-
Notifications
You must be signed in to change notification settings - Fork 0
184 lines (170 loc) · 5.95 KB
/
dotnet.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
name: .NET
on:
push:
branches: [ main ]
pull_request:
branches: [ main ]
env:
DOTNET_NOLOGO: true
DOTNET_CLI_TELEMETRY_OPTOUT: true
DOTNET_SKIP_FIRST_TIME_EXPERIENCE: true
jobs:
build:
strategy:
matrix:
os:
- ubuntu-latest
- macOS-latest
- windows-latest
dotnet:
- { sdk: 8.0.x, framework: net8.0 }
runs-on: ${{matrix.os}}
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0 # so that NerdBank.GitVersioning has access to history
- name: Setup .NET
uses: actions/setup-dotnet@v4
with:
dotnet-version: ${{matrix.dotnet.sdk}}
- name: Restore dependencies
run: dotnet restore
- name: Build
run: dotnet build --no-restore
- name: Test
run: dotnet test --no-build --verbosity normal --framework ${{matrix.dotnet.framework}}
check-format:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup .NET SDK v8.0.x
uses: actions/setup-dotnet@v4
with:
dotnet-version: 8.0.x
- name: Prepare .NET tools
run: dotnet tool restore
- name: Run Fantomas
run: ./hooks/pre-push
analyze-code:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Setup .NET SDK v8.0.x
uses: actions/setup-dotnet@v4
with:
dotnet-version: 8.0.x
- name: Prepare .NET tools
run: dotnet tool restore
- name: Prepare analyzers
run: dotnet restore ./analyzers/analyzers.fsproj
- name: Restore dependencies
run: dotnet restore ./HeterogeneousCollections/HeterogeneousCollections.fsproj
- name: Run analyzers
run: dotnet fsharp-analyzers --project ./HeterogeneousCollections/HeterogeneousCollections.fsproj --analyzers-path ./.analyzerpackages/g-research.fsharp.analyzers/*/ --verbosity detailed --report ./analysis.sarif --treat-as-error GRA-STRING-001 GRA-STRING-002 GRA-STRING-003 GRA-UNIONCASE-001 GRA-INTERPOLATED-001 GRA-TYPE-ANNOTATE-001 GRA-VIRTUALCALL-001 GRA-IMMUTABLECOLLECTIONEQUALITY-001 GRA-JSONOPTS-001 GRA-LOGARGFUNCFULLAPP-001 GRA-DISPBEFOREASYNC-001 --exclude-analyzers PartialAppAnalyzer
- name: Upload SARIF file
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: analysis.sarif
nuget-pack:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0 # so that NerdBank.GitVersioning has access to history
- name: Setup .NET SDK v8.0.x
uses: actions/setup-dotnet@v4
with:
dotnet-version: 8.0.x
- name: Build
run: dotnet build HeterogeneousCollections/HeterogeneousCollections.fsproj --configuration Release
- name: Pack
run: dotnet pack HeterogeneousCollections/HeterogeneousCollections.fsproj --configuration Release
- name: Upload NuGet artifact
uses: actions/upload-artifact@v4
with:
name: nuget-package
path: HeterogeneousCollections/bin/Release/HeterogeneousCollections.*.nupkg
expected-pack:
needs: [nuget-pack]
runs-on: ubuntu-latest
steps:
- name: Download NuGet artifact
uses: actions/download-artifact@v4
with:
name: nuget-package
- name: Check NuGet contents
# Verify that there is exactly one HeterogeneousCollections.*.nupkg in the artifact that would be NuGet published
run: if [[ $(find . -maxdepth 1 -name 'HeterogeneousCollections.*.nupkg' -printf c | wc -c) -ne "1" ]]; then exit 1; fi
github-tag-and-release-dry-run:
runs-on: ubuntu-latest
needs: [expected-pack]
steps:
- uses: actions/checkout@v4
- name: Download NuGet artifact
uses: actions/download-artifact@v4
- name: Tag and release packages
env:
GITHUB_TOKEN: "mock-token"
DRY_RUN: "1"
run: bash .github/workflows/tag.sh
all-required-checks-complete:
needs: [check-format, build, expected-pack, analyze-code, github-tag-and-release-dry-run]
if: always()
runs-on: ubuntu-latest
steps:
- uses: G-Research/common-actions/check-required-lite@main
with:
needs-context: ${{ toJSON(needs) }}
# This does not gate release, because external dependencies may be flaky.
markdown-link-check:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: gaurav-nelson/github-action-markdown-link-check@v1
nuget-publish:
runs-on: ubuntu-latest
if: ${{ !github.event.repository.fork && github.ref == 'refs/heads/main' }}
needs: [all-required-checks-complete]
environment: release
permissions:
id-token: write
attestations: write
contents: read
steps:
- name: Download NuGet artifact
uses: actions/download-artifact@v4
with:
name: nuget-package
path: downloaded
- name: Publish NuGet package
uses: G-Research/common-actions/publish-nuget@main
with:
package-name: HeterogeneousCollections
nuget-key: ${{ secrets.NUGET_API_KEY }}
nupkg-dir: downloaded
github-tag-and-release:
runs-on: ubuntu-latest
if: ${{ !github.event.repository.fork && github.ref == 'refs/heads/main' }}
needs: [all-required-checks-complete]
environment: release
steps:
- name: Generate app token
id: app-token
uses: actions/create-github-app-token@v1
with:
app-id: ${{ secrets.APP_ID }}
private-key: ${{ secrets.APP_PRIVATE_KEY }}
- uses: actions/checkout@v4
with:
token: ${{ steps.app-token.outputs.token }}
- name: Download NuGet artifact
uses: actions/download-artifact@v4
- name: Tag and release packages
env:
GITHUB_TOKEN: ${{ steps.app-token.outputs.token }}
run: bash .github/workflows/tag.sh