Update obsolete eslint rule #3733
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: build | |
on: | |
push: | |
branches: [ main ] | |
paths-ignore: | |
- '**/*.gitattributes' | |
- '**/*.gitignore' | |
- '**/*.md' | |
pull_request: | |
branches: | |
- main | |
- dotnet-vnext | |
- dotnet-nightly | |
workflow_dispatch: | |
env: | |
APPLICATION_URL_PROD: https://api.martincostello.com | |
AZURE_WEBAPP_NAME: api-martincostello | |
CONTAINER_REGISTRY: '${{ github.repository_owner }}.azurecr.io' | |
DOTNET_CLI_TELEMETRY_OPTOUT: true | |
DOTNET_GENERATE_ASPNET_CERTIFICATE: false | |
DOTNET_MULTILEVEL_LOOKUP: 0 | |
DOTNET_NOLOGO: true | |
DOTNET_SKIP_FIRST_TIME_EXPERIENCE: 1 | |
DOTNET_SYSTEM_CONSOLE_ALLOW_ANSI_COLOR_REDIRECTION: 1 | |
NUGET_XMLDOC_MODE: skip | |
TERM: xterm | |
permissions: | |
contents: read | |
jobs: | |
build: | |
name: ${{ matrix.os }} | |
runs-on: ${{ matrix.os }} | |
env: | |
PUBLISH_CONTAINER: ${{ github.event.repository.fork == false && github.ref_name == github.event.repository.default_branch && matrix.os == 'ubuntu-latest' }} | |
outputs: | |
container-tag: ${{ steps.publish-container.outputs.container-tag }} | |
permissions: | |
attestations: write | |
contents: read | |
id-token: write | |
strategy: | |
fail-fast: false | |
matrix: | |
os: [ macos-latest, ubuntu-latest, windows-latest ] | |
include: | |
- os: macos-latest | |
os-name: macos | |
- os: ubuntu-latest | |
os-name: linux | |
- os: windows-latest | |
os-name: windows | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: Setup .NET SDK | |
uses: actions/setup-dotnet@v4 | |
- name: Setup Node | |
uses: actions/setup-node@v4 | |
with: | |
node-version: '20' | |
- name: Get npm cache directory | |
id: npm-cache-dir | |
shell: pwsh | |
run: echo "dir=$(npm config get cache)" >> ${env:GITHUB_OUTPUT} | |
- name: Setup npm cache | |
uses: actions/cache@v4 | |
id: npm-cache | |
with: | |
path: ${{ steps.npm-cache-dir.outputs.dir }} | |
key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }} | |
restore-keys: ${{ runner.os }}-node- | |
- name: Setup NuGet cache | |
uses: actions/cache@v4 | |
with: | |
path: ~/.nuget/packages | |
key: ${{ runner.os }}-nuget-${{ hashFiles('**/*.csproj', '**/*.props') }} | |
restore-keys: ${{ runner.os }}-nuget- | |
- name: Build, test and publish | |
id: build | |
shell: pwsh | |
run: ./build.ps1 | |
- uses: codecov/codecov-action@v4 | |
name: Upload coverage to Codecov | |
with: | |
file: ./artifacts/coverage/coverage.cobertura.xml | |
flags: ${{ matrix.os-name }} | |
token: ${{ secrets.CODECOV_TOKEN }} | |
- name: Docker log in | |
uses: docker/login-action@v3 | |
if: env.PUBLISH_CONTAINER == 'true' | |
with: | |
registry: ${{ env.CONTAINER_REGISTRY }} | |
username: ${{ secrets.ACR_REGISTRY_USERNAME }} | |
password: ${{ secrets.ACR_REGISTRY_PASSWORD }} | |
- name: Publish container | |
id: publish-container | |
if: runner.os == 'Linux' | |
shell: pwsh | |
env: | |
ContainerRegistry: ${{ env.PUBLISH_CONTAINER == 'true' && env.CONTAINER_REGISTRY || '' }} | |
run: | | |
dotnet publish ./src/API --arch x64 --os linux -p:PublishProfile=DefaultContainer | |
- name: Generate SBOM for binaries | |
uses: anchore/sbom-action@v0 | |
if: runner.os != 'Windows' # HACK Disabled due to https://github.com/anchore/sbom-action/issues/472 | |
with: | |
artifact-name: 'publish-${{ matrix.os-name }}.spdx.json' | |
output-file: ./artifacts/publish.spdx.json | |
path: ./artifacts/publish | |
- name: Generate SBOM for container | |
uses: anchore/sbom-action@v0 | |
if: steps.publish-container.outputs.container-tag != '' && runner.os != 'Windows' # HACK Disabled due to https://github.com/anchore/sbom-action/issues/472 | |
with: | |
image: ${{ steps.publish-container.outputs.container-tag }} | |
output-file: ./artifacts/container.spdx.json | |
- name: Attest container image | |
uses: actions/attest-build-provenance@v1 | |
if: steps.publish-container.outputs.container-digest != '' | |
with: | |
push-to-registry: true | |
subject-digest: ${{ steps.publish-container.outputs.container-digest }} | |
subject-name: ${{ steps.publish-container.outputs.container-image }} | |
- name: Attest SBOM for container | |
uses: actions/attest-sbom@v1 | |
if: steps.publish-container.outputs.container-digest != '' && runner.os != 'Windows' # HACK Disabled due to https://github.com/anchore/sbom-action/issues/472 | |
with: | |
push-to-registry: true | |
