |
| path: artifacts/snitch | |
| - name: store appinspector | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: appinspector | |
| path: artifacts/appinspector | |
| release: | |
| runs-on: ubuntu-latest | |
| needs: build | |
| if: contains(github.event.pull_request.labels.*.name, 'release') && github.event_name == 'pull_request' && github.event.action == 'closed' && github.event.pull_request.merged == true | |
| env: | |
| DOTNET_CLI_TELEMETRY_OPTOUT: 1 | |
| DOTNET_SKIP_FIRST_TIME_EXPERIENCE: 1 | |
| DOTNET_NOLOGO: true | |
| DOTNET_GENERATE_ASPNET_CERTIFICATE: false | |
| steps: | |
| - name: Download NuGet Packages | |
| uses: actions/download-artifact@v3 | |
| with: | |
| name: nuget | |
| - name: Changelog | |
| uses: glennawatson/ChangeLog@v1 | |
| id: changelog | |
| - name: Create Release | |
| uses: actions/create-release@v1 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # This token is provided by Actions, you do not need to create your own token | |
| with: | |
| tag_name: ${{ needs.build.outputs.nbgv }} | |
| release_name: ${{ needs.build.outputs.nbgv }} | |
| body: | | |
| ${{ steps.changelog.outputs.commitLog }} | |
| - name: NuGet Push | |
| env: | |
| NUGET_AUTH_TOKEN: ${{ secrets.NUGET_API_KEY }} | |
| SOURCE_URL: https://api.nuget.org/v3/index.json | |
| run: | | |
| dotnet nuget push -s ${{ env.SOURCE_URL }} -k ${{ env.NUGET_AUTH_TOKEN }} **/*.nupkg |