From 8598dbd1ff9c3ca1fe421c53e531f88d60d7d7b2 Mon Sep 17 00:00:00 2001 From: Bertrand THOMAS Date: Mon, 31 Jul 2023 15:50:45 +0200 Subject: [PATCH 01/13] Use sonar.token instead of sonar.login --- README.md | 9 +++++++++ dotnet/build-lint-test/action.yml | 5 +++-- 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 4abbcc2..1923984 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,12 @@ # GitHub workflow parts Repository of workflow parts to be used in GitHub Actions. + +## Actions + +Name | Detail +-------------------------------------------------------------- | --------------------------------------------------------------------------- +[Docker > Build & Push](docker/build-push/action.yml) | Build a new container image with Docker and push it to a container registry +[Docker > Build & Scan](docker/build-scan/action.yml) | Build a new container image with Docker and scan it +[.NET > Build, lint & test](dotnet/build-lint-test/action.yml) | Build .NET code, lint it and run tests +[MongoDB > Start](mongodb/start/action.yml) | Start a local MongoDB database diff --git a/dotnet/build-lint-test/action.yml b/dotnet/build-lint-test/action.yml index 1319aca..343511f 100644 --- a/dotnet/build-lint-test/action.yml +++ b/dotnet/build-lint-test/action.yml @@ -82,7 +82,7 @@ runs: shell: bash - name: Start code analysis if: ${{ inputs.sonar_enabled == 'true' }} - run: ./.sonar/scanner/dotnet-sonarscanner begin /k:"${{inputs.sonar_project_key}}" /o:"${{inputs.sonar_organization}}" /n:"${{inputs.sonar_project_name}}" /d:sonar.login="${{inputs.sonar_token}}" /d:sonar.host.url="${{inputs.sonar_host_url}}" /d:sonar.cpd.exclusions=**/*Generated*.cs /d:sonar.coverageReportPaths=./sonarqubecoverage/SonarQube.xml + run: ./.sonar/scanner/dotnet-sonarscanner begin /k:"${{inputs.sonar_project_key}}" /o:"${{inputs.sonar_organization}}" /n:"${{inputs.sonar_project_name}}" /d:sonar.token="${{inputs.sonar_token}}" /d:sonar.host.url="${{inputs.sonar_host_url}}" /d:sonar.cpd.exclusions=**/*Generated*.cs /d:sonar.coverageReportPaths=./sonarqubecoverage/SonarQube.xml shell: bash - name: Build .NET solution run: dotnet build --no-restore @@ -98,7 +98,7 @@ runs: shell: bash - name: Complete code analysis if: ${{ inputs.sonar_enabled == 'true' }} - run: ./.sonar/scanner/dotnet-sonarscanner end /d:sonar.login="${{inputs.sonar_token}}" + run: ./.sonar/scanner/dotnet-sonarscanner end /d:sonar.token="${{inputs.sonar_token}}" shell: bash - name: Archive test results uses: actions/upload-artifact@v3 @@ -107,3 +107,4 @@ runs: path: | ./**/*test-result.xml ./test/*/TestResults/*/coverage.cobertura.xml + ./sonarqubecoverage/SonarQube.xml From 4431dafb17168b60dd8b426997633eaf78bcb2e8 Mon Sep 17 00:00:00 2001 From: Bertrand Thomas Date: Sun, 13 Jul 2025 13:57:33 +0200 Subject: [PATCH 02/13] Upgrade to latest action versions Updated files to LF --- docker/build-push/action.yml | 102 +++++++++++++------------- docker/build-scan/action.yml | 114 +++++++++++++++--------------- dotnet/build-lint-test/action.yml | 14 ++-- mongodb/start/action.yml | 36 +++++----- 4 files changed, 133 insertions(+), 133 deletions(-) diff --git a/docker/build-push/action.yml b/docker/build-push/action.yml index e160c7f..57bf33c 100644 --- a/docker/build-push/action.yml +++ b/docker/build-push/action.yml @@ -1,51 +1,51 @@ -name: Build and push a container image -description: Builds a new container image with Docker and pushes it to a registry - -inputs: - container_registry: - description: Container registry - required: true - container_username: - description: Container username - required: true - container_password: - description: Container