From aab8e8c96f21b7329da05f157be54c72f1bf4066 Mon Sep 17 00:00:00 2001 From: Alex Hedley Date: Sun, 2 Jun 2024 21:13:31 +0100 Subject: [PATCH] Add Dep Check WF --- .github/workflows/depcheck.yml | 84 ++++++++++++++++++++++++++++++++++ .github/workflows/main.yml | 22 ++++----- 2 files changed, 95 insertions(+), 11 deletions(-) create mode 100644 .github/workflows/depcheck.yml diff --git a/.github/workflows/depcheck.yml b/.github/workflows/depcheck.yml new file mode 100644 index 00000000..01da14b7 --- /dev/null +++ b/.github/workflows/depcheck.yml @@ -0,0 +1,84 @@ +name: Dependency Check + +on: + workflow_dispatch: +# push: +# branches: [ main, dev ] +# paths: src/** +# pull_request: +# branches: [ main ] +# paths: src/** + +# # Sets permissions of the GITHUB_TOKEN to allow deployment to GitHub Pages +# permissions: +# contents: read +# pages: write +# id-token: write + +jobs: + depcheck: + runs-on: ubuntu-latest + name: OWASP Dependency-Check + # defaults: + # run: + # working-directory: src + + steps: + - name: ๐Ÿ›Ž๏ธ Checkout + uses: actions/checkout@v4 + + - name: โš™๏ธ Setup .NET 8.0 + uses: actions/setup-dotnet@v4 + with: + dotnet-version: "8.0.x" + # include-prerelease: true + + - name: โฌ‡๏ธ Restore dependencies + run: dotnet restore + working-directory: src + + - name: ๐Ÿ”จ Build + run: dotnet build --no-restore + working-directory: src + + # - name: ๐Ÿงช Unit Testing + # run: dotnet test --collect:"XPlat Code Coverage" + # working-directory: src + + # - name: ๐Ÿš€ Publish Test Results + # uses: EnricoMi/publish-unit-test-result-action@v2 + # if: always() + # with: + # xunit_files: 'src/**/TestResults/**/coverage.cobertura.xml' + + - name: ๐Ÿ‘ด๐Ÿป Check vulnerable packages + run: dotnet list package --vulnerable + working-directory: src + + - name: ๐Ÿ Dependency Check + uses: dependency-check/Dependency-Check_Action@main + id: Depcheck + with: + project: "test" + path: "./src" + format: "HTML" + out: "reports" # this is the default, no need to specify unless you wish to override it + args: > + --failOnCVSS 11 + --enableRetired + # --suppression ./src/dependency-suppression.xml + + - name: โฌ†๏ธ Upload Test results + uses: actions/upload-artifact@v4 + with: + name: Depcheck report + path: ${{github.workspace}}/reports + + - name: ๐ŸŒ Commit wwwroot to GitHub Pages + uses: JamesIves/github-pages-deploy-action@v4.5.0 + with: + token: ${{ secrets.GITHUB_TOKEN }} + branch: gh-pages + folder: ${{github.workspace}}/reports + target-folder: reports + clean: false diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 266002dd..3593194d 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -3,7 +3,7 @@ name: ๐Ÿš€ Deploy to GitHub Pages on: workflow_dispatch: push: - branches: [ main ] + branches: [main] paths: src/** # pull_request: # branches: [ main ] @@ -18,22 +18,22 @@ on: jobs: deploy: runs-on: ubuntu-latest - -# defaults: -# run: -# working-directory: src - + + # defaults: + # run: + # working-directory: src + steps: - name: ๐Ÿšš Checkout uses: actions/checkout@v4 with: submodules: true - - - name: Setup .NET 8.0 + + - name: โš™ Setup .NET 8.0 uses: actions/setup-dotnet@v4 with: - dotnet-version: '8.0.x' -# include-prerelease: true + dotnet-version: "8.0.x" + # include-prerelease: true - name: โฌ‡๏ธ Restore dependencies working-directory: ./src @@ -42,7 +42,7 @@ jobs: - name: ๐Ÿ”จ Build working-directory: ./src run: dotnet build --no-restore - + - name: ๐Ÿ“ฆ Run working-directory: ./src run: dotnet run