From 16c011ef1f6659cafa57e56657bb3c9935b99451 Mon Sep 17 00:00:00 2001 From: Breno RdV Date: Sat, 3 Feb 2024 23:30:24 -0500 Subject: [PATCH 1/5] feature/workflow-template: converted old build workflow into a template, and added SonarCloud analysis to the code (including a template). --- .github/workflows/master-publish-dataapi.yml | 237 +-------------- .../workflows/master-publish-datatransfer.yml | 237 +-------------- .../master-publish-glucose-mon-app.yml | 221 +------------- .github/workflows/qa-auto-monthly.yml | 20 ++ .github/workflows/qa-on-pull-requests.yml | 19 ++ .github/workflows/template-qa-sonarcloud.yml | 90 ++++++ ...mplate-test-build-and-publish-to-azure.yml | 287 ++++++++++++++++++ NightScout.Raccoon.sln | 4 + 8 files changed, 464 insertions(+), 651 deletions(-) create mode 100644 .github/workflows/qa-auto-monthly.yml create mode 100644 .github/workflows/qa-on-pull-requests.yml create mode 100644 .github/workflows/template-qa-sonarcloud.yml create mode 100644 .github/workflows/template-test-build-and-publish-to-azure.yml diff --git a/.github/workflows/master-publish-dataapi.yml b/.github/workflows/master-publish-dataapi.yml index 71283e4..28332b3 100644 --- a/.github/workflows/master-publish-dataapi.yml +++ b/.github/workflows/master-publish-dataapi.yml @@ -1,4 +1,4 @@ -name: Data API Function App CI/CD +name: Data API Function App CI/CD Workflow Using Template on: push: @@ -6,225 +6,18 @@ on: - master workflow_dispatch: -env: - DOTNET_VERSION: '6.0.x' - TARGET_PLATFORM: win-x64 - TARGET_RUNTIME: net6.0 - PROJECT_FOLDER: Raccoon.Ninja.AzFn.DataApi - PROJECT_FILE: Raccoon.Ninja.AzFn.DataApi.csproj - RELEASE_FILE_PREFIX: "AzFnDataApi" - jobs: - set_release_version: - runs-on: ubuntu-latest - outputs: - version: ${{ steps.set_version.outputs.version }} - steps: - - name: Checkout - uses: actions/checkout@v3 - - name: Define next release version - id: set_version - run: echo "version=$(cat ${{ env.PROJECT_FOLDER }}/${{ env.PROJECT_FILE }} | grep -oP '(?<=).*(?=<\/AssemblyVersion>)')" >> $GITHUB_OUTPUT - - test: - needs: set_release_version - permissions: - deployments: write - contents: write - runs-on: windows-latest - steps: - - name: Checkout - uses: actions/checkout@v3 - - - name: Setup .NET - uses: actions/setup-dotnet@v3 - with: - dotnet-version: ${{ env.DOTNET_VERSION }} - - - name: Test - run: dotnet test ${{ env.PROJECT_FOLDER }}/${{ env.PROJECT_FILE }} --verbosity normal - - check_tag: - needs: [set_release_version, test] - runs-on: ubuntu-latest - env: - VERSION: ${{ needs.set_release_version.outputs.version }} - outputs: - tag_exists: ${{ steps.check_tag.outputs.tag_exists }} - proceed_with_publish: ${{ steps.check_tag.outputs.proceed_with_publish }} - artifact_name: ${{ steps.set_artifact_name.outputs.artifact_name }} - steps: - - name: Set Artifact Name - id: set_artifact_name - run: | - echo "artifact_name=${{ env.RELEASE_FILE_PREFIX }}_${{ env.TARGET_PLATFORM }}_${{ env.VERSION }}" >> $GITHUB_OUTPUT - - name: Check if this version is already built - id: check_tag - run: | - TAG_EXISTS=$(curl -o /dev/null -s -w "%{http_code}\n" -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" https://api.github.com/repos/${{ github.repository }}/git/refs/tags/${{ env.VERSION }}) - - if [[ "$TAG_EXISTS" -eq 200 ]]; then - echo "Tag exists. Checking for release asset." - RELEASE_ID=$(curl -s -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" https://api.github.com/repos/${{ github.repository }}/releases/tags/${{ env.VERSION }} | jq -r '.id') - - if [[ -z "$RELEASE_ID" || "$RELEASE_ID" == "null" ]]; then - echo "Release ID is empty or null. Proceeding to publish." - echo "tag_exists=false" >> $GITHUB_OUTPUT - echo "proceed_with_publish=true" >> $GITHUB_OUTPUT - exit 0 - fi - - RAW_RESPONSE=$(curl -s -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" https://api.github.com/repos/${{ github.repository }}/releases/$RELEASE_ID/assets) - echo "Raw Response: $RAW_RESPONSE" - - JSON_TYPE=$(echo "$RAW_RESPONSE" | jq -r 'type') - if [[ "$JSON_TYPE" == "object" ]]; then - echo "RAW_RESPONSE is a JSON object." - # Check if RAW_RESPONSE contains a "message" field with the value "Not Found" - MESSAGE_VALUE=$(echo "$RAW_RESPONSE" | jq -r '.message // ""') - - if [[ "$MESSAGE_VALUE" == "Not Found" ]]; then - echo "No assets found for this release. Proceeding to publish." - echo "tag_exists=true" >> $GITHUB_OUTPUT - echo "proceed_with_publish=true" >> $GITHUB_OUTPUT - exit 0 - elif [[ ! -z "$MESSAGE_VALUE" ]]; then - echo "An unexpected error occurred: $MESSAGE_VALUE. Exiting." - exit 1 - fi - - elif [[ "$JSON_TYPE" == "array" ]]; then - echo "RAW_RESPONSE is a JSON array." - ASSET_EXISTS=$(echo "$RAW_RESPONSE" | jq -r '.[] | select(.name=="${{ steps.set_artifact_name.outputs.artifact_name }}.zip").id') - - if [[ ! -z "$ASSET_EXISTS" ]]; then - echo "Release asset exists. No need to publish." - echo "tag_exists=true" >> $GITHUB_OUTPUT - echo "proceed_with_publish=false" >> $GITHUB_OUTPUT - else - echo "Release asset does not exist. Proceeding to publish." - echo "tag_exists=true" >> $GITHUB_OUTPUT - echo "proceed_with_publish=true" >> $GITHUB_OUTPUT - fi - else - echo "RAW_RESPONSE is neither a JSON object nor an array. Type: $JSON_TYPE" - exit 1 - fi - - else - echo "Tag does not exist. Proceeding to publish." - echo "tag_exists=false" >> $GITHUB_OUTPUT - echo "proceed_with_publish=true" >> $GITHUB_OUTPUT - fi - - build_info: - needs: [set_release_version, check_tag] - runs-on: ubuntu-latest - steps: - - name: Checkout - run: | - echo "Version: ${{ needs.set_release_version.outputs.version }}" - echo "Tag Exists: ${{ needs.check_tag.outputs.tag_exists }}" - echo "Proceed with Publish: ${{ needs.check_tag.outputs.proceed_with_publish }}" - echo "Artifact Name: ${{ needs.check_tag.outputs.artifact_name }}" - - build: - needs: [set_release_version, check_tag] - if: needs.check_tag.outputs.proceed_with_publish == 'true' - permissions: - deployments: write - contents: write - runs-on: windows-latest - env: - VERSION: ${{ needs.set_release_version.outputs.version }} - ARTIFACT_NAME: ${{ needs.check_tag.outputs.artifact_name }} - steps: - - name: Checkout - uses: actions/checkout@v3 - - - name: Setup .NET - uses: actions/setup-dotnet@v3 - with: - dotnet-version: ${{ env.DOTNET_VERSION }} - - - name: Build - run: dotnet build --configuration Release - - - name: Publish Project - shell: pwsh - run: | - pushd './${{ env.PROJECT_FOLDER }}' - dotnet build --configuration Release --output ./output - popd - - - name: Compressing artifact - run: | - $currentPath = Get-Location - Compress-Archive -Path "$currentPath\${{ env.PROJECT_FOLDER }}\output\*" -DestinationPath "${{ env.ARTIFACT_NAME }}.zip" - - - name: Uploading artifact - id: upload_artifact - uses: actions/upload-artifact@v3 - with: - name: "${{ env.ARTIFACT_NAME }}" - path: "${{ env.ARTIFACT_NAME }}.zip" - if-no-files-found: error - - deploy: - needs: [ set_release_version, check_tag, build ] - permissions: - contents: write - runs-on: ubuntu-latest - env: - VERSION: ${{ needs.set_release_version.outputs.version }} - ARTIFACT_NAME: ${{ needs.check_tag.outputs.artifact_name }} - steps: - - name: Where Am I? What is going on? - run: | - echo "$(pwd) | ${{ env.VERSION }}" - ls -la - - - name: Checkout - uses: actions/checkout@v3 - - - name: Setup Git - run: | - git config user.name "GitHub Actions" - git config user.email "github-actions@github.com" - - - name: Downloading artifact - uses: actions/download-artifact@v3 - with: - name: "${{ env.ARTIFACT_NAME }}" - - - name: Extracting artifact - run: | - unzip "${{ env.ARTIFACT_NAME }}.zip" -d "./output" - - - name: 'Run Azure Functions Action' - uses: Azure/functions-action@v1 - id: fa - with: - app-name: ${{ secrets.AZFN_DATA_API_APP_NAME }} - slot-name: 'Production' - package: './output' - publish-profile: ${{ secrets.AZUREAPPSERVICE_PUBLISHPROFILE_241C3F8D024847BCA5768768B873121E }} - - - name: Create Tag - if: needs.check_tag.outputs.tag_exists == false - run: | - git tag ${{ env.VERSION }} - git push origin ${{ env.VERSION }} - - - name: Create Release - id: create_release - uses: softprops/action-gh-release@v1 - env: - token: ${{ secrets.GITHUB_TOKEN }} - with: - tag_name: ${{ env.VERSION }} - name: ${{ env.VERSION }} - draft: false - prerelease: false - fail_on_unmatched_files: true - files: "${{ env.ARTIFACT_NAME }}.zip" + call-reusable-workflow: + uses: ./.github/workflows/template-test-build-and-publish-to-azure.yml + with: + dotnetVersion: '6.0.x' + targetPlatform: win-x64 + targetRuntime: net6.0 + projectFolder: Raccoon.Ninja.AzFn.DataApi + projectFile: Raccoon.Ninja.AzFn.DataApi.csproj + releaseFilePrefix: "AzFnDataApi" + publishToAzure: true + azureFunctionAppName: ${{ secrets.AZFN_DATA_API_APP_NAME }} + azurePublishProfile: ${{ secrets.AZUREAPPSERVICE_PUBLISHPROFILE_241C3F8D024847BCA5768768B873121E }} + secrets: + githubToken: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/master-publish-datatransfer.yml b/.github/workflows/master-publish-datatransfer.yml index c56de8f..a56ff45 100644 --- a/.github/workflows/master-publish-datatransfer.yml +++ b/.github/workflows/master-publish-datatransfer.yml @@ -1,4 +1,4 @@ -name: Data Transfer Function (CI/CD) +name: Data Transfer Function CI/CD Using Reusable Workflow on: push: @@ -6,225 +6,18 @@ on: - master workflow_dispatch: -env: - DOTNET_VERSION: '6.0.x' - TARGET_PLATFORM: win-x64 - TARGET_RUNTIME: net6.0 - PROJECT_FOLDER: Raccoon.Ninja.AzFn.DataTransfer - PROJECT_FILE: Raccoon.Ninja.AzFn.DataTransfer.csproj - RELEASE_FILE_PREFIX: "AzFnDataTransfer" - jobs: - set_release_version: - runs-on: ubuntu-latest - outputs: - version: ${{ steps.set_version.outputs.version }} - steps: - - name: Checkout - uses: actions/checkout@v3 - - name: Define next release version - id: set_version - run: echo "version=$(cat ${{ env.PROJECT_FOLDER }}/${{ env.PROJECT_FILE }} | grep -oP '(?<=).*(?=<\/AssemblyVersion>)')" >> $GITHUB_OUTPUT - - test: - needs: set_release_version - permissions: - deployments: write - contents: write - runs-on: windows-latest - steps: - - name: Checkout - uses: actions/checkout@v3 - - - name: Setup .NET - uses: actions/setup-dotnet@v3 - with: - dotnet-version: ${{ env.DOTNET_VERSION }} - - - name: Test - run: dotnet test ${{ env.PROJECT_FOLDER }}/${{ env.PROJECT_FILE }} --verbosity normal - - check_tag: - needs: [set_release_version, test] - runs-on: ubuntu-latest - env: - VERSION: ${{ needs.set_release_version.outputs.version }} - outputs: - tag_exists: ${{ steps.check_tag.outputs.tag_exists }} - proceed_with_publish: ${{ steps.check_tag.outputs.proceed_with_publish }} - artifact_name: ${{ steps.set_artifact_name.outputs.artifact_name }} - steps: - - name: Set Artifact Name - id: set_artifact_name - run: | - echo "artifact_name=${{ env.RELEASE_FILE_PREFIX }}_${{ env.TARGET_PLATFORM }}_${{ env.VERSION }}" >> $GITHUB_OUTPUT - - name: Check if this version is already built - id: check_tag - run: | - TAG_EXISTS=$(curl -o /dev/null -s -w "%{http_code}\n" -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" https://api.github.com/repos/${{ github.repository }}/git/refs/tags/${{ env.VERSION }}) - - if [[ "$TAG_EXISTS" -eq 200 ]]; then - echo "Tag exists. Checking for release asset." - RELEASE_ID=$(curl -s -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" https://api.github.com/repos/${{ github.repository }}/releases/tags/${{ env.VERSION }} | jq -r '.id') - - if [[ -z "$RELEASE_ID" || "$RELEASE_ID" == "null" ]]; then - echo "Release ID is empty or null. Proceeding to publish." - echo "tag_exists=false" >> $GITHUB_OUTPUT - echo "proceed_with_publish=true" >> $GITHUB_OUTPUT - exit 0 - fi - - RAW_RESPONSE=$(curl -s -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" https://api.github.com/repos/${{ github.repository }}/releases/$RELEASE_ID/assets) - echo "Raw Response: $RAW_RESPONSE" - - JSON_TYPE=$(echo "$RAW_RESPONSE" | jq -r 'type') - if [[ "$JSON_TYPE" == "object" ]]; then - echo "RAW_RESPONSE is a JSON object." - # Check if RAW_RESPONSE contains a "message" field with the value "Not Found" - MESSAGE_VALUE=$(echo "$RAW_RESPONSE" | jq -r '.message // ""') - - if [[ "$MESSAGE_VALUE" == "Not Found" ]]; then - echo "No assets found for this release. Proceeding to publish." - echo "tag_exists=true" >> $GITHUB_OUTPUT - echo "proceed_with_publish=true" >> $GITHUB_OUTPUT - exit 0 - elif [[ ! -z "$MESSAGE_VALUE" ]]; then - echo "An unexpected error occurred: $MESSAGE_VALUE. Exiting." - exit 1 - fi - - elif [[ "$JSON_TYPE" == "array" ]]; then - echo "RAW_RESPONSE is a JSON array." - ASSET_EXISTS=$(echo "$RAW_RESPONSE" | jq -r '.[] | select(.name=="${{ steps.set_artifact_name.outputs.artifact_name }}.zip").id') - - if [[ ! -z "$ASSET_EXISTS" ]]; then - echo "Release asset exists. No need to publish." - echo "tag_exists=true" >> $GITHUB_OUTPUT - echo "proceed_with_publish=false" >> $GITHUB_OUTPUT - else - echo "Release asset does not exist. Proceeding to publish." - echo "tag_exists=true" >> $GITHUB_OUTPUT - echo "proceed_with_publish=true" >> $GITHUB_OUTPUT - fi - else - echo "RAW_RESPONSE is neither a JSON object nor an array. Type: $JSON_TYPE" - exit 1 - fi - - else - echo "Tag does not exist. Proceeding to publish." - echo "tag_exists=false" >> $GITHUB_OUTPUT - echo "proceed_with_publish=true" >> $GITHUB_OUTPUT - fi - - build_info: - needs: [set_release_version, check_tag] - runs-on: ubuntu-latest - steps: - - name: Checkout - run: | - echo "Version: ${{ needs.set_release_version.outputs.version }}" - echo "Tag Exists: ${{ needs.check_tag.outputs.tag_exists }}" - echo "Proceed with Publish: ${{ needs.check_tag.outputs.proceed_with_publish }}" - echo "Artifact Name: ${{ needs.check_tag.outputs.artifact_name }}" - - build: - needs: [set_release_version, check_tag] - if: needs.check_tag.outputs.proceed_with_publish == 'true' - permissions: - deployments: write - contents: write - runs-on: windows-latest - env: - VERSION: ${{ needs.set_release_version.outputs.version }} - ARTIFACT_NAME: ${{ needs.check_tag.outputs.artifact_name }} - steps: - - name: Checkout - uses: actions/checkout@v3 - - - name: Setup .NET - uses: actions/setup-dotnet@v3 - with: - dotnet-version: ${{ env.DOTNET_VERSION }} - - - name: Build - run: dotnet build --configuration Release - - - name: Publish Project - shell: pwsh - run: | - pushd './${{ env.PROJECT_FOLDER }}' - dotnet build --configuration Release --output ./output - popd - - - name: Compressing artifact - run: | - $currentPath = Get-Location - Compress-Archive -Path "$currentPath\${{ env.PROJECT_FOLDER }}\output\*" -DestinationPath "${{ env.ARTIFACT_NAME }}.zip" - - - name: Uploading artifact - id: upload_artifact - uses: actions/upload-artifact@v3 - with: - name: "${{ env.ARTIFACT_NAME }}" - path: "${{ env.ARTIFACT_NAME }}.zip" - if-no-files-found: error - - deploy: - needs: [set_release_version, check_tag, build] - permissions: - contents: write - runs-on: ubuntu-latest - env: - VERSION: ${{ needs.set_release_version.outputs.version }} - ARTIFACT_NAME: ${{ needs.check_tag.outputs.artifact_name }} - steps: - - name: Where Am I? What is going on? - run: | - echo "$(pwd) | ${{ env.VERSION }}" - ls -la - - - name: Checkout - uses: actions/checkout@v3 - - - name: Setup Git - run: | - git config user.name "GitHub Actions" - git config user.email "github-actions@github.com" - - - name: Downloading artifact - uses: actions/download-artifact@v3 - with: - name: "${{ env.ARTIFACT_NAME }}" - - - name: Extracting artifact - run: | - unzip "${{ env.ARTIFACT_NAME }}.zip" -d "./output" - - - name: 'Run Azure Functions Action' - uses: Azure/functions-action@v1 - id: fa - with: - app-name: ${{ secrets.AZFN_DATA_TRANSFER_APP_NAME }} - slot-name: 'Production' - package: './output' - publish-profile: ${{ secrets.AZUREAPPSERVICE_PUBLISHPROFILE_4FA5B62EE7A54F0FB008C8F7AC985444 }} - - - name: Create Tag - if: needs.check_tag.outputs.tag_exists == false - run: | - git tag ${{ env.VERSION }} - git push origin ${{ env.VERSION }} - - - name: Create Release - id: create_release - uses: softprops/action-gh-release@v1 - env: - token: ${{ secrets.GITHUB_TOKEN }} - with: - tag_name: ${{ env.VERSION }} - name: ${{ env.VERSION }} - draft: false - prerelease: false - fail_on_unmatched_files: true - files: "${{ env.ARTIFACT_NAME }}.zip" + deploy-using-template: + uses: ./.github/workflows/template-test-build-and-publish-to-azure.yml + with: + dotnetVersion: '6.0.x' + targetPlatform: win-x64 + targetRuntime: net6.0 + projectFolder: Raccoon.Ninja.AzFn.DataTransfer + projectFile: Raccoon.Ninja.AzFn.DataTransfer.csproj + releaseFilePrefix: "AzFnDataTransfer" + publishToAzure: true + azureFunctionAppName: ${{ secrets.AZFN_DATA_TRANSFER_APP_NAME }} + azurePublishProfile: ${{ secrets.AZUREAPPSERVICE_PUBLISHPROFILE_4FA5B62EE7A54F0FB008C8F7AC985444 }} + secrets: + githubToken: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/master-publish-glucose-mon-app.yml b/.github/workflows/master-publish-glucose-mon-app.yml index adb2472..c6aa3b5 100644 --- a/.github/workflows/master-publish-glucose-mon-app.yml +++ b/.github/workflows/master-publish-glucose-mon-app.yml @@ -1,214 +1,21 @@ -name: CGM Data Display App (CI/CD) +name: CGM Data Display App CI/CD Using Reusable Workflow + on: push: branches: - master workflow_dispatch: -env: - DOTNET_VERSION: '6.0.x' - TARGET_PLATFORM: win-x64 - TARGET_RUNTIME: net6.0-windows - PROJECT_FOLDER: Raccoon.Ninja.WForm.GlucoseIcon - PROJECT_FILE: Raccoon.Ninja.WForm.GlucoseIcon.csproj - LAUNCHER_PROJECT_FOLDER: Raccoon.Ninja.Cli.CGMDataDisplayLauncher - LAUNCHER_PROJECT_FILE: Raccoon.Ninja.Cli.CGMDataDisplayLauncher.csproj - RELEASE_FILE_PREFIX: "CGMDataDisplayApp" - jobs: - set_release_version: - runs-on: ubuntu-latest - outputs: - version: ${{ steps.set_version.outputs.version }} - steps: - - name: Checkout - uses: actions/checkout@v3 - - name: Define next release version - id: set_version - run: echo "version=$(cat ${{ env.PROJECT_FOLDER }}/${{ env.PROJECT_FILE }} | grep -oP '(?