Skip to content
Pull Request Validation

Bump MxIO.ApiClient from 1.1.34.1 to 1.1.35.1 #147

Sign in to view logs

Bump MxIO.ApiClient from 1.1.34.1 to 1.1.35.1

Bump MxIO.ApiClient from 1.1.34.1 to 1.1.35.1 #147

Workflow file for this run

.github/workflows/pull-request-validation.yml at 33b6e2f
name: Pull Request Validation
on:
workflow_dispatch:
pull_request:
branches:
- main
permissions:
id-token: write # This is required for requesting the JWT
contents: read # This is required for actions/checkout
actions: read # Required by CodeQL
security-events: write # Required by CodeQL
jobs:
dependency-review:
runs-on: ubuntu-latest
steps:
- name: "Checkout Repository"
uses: actions/checkout@v3
- name: "Dependency Review"
uses: actions/dependency-review-action@v2
dotnet-web-ci:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Set up JDK 11
uses: actions/setup-java@v1
with:
java-version: 1.11
- name: Cache SonarCloud packages
uses: actions/cache@v1
with:
path: ~\sonar\cache
key: ${{ runner.os }}-sonar
restore-keys: ${{ runner.os }}-sonar
- name: Install SonarCloud scanners
shell: bash
run: |
cd src
dotnet tool install --global dotnet-sonarscanner
- name: Initialize CodeQL
uses: github/codeql-action/init@v2
with:
languages: "csharp"
- name: Begin SonarScanner
shell: bash
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
run: |
cd src
dotnet-sonarscanner begin /k:"frasermolyneux_portal-repository" /o:"frasermolyneux" /d:sonar.login="${{ secrets.SONAR_TOKEN }}" /d:sonar.host.url="https://sonarcloud.io"
- uses: frasermolyneux/actions/dotnet-web-ci@main
with:
dotnet-project: "repository-webapi"
dotnet-version: 7.0.x
src-folder: "src"
majorMinorVersion: "1.1"
- name: End SonarScanner
shell: bash
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
run: |
cd src
dotnet-sonarscanner end /d:sonar.login="${{ secrets.SONAR_TOKEN }}"
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v2
with:
category: "/language:'csharp'"
terraform-plan-and-apply-dev:
environment: Development
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: frasermolyneux/actions/terraform-plan-and-apply@main
with:
terraform-folder: "terraform"
terraform-var-file: "tfvars/dev.tfvars"
terraform-backend-file: "backends/dev.backend.hcl"
AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
- id: terraform-output
shell: bash
run: |
cd terraform
echo "web_app_name=$(terraform output -raw web_app_name)" >> $GITHUB_OUTPUT
echo "web_app_resource_group=$(terraform output -raw web_app_resource_group)" >> $GITHUB_OUTPUT
echo "workload_public_url=$(terraform output -raw workload_public_url)" >> $GITHUB_OUTPUT
echo "sql_server_fqdn=$(terraform output -raw sql_server_fqdn)" >> $GITHUB_OUTPUT
echo "sql_database_name=$(terraform output -raw sql_database_name)" >> $GITHUB_OUTPUT
echo "key_vault_name=$(terraform output -raw key_vault_name)" >> $GITHUB_OUTPUT
echo "integration_tests_account_name=$(terraform output -raw integration_tests_account_name)" >> $GITHUB_OUTPUT
echo "api_audience=$(terraform output -raw api_audience)" >> $GITHUB_OUTPUT
env:
ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
ARM_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
ARM_USE_OIDC: true
outputs:
web_app_name: ${{ steps.terraform-output.outputs.web_app_name }}
web_app_resource_group: ${{ steps.terraform-output.outputs.web_app_resource_group }}
workload_public_url: ${{ steps.terraform-output.outputs.workload_public_url }}
sql_server_fqdn: ${{ steps.terraform-output.outputs.sql_server_fqdn }}
sql_database_name: ${{ steps.terraform-output.outputs.sql_database_name }}
key_vault_name: ${{ steps.terraform-output.outputs.key_vault_name }}
