AdminAPI-2.0/.github/workflows/on-pullrequest.yml at main · CSR2017/AdminAPI-2.0 · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
# SPDX-License-Identifier: Apache-2.0
# Licensed to the Ed-Fi Alliance under one or more agreements.
# The Ed-Fi Alliance licenses this file to you under the Apache License, Version 2.0.
# See the LICENSE and NOTICES files in the project root for more information.

name: On Pull Request

on:
  pull_request:
    branches:
      - main
      - "*-hotfix"
    paths:
      # TODO: restore this with AA-1601, except run in a PS-specific
      # workflow, so that the C# build and CodeQL do not run
      # unnecessarily.
      # - "**/*.ps1"
      # - "**/*.psm1"
      - "**/*.cs"
      - "**/*.csproj"
      - ".github/**/*.yml"
  workflow_dispatch:

permissions: read-all

jobs:
  # TODO: restore this with AA-1601
  # run-ps-lint:
  #   name: PowerShell Linter
  #   uses: Ed-Fi-Alliance-OSS/Ed-Fi-Actions/.github/workflows/powershell-analyzer.yml@main
  scan-actions-bidi:
    name: Scan Actions, scan all files for BIDI Trojan Attacks
    uses: ed-fi-alliance-oss/ed-fi-actions/.github/workflows/repository-scanner.yml@main
    with:
      config-file-path: ./.github/workflows/bidi-config.json

  run-cs-tests:
    name: Run C# Tests
    runs-on: ubuntu-latest
    defaults:
      run:
        shell: pwsh
    steps:
      - name: Checkout the Repo
        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1

      - name: Build
        run: ./build.ps1 -Command Build -Configuration Debug

      - name: Install Coverlet Tools
        if: success()
        run: |
          dotnet tool install --global coverlet.console
          dotnet tool install --global dotnet-reportgenerator-globaltool

      - name: Run Unit Tests
        if: success()
        run: ./build.ps1 -Command UnitTest -Configuration Debug -RunCoverageAnalysis

      - name: Upload Coverage Report
        if: always()
        uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5
        with:
          name: Coverage Report
          path: coveragereport

      - name: Upload Test Results
        uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5
        with:
          name: csharp-tests
          path: "**/*.trx"
          retention-days: 5

      - name: Dependency Review ("Dependabot on PR")
        if: ${{ !github.event.repository.fork }}
        uses: actions/dependency-review-action@9129d7d40b8c12c1ed0f60400d00c92d437adcce # v4.1.3

      - name: Initialize CodeQL
        if: success()
        uses: github/codeql-action/init@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # codeql-bundle-v3.28.0
        with:
          languages: csharp

      # Must build the software after initialization of CodeQL; something about
      # CodeQL initialization causes the resulting build to fail unit tests.
      # Therefore rebuilding here, even though also built above.
      - name: Build
        run: ./build.ps1 -Command Build -Configuration Debug

      - name: Perform CodeQL Analysis
        if: success()
        uses: github/codeql-action/analyze@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # codeql-bundle-v3.28.0

  run-integration-tests:
    name: Run integration tests
    env:
      DB_Password: P@55w0rd
    runs-on: ubuntu-22.04
    defaults:
      run:
        shell: pwsh
    services:
      sqlserver:
        image: mcr.microsoft.com/mssql/server@sha256:d7f2c670f0cd807b4dc466b8887bd2b39a4561f624c154896f5564ea38efd13a
        env:
          ACCEPT_EULA: "Y"
          SA_PASSWORD: ${{ env.DB_Password }}
          MSSQL_ENABLE_HADR: "1"
        ports:
          - 1433:1433
    steps:
      - name: Checkout the Repo
        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1

      - name: Setup Nuget.exe
        uses: nuget/setup-nuget@323ab0502cd38fdc493335025a96c8fdb0edc71f #v2.0.1

      - name: Build
        run: ./build.ps1 -Command Build -Configuration Debug

      - name: Run Integration Tests
        if: success()
        run: ./build.ps1 -Command IntegrationTest -Configuration Debug -UseIntegratedSecurity:$false -DbUsername "sa" -DbPassword ${{ env.DB_Password }}

      - name: Upload Test Results
        uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5
        with:
          name: csharp-integration-tests
          path: "**/*.trx"
          retention-days: 5

  event_file:
    name: "Event File"
    runs-on: ubuntu-latest
    steps:
    - name: Upload
      uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5
      with:
        name: Event File
        path: ${{ github.event_path }}