password - required: true - docker_file: - description: Path to the Dockerfile - required: true - image_path: - description: Image tag - required: true - image_name: - description: Image name - required: true - image_tag: - description: Image tag - required: true - create_latest: - description: Create latest tag? - required: false - default: 'false' - -runs: - using: "composite" - steps: - - name: Login to container registry - uses: docker/login-action@v2 - with: - registry: ${{ inputs.container_registry }} - username: ${{ inputs.container_username }} - password: ${{ inputs.container_password }} - - name: Build container image - run: docker build . --file ${{inputs.docker_file}} --tag ${{inputs.image_path}}/${{inputs.image_name}}:${{inputs.image_tag}} - shell: bash - - name: Push image to container registry - run: docker push ${{inputs.image_path}}/${{inputs.image_name}}:${{inputs.image_tag}} - shell: bash - - name: Push latest tag to container registry - if: ${{ inputs.create_latest == 'true' }} - run: | - docker tag ${{inputs.image_path}}/${{inputs.image_name}}:${{inputs.image_tag}} ${{inputs.image_path}}/${{inputs.image_name}}:latest - docker push ${{inputs.image_path}}/${{inputs.image_name}}:latest - shell: bash +name: Build and push a container image +description: Builds a new container image with Docker and pushes it to a registry + +inputs: + container_registry: + description: Container registry + required: true + container_username: + description: Container username + required: true + container_password: + description: Container password + required: true + docker_file: + description: Path to the Dockerfile + required: true + image_path: + description: Image tag + required: true + image_name: + description: Image name + required: true + image_tag: + description: Image tag + required: true + create_latest: + description: Create latest tag? + required: false + default: 'false' + +runs: + using: "composite" + steps: + - name: Login to container registry + uses: docker/login-action@v3 + with: + registry: ${{ inputs.container_registry }} + username: ${{ inputs.container_username }} + password: ${{ inputs.container_password }} + - name: Build container image + run: docker build . --file ${{inputs.docker_file}} --tag ${{inputs.image_path}}/${{inputs.image_name}}:${{inputs.image_tag}} + shell: bash + - name: Push image to container registry + run: docker push ${{inputs.image_path}}/${{inputs.image_name}}:${{inputs.image_tag}} + shell: bash + - name: Push latest tag to container registry + if: ${{ inputs.create_latest == 'true' }} + run: | + docker tag ${{inputs.image_path}}/${{inputs.image_name}}:${{inputs.image_tag}} ${{inputs.image_path}}/${{inputs.image_name}}:latest + docker push ${{inputs.image_path}}/${{inputs.image_name}}:latest + shell: bash diff --git a/docker/build-scan/action.yml b/docker/build-scan/action.yml index 43af536..fbc1a5d 100644 --- a/docker/build-scan/action.yml +++ b/docker/build-scan/action.yml @@ -1,57 +1,57 @@ -name: Scan container image -description: Builds a new container image with Docker and scans it - -inputs: - docker_file: - description: Path to the Dockerfile - required: true - image_tag: - description: Image tag - required: true - image_path: - description: Image tag - required: true - image_name: - description: Image name - required: true - neuvector_enabled: - description: Use NeuVector to scan the image? - required: false - default: 'true' - trivy_enabled: - description: Use Trivy to scan the image? - required: false - default: 'true' - max_high_cves: - description: Maximum number of high CVE authorized - required: false - default: '1' - max_medium_cves: - description: Maximum number of medium CVE authorized - required: false - default: '1' - -runs: - using: "composite" - steps: - - name: Build container image - run: docker build . --file ${{inputs.docker_file}} --tag ${{inputs.image_path}}/${{inputs.image_name}}:${{inputs.image_tag}} - shell: bash - - name: Scan container image with NeuVector - if: ${{ inputs.neuvector_enabled == 'true' }} - uses: neuvector/scan-action@main - with: - image-repository: ${{inputs.image_path}}/${{inputs.image_name}} - image-tag: ${{inputs.image_tag}} - min-high-cves-to-fail: '${{inputs.max_high_cves}}' - min-medium-cves-to-fail: '${{inputs.max_medium_cves}}' - - name: Scan container image with Trivy - if: ${{ inputs.trivy_enabled == 'true' }} - uses: aquasecurity/trivy-action@master - with: - image-ref: '${{inputs.image_path}}/${{inputs.image_name}}:${{inputs.image_tag}}' - format: 'table' - exit-code: '1' - ignore-unfixed: true - vuln-type: 'os,library' - severity: 'CRITICAL,HIGH' +name: Scan container image +description: Builds a new container image with Docker and scans it + +inputs: + docker_file: + description: Path to the Dockerfile + required: true + image_tag: + description: Image tag + required: true + image_path: + description: Image tag + required: true + image_name: + description: Image name + required: true + neuvector_enabled: + description: Use NeuVector to scan the image? + required: false + default: 'true' + trivy_enabled: + description: Use Trivy to scan the image? + required: false + default: 'true' + max_high_cves: + description: Maximum number of high CVE authorized + required: false + default: '1' + max_medium_cves: + description: Maximum number of medium CVE authorized + required: false + default: '1' + +runs: + using: "composite" + steps: + - name: Build container image + run: docker build . --file ${{inputs.docker_file}} --tag ${{inputs.image_path}}/${{inputs.image_name}}:${{inputs.image_tag}} + shell: bash + - name: Scan container image with NeuVector + if: ${{ inputs.neuvector_enabled == 'true' }} + uses: neuvector/scan-action@main + with: + image-repository: ${{inputs.image_path}}/${{inputs.image_name}} + image-tag: ${{inputs.image_tag}} + min-high-cves-to-fail: '${{inputs.max_high_cves}}' + min-medium-cves-to-fail: '${{inputs.max_medium_cves}}' + - name: Scan container image with Trivy + if: ${{ inputs.trivy_enabled == 'true' }} + uses: aquasecurity/trivy-action@master + with: + image-ref: '${{inputs.image_path}}/${{inputs.image_name}}:${{inputs.image_tag}}' + format: 'table' + exit-code: '1' + ignore-unfixed: true + vuln-type: 'os,library' + severity: 'CRITICAL,HIGH' diff --git a/dotnet/build-lint-test/action.yml b/dotnet/build-lint-test/action.yml index 343511f..20bcffd 100644 --- a/dotnet/build-lint-test/action.yml +++ b/dotnet/build-lint-test/action.yml @@ -5,7 +5,7 @@ inputs: dotnet_version: description: .NET SDK version to be used required: false - default: '7.0.x' + default: '8.0.x' sonar_enabled: description: Enable code scan by Sonar required: false @@ -35,14 +35,14 @@ runs: using: "composite" steps: - name: Install .NET - uses: actions/setup-dotnet@v3 + uses: actions/setup-dotnet@v4 with: dotnet-version: ${{inputs.dotnet_version}} - name: Set up JDK 11 for Sonar if: ${{ inputs.sonar_enabled == 'true' }} - uses: actions/setup-java@v3 + uses: actions/setup-java@v4 with: - java-version: 11 + java-version: 21 distribution: 'zulu' - name: Install .NET linters if: ${{ inputs.dotnet_version == '7.0.x' }} @@ -61,7 +61,7 @@ runs: shell: bash - name: Cache Sonar packages if: ${{ inputs.sonar_enabled == 'true' }} - uses: actions/cache@v3 + uses: actions/cache@v4 with: path: ~/sonar/cache key: ${{ runner.os }}-sonar @@ -69,7 +69,7 @@ runs: - name: Cache Sonar scanner if: ${{ inputs.sonar_enabled == 'true' }} id: cache-sonar-scanner - uses: actions/cache@v3 + uses: actions/cache@v4 with: path: ./.sonar/scanner key: ${{ runner.os }}-sonar-scanner @@ -101,7 +101,7 @@ runs: run: ./.sonar/scanner/dotnet-sonarscanner end /d:sonar.token="${{inputs.sonar_token}}" shell: bash - name: Archive test results - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: dotnet-test-results path: | diff --git a/mongodb/start/action.yml b/mongodb/start/action.yml index 6d66422..b26b2b0 100644 --- a/mongodb/start/action.yml +++ b/mongodb/start/action.yml @@ -1,18 +1,18 @@ -name: Start MongoDB -description: Starts a local MongoDB database - -runs: - using: "composite" - steps: - # see https://www.mongodb.com/docs/manual/tutorial/install-mongodb-on-ubuntu/ - - name: Install & start MongoDB - run: | - curl -fsSL https://pgp.mongodb.com/server-6.0.asc | \ - sudo gpg -o /usr/share/keyrings/mongodb-server-6.0.gpg \ - --dearmor - echo "deb [ arch=amd64,arm64 signed-by=/usr/share/keyrings/mongodb-server-6.0.gpg ] https://repo.mongodb.org/apt/ubuntu jammy/mongodb-org/6.0 multiverse" | \ - sudo tee /etc/apt/sources.list.d/mongodb-org-6.0.list - sudo apt-get update - sudo apt-get install -y mongodb-org - sudo systemctl start mongod - shell: bash +name: Start MongoDB +description: Starts a local MongoDB database + +runs: + using: "composite" + steps: + # see https://www.mongodb.com/docs/manual/tutorial/install-mongodb-on-ubuntu/ + - name: Install & start MongoDB + run: | + curl -fsSL https://pgp.mongodb.com/server-6.0.asc | \ + sudo gpg -o /usr/share/keyrings/mongodb-server-6.0.gpg \ + --dearmor + echo "deb [ arch=amd64,arm64 signed-by=/usr/share/keyrings/mongodb-server-6.0.gpg ] https://repo.mongodb.org/apt/ubuntu jammy/mongodb-org/6.0 multiverse" | \ + sudo tee /etc/apt/sources.list.d/mongodb-org-6.0.list + sudo apt-get update + sudo apt-get install -y mongodb-org + sudo systemctl start mongod + shell: bash From 586de404a57b5e7cb737a4af35106224b7492e04 Mon Sep 17 00:00:00 2001 From: Bertrand Thomas Date: Sun, 13 Jul 2025 13:59:16 +0200 Subject: [PATCH 03/13] Update MongoDB to 8.0 --- mongodb/start/action.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/mongodb/start/action.yml b/mongodb/start/action.yml index b26b2b0..0e01682 100644 --- a/mongodb/start/action.yml +++ b/mongodb/start/action.yml @@ -4,14 +4,14 @@ description: Starts a local MongoDB database runs: using: "composite" steps: - # see https://www.mongodb.com/docs/manual/tutorial/install-mongodb-on-ubuntu/ + # ref. https://www.mongodb.com/docs/manual/tutorial/install-mongodb-on-ubuntu/ - name: Install & start MongoDB run: | - curl -fsSL https://pgp.mongodb.com/server-6.0.asc | \ - sudo gpg -o /usr/share/keyrings/mongodb-server-6.0.gpg \ + curl -fsSL https://www.mongodb.org/static/pgp/server-8.0.asc | \ + sudo gpg -o /usr/share/keyrings/mongodb-server-8.0.gpg \ --dearmor - echo "deb [ arch=amd64,arm64 signed-by=/usr/share/keyrings/mongodb-server-6.0.gpg ] https://repo.mongodb.org/apt/ubuntu jammy/mongodb-org/6.0 multiverse" | \ - sudo tee /etc/apt/sources.list.d/mongodb-org-6.0.list + echo "deb [ arch=amd64,arm64 signed-by=/usr/share/keyrings/mongodb-server-8.0.gpg ] https://repo.mongodb.org/apt/ubuntu noble/mongodb-org/8.0 multiverse" | \ + sudo tee /etc/apt/sources.list.d/mongodb-org-8.0.list sudo apt-get update sudo apt-get install -y mongodb-org sudo systemctl start mongod From 68890198290502f3ff1d24950d4f161e83739c20 Mon Sep 17 00:00:00 2001 From: Bertrand Thomas Date: Sun, 13 Jul 2025 