XS✔ ◾ Bump codecov/codecov-action from 4.4.1 to 4.5.0 #1947
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # © Muiris Woulfe | |
| # Licensed under the MIT License | |
| --- | |
| name: Build | |
| on: | |
| push: | |
| branches: | |
| - main | |
| pull_request: | |
| branches: | |
| - main | |
| schedule: | |
| - cron: 0 0 * * 1 | |
| workflow_dispatch: null | |
| permissions: {} | |
| jobs: | |
| initialization: | |
| name: Initialization | |
| runs-on: ubuntu-latest | |
| permissions: | |
| pull-requests: write | |
| statuses: write | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 | |
| with: | |
| egress-policy: audit | |
| - name: INITIALIZATION – Checkout | |
| uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
| with: | |
| fetch-depth: 0 | |
| - env: | |
| PR_METRICS_ACCESS_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| if: ${{ env.PR_METRICS_ACCESS_TOKEN != '' }} | |
| name: PR Metrics | |
| uses: microsoft/PR-Metrics@512b09fb60c2b7c8de67af85ecbed30317445962 # v1.5.14 | |
| continue-on-error: true | |
| build: | |
| name: Build | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| configuration: [Debug, Release] | |
| os: [macos-latest, ubuntu-latest, windows-latest] | |
| runs-on: ${{ matrix.os }} | |
| permissions: {} | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 | |
| with: | |
| egress-policy: audit | |
| # Initialization | |
| - name: INITIALIZATION – Checkout | |
| uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
| with: | |
| fetch-depth: 0 | |
| - name: INITIALIZATION – .NET Install | |
| uses: actions/setup-dotnet@4d6c8fcf3c8f7a60068d26b594648e99df24cee3 # v4.0.0 | |
| # SonarCloud Initialization | |
| - env: | |
| SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
| if: >- | |
| ${{ matrix.configuration == 'Release' | |
| && matrix.os == 'ubuntu-latest' | |
| && env.SONAR_TOKEN != '' }} | |
| name: SONARCLOUD INITIALIZATION – Java Install | |
| uses: actions/setup-java@99b8673ff64fbf99d8d325f52d9a5bdedb8483e9 # v4.2.1 | |
| with: | |
| distribution: zulu | |
| java-version: 19.0.1 | |
| - env: | |
| SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
| if: >- | |
| ${{ matrix.configuration == 'Release' | |
| && matrix.os == 'ubuntu-latest' | |
| && env.SONAR_TOKEN != '' }} | |
| name: SONARCLOUD INITIALIZATION – SonarCloud Install | |
| shell: pwsh | |
| run: dotnet tool install dotnet-sonarscanner --tool-path .sonarcloud | |
| - env: | |
| SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
| if: >- | |
| ${{ matrix.configuration == 'Release' | |
| && matrix.os == 'ubuntu-latest' | |
| && env.SONAR_TOKEN != '' }} | |
| name: SONARCLOUD INITIALIZATION – SonarCloud Initialize | |
| shell: pwsh | |
| run: >- | |
| .sonarcloud/dotnet-sonarscanner begin | |
| /k:"${{ github.repository_owner }}_${{ github.event.repository.name }}" | |
| /o:"${{ github.repository_owner }}" | |
| /d:sonar.login="${{ secrets.SONAR_TOKEN }}" | |
| /d:sonar.host.url="https://sonarcloud.io" | |
| /d:sonar.cs.opencover.reportsPaths="**/coverage.opencover.xml" | |
| # Build & Test | |
| - name: BUILD & TEST – Project Restore | |
| shell: pwsh | |
| run: dotnet restore | |
| - name: BUILD & TEST – Project Build | |
| shell: pwsh | |
| run: dotnet build --configuration ${{ matrix.configuration }} --no-restore /maxCpuCount | |
| - name: BUILD & TEST – Project Test | |
| shell: pwsh | |
| run: dotnet test --configuration ${{ matrix.configuration }} --no-build --collect:"XPlat Code Coverage" | |
| - env: | |
| CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} | |
| if: >- | |
| ${{ matrix.configuration == 'Release' | |
| && matrix.os == 'ubuntu-latest' | |