<=).*(?=<\/AssemblyVersion>)')" >> $GITHUB_OUTPUT - - test: - needs: set_release_version - permissions: - deployments: write - contents: write - runs-on: windows-latest - steps: - - name: Checkout - uses: actions/checkout@v3 - - - name: Setup .NET - uses: actions/setup-dotnet@v3 - with: - dotnet-version: ${{ env.DOTNET_VERSION }} - - - name: Test - run: dotnet test ${{ env.PROJECT_FOLDER }}/${{ env.PROJECT_FILE }} --verbosity normal - - check_tag: - needs: [set_release_version, test] - runs-on: ubuntu-latest - env: - VERSION: ${{ needs.set_release_version.outputs.version }} - outputs: - tag_exists: ${{ steps.check_tag.outputs.tag_exists }} - proceed_with_publish: ${{ steps.check_tag.outputs.proceed_with_publish }} - artifact_name: ${{ steps.set_artifact_name.outputs.artifact_name }} - steps: - - name: Set Artifact Name - id: set_artifact_name - run: | - echo "artifact_name=${{ env.RELEASE_FILE_PREFIX }}_${{ env.TARGET_PLATFORM }}_${{ env.VERSION }}" >> $GITHUB_OUTPUT - - name: Check if this version is already built - id: check_tag - run: | - TAG_EXISTS=$(curl -o /dev/null -s -w "%{http_code}\n" -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" https://api.github.com/repos/${{ github.repository }}/git/refs/tags/${{ env.VERSION }}) - - if [[ "$TAG_EXISTS" -eq 200 ]]; then - echo "Tag exists. Checking for release asset." - RELEASE_ID=$(curl -s -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" https://api.github.com/repos/${{ github.repository }}/releases/tags/${{ env.VERSION }} | jq -r '.id') - - if [[ -z "$RELEASE_ID" || "$RELEASE_ID" == "null" ]]; then - echo "Release ID is empty or null. Proceeding to publish." - echo "tag_exists=false" >> $GITHUB_OUTPUT - echo "proceed_with_publish=true" >> $GITHUB_OUTPUT - exit 0 - fi - - RAW_RESPONSE=$(curl -s -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" https://api.github.com/repos/${{ github.repository }}/releases/$RELEASE_ID/assets) - echo "Raw Response: $RAW_RESPONSE" - - JSON_TYPE=$(echo "$RAW_RESPONSE" | jq -r 'type') - if [[ "$JSON_TYPE" == "object" ]]; then - echo "RAW_RESPONSE is a JSON object." - # Check if RAW_RESPONSE contains a "message" field with the value "Not Found" - MESSAGE_VALUE=$(echo "$RAW_RESPONSE" | jq -r '.message // ""') - - if [[ "$MESSAGE_VALUE" == "Not Found" ]]; then - echo "No assets found for this release. Proceeding to publish." - echo "tag_exists=true" >> $GITHUB_OUTPUT - echo "proceed_with_publish=true" >> $GITHUB_OUTPUT - exit 0 - elif [[ ! -z "$MESSAGE_VALUE" ]]; then - echo "An unexpected error occurred: $MESSAGE_VALUE. Exiting." - exit 1 - fi - - elif [[ "$JSON_TYPE" == "array" ]]; then - echo "RAW_RESPONSE is a JSON array." - ASSET_EXISTS=$(echo "$RAW_RESPONSE" | jq -r '.[] | select(.name=="${{ steps.set_artifact_name.outputs.artifact_name }}.zip").id') - - if [[ ! -z "$ASSET_EXISTS" ]]; then - echo "Release asset exists. No need to publish." - echo "tag_exists=true" >> $GITHUB_OUTPUT - echo "proceed_with_publish=false" >> $GITHUB_OUTPUT - else - echo "Release asset does not exist. Proceeding to publish." - echo "tag_exists=true" >> $GITHUB_OUTPUT - echo "proceed_with_publish=true" >> $GITHUB_OUTPUT - fi - else - echo "RAW_RESPONSE is neither a JSON object nor an array. Type: $JSON_TYPE" - exit 1 - fi - - else - echo "Tag does not exist. Proceeding to publish." - echo "tag_exists=false" >> $GITHUB_OUTPUT - echo "proceed_with_publish=true" >> $GITHUB_OUTPUT - fi - - build_info: - needs: [set_release_version, check_tag] - runs-on: ubuntu-latest - steps: - - name: Checkout - run: | - echo "Version: ${{ needs.set_release_version.outputs.version }}" - echo "Tag Exists: ${{ needs.check_tag.outputs.tag_exists }}" - echo "Proceed with Publish: ${{ needs.check_tag.outputs.proceed_with_publish }}" - echo "Artifact Name: ${{ needs.check_tag.outputs.artifact_name }}" - - build: - needs: [set_release_version, check_tag] - if: needs.check_tag.outputs.proceed_with_publish == 'true' - permissions: - deployments: write - contents: write - runs-on: windows-latest - env: - VERSION: ${{ needs.set_release_version.outputs.version }} - ARTIFACT_NAME: ${{ needs.check_tag.outputs.artifact_name }} - steps: - - name: Checkout - uses: actions/checkout@v3 - - - name: Setup .NET - uses: actions/setup-dotnet@v3 - with: - dotnet-version: ${{ env.DOTNET_VERSION }} - - - name: Building Project - run: dotnet build ${{ env.PROJECT_FOLDER }}/${{ env.PROJECT_FILE }} --configuration Release --output ./output - - - name: Building Launcher - run: dotnet build ${{ env.LAUNCHER_PROJECT_FOLDER }}/${{ env.LAUNCHER_PROJECT_FILE }} --configuration Release --output ./output - - - name: Compressing artifact - run: | - $currentPath = Get-Location - Compress-Archive -Path "$currentPath\output\*" -DestinationPath "${{ env.ARTIFACT_NAME }}.zip" - - - name: Uploading artifact - id: upload_artifact - uses: actions/upload-artifact@v3 - with: - name: "${{ env.ARTIFACT_NAME }}" - path: "${{ env.ARTIFACT_NAME }}.zip" - if-no-files-found: error - - deploy: - needs: [set_release_version, check_tag, build] - permissions: - contents: write - runs-on: ubuntu-latest - env: - VERSION: ${{ needs.set_release_version.outputs.version }} - ARTIFACT_NAME: ${{ needs.check_tag.outputs.artifact_name }} - steps: - - name: Where Am I? What is going on? - run: | - echo "$(pwd) | ${{ env.VERSION }}" - ls -la - - - name: Checkout - uses: actions/checkout@v3 - - - name: Setup