Bump SonarAnalyzer.CSharp from 9.32.0.97167 to 10.4.0.108396 #730
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Main build | |
on: | |
workflow_dispatch: # Allow running the workflow manually from the GitHub UI | |
pull_request: | |
branches: | |
- main | |
push: | |
branches: | |
- main | |
merge_group: | |
branches: | |
- main | |
workflow_call: # Allow to be called from the release workflow | |
schedule: | |
- cron: '31 15 * * 0' # Run periodically to keep CodeQL database updated | |
permissions: | |
security-events: write # required for CodeQL | |
packages: read | |
contents: read | |
actions: read | |
jobs: | |
build: | |
strategy: | |
fail-fast: false # Run all OSes, even if one fails, to help narrow down issues that only impact some platforms | |
matrix: | |
os: [windows-latest, ubuntu-latest] | |
runs-on: ${{ matrix.os }} | |
env: | |
IS_COVERAGE_ALLOWED: ${{ secrets.CODACY_PROJECT_TOKEN != '' }} | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 # avoid shallow clone so nbgv can do its work | |
- name: Initialize CodeQL | |
uses: github/codeql-action/init@v3 | |
with: | |
languages: csharp | |
build-mode: manual | |
# If you wish to specify custom queries, you can do so here or in a config file. | |
# By default, queries listed here will override any specified in a config file. | |
# Prefix the list here with "+" to use these queries and those in the config file. | |
# For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs | |
# queries: security-extended,security-and-quality | |
queries: security-extended | |
- name: Setup .NET | |
uses: actions/setup-dotnet@v4 | |
with: | |
global-json-file: ./global.json | |
- name: NuGet Restore | |
run: dotnet restore | |
- name: Build | |
run: dotnet build --no-restore --configuration Release /bl:./artifacts/logs/release/build.release.binlog | |
- name: Test | |
run: dotnet test --no-build --configuration Release --settings ./build/targets/tests/test.runsettings | |
- name: Upload binlogs | |
uses: actions/upload-artifact@v4 | |
if: success() || failure() | |
with: | |
name: binlogs-${{ matrix.os }} | |
path: ./artifacts/logs | |
if-no-files-found: error | |
- name: Upload *.received.* files | |
uses: actions/upload-artifact@v4 | |
if: failure() | |
with: | |
name: verify-test-results | |
path: | | |
**/*.received.* | |
- name: Upload SARIF files | |
uses: actions/upload-artifact@v4 | |
if: success() || failure() | |
with: | |
name: SARIF files (${{ matrix.os }}) | |
path: ./artifacts/obj/**/*.sarif | |
- name: Upload Test Report | |
uses: actions/upload-artifact@v4 | |
if: success() || failure() | |
with: | |
name: .NET Test Reports (${{ matrix.os }}) | |
path: "artifacts/TestResults/**/*.trx" | |
if-no-files-found: error | |
- name: Upload Code Coverage Report | |
uses: actions/upload-artifact@v4 | |
if: success() || failure() | |
with: | |
name: .NET Code Coverage Reports (${{ matrix.os }}) | |
path: "artifacts/TestResults/coverage/**" | |
- name: Publish coverage summary to GitHub | |
run: cat artifacts/TestResults/coverage/SummaryGithub.md >> $GITHUB_STEP_SUMMARY | |
shell: bash | |
- name: Upload coverage data to Codacy | |
if: ${{ runner.os == 'Linux' && env.IS_COVERAGE_ALLOWED == 'true' }} | |
uses: codacy/[email protected] | |
with: | |
project-token: ${{ secrets.CODACY_PROJECT_TOKEN }} | |
coverage-reports: ${{ github.workspace }}/artifacts/TestResults/coverage/Cobertura.xml | |
- name: Upload packages | |
uses: actions/upload-artifact@v4 | |
with: | |
name: packages-${{ matrix.os }} | |
path: | | |
./artifacts/package | |
if-no-files-found: error | |
- name: Validate performance | |
shell: pwsh | |
# Uses ETL which needs Windows | |
if: ${{ runner.os == 'Windows' }} | |
run: ${{ github.workspace }}/build/scripts/perf/PerfCore.ps1 -v diag -diff -ci | |
- name: Perform CodeQL Analysis | |
uses: github/codeql-action/analyze@v3 | |
with: | |
category: "/language:csharp" |