| && env.CODECOV_TOKEN != '' }} | |
| name: BUILD & TEST – Upload to Codecov | |
| uses: codecov/codecov-action@e28ff129e5465c2c0dcc6f003fc735cb6ae0c673 # v4.5.0 | |
| with: | |
| fail_ci_if_error: true | |
| token: ${{ secrets.CODECOV_TOKEN }} | |
| # SonarCloud Finalization | |
| - env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
| if: >- | |
| ${{ matrix.configuration == 'Release' | |
| && matrix.os == 'ubuntu-latest' | |
| && env.SONAR_TOKEN != '' }} | |
| name: SONARCLOUD FINALIZATION – SonarCloud Analyze | |
| shell: pwsh | |
| run: .sonarcloud/dotnet-sonarscanner end /d:sonar.token="${{ secrets.SONAR_TOKEN }}" | |
| create-asset: | |
| name: Create Asset | |
| env: | |
| project: NuGetTransitiveDependencyFinder.ConsoleApp | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| runtime: | |
| [ | |
| linux-arm, | |
| linux-arm64, | |
| linux-musl-x64, | |
| linux-x64, | |
| osx-x64, | |
| win-arm64, | |
| win-x64, | |
| win-x86 | |
| ] | |
| runs-on: ubuntu-latest | |
| permissions: {} | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 | |
| with: | |
| egress-policy: audit | |
| # Initialization | |
| - name: INITIALIZATION – Checkout | |
| uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
| - name: INITIALIZATION – Get Tag | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| id: tag | |
| uses: jossef/action-latest-release-info@40167002208bfed9f789cccc7d3222fda2d82dd6 # v1.2.1 | |
| - name: INITIALIZATION – Version Extract | |
| id: version | |
| shell: pwsh | |
| run: |- | |
| $Version = '${{ steps.tag.outputs.tag_name }}'.Substring(1) | |
| Write-Output -InputObject "VERSION=$Version" >> $Env:GITHUB_OUTPUT | |
| - name: INITIALIZATION – Version Replace | |
| shell: pwsh | |
| run: |- | |
| $FileContent = Get-Content -Path 'src/Shared/Properties/AssemblyAttributes.cs' -Raw | |
| $FileContent = $FileContent -replace '0.0.0', '${{ steps.version.outputs.VERSION }}' | |
| Set-Content -NoNewline -Path 'src/Shared/Properties/AssemblyAttributes.cs' -Value $FileContent | |
| - name: INITIALIZATION – .NET Install | |
| uses: actions/setup-dotnet@4d6c8fcf3c8f7a60068d26b594648e99df24cee3 # v4.0.0 | |
| # Build | |
| - name: BUILD – Project Restore | |
| shell: pwsh | |
| run: dotnet restore src/Product/${{ env.project }}/${{ env.project }}.csproj --runtime ${{ matrix.runtime }} | |
| - name: BUILD – Project Build | |
| shell: pwsh | |
| run: >- | |
| dotnet build src/Product/${{ env.project }}/${{ env.project }}.csproj | |
| --configuration Release | |
| --no-restore | |
| --runtime ${{ matrix.runtime }} | |
| --self-contained true | |
| /property:PublishSingleFile=true | |
| /maxCpuCount | |
| # Publish | |
| - name: PUBLISH – Project Publish | |
| shell: pwsh | |
| run: >- | |
| dotnet publish src/Product/${{ env.project }}/${{ env.project }}.csproj | |
| --configuration Release | |
| --no-build | |
| --runtime ${{ matrix.runtime }} | |
| --self-contained true | |
| /property:PublishSingleFile=true | |
| # Upload | |
| - name: UPLOAD – Get Platform | |
| id: platform | |
| shell: pwsh | |
| run: |- | |
| $Platform = '${{ matrix.runtime }}'.Split('-')[0] | |
| Write-Output -InputObject "PLATFORM=$Platform" >> $Env:GITHUB_OUTPUT | |
| - name: UPLOAD – Get File Names | |
| env: | |
| extension: >- | |
| { | |
| "linux": "", | |
| "osx": "", | |
| "win": ".exe" | |
| } | |
| id: file-names | |
| shell: pwsh | |
| run: |- | |
| $Extension = '${{ fromJson(env.extension)[steps.platform.outputs.PLATFORM] }}' | |
| $AssetName = "NuGetTransitiveDependencyFinder.ConsoleApp.${{ matrix.runtime }}$Extension" | |
| $AssetPath = '${{ github.workspace }}/src/Product/${{ env.project }}/bin/Release/net8.0/' | |