Git - run: | - git config user.name "GitHub Actions" - git config user.email "github-actions@github.com" - - - name: Create Tag - if: needs.check_tag.outputs.tag_exists == false - run: | - git tag ${{ env.VERSION }} - git push origin ${{ env.VERSION }} - - - name: Downloading artifact - uses: actions/download-artifact@v3 - with: - name: "${{ env.ARTIFACT_NAME }}" - - - name: Create Release - id: create_release - uses: softprops/action-gh-release@v1 - env: - token: ${{ secrets.GITHUB_TOKEN }} - with: - tag_name: ${{ env.VERSION }} - name: ${{ env.VERSION }} - draft: false - prerelease: false - fail_on_unmatched_files: true - files: "${{ env.ARTIFACT_NAME }}.zip" + deploy-using-template: + uses: ./.github/workflows/template-test-build-and-publish-to-azure.yml + with: + dotnetVersion: '6.0.x' + targetPlatform: win-x64 + targetRuntime: net6.0-windows + projectFolder: Raccoon.Ninja.WForm.GlucoseIcon + projectFile: Raccoon.Ninja.WForm.GlucoseIcon.csproj + releaseFilePrefix: "CGMDataDisplayApp" + publishToAzure: false + secrets: + githubToken: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/qa-auto-monthly.yml b/.github/workflows/qa-auto-monthly.yml new file mode 100644 index 0000000..c5c1bd2 --- /dev/null +++ b/.github/workflows/qa-auto-monthly.yml @@ -0,0 +1,20 @@ +name: Monthly SonarCloud Analysis + +on: + schedule: + # Runs at 2 AM UTC on the 1st of every month + # This will help keep the project alive on SonarCloud.io + - cron: '0 2 1 * *' + +jobs: + sonarcloud-analysis: + uses: ./.github/workflows//template-qa-sonarcloud.yml + with: + projectKey: 'brenordv_nightscout-companion-apps' + organization: 'raccoon-ninja' + branchName: 'master' + verbose: true + + secrets: + githubToken: ${{ secrets.GITHUB_TOKEN }} + sonarToken: ${{ secrets.SONAR_TOKEN }} diff --git a/.github/workflows/qa-on-pull-requests.yml b/.github/workflows/qa-on-pull-requests.yml new file mode 100644 index 0000000..f4ebe89 --- /dev/null +++ b/.github/workflows/qa-on-pull-requests.yml @@ -0,0 +1,19 @@ +name: SonarCloud analysis on pull requests +on: + push: + branches: + - '**' + pull_request: + types: [opened, synchronize, reopened] + +jobs: + sonarcloud-analysis: + uses: ./.github/workflows//template-qa-sonarcloud.yml + with: + projectKey: 'brenordv_nightscout-companion-apps' + organization: 'raccoon-ninja' + verbose: true + + secrets: + githubToken: ${{ secrets.GITHUB_TOKEN }} + sonarToken: ${{ secrets.SONAR_TOKEN }} diff --git a/.github/workflows/template-qa-sonarcloud.yml b/.github/workflows/template-qa-sonarcloud.yml new file mode 100644 index 0000000..629f377 --- /dev/null +++ b/.github/workflows/template-qa-sonarcloud.yml @@ -0,0 +1,90 @@ +name: SonarCloud Analysis Template +on: + workflow_call: + inputs: + projectKey: + description: '[Required] SonarCloud project key.' + required: true + type: string + organization: + description: '[Required] SonarCloud organization.' + required: true + type: string + branchName: + description: 'Branch to run analysis on. (Defaults to the current branch if not specified.)' + required: false + type: string + verbose: + description: 'Enable verbose logging for SonarCloud analysis. (Default: true)' + required: false + type: boolean + default: true + sonarExclusions: + description: 'Files and directories to exclude from SonarCloud analysis. (Default: empty)' + required: false + type: string + default: '' + coverageExclusions: + description: 'Files and directories to exclude from coverage. (Default: empty)' + required: false + type: string + default: '' + secrets: + githubToken: + description: '[Required] GitHub token for PR information and checkouts.' + required: true + sonarToken: + description: '[Required] SonarCloud token for authentication.' + required: true + +jobs: + build: + name: Build and analyze + runs-on: windows-latest + steps: + - name: Installing dotnet-coverage + shell: powershell + run: dotnet tool install --global dotnet-coverage + - name: Installing xmldocmd + shell: powershell + run: dotnet tool install --global xmldocmd + - name: Set up JDK 11 + uses: actions/setup-java@v1 + with: + java-version: 1.11 + - uses: actions/checkout@v2 + with: + fetch-depth: 0 + ref: ${{ inputs.branchName }} + - name: Cache SonarCloud packages + uses: actions/cache@v1 + with: + path: ~\sonar\cache + key: ${{ runner.os }}-sonar + restore-keys: ${{ runner.os }}-sonar + - name: Cache SonarCloud scanner + id: cache-sonar-scanner + uses: actions/cache@v1 + with: + path: .\.sonar\scanner + key: ${{ runner.os }}-sonar-scanner + restore-keys: ${{ runner.os }}-sonar-scanner + - name: Install SonarCloud scanner + if: steps.cache-sonar-scanner.outputs.cache-hit != 'true' + shell: powershell + run: | + New-Item -Path .\.sonar\scanner -ItemType Directory + dotnet tool update dotnet-sonarscanner --tool-path .\.sonar\scanner + - name: Build and analyze + env: + GITHUB_TOKEN: ${{ secrets.githubToken }} + SONAR_TOKEN: ${{ secrets.sonarToken }} + shell: powershell + run: | + $verboseFlag = ${{ inputs.verbose }} + $sonarExclusions = "${{ inputs.sonarExclusions }}" + $coverageExclusions = "${{ inputs.coverageExclusions }}" + .\.sonar\scanner\dotnet-sonarscanner begin /k:"${{ inputs.projectKey }}" /o:"${{ inputs.organization }}" /d:sonar.login="${{ secrets.sonarToken }}" /d:sonar.host.url="https://sonarcloud.io" /d:"sonar.verbose=$verboseFlag" /d:sonar.cs.vscoveragexml.reportsPaths=coverage.xml /d:sonar.exclusions="$sonarExclusions" /d:sonar.coverage.exclusions="$coverageExclusions" + dotnet build --configuration Release + dotnet-coverage collect 'dotnet test' -f xml -o 'coverage.xml' + .