14:03:15 +0200 Subject: [PATCH 04/13] Use dotnet format (instead of dotnet-format) --- dotnet/build-lint-test/action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dotnet/build-lint-test/action.yml b/dotnet/build-lint-test/action.yml index 20bcffd..5e2eb4d 100644 --- a/dotnet/build-lint-test/action.yml +++ b/dotnet/build-lint-test/action.yml @@ -57,7 +57,7 @@ runs: run: dotnet restore shell: bash - name: Lint .NET code - run: dotnet-format --verify-no-changes --severity warn --verbosity:diagnostic + run: dotnet format --verify-no-changes --severity warn --verbosity:diagnostic shell: bash - name: Cache Sonar packages if: ${{ inputs.sonar_enabled == 'true' }} From 5b699c604a79f94a79176facebf29ad7609f6a2f Mon Sep 17 00:00:00 2001 From: Bertrand Thomas Date: Sun, 13 Jul 2025 17:35:45 +0200 Subject: [PATCH 05/13] Improve dotnet action with Sonar parameters --- dotnet/build-lint-test/action.yml | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/dotnet/build-lint-test/action.yml b/dotnet/build-lint-test/action.yml index 5e2eb4d..b7e4900 100644 --- a/dotnet/build-lint-test/action.yml +++ b/dotnet/build-lint-test/action.yml @@ -30,6 +30,10 @@ inputs: description: Sonar token for login required: false default: '' + report_folder: + description: Folder where report files will be generated + required: false + default: report runs: using: "composite" @@ -82,7 +86,7 @@ runs: shell: bash - name: Start code analysis if: ${{ inputs.sonar_enabled == 'true' }} - run: ./.sonar/scanner/dotnet-sonarscanner begin /k:"${{inputs.sonar_project_key}}" /o:"${{inputs.sonar_organization}}" /n:"${{inputs.sonar_project_name}}" /d:sonar.token="${{inputs.sonar_token}}" /d:sonar.host.url="${{inputs.sonar_host_url}}" /d:sonar.cpd.exclusions=**/*Generated*.cs /d:sonar.coverageReportPaths=./sonarqubecoverage/SonarQube.xml + run: ./.sonar/scanner/dotnet-sonarscanner begin /k:"${{inputs.sonar_project_key}}" /o:"${{inputs.sonar_organization}}" /n:"${{inputs.sonar_project_name}}" /d:sonar.token="${{inputs.sonar_token}}" /d:sonar.host.url="${{inputs.sonar_host_url}}" /d:sonar.cpd.exclusions="**/*Generated*.cs,${{inputs.report_folder}}/**" /d:sonar.coverageReportPaths="${{inputs.report_folder}}/SonarQube.xml" shell: bash - name: Build .NET solution run: dotnet build --no-restore @@ -94,7 +98,7 @@ runs: ASPNETCORE_ENVIRONMENT: Development Application__IsHttpsRedirectionEnabled: "false" - name: Generate test report - run: reportgenerator "-reports:./test/*/TestResults/*/coverage.cobertura.xml" -targetdir:sonarqubecoverage -reporttypes:SonarQube + run: reportgenerator "-reports:./test/*/TestResults/*/coverage.cobertura.xml" "-targetdir:${{inputs.report_folder}}" "-reporttypes:Cobertura;Html;TextSummary;SonarQube" shell: bash - name: Complete code analysis if: ${{ inputs.sonar_enabled == 'true' }} @@ -107,4 +111,5 @@ runs: path: | ./**/*test-result.xml ./test/*/TestResults/*/coverage.cobertura.xml - ./sonarqubecoverage/SonarQube.xml + "./${{inputs.report_folder}}"/SonarQube.xml" + "./${{inputs.report_folder}}"/Summary.txt" From 10946c14bdf8b9c9091c8f872e6b6f98582890f9 Mon Sep 17 00:00:00 2001 From: Bertrand Thomas Date: Sun, 13 Jul 2025 17:59:36 +0200 Subject: [PATCH 06/13] Fix typo in previous commit --- dotnet/build-lint-test/action.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/dotnet/build-lint-test/action.yml b/dotnet/build-lint-test/action.yml index b7e4900..b732b4b 100644 --- a/dotnet/build-lint-test/action.yml +++ b/dotnet/build-lint-test/action.yml @@ -111,5 +111,5 @@ runs: path: | ./**/*test-result.xml ./test/*/TestResults/*/coverage.cobertura.xml - "./${{inputs.report_folder}}"/SonarQube.xml" - "./${{inputs.report_folder}}"/Summary.txt" + "./${{inputs.report_folder}}/SonarQube.xml" + "./${{inputs.report_folder}}/Summary.txt" From e9f072fe1b7fc716b0686fc090c282d515eef65d Mon Sep 17 00:00:00 2001 From: Bertrand Thomas Date: Sun, 13 Jul 2025 18:16:31 +0200 Subject: [PATCH 07/13] Remove input from actions/upload-artifact path --- dotnet/build-lint-test/action.