| $AssetPath += "${{ matrix.runtime }}/publish/dotnet-transitive-dependency-finder$Extension" | |
| Write-Output -InputObject "ASSET_PATH=$AssetPath" >> $Env:GITHUB_OUTPUT | |
| Write-Output -InputObject "ASSET_NAME=$AssetName" >> $Env:GITHUB_OUTPUT | |
| - name: UPLOAD – Print Details | |
| shell: pwsh | |
| run: |- | |
| $AssetPathFileSize = (Get-Content -LiteralPath '${{ steps.file-names.outputs.ASSET_PATH }}').Length | |
| $AssetPathFileSize = "$AssetPathFileSize bytes" | |
| Write-Output -InputObject 'Asset Name: ${{ steps.file-names.outputs.ASSET_NAME }}' | |
| Write-Output -InputObject "Asset Path: ${{ steps.file-names.outputs.ASSET_PATH }} ($AssetPathFileSize)" | |
| create-nuget: | |
| name: Create NuGet Package | |
| env: | |
| nuget-package-prefix: src/Product/NuGetTransitiveDependencyFinder/bin/Release/NuGetTransitiveDependencyFinder | |
| runs-on: ubuntu-latest | |
| permissions: {} | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 | |
| with: | |
| egress-policy: audit | |
| # Initialization | |
| - name: INITIALIZATION – Checkout | |
| uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
| - name: INITIALIZATION – Get Tag | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| id: tag | |
| uses: jossef/action-latest-release-info@40167002208bfed9f789cccc7d3222fda2d82dd6 # v1.2.1 | |
| - name: INITIALIZATION – Version Extract | |
| id: version | |
| shell: pwsh | |
| run: |- | |
| $Version = '${{ steps.tag.outputs.tag_name }}'.Substring(1) | |
| Write-Output -InputObject "VERSION=$Version" >> $Env:GITHUB_OUTPUT | |
| - name: INITIALIZATION – Version Replace | |
| shell: pwsh | |
| run: |- | |
| $FileContent = Get-Content -Path 'src/Shared/Properties/AssemblyAttributes.cs' -Raw | |
| $FileContent = $FileContent -replace '0.0.0', '${{ steps.version.outputs.VERSION }}' | |
| Set-Content -NoNewline -Path 'src/Shared/Properties/AssemblyAttributes.cs' -Value $FileContent | |
| - name: INITIALIZATION – .NET Install | |
| uses: actions/setup-dotnet@4d6c8fcf3c8f7a60068d26b594648e99df24cee3 # v4.0.0 | |
| # Create Logo | |
| - name: CREATE LOGO – Install svgexport | |
| shell: pwsh | |
| run: npm install svgexport | |
| - name: CREATE LOGO – Install pngout | |
| shell: pwsh | |
| run: npm install pngout-bin | |
| - name: CREATE LOGO – Convert SVG | |
| shell: pwsh | |
| run: >- | |
| node_modules/.bin/svgexport | |
| src/Product/NuGetTransitiveDependencyFinder/Assets/Logo.svg | |
| src/Product/NuGetTransitiveDependencyFinder/Assets/Logo.png | |
| - name: CREATE LOGO – Compress with block split threshold 0 | |
| shell: pwsh | |
| run: >- | |
| Start-Process | |
| -ArgumentList 'src/Product/NuGetTransitiveDependencyFinder/Assets/Logo.png','-b0','-q' | |
| -FilePath 'node_modules/.bin/pngout' | |
| -Wait | |
| - name: CREATE LOGO – Compress with block split threshold 128 | |
| shell: pwsh | |
| run: >- | |
| Start-Process | |
| -ArgumentList 'src/Product/NuGetTransitiveDependencyFinder/Assets/Logo.png','-b128','-q' | |
| -FilePath 'node_modules/.bin/pngout' | |
| -Wait | |
| - name: CREATE LOGO – Compress with block split threshold 192 | |
| shell: pwsh | |
| run: >- | |
| Start-Process | |
| -ArgumentList 'src/Product/NuGetTransitiveDependencyFinder/Assets/Logo.png','-b192','-q' | |
| -FilePath 'node_modules/.bin/pngout' | |
| -Wait | |
| - name: CREATE LOGO – Compress with block split threshold 256 | |
| shell: pwsh | |
| run: >- | |
| Start-Process | |
| -ArgumentList 'src/Product/NuGetTransitiveDependencyFinder/Assets/Logo.png','-b256','-q' | |
| -FilePath 'node_modules/.bin/pngout' | |
| -Wait | |
| - name: CREATE LOGO – Compress with block split threshold 512 | |