\.sonar\scanner\dotnet-sonarscanner end /d:sonar.login="${{ secrets.sonarToken }}" diff --git a/.github/workflows/template-test-build-and-publish-to-azure.yml b/.github/workflows/template-test-build-and-publish-to-azure.yml new file mode 100644 index 0000000..1f11012 --- /dev/null +++ b/.github/workflows/template-test-build-and-publish-to-azure.yml @@ -0,0 +1,287 @@ +name: Full Publish Pipeline Template Workflow +# This template will test, build, create a new release with the .zip artifacts, and deploy to Azure Functions. +# +# To create a new release, the of the csproj must be updated. If it's the same, no new release +# will be created. +# +# If publishToAzure input is set to true, the workflow will also deploy the new release to the Azure Functions App. + +on: + workflow_call: + inputs: + dotnetVersion: + description: '[Required] The version of .NET to use. Example: "6.0.x"' + required: true + type: string + targetPlatform: + description: '[Required] The target platform for the build. Example: "win-x64"' + required: true + type: string + targetRuntime: + description: '[Required] The target runtime for the build. Example: "net6.0"' + required: true + type: string + projectFolder: + description: '[Required] The folder where the project is located. Example: "Raccoon.Ninja.AzFn.DataApi"' + required: true + type: string + projectFile: + description: '[Required] The project file. Example: "Raccoon.Ninja.AzFn.DataApi.csproj"' + required: true + type: string + releaseFilePrefix: + description: '[Required] The prefix for the release file. Example: "AzFnDataApi"' + required: true + type: string + publishToAzure: + description: '[Required] If true, the workflow will deploy the new release to the Azure Functions App.' + required: true + type: boolean + azureFunctionAppName: + description: '[Required only if publishToAzure is true] The name of the Azure Functions App to deploy to.' + required: false + type: string + azurePublishProfile: + description: '[Required only if publishToAzure is true] The Azure Publish Profile for deployment.' + required: false + type: string + secrets: + githubToken: + description: '[Required] The GitHub token to use for the workflow.' + required: true + +jobs: + set_release_version: + runs-on: ubuntu-latest + outputs: + version: ${{ steps.set_version.outputs.version }} + steps: + - name: Checkout + uses: actions/checkout@v3 + - name: Define next release version + id: set_version + run: echo "version=$(cat ${{ inputs.projectFolder }}/${{ inputs.projectFile }} | grep -oP '(?<=).*(?=<\/AssemblyVersion>)')" >> $GITHUB_OUTPUT + + test: + needs: set_release_version + permissions: + deployments: write + contents: write + runs-on: windows-latest + steps: + - name: Checkout + uses: actions/checkout@v3 + + - name: Setup .NET + uses: actions/setup-dotnet@v3 + with: + dotnet-version: ${{ inputs.dotnetVersion }} + + - name: Test + run: dotnet test ${{ inputs.projectFolder }}/${{ inputs.projectFile }} --verbosity normal + + check_tag: + needs: [set_release_version, test] + runs-on: ubuntu-latest + env: + VERSION: ${{ needs.set_release_version.outputs.version }} + outputs: + tag_exists: ${{ steps.check_tag.outputs.tag_exists }} + proceed_with_publish: ${{ steps.check_tag.outputs.proceed_with_publish }} + artifact_name: ${{ steps.set_artifact_name.outputs.artifact_name }} + steps: + - name: Set Artifact Name + id: set_artifact_name + run: | + echo "artifact_name=${{ inputs.releaseFilePrefix }}_${{ inputs.targetPlatform }}_${{ env.VERSION }}" >> $GITHUB_OUTPUT + - name: Check if this version is already built + id: check_tag + run: | + TAG_EXISTS=$(curl -o /dev/null -s -w "%{http_code}\n" -H "Authorization: token ${{ secrets.githubToken }}" https://api.github.com/repos/${{ github.repository }}/git/refs/tags/${{ env.VERSION }}) + + if [[ "$TAG_EXISTS" -eq 200 ]]; then + echo "Tag exists. Checking for release asset." + RELEASE_ID=$(curl -s -H "Authorization: token ${{ secrets.githubToken }}" https://api.github.com/repos/${{ github.repository }}/releases/tags/${{ env.VERSION }} | jq -r '.id') + + if [[ -z "$RELEASE_ID" || "$RELEASE_ID" == "null" ]]; then + echo "Release ID is empty or null. Proceeding to publish." + echo "tag_exists=false" >> $GITHUB_OUTPUT + echo "proceed_with_publish=true" >> $GITHUB_OUTPUT + exit 0 + fi + + RAW_RESPONSE=$(curl -s -H "Authorization: token ${{ secrets.githubToken }}" https://api.github.com/repos/${{ github.repository }}/releases/$RELEASE_ID/assets) + echo "Raw Response: $RAW_RESPONSE" + + JSON_TYPE=$(echo "$RAW_RESPONSE" | jq -r 'type') + if [[ "$JSON_TYPE" == "object" ]]; then + echo "RAW_RESPONSE is a JSON object." + # Check if RAW_RESPONSE contains a "message" field with the value "Not Found" + MESSAGE_VALUE=$(echo "$RAW_RESPONSE" | jq -r '.message // ""') + + if [[ "$MESSAGE_VALUE" == "Not Found" ]]; then + echo "No assets found for this release. Proceeding to publish." + echo "tag_exists=true" >> $GITHUB_OUTPUT + echo "proceed_with_publish=true" >> $GITHUB_OUTPUT + exit 0 + elif [[ ! -z "$MESSAGE_VALUE" ]]; then + echo "An unexpected error occurred: $MESSAGE_VALUE. Exiting." + exit 1 + fi + + elif [[ "$JSON_TYPE" == "array" ]]; then + echo "RAW_RESPONSE is a JSON array." + ASSET_EXISTS=$(echo "$RAW_RESPONSE" | jq -r '.