sbom-path: ./artifacts/container.spdx.json | |
subject-digest: ${{ steps.publish-container.outputs.container-digest }} | |
subject-name: ${{ steps.publish-container.outputs.container-image }} | |
- name: Upload any crash dumps | |
shell: pwsh | |
if: | | |
!cancelled() && | |
steps.build.outcome == 'failure' && | |
github.event.repository.fork == false && | |
github.event.sender.login != 'dependabot[bot]' | |
env: | |
AZURE_STORAGE_CONNECTION_STRING: ${{ secrets.CRASH_DUMPS_STORAGE_CONNECTION_STRING }} | |
PSCOMPRESSION_VERSION: '2.0.6' | |
run: | | |
$dumps = Get-ChildItem -Path ${env:GITHUB_WORKSPACE} -Filter "*.dmp" -Recurse | |
if ($null -ne $dumps) { | |
$container = ${env:GITHUB_REPOSITORY}.Replace("/", "-") | |
az storage container create --name $container --public-access off | Out-Null | |
Install-Module PSCompression -RequiredVersion ${env:PSCOMPRESSION_VERSION} -AcceptLicense -Force -Scope CurrentUser | |
$dumps | ForEach-Object { | |
$zipPath = $_.FullName + ".zip" | |
$zipName = $_.Name + ".zip" | |
Write-Output "Compressing crash dump $($_.Name)..." | |
Compress-ZipArchive -Path $_.FullName -Destination $zipPath | |
az storage blob upload ` | |
--container-name $container ` | |
--file $zipPath ` | |
--name $zipName ` | |
--metadata "GITHUB_RUN_ATTEMPT=${env:GITHUB_RUN_ATTEMPT}" "GITHUB_WORKFLOW=${env:GITHUB_SERVER_URL}/${env:GITHUB_REPOSITORY}/actions/runs/${env:GITHUB_RUN_ID}" "RUNNER_OS=${env:RUNNER_OS}" ` | |
--overwrite true | |
if ($LASTEXITCODE -eq 0) { | |
Write-Output "::notice::Uploaded crash dump $($_.Name) to Azure Storage." | |
} | |
} | |
} | |
deploy: | |
if: github.event.repository.fork == false && github.ref_name == github.event.repository.default_branch | |
name: deploy-production | |
needs: build | |
runs-on: ubuntu-latest | |
concurrency: production_environment | |
environment: | |
name: production | |
url: ${{ env.APPLICATION_URL_PROD }} | |
permissions: | |
id-token: write | |
steps: | |
- name: Azure log in | |
uses: azure/login@v2 | |
with: | |
client-id: ${{ secrets.AZURE_CLIENT_ID }} | |
tenant-id: ${{ secrets.AZURE_TENANT_ID }} | |
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} | |
- name: Deploy container to Azure App Service | |
uses: azure/webapps-deploy@v3 | |
with: | |
app-name: ${{ env.AZURE_WEBAPP_NAME }} | |
images: ${{ needs.build.outputs.container-tag }} | |
- name: Check application health | |
shell: pwsh | |
env: | |
APPLICATION_URL: ${{ env.APPLICATION_URL_PROD }} | |
run: | | |
$delay = 10 | |
$limit = 10 | |
$success = $false | |
for ($i = 0; $i -lt $limit; $i++) { | |
$response = $null | |
try { | |
$response = Invoke-WebRequest -Uri "${env:APPLICATION_URL}/version" -Method Get -UseBasicParsing | |
} catch { | |
$response = $_.Exception.Response | |
} | |
if (($null -ne $response) -And ($response.StatusCode -eq 200)) { | |
$json = $response.Content | ConvertFrom-Json | |
$version = $json.applicationVersion | |
if ((-Not [string]::IsNullOrWhiteSpace($version)) -And $version.Contains(${env:GITHUB_SHA})) { | |
$success = $true | |
break | |
} | |
} | |
Start-Sleep -Seconds $delay | |
} | |
if (-Not $success) { | |
throw "${env:APPLICATION_URL} did not return a successful status code and the expected version within the time limit after $limit attempts." | |
} | |
test: | |
name: test-production | |
needs: deploy | |
runs-on: ubuntu-latest | |
concurrency: production_environment | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: Setup .NET SDK | |
uses: actions/setup-dotnet@v4 | |
- name: Setup Node | |
uses: actions/setup-node@v4 | |
with: | |
node-version: '20' | |
- name: Get npm cache directory | |
id: npm-cache-dir | |
shell: pwsh | |
run: echo "dir=$(npm config get cache)" >> ${env:GITHUB_OUTPUT} | |
- name: Setup npm cache | |
uses: actions/cache@v4 | |
id: npm-cache | |
with: | |
path: ${{ steps.npm-cache-dir.outputs.dir }} | |
key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }} | |
restore-keys: ${{ runner.os }}-node- | |
- name: Setup NuGet cache | |
uses: actions/cache@v4 | |
with: | |
path: ~/.nuget/packages | |
key: ${{ runner.os }}-nuget-${{ hashFiles('**/*.csproj', '**/*.props') }} | |
restore-keys: ${{ runner.os }}-nuget- | |
- name: Run end-to-end tests | |
shell: pwsh | |
run: dotnet test ./tests/API.Tests --configuration Release --filter Category=EndToEnd --logger "GitHubActions;report-warnings=false" | |
env: | |
WEBSITE_URL: ${{ env.APPLICATION_URL_PROD }} |