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/dotnet/build-lint-test/action.yml b/dotnet/build-lint-test/action.yml index b732b4b..a6ad52a 100644 --- a/dotnet/build-lint-test/action.yml +++ b/dotnet/build-lint-test/action.yml @@ -111,5 +111,5 @@ runs: path: | ./**/*test-result.xml ./test/*/TestResults/*/coverage.cobertura.xml - "./${{inputs.report_folder}}/SonarQube.xml" - "./${{inputs.report_folder}}/Summary.txt" + ./**/SonarQube.xml + ./**/Summary.txt From f379939d61f8e99a97656139282cf0ac15bb118f Mon Sep 17 00:00:00 2001 From: Bertrand Thomas Date: Mon, 14 Jul 2025 11:09:56 +0200 Subject: [PATCH 08/13] Small change in task name --- dotnet/build-lint-test/action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dotnet/build-lint-test/action.yml b/dotnet/build-lint-test/action.yml index a6ad52a..3c8069d 100644 --- a/dotnet/build-lint-test/action.yml +++ b/dotnet/build-lint-test/action.yml @@ -42,7 +42,7 @@ runs: uses: actions/setup-dotnet@v4 with: dotnet-version: ${{inputs.dotnet_version}} - - name: Set up JDK 11 for Sonar + - name: Set up JDK for Sonar if: ${{ inputs.sonar_enabled == 'true' }} uses: actions/setup-java@v4 with: From d46bba46eb136a9b712aebcffa51b1e2c9e144ef Mon Sep 17 00:00:00 2001 From: Bertrand Thomas Date: Wed, 16 Jul 2025 23:16:50 +0200 Subject: [PATCH 09/13] Add wait to make sure mongodb is ready to get connections --- mongodb/start/action.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/mongodb/start/action.yml b/mongodb/start/action.yml index 0e01682..1ac0792 100644 --- a/mongodb/start/action.yml +++ b/mongodb/start/action.yml @@ -15,4 +15,10 @@ runs: sudo apt-get update sudo apt-get install -y mongodb-org sudo systemctl start mongod + timeout 30 bash -c " + until mongosh --host localhost:27017 --eval 'db.runCommand({ ping: 1 })' >/dev/null 2>&1; do + echo 'MongoDB not ready yet, retrying in 1 second...' + sleep 1 + done + " shell: bash From d9f82d66601785bd720c8eab459639b689361d2b Mon Sep 17 00:00:00 2001 From: Bertrand Thomas Date: Thu, 17 Jul 2025 13:18:42 +0200 Subject: [PATCH 10/13] Add CI pipeline --- .github/workflows/ci.yml | 35 +++++++++++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) create mode 100644 .github/workflows/ci.yml diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 0000000..4ecc0a4 --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,35 @@ +name: CI + +on: + push: + branches: + - main + pull_request: + branches: + - main + workflow_dispatch: {} + +env: + python_version: "3.13" + +jobs: + build: + runs-on: ubuntu-latest + steps: + - name: Checks-out the repository + uses: actions/checkout@v4 + - name: Lints Markdown files + uses: DavidAnson/markdownlint-cli2-action@v20 + with: + globs: '**/*.md' + - name: Set up Python ${{ env.python_version }} + uses: actions/setup-python@v5 + with: + python-version: ${{ env.python_version }} + - name: Installs Python packages + run: | + python -m pip install --upgrade pip + pip install yamllint + - name: Lint YAML files + run: | + yamllint . From e025f6cb6fff8e98aaebcb2b138f32934e723e7e Mon Sep 17 00:00:00 2001 From: Bertrand Thomas Date: Thu, 17 Jul 2025 13:19:30 +0200 Subject: [PATCH 11/13] Add report in sonar exclusion for dotnet action --- dotnet/build-lint-test/action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dotnet/build-lint-test/action.yml