[] | select(.name=="${{ steps.set_artifact_name.outputs.artifact_name }}.zip").id') + + if [[ ! -z "$ASSET_EXISTS" ]]; then + echo "Release asset exists. No need to publish." + echo "tag_exists=true" >> $GITHUB_OUTPUT + echo "proceed_with_publish=false" >> $GITHUB_OUTPUT + else + echo "Release asset does not exist. Proceeding to publish." + echo "tag_exists=true" >> $GITHUB_OUTPUT + echo "proceed_with_publish=true" >> $GITHUB_OUTPUT + fi + else + echo "RAW_RESPONSE is neither a JSON object nor an array. Type: $JSON_TYPE" + exit 1 + fi + + else + echo "Tag does not exist. Proceeding to publish." + echo "tag_exists=false" >> $GITHUB_OUTPUT + echo "proceed_with_publish=true" >> $GITHUB_OUTPUT + fi + + validate_azure_inputs_for_publishing: + if: inputs.publishToAzure == true + runs-on: ubuntu-latest + steps: + - name: Check Azure Function App Name + run: | + if [ -z "${{ inputs.azureFunctionAppName }}" ]; then + echo "Azure Function App Name (azureFunctionAppName) is empty or not set." + exit 1 + else + echo "Azure Function App Name is set to '${{ inputs.azureFunctionAppName }}'." + fi + - name: Check Azure Publish Profile + run: | + if [ -z "${{ inputs.azurePublishProfile }}" ]; then + echo "Azure Publish Profile (azurePublishProfile) is empty or not set." + exit 1 + else + echo "Azure Publish Profile is set." + fi + + build_info: + needs: [set_release_version, check_tag] + runs-on: ubuntu-latest + steps: + - name: Checkout + run: | + echo "Version: ${{ needs.set_release_version.outputs.version }}" + echo "Tag Exists: ${{ needs.check_tag.outputs.tag_exists }}" + echo "Proceed with Publish: ${{ needs.check_tag.outputs.proceed_with_publish }}" + echo "Artifact Name: ${{ needs.check_tag.outputs.artifact_name }}" + + build: + needs: [set_release_version, check_tag] + if: needs.check_tag.outputs.proceed_with_publish == 'true' + permissions: + deployments: write + contents: write + runs-on: windows-latest + env: + VERSION: ${{ needs.set_release_version.outputs.version }} + ARTIFACT_NAME: ${{ needs.check_tag.outputs.artifact_name }} + steps: + - name: Checkout + uses: actions/checkout@v3 + + - name: Setup .NET + uses: actions/setup-dotnet@v3 + with: + dotnet-version: ${{ inputs.dotnetVersion }} + + - name: Build + run: dotnet build --configuration Release + + - name: Publish Project + shell: pwsh + run: | + pushd './${{ inputs.projectFolder }}' + dotnet build --configuration Release --output ./output + popd + + - name: Compressing artifact + run: | + $currentPath = Get-Location + Compress-Archive -Path "$currentPath\${{ inputs.projectFolder }}\output\*" -DestinationPath "${{ env.ARTIFACT_NAME }}.zip" + + - name: Uploading artifact + id: upload_artifact + uses: actions/upload-artifact@v3 + with: + name: "${{ env.ARTIFACT_NAME }}" + path: "${{ env.ARTIFACT_NAME }}.zip" + if-no-files-found: error + + deploy: + needs: [ set_release_version, check_tag, build ] + permissions: + contents: write + runs-on: ubuntu-latest + env: + VERSION: ${{ needs.set_release_version.outputs.version }} + ARTIFACT_NAME: ${{ needs.check_tag.outputs.artifact_name }} + steps: + - name: Where Am I? What is going on? + run: | + echo "$(pwd) | ${{ env.VERSION }}" + ls -la + + - name: Checkout + uses: actions/checkout@v3 + + - name: Setup Git + run: | + git config user.name "GitHub Actions" + git config user.email "github-actions@github.com" + + - name: Downloading artifact + uses: actions/download-artifact@v3 + with: + name: "${{ env.ARTIFACT_NAME }}" + + - name: Extracting artifact + run: | + unzip "${{ env.ARTIFACT_NAME }}.zip" -d "./output" + + - name: 'Publish to Azure Functions App' + uses: Azure/functions-action@v1 + if: inputs.publishToAzure == true + with: + app-name: ${{ inputs.azureFunctionAppName }} + slot-name: 'Production' + package: './output' + publish-profile: ${{ inputs.azurePublishProfile }} + + - name: Create Tag + if: needs.check_tag.outputs.tag_exists == false + run: | + git tag ${{ env.VERSION }} + git push origin ${{ env.VERSION }} + + - name: Create Release + id: create_release + uses: softprops/action-gh-release@v1 + env: + token: ${{ secrets.githubToken }} + with: + tag_name: ${{ env.VERSION }} + name: ${{ env.VERSION }} + draft: false + prerelease: false + fail_on_unmatched_files: true + files: "${{ env.ARTIFACT_NAME }}.zip" diff --git a/NightScout.Raccoon.sln b/NightScout.Raccoon.sln index e78840c..b88357d 100644 --- a/NightScout.Raccoon.sln +++ b/NightScout.Raccoon.sln @@ -10,6 +10,10 @@ Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "98. Docs", "98. Docs", "{B4 .github\workflows\master-publish-dataapi.yml = .github\workflows\master-publish-dataapi.yml .github\workflows\master-publish-datatransfer.yml = .github\workflows\master-publish-datatransfer.yml .github\workflows\master-publish-glucose-mon-app.yml = .github\workflows\master-publish-glucose-mon-app.yml + .github\workflows\template-test-build-and-publish-to-azure.yml = .github\workflows\template-test-build-and-publish-to-azure.yml + .github\workflows\template-qa-sonarcloud.yml = .github\workflows\template-qa-sonarcloud.yml + .github\workflows\qa-auto-monthly.yml = .github\workflows\qa-auto-monthly.yml + .github\workflows\qa-on-pull-requests.yml = .github\workflows\qa-on-pull-requests.yml EndProjectSection EndProject Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "01. Domain", "01. Domain", "{11F72AFB-B94A-4E9A-8817-F1FB60E9DF6D}" From 7ee3f83c89d47e5c41681a658133728caa340bbc Mon Sep 17 00:00:00 2001 From: Breno RdV Date: Sat, 3 Feb 2024 23:38:41 -0500 Subject: [PATCH 2/5] feature/workflow-template: removed an extra / on the 'uses' statement. --- .github/workflows/qa-auto-monthly.yml | 2 +- .github/workflows/qa-on-pull-requests.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/qa-auto-monthly.yml b/.github/workflows/qa-auto-monthly.yml index c5c1bd2..f5839f9 100644 --- a/.github/workflows/qa-auto-monthly.yml +++ b/.github/workflows/qa-auto-monthly.yml @@ -8,7 +8,7 @@ on: jobs: sonarcloud-analysis: - uses: ./.github/workflows//template-qa-sonarcloud.yml + uses: ./.github/workflows/template-qa-sonarcloud.yml with: projectKey: 'brenordv_nightscout-companion-apps' organization: 'raccoon-ninja' diff --git a/.github/workflows/qa-on-pull-requests.yml b/.github/workflows/qa-on-pull-requests.yml index f4ebe89..4d38a9c 100644 --- a/.github/workflows/qa-on-pull-requests.yml +++ b/.github/workflows/qa-on-pull-requests.yml @@ -8,7 +8,7 @@ on: jobs: sonarcloud-analysis: - uses: ./.github/workflows//template-qa-sonarcloud.yml + uses: ./.github/workflows/template-qa-sonarcloud.yml with: projectKey: 'brenordv_nightscout-companion-apps' organization: 'raccoon-ninja' From 899cdc8251f8bc1419dae8f7a4d4b9921e728654 Mon Sep 17 00:00:00 2001 From: Breno RdV Date: Sat, 3 Feb 2024 23:47:57 -0500 Subject: [PATCH 3/5] =?UTF-8?q?feature/workflow-template:=20Fixed=20(?