From 41b2b5d6f17b7c0c5f142e64606aecb669e94f5c Mon Sep 17 00:00:00 2001 From: Mati Agukas Date: Mon, 10 May 2021 14:56:39 +0300 Subject: [PATCH] ci: Add GitHub build and Sonar code analysis --- .github/workflows/dotnet-build.yml | 32 +++++++++ .github/workflows/sonarcloud-analysis.yml | 66 +++++++++++++++++++ .../WebEid.Security.Tests.csproj | 2 +- 3 files changed, 99 insertions(+), 1 deletion(-) create mode 100644 .github/workflows/dotnet-build.yml create mode 100644 .github/workflows/sonarcloud-analysis.yml diff --git a/.github/workflows/dotnet-build.yml b/.github/workflows/dotnet-build.yml new file mode 100644 index 0000000..fada6f9 --- /dev/null +++ b/.github/workflows/dotnet-build.yml @@ -0,0 +1,32 @@ +name: Dotnet build + +on: [ push, pull_request ] + +jobs: + build: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v2 + + - name: Setup dotnet + uses: actions/setup-dotnet@v1 + with: + dotnet-version: 5.0.x # SDK Version to use. + + - name: Cache Nuget packages + uses: actions/cache@v2 + with: + path: ~/.nuget/packages + # Look to see if there is a cache hit for the corresponding requirements file + key: ${{ runner.os }}-nuget-${{ hashFiles('**/packages.lock.json') }} + restore-keys: ${{ runner.os }}-nuget + + - name: Install dependencies + run: dotnet restore src/WebEid.Security.sln + + - name: Build + run: dotnet build --configuration Release --no-restore src/WebEid.Security.sln + + - name: Test + run: dotnet test --no-restore --verbosity normal src/WebEid.Security.sln diff --git a/.github/workflows/sonarcloud-analysis.yml b/.github/workflows/sonarcloud-analysis.yml new file mode 100644 index 0000000..02fc6c7 --- /dev/null +++ b/.github/workflows/sonarcloud-analysis.yml @@ -0,0 +1,66 @@ +name: SonarCloud code analysis + +on: [push, pull_request] + +jobs: + analyze: + name: Analyze + runs-on: windows-latest + + steps: + - uses: actions/checkout@v2 + with: + fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis + + - name: Setup dotnet + uses: actions/setup-dotnet@v1 + with: + dotnet-version: 5.0.x # SDK Version to use. + + - name: Set up JDK 11 + uses: actions/setup-java@v1 + with: + java-version: 11 + + - name: Cache Nuget packages + uses: actions/cache@v2 + with: + path: ~/.nuget/packages + # Look to see if there is a cache hit for the corresponding requirements file + key: ${{ runner.os }}-nuget-${{ hashFiles('**/packages.lock.json') }} + restore-keys: ${{ runner.os }}-nuget + + - name: Install dependencies + run: dotnet restore src/WebEid.Security.sln + + - name: Cache SonarCloud packages + uses: actions/cache@v2 + with: + path: ~/.sonar/cache + key: ${{ runner.os }}-sonar + restore-keys: ${{ runner.os }}-sonar + + - name: Cache SonarCloud scanner + id: cache-sonar-scanner + uses: actions/cache@v2 + with: + path: .\.sonar\scanner + key: ${{ runner.os }}-sonar-scanner + restore-keys: ${{ runner.os }}-sonar-scanner + + - name: Install SonarCloud scanner + if: steps.cache-sonar-scanner.outputs.cache-hit != 'true' + shell: powershell + run: | + New-Item -Path .\.sonar\scanner -ItemType Directory + dotnet tool update dotnet-sonarscanner --tool-path .\.sonar\scanner + + - name: Build and analyze + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + shell: powershell + run: | + .\.sonar\scanner\dotnet-sonarscanner begin /k:"web-eid_web-eid-authtoken-validation-dotnet" /o:"web-eid" /d:sonar.login="${{ secrets.SONAR_TOKEN }}" /d:sonar.host.url="https://sonarcloud.io" + dotnet build --configuration Release --no-restore src/WebEid.Security.sln + .\.sonar\scanner\dotnet-sonarscanner end /d:sonar.login="${{ secrets.SONAR_TOKEN }}" diff --git a/src/WebEid.Security.Tests/WebEid.Security.Tests.csproj b/src/WebEid.Security.Tests/WebEid.Security.Tests.csproj index b7b29be..8d0afed 100644 --- a/src/WebEid.Security.Tests/WebEid.Security.Tests.csproj +++ b/src/WebEid.Security.Tests/WebEid.Security.Tests.csproj @@ -1,7 +1,7 @@ - netcoreapp3.1 + net5.0 false