b/dotnet/build-lint-test/action.yml index 3c8069d..54b15a8 100644 --- a/dotnet/build-lint-test/action.yml +++ b/dotnet/build-lint-test/action.yml @@ -86,7 +86,7 @@ runs: shell: bash - name: Start code analysis if: ${{ inputs.sonar_enabled == 'true' }} - run: ./.sonar/scanner/dotnet-sonarscanner begin /k:"${{inputs.sonar_project_key}}" /o:"${{inputs.sonar_organization}}" /n:"${{inputs.sonar_project_name}}" /d:sonar.token="${{inputs.sonar_token}}" /d:sonar.host.url="${{inputs.sonar_host_url}}" /d:sonar.cpd.exclusions="**/*Generated*.cs,${{inputs.report_folder}}/**" /d:sonar.coverageReportPaths="${{inputs.report_folder}}/SonarQube.xml" + run: ./.sonar/scanner/dotnet-sonarscanner begin /k:"${{inputs.sonar_project_key}}" /o:"${{inputs.sonar_organization}}" /n:"${{inputs.sonar_project_name}}" /d:sonar.token="${{inputs.sonar_token}}" /d:sonar.host.url="${{inputs.sonar_host_url}}" /d:sonar.cpd.exclusions="**/*Generated*.cs,${{inputs.report_folder}}/**" /d:sonar.exclusions="${{inputs.report_folder}}" /d:sonar.coverageReportPaths="${{inputs.report_folder}}/SonarQube.xml" shell: bash - name: Build .NET solution run: dotnet build --no-restore From 578d71ad032ed81c3ba56398ece10279ae633475 Mon Sep 17 00:00:00 2001 From: Bertrand Thomas Date: Thu, 17 Jul 2025 13:21:45 +0200 Subject: [PATCH 12/13] Add lint configuration --- .markdownlint.yml | 4 ++++ .yamllint.yaml | 10 ++++++++++ 2 files changed, 14 insertions(+) create mode 100644 .markdownlint.yml create mode 100644 .yamllint.yaml diff --git a/.markdownlint.yml b/.markdownlint.yml new file mode 100644 index 0000000..4572cb2 --- /dev/null +++ b/.markdownlint.yml @@ -0,0 +1,4 @@ +# ref. https://github.com/DavidAnson/markdownlint +default: true +MD013: # Line length + line_length: 240 diff --git a/.yamllint.yaml b/.yamllint.yaml new file mode 100644 index 0000000..26e0a4e --- /dev/null +++ b/.yamllint.yaml @@ -0,0 +1,10 @@ +# ref. https://yamllint.readthedocs.io/en/stable/configuration.html + +extends: default + +rules: + document-start: disable + line-length: + level: warning + max: 120 + truthy: disable From c8bac29d9876c83432edb3725ff72b09230d3cb0 Mon Sep 17 00:00:00 2001 From: Bertrand Thomas Date: Thu, 17 Jul 2025 13:30:02 +0200 Subject: [PATCH 13/13] Add wildcard to Improve sonar.exclusions --- dotnet/build-lint-test/action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dotnet/build-lint-test/action.yml b/dotnet/build-lint-test/action.yml index 54b15a8..4a4fe46 100644 --- a/dotnet/build-lint-test/action.yml +++ b/dotnet/build-lint-test/action.yml @@ -86,7 +86,7 @@ runs: shell: bash - name: Start code analysis if: ${{ inputs.sonar_enabled == 'true' }} - run: ./.sonar/scanner/dotnet-sonarscanner begin /k:"${{inputs.sonar_project_key}}" /o:"${{inputs.sonar_organization}}" /n:"${{inputs.sonar_project_name}}" /d:sonar.token="${{inputs.sonar_token}}" /d:sonar.host.url="${{inputs.sonar_host_url}}" /d:sonar.cpd.exclusions="**/*Generated*.cs,${{inputs.report_folder}}/**" /d:sonar.exclusions="${{inputs.report_folder}}" /d:sonar.coverageReportPaths="${{inputs.report_folder}}/SonarQube.xml" + run: ./.sonar/scanner/dotnet-sonarscanner begin /k:"${{inputs.sonar_project_key}}" /o:"${{inputs.sonar_organization}}" /n:"${{inputs.sonar_project_name}}" /d:sonar.token="${{inputs.sonar_token}}" /d:sonar.host.url="${{inputs.sonar_host_url}}" /d:sonar.cpd.exclusions="**/*Generated*.cs,${{inputs.report_folder}}/**" /d:sonar.exclusions="${{inputs.report_folder}}/**/*" /d:sonar.coverageReportPaths="${{inputs.report_folder}}/SonarQube.xml" shell: bash - name: Build .NET solution run: dotnet build --no-restore