= =?UTF-8?q?=F0=9F=A4=9E)=20the=20Sonarcloud=20workflow.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/qa-auto-monthly.yml | 2 +- .github/workflows/qa-on-pull-requests.yml | 1 + .github/workflows/template-qa-sonarcloud.yml | 13 +++++++++++-- 3 files changed, 13 insertions(+), 3 deletions(-) diff --git a/.github/workflows/qa-auto-monthly.yml b/.github/workflows/qa-auto-monthly.yml index f5839f9..48c72d8 100644 --- a/.github/workflows/qa-auto-monthly.yml +++ b/.github/workflows/qa-auto-monthly.yml @@ -3,7 +3,7 @@ name: Monthly SonarCloud Analysis on: schedule: # Runs at 2 AM UTC on the 1st of every month - # This will help keep the project alive on SonarCloud.io + # This will help keep me being on top of any new security issue. :) - cron: '0 2 1 * *' jobs: diff --git a/.github/workflows/qa-on-pull-requests.yml b/.github/workflows/qa-on-pull-requests.yml index 4d38a9c..e32dfa6 100644 --- a/.github/workflows/qa-on-pull-requests.yml +++ b/.github/workflows/qa-on-pull-requests.yml @@ -1,4 +1,5 @@ name: SonarCloud analysis on pull requests + on: push: branches: diff --git a/.github/workflows/template-qa-sonarcloud.yml b/.github/workflows/template-qa-sonarcloud.yml index 629f377..6d8029b 100644 --- a/.github/workflows/template-qa-sonarcloud.yml +++ b/.github/workflows/template-qa-sonarcloud.yml @@ -81,10 +81,19 @@ jobs: SONAR_TOKEN: ${{ secrets.sonarToken }} shell: powershell run: | - $verboseFlag = ${{ inputs.verbose }} + $verboseFlag = if (${{ inputs.verbose }}) {"true"} else {"false"} $sonarExclusions = "${{ inputs.sonarExclusions }}" $coverageExclusions = "${{ inputs.coverageExclusions }}" - .\.sonar\scanner\dotnet-sonarscanner begin /k:"${{ inputs.projectKey }}" /o:"${{ inputs.organization }}" /d:sonar.login="${{ secrets.sonarToken }}" /d:sonar.host.url="https://sonarcloud.io" /d:"sonar.verbose=$verboseFlag" /d:sonar.cs.vscoveragexml.reportsPaths=coverage.xml /d:sonar.exclusions="$sonarExclusions" /d:sonar.coverage.exclusions="$coverageExclusions" + + $sonarBeginCmd = ".\.sonar\scanner\dotnet-sonarscanner begin /k:`"${{ inputs.projectKey }}`" /o:`"${{ inputs.organization }}`" /d:sonar.login=`"${{ secrets.sonarToken }}`" /d:sonar.host.url=`"https://sonarcloud.io`" /d:`"sonar.verbose=$verboseFlag`"" + if (-not [string]::IsNullOrWhiteSpace($sonarExclusions)) { + $sonarBeginCmd += " /d:`"sonar.exclusions=$sonarExclusions`"" + } + if (-not [string]::IsNullOrWhiteSpace($coverageExclusions)) { + $sonarBeginCmd += " /d:`"sonar.coverage.exclusions=$coverageExclusions`"" + } + + Invoke-Expression $sonarBeginCmd dotnet build --configuration Release dotnet-coverage collect 'dotnet test' -f xml -o 'coverage.xml' .\.sonar\scanner\dotnet-sonarscanner end /d:sonar.login="${{ secrets.sonarToken }}" From de109ba741dbf8961f8591803c44c8c6767ddb28 Mon Sep 17 00:00:00 2001 From: Breno RdV Date: Sun, 4 Feb 2024 00:04:14 -0500 Subject: [PATCH 4/5] =?UTF-8?q?feature/workflow-template:=20Trying=20to=20?= =?UTF-8?q?make=20SonarCloud=20pipeline=20work.=20=F0=9F=A4=9E?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/template-qa-sonarcloud.yml | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/.github/workflows/template-qa-sonarcloud.yml b/.github/workflows/template-qa-sonarcloud.yml index 6d8029b..652c3c5 100644 --- a/.github/workflows/template-qa-sonarcloud.yml +++ b/.github/workflows/template-qa-sonarcloud.yml @@ -45,23 +45,29 @@ jobs: - name: Installing dotnet-coverage shell: powershell run: dotnet tool install --global dotnet-coverage + - name: Installing xmldocmd shell: powershell run: dotnet tool install --global xmldocmd - - name: Set up JDK 11 - uses: actions/setup-java@v1 + + - name: Set up JDK 17 + uses: actions/setup-java@v2 with: - java-version: 1.11 + java-version: '17' + distribution: 'temurin' # AdoptOpenJDK is now Eclipse Temurin + - uses: actions/checkout@v2 with: fetch-depth: 0 ref: ${{ inputs.branchName }} + - name: Cache SonarCloud packages uses: actions/cache@v1 with: path: ~\sonar\cache key: ${{ runner.os }}-sonar restore-keys: ${{ runner.os }}-sonar + - name: Cache SonarCloud scanner id: cache-sonar-scanner uses: actions/cache@v1 @@ -69,12 +75,14 @@ jobs: path: .\.sonar\scanner key: ${{ runner.os }}-sonar-scanner restore-keys: ${{ runner.os }}-sonar-scanner + - name: Install SonarCloud scanner if: steps.cache-sonar-scanner.outputs.cache-hit != 'true' shell: powershell run: | New-Item -Path .\.sonar\scanner -ItemType Directory dotnet tool update dotnet-sonarscanner --tool-path .\.sonar\scanner + - name: Build and analyze env: GITHUB_TOKEN: ${{ secrets.githubToken }} From d8826af2d0a62863ece1cba4b456945edaabafe6 Mon Sep 17 00:00:00 2001 From: Breno RdV Date: Sun, 4 Feb 2024 00:12:39 -0500 Subject: [PATCH 5/5] feature/workflow-template: Updating actions to use newer version of Node. --- .github/workflows/template-qa-sonarcloud.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/template-qa-sonarcloud.yml b/.github/workflows/template-qa-sonarcloud.yml index 652c3c5..ab7c0ad 100644 --- a/.github/workflows/template-qa-sonarcloud.yml +++ b/.github/workflows/template-qa-sonarcloud.yml @@ -51,18 +51,18 @@ jobs: run: dotnet tool install --global xmldocmd - name: Set up JDK 17 - uses: actions/setup-java@v2 + uses: actions/setup-java@v3 with: java-version: '17' distribution: 'temurin' # AdoptOpenJDK is now Eclipse Temurin - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 with: fetch-depth: 0 ref: ${{ inputs.branchName }} - name: Cache SonarCloud packages - uses: actions/cache@v1 + uses: actions/cache@v3 with: path: ~\sonar\cache key: ${{ runner.os }}-sonar @@ -70,7 +70,7 @@ jobs: - name: Cache SonarCloud scanner id: cache-sonar-scanner - uses: actions/cache@v1 + uses: actions/cache@v3 with: path: .\.sonar\scanner key: ${{ runner.os }}-sonar-scanner