chore: Bump Bogus from 35.6.3 to 35.6.5 #578
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build and test dotnet | |
| on: | |
| pull_request: | |
| types: [opened, reopened, synchronize, labeled, unlabeled] | |
| branches: [main] | |
| permissions: | |
| contents: write | |
| packages: write | |
| pull-requests: write | |
| checks: write | |
| issues: write | |
| env: | |
| DOTNET_VERSION: "9.0.*" | |
| REGISTRY: ghcr.io | |
| REPOSITORY: ${{ github.repository }} | |
| concurrency: | |
| group: ${{ github.ref }}-${{ github.workflow }} | |
| cancel-in-progress: true | |
| jobs: | |
| check-label: | |
| name: Check label | |
| runs-on: ubuntu-latest | |
| outputs: | |
| status: ${{steps.label-check.outputs.label_check}} | |
| steps: | |
| - name: check-conventional-commits-labels | |
| uses: docker://agilepathway/pull-request-label-checker:latest | |
| id: label-check | |
| with: | |
| none_of: release | |
| repo_token: ${{ secrets.GITHUB_TOKEN }} | |
| allow_failure: true | |
| pre-checks: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| hasChanged: ${{steps.changed-paths.outputs.changed}} | |
| paths: ${{steps.list-files.outputs.paths}} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - uses: marceloprado/has-changed-path@v1.0.1 | |
| id: changed-paths | |
| with: | |
| paths: src/ tests/ | |
| - name: List Files | |
| id: list-files | |
| uses: ab185508/file-type-finder@main | |
| with: | |
| path: "src/" | |
| type: "Dockerfile" | |
| build-test-dotnet: | |
| runs-on: ubuntu-latest | |
| name: Build, test and generate result | |
| needs: [pre-checks, check-label] | |
| if: ${{ needs.pre-checks.outputs.hasChanged == 'true' && needs.check-label.outputs.status == 'success'}} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Setup .NET Core | |
| uses: actions/setup-dotnet@v3 | |
| with: | |
| dotnet-version: ${{ env.DOTNET_VERSION }} | |
| - name: Install .NET Aspire workload | |
| run: dotnet workload install aspire | |
| # - name: Cache NuGet packages | |
| # uses: actions/cache@v3 | |
| # with: | |
| # path: ~/.nuget/packages | |
| # key: nuget-${{ runner.os }}-${{ hashFiles('**/*.csproj') }} | |
| # restore-keys: | | |
| # nuget-${{ runner.os }}- | |
| - name: Restore dependencies | |
| run: dotnet restore TeckShop.sln | |
| - name: Build | |
| run: dotnet build TeckShop.sln -c Release --no-restore | |
| - name: Test | |
| run: dotnet test TeckShop.sln -c Release --no-restore --no-build --verbosity normal --logger trx --collect:"XPlat Code Coverage" --blame | |
| - name: Combine Coverage Reports # This is because one report is produced per project, and we want one result for all of them. | |
| uses: danielpalme/ReportGenerator-GitHub-Action@5.2.4 | |
| with: | |
| reports: "**/*.cobertura.xml" | |
| targetdir: "${{ github.workspace }}" | |
| reporttypes: "Cobertura" | |
| verbosity: "Info" | |
| title: "Code Coverage" | |
| tag: "${{ github.run_number }}_${{ github.run_id }}" | |
| customSettings: "" | |
| toolpath: "reportgeneratortool" | |
| - name: Upload Combined Coverage XML | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: coverage | |
| path: ${{ github.workspace }}/Cobertura.xml | |
| retention-days: 5 | |
| - name: Publish Code Coverage Report | |
| uses: irongut/CodeCoverageSummary@v1.3.0 | |
| with: | |
| filename: "Cobertura.xml" | |
| badge: true | |
| fail_below_min: false # just informative for now | |
| format: markdown | |
| hide_branch_rate: false | |
| hide_complexity: false | |
| indicators: true | |
| output: both | |
| thresholds: "10 30" | |
| - name: Add Coverage PR Comment | |
| uses: marocchino/sticky-pull-request-comment@v2 | |
| if: github.event_name == 'pull_request' | |
| with: | |
| recreate: true | |
| path: code-coverage-results.md | |
| - name: Upload Test Result Files | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: test-results | |
| path: ${{ github.workspace }}/**/TestResults/**/* | |
| retention-days: 5 | |
| - name: Publish Test Results | |
| uses: EnricoMi/publish-unit-test-result-action@v2.17.0 | |
| if: always() | |
| with: | |
| trx_files: "${{ github.workspace }}/**/*.trx" | |
| - name: Check formatting | |
| run: dotnet format TeckShop.sln --verify-no-changes | |
| continue-on-error: true | |
| - name: Security scan with Trivy (SARIF) | |
| uses: aquasecurity/trivy-action@0.31.0 | |
| continue-on-error: true | |
| with: | |
| scan-type: 'fs' | |
| scan-ref: . | |
| format: sarif | |
| output: trivy-results.sarif | |
| exit-code: 1 | |
| ignore-unfixed: true | |
| vuln-type: os,library | |
| - name: Upload Trivy scan results to Security tab | |
| uses: github/codeql-action/upload-sarif@v3 | |
| with: | |
| sarif_file: trivy-results.sarif | |
| build-test-docker: | |
| runs-on: ${{ matrix.builder.runner-image }} | |
| name: Build and test docker image | |
| needs: | |
| - build-test-dotnet | |
| - pre-checks | |
| - check-label | |
| if: ${{ needs.pre-checks.outputs.hasChanged == 'true' && needs.check-label.outputs.status == 'success'}} | |
| strategy: | |
| matrix: | |
| paths: ${{ fromJson( needs.pre-checks.outputs.paths)}} | |
| builder: | |
| - runner-image: ubuntu-24.04 | |
| platform: linux/amd64 | |
| - runner-image: ubuntu-24.04-arm | |
| platform: linux/arm64 | |
| steps: | |
| - name: Prepare | |
| run: | | |
| echo "REPO_LOWER=$(echo '${{ env.REPOSITORY }}' | tr '[:upper:]' '[:lower:]')" >> $GITHUB_ENV | |
| echo "PLATFORM_PAIR=$(echo '${{ matrix.builder.platform }}' | sed 's/\//-/')" >> $GITHUB_ENV | |
| - uses: actions/checkout@v4 | |
| - name: Extract service name from Dockerfile path | |
| run: | | |
| # Extract service name from Dockerfile path (e.g., src/services/catalog/Catalog.Api/Dockerfile) | |
| DOCKERFILE_PATH="${{ matrix.paths }}" | |
| # Remove leading directories and trailing '/Dockerfile', replace / and . with - | |
| SERVICE_NAME=$(basename "$(dirname "$DOCKERFILE_PATH")" | tr '[:upper:]' '[:lower:]' | sed 's/\./-/g') | |
| # Remove any trailing platform info if present (shouldn't be, but extra safety) | |
| SERVICE_NAME=$(echo "$SERVICE_NAME" | sed -E 's/-linux-(amd64|arm64)$//') | |
| echo "SERVICE_NAME=$SERVICE_NAME" >> $GITHUB_ENV | |
| - name: Docker meta | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ghcr.io/${{ env.REPO_LOWER }} | |
| tags: ${{ github.sha }} | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| with: | |
| version: latest | |
| - name: Build image (no push) | |
| id: build | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: . | |
| file: ${{ matrix.paths }} | |
| platforms: ${{ matrix.builder.platform }} | |
| push: false | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| target: build |