| shell: pwsh | |
| run: >- | |
| Start-Process | |
| -ArgumentList 'src/Product/NuGetTransitiveDependencyFinder/Assets/Logo.png','-b512','-q' | |
| -FilePath 'node_modules/.bin/pngout' | |
| -Wait | |
| - name: CREATE LOGO – Compress with block split threshold 1024 | |
| shell: pwsh | |
| run: >- | |
| Start-Process | |
| -ArgumentList 'src/Product/NuGetTransitiveDependencyFinder/Assets/Logo.png','-b1024','-q' | |
| -FilePath 'node_modules/.bin/pngout' | |
| -Wait | |
| - name: CREATE LOGO – Compress with block split threshold 2048 | |
| shell: pwsh | |
| run: >- | |
| Start-Process | |
| -ArgumentList 'src/Product/NuGetTransitiveDependencyFinder/Assets/Logo.png','-b2048','-q' | |
| -FilePath 'node_modules/.bin/pngout' | |
| -Wait | |
| - name: CREATE LOGO – Compress with block split threshold 4096 | |
| shell: pwsh | |
| run: >- | |
| Start-Process | |
| -ArgumentList 'src/Product/NuGetTransitiveDependencyFinder/Assets/Logo.png','-b4096','-q' | |
| -FilePath 'node_modules/.bin/pngout' | |
| -Wait | |
| - name: CREATE LOGO – Compress with block split threshold 8192 | |
| shell: pwsh | |
| run: >- | |
| Start-Process | |
| -ArgumentList 'src/Product/NuGetTransitiveDependencyFinder/Assets/Logo.png','-b8192','-q' | |
| -FilePath 'node_modules/.bin/pngout' | |
| -Wait | |
| - name: CREATE LOGO – Delete SVG | |
| shell: pwsh | |
| run: Remove-Item -Path 'src/Product/NuGetTransitiveDependencyFinder/Assets/Logo.svg' | |
| # Build | |
| - name: BUILD – Project Restore | |
| shell: pwsh | |
| run: dotnet restore src/Product/NuGetTransitiveDependencyFinder/NuGetTransitiveDependencyFinder.csproj | |
| - name: BUILD – Project Build | |
| shell: pwsh | |
| run: >- | |
| dotnet build src/Product/NuGetTransitiveDependencyFinder/NuGetTransitiveDependencyFinder.csproj | |
| --configuration Release | |
| --no-restore | |
| /maxCpuCount | |
| # Upload | |
| - name: UPLOAD – Delete Documentation | |
| shell: pwsh | |
| run: Remove-Item -Path 'src/Product/NuGetTransitiveDependencyFinder/bin/NuGetTransitiveDependencyFinder.xml' | |
| - name: UPLOAD – Pack | |
| shell: pwsh | |
| run: >- | |
| dotnet pack src/Product/NuGetTransitiveDependencyFinder/NuGetTransitiveDependencyFinder.csproj | |
| --configuration Release | |
| --no-build | |
| /property:PackageReleaseNotes="Release Notes" | |
| /property:PackageVersion=${{ steps.version.outputs.VERSION }} | |
| /property:RepositoryCommit=${{ github.sha }} | |
| - name: UPLOAD – Print Details | |
| shell: pwsh | |
| run: |- | |
| $NuGetPackage = '${{ env.nuget-package-prefix }}.${{ steps.version.outputs.VERSION }}.nupkg' | |
| $NuGetSymbolsPackage = '${{ env.nuget-package-prefix }}.${{ steps.version.outputs.VERSION }}.snupkg' | |
| $NuGetPackageSize = (Get-Content -LiteralPath $NuGetPackage).Length | |
| $NuGetPackageSize = "$NuGetPackageSize bytes" | |
| $NuGetSymbolsPackageSize = (Get-Content -LiteralPath $NuGetSymbolsPackage).Length | |
| $NuGetSymbolsPackageSize = "$NuGetSymbolsPackageSize bytes" | |
| Write-Output -InputObject "NuGet Package: $NuGetPackageSize" | |
| Write-Output -InputObject "NuGet Symbols Package: $NuGetSymbolsPackageSize" | |
| validate-lint: | |
| name: Validate – Lint | |
| runs-on: ubuntu-latest | |
| permissions: {} | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 | |
| with: | |
| egress-policy: audit | |
| # Initialization | |
| - name: INITIALIZATION – Checkout | |
| uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
| with: | |
| fetch-depth: 0 | |
| # Linter Validation | |
| - name: LINTER VALIDATION – Super Linter | |
| uses: github/super-linter@4e51915f4a812abf59fed160bb14595c0a38a9e7 # v6 | |
| env: | |