integration_tests_account_name: ${{ steps.terraform-output.outputs.integration_tests_account_name }}
api_audience: ${{ steps.terraform-output.outputs.api_audience }}
deploy-sql-database-dev:
environment: Development
runs-on: ubuntu-latest
needs: [terraform-plan-and-apply-dev]
steps:
- uses: actions/checkout@v3
- uses: frasermolyneux/actions/deploy-sql-database@main
with:
sql-args: /Variables:env=dev /Variables:instance=01
sql-server-fqdn: ${{ needs.terraform-plan-and-apply-dev.outputs.sql_server_fqdn }}
sql-database-name: ${{ needs.terraform-plan-and-apply-dev.outputs.sql_database_name }}
project-folder: "src/database"
project-file: "database.sqlproj"
AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
app-service-deploy-dev:
environment: Development
runs-on: ubuntu-latest
needs:
[dotnet-web-ci, deploy-sql-database-dev, terraform-plan-and-apply-dev]
steps:
- uses: actions/checkout@v3
- uses: frasermolyneux/actions/deploy-app-service@main
with:
web-artifact-name: "repository-webapi"
web-app-name: ${{ needs.terraform-plan-and-apply-dev.outputs.web_app_name }}
AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
run-api-integration-tests-dev:
environment: Development
runs-on: ubuntu-latest
needs: [app-service-deploy-dev, terraform-plan-and-apply-dev]
steps:
- name: "Az CLI Login"
uses: azure/login@v1
with:
client-id: ${{ secrets.AZURE_CLIENT_ID }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
- shell: bash
run: |
client_id=$(az keyvault secret show --name "${{ needs.terraform-plan-and-apply-dev.outputs.integration_tests_account_name }}-client-id" --vault-name "${{ needs.terraform-plan-and-apply-dev.outputs.key_vault_name }}" --query value -o tsv)
client_secret=$(az keyvault secret show --name "${{ needs.terraform-plan-and-apply-dev.outputs.integration_tests_account_name }}-client-secret" --vault-name "${{ needs.terraform-plan-and-apply-dev.outputs.key_vault_name }}" --query value -o tsv)
client_tenant_id=$(az keyvault secret show --name "${{ needs.terraform-plan-and-apply-dev.outputs.integration_tests_account_name }}-client-tenant-id" --vault-name "${{ needs.terraform-plan-and-apply-dev.outputs.key_vault_name }}" --query value -o tsv)
api_key=$(az keyvault secret show --name "${{ needs.terraform-plan-and-apply-dev.outputs.integration_tests_account_name }}-api-key-primary" --vault-name "${{ needs.terraform-plan-and-apply-dev.outputs.key_vault_name }}" --query value -o tsv)
echo "::add-mask::$client_id"
echo "::add-mask::$client_secret"
echo "::add-mask::$client_tenant_id"
echo "::add-mask::$api_key"
echo "int_test_client_id=$client_id" >> $GITHUB_ENV
echo "int_test_client_secret=$client_secret" >> $GITHUB_ENV
echo "int_test_client_tenant_id=$client_tenant_id" >> $GITHUB_ENV
echo "int_test_api_key=$api_key" >> $GITHUB_ENV
- uses: frasermolyneux/actions/run-api-integration-tests@main
with:
dotnet-version: 7.0.x
src-folder: "src"
api-base-url: ${{ needs.terraform-plan-and-apply-dev.outputs.workload_public_url }}
api-key: ${{ env.int_test_api_key }}
api-audience: ${{ needs.terraform-plan-and-apply-dev.outputs.api_audience }}
AZURE_CLIENT_ID: ${{ env.int_test_client_id }}
AZURE_CLIENT_SECRET: ${{ env.int_test_client_secret }}
AZURE_TENANT_ID: ${{ env.int_test_client_tenant_id }}
terraform-plan-prd:
if: github.actor != 'dependabot[bot]' # dependabot context has no permissions to prod so skip this check
environment: Production
runs-on: ubuntu-latest
needs: [terraform-plan-and-apply-dev]
steps:
- uses: actions/checkout@v3
- uses: frasermolyneux/actions/terraform-plan@main
with:
terraform-folder: "terraform"
terraform-var-file: "tfvars/prd.tfvars"
terraform-backend-file: "backends/prd.backend.hcl"
AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}