| EDITORCONFIG_FILE_NAME: ../../.editorconfig | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| MARKDOWN_CONFIG_FILE: ../../.markdownlint.json | |
| VALIDATE_CSHARP: false | |
| # Markdown Validation | |
| - name: MARKDOWN VALIDATION – Validate Links | |
| uses: gaurav-nelson/github-action-markdown-link-check@5c5dfc0ac2e225883c0e5f03a85311ec2830d368 # v1 | |
| with: | |
| config-file: .github/linters/markdown-link-check.json | |
| # JSON Validation | |
| - name: JSON VALIDATION – Update .markdownlint.json | |
| shell: pwsh | |
| run: |- | |
| $Url = 'https://raw.githubusercontent.com/DavidAnson/markdownlint/main/schema/markdownlint-config-schema.json' | |
| Invoke-WebRequest -Uri $Url -OutFile markdownlint-config-schema.json | |
| (Get-Content -Path markdownlint-config-schema.json) -replace ` | |
| 'http://json-schema.org/draft-07/schema#', 'http://json-schema.org/draft-04/schema#' | ` | |
| Set-Content -Path markdownlint-config-schema.json | |
| (Get-Content -Path .markdownlint.json) -replace $Url, ` | |
| 'markdownlint-config-schema.json' | Set-Content -Path .markdownlint.json | |
| - name: JSON VALIDATION – .markdownlint.json | |
| uses: walbo/validate-json@1c24a27a740a698944ff5b697cb8010a72c55c6b # v1.1.0 | |
| with: | |
| files: .markdownlint.json | |
| print-valid-files: true | |
| strict: false | |
| - name: JSON VALIDATION – src/stylecop.json | |
| uses: walbo/validate-json@1c24a27a740a698944ff5b697cb8010a72c55c6b # v1.1.0 | |
| with: | |
| files: src/stylecop.json | |
| strict: false | |
| print-valid-files: true | |
| - name: JSON VALIDATION – src/xunit.runner.json | |
| uses: walbo/validate-json@1c24a27a740a698944ff5b697cb8010a72c55c6b # v1.1.0 | |
| with: | |
| files: src/xunit.runner.json | |
| print-valid-files: true | |
| validate-codeql: | |
| name: Validate – CodeQL | |
| runs-on: ubuntu-latest | |
| permissions: | |
| security-events: write | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 | |
| with: | |
| egress-policy: audit | |
| # Initialization | |
| - name: INITIALIZATION – Checkout | |
| uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
| # CodeQL | |
| - name: INITIALIZATION – .NET Install | |
| uses: actions/setup-dotnet@4d6c8fcf3c8f7a60068d26b594648e99df24cee3 # v4.0.0 | |
| - name: CODEQL – Initialize | |
| uses: github/codeql-action/init@23acc5c183826b7a8a97bce3cecc52db901f8251 # v3.25.10 | |
| with: | |
| queries: security-and-quality | |
| # Build & Test | |
| - name: BUILD & TEST – Project Restore | |
| shell: pwsh | |
| run: dotnet restore | |
| - name: BUILD & TEST – Project Build | |
| shell: pwsh | |
| run: dotnet build --configuration Release --no-restore /maxCpuCount | |
| - name: BUILD & TEST – Project Test | |
| shell: pwsh | |
| run: dotnet test --configuration Release --no-build --collect:"XPlat Code Coverage" | |
| # CodeQL | |
| - name: CODEQL – Analyze | |
| uses: github/codeql-action/analyze@23acc5c183826b7a8a97bce3cecc52db901f8251 # v3.25.10 | |
| dependabot: | |
| if: ${{ github.actor == 'dependabot[bot]' }} | |
| name: Dependabot | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: write | |
| pull-requests: write | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 | |
| with: | |
| egress-policy: audit | |
| - name: Auto-Approve | |
| run: gh pr review --approve "${{github.event.pull_request.html_url}}" | |
| env: | |
| # Fine-grained token with Pull Requests Read & Write permissions. | |
| GH_TOKEN: ${{ secrets.AUTO_APPROVE_TOKEN }} | |
| - name: Auto-Merge | |
| run: gh pr merge --auto --delete-branch --squash "${{ github.event.pull_request.html_url }}" | |
| env: | |
| GH_TOKEN: ${{secrets.GITHUB_TOKEN}} | |
| ... |