From 1ee44eb48225c9701ead7aea317b376ce8aadaf1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=A9r=C3=A9mie=20Bertrand?= Date: Sat, 4 May 2024 07:44:30 +0200 Subject: [PATCH] fix github workflows --- .github/workflows/codeql-analysis.yml | 8 ++++---- .github/workflows/format.yml | 2 +- .github/workflows/infersharp-analysis.yml | 13 ++++++++----- .github/workflows/sonar-analysis.yml | 22 +++++++++++++--------- 4 files changed, 26 insertions(+), 19 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 0e2e6a6f..52c9f1f9 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -30,7 +30,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v2 + uses: actions/checkout@v4 with: # We must fetch at least the immediate parents so that if this is # a pull request then we can checkout the head. @@ -43,7 +43,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v1 + uses: github/codeql-action/init@v3 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -54,7 +54,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@v1 + uses: github/codeql-action/autobuild@v3 # ℹī¸ Command-line programs to run using the OS shell. # 📚 https://git.io/JvXDl @@ -68,4 +68,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v1 + uses: github/codeql-action/analyze@v3 diff --git a/.github/workflows/format.yml b/.github/workflows/format.yml index 59263485..7c0e0097 100644 --- a/.github/workflows/format.yml +++ b/.github/workflows/format.yml @@ -9,7 +9,7 @@ jobs: DOTNET_NOLOGO: true DOTNET_CLI_TELEMETRY_OPTOUT: true steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v4 - uses: xt0rted/dotnet-format-problem-matcher@v1.2.0 diff --git a/.github/workflows/infersharp-analysis.yml b/.github/workflows/infersharp-analysis.yml index 32c8b5b5..4243c4ae 100644 --- a/.github/workflows/infersharp-analysis.yml +++ b/.github/workflows/infersharp-analysis.yml @@ -14,7 +14,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v2 + uses: actions/checkout@v4 with: # We must fetch at least the immediate parents so that if this is # a pull request then we can checkout the head. @@ -28,10 +28,13 @@ jobs: - name: Build run: dotnet build src --configuration Release - - name: Run Infer# - uses: microsoft/infersharpaction@v0.2 + - name: Run Infer# + uses: microsoft/infersharpaction@v1.5 id: runinfersharp with: binary-path: 'src/NVika/bin/Release/net6.0/' - - name: Infer# analysis results - run: echo "${{ steps.runinfersharp.outputs.results }}" \ No newline at end of file + + - name: Upload SARIF output to GitHub Security Center + uses: github/codeql-action/upload-sarif@v3 + with: + sarif_file: infer-out/report.sarif diff --git a/.github/workflows/sonar-analysis.yml b/.github/workflows/sonar-analysis.yml index e858fdb5..551f8edb 100644 --- a/.github/workflows/sonar-analysis.yml +++ b/.github/workflows/sonar-analysis.yml @@ -3,6 +3,9 @@ name: "Sonar" on: push: branches: [ master ] + pull_request: + # The branches below must be a subset of the branches above + branches: [master] jobs: Analyze: @@ -13,19 +16,20 @@ jobs: DOTNET_CLI_TELEMETRY_OPTOUT: true steps: - - uses: actions/setup-java@v1 + - uses: actions/setup-java@v4.2.1 with: - java-version: '13' # The JDK version to make available on the path. + distribution: 'temurin' + java-version: '21' # The JDK version to make available on the path. java-package: jdk # (jre, jdk, or jdk+fx) - defaults to jdk architecture: x64 # (x64 or x86) - defaults to x64 - - uses: actions/checkout@v2 + - uses: actions/checkout@v4 - name: Fetch all history for all tags and branches run: git fetch --prune --unshallow - name: Cache nuget packages - uses: actions/cache@v2 + uses: actions/cache@v4 with: path: ~/.nuget/packages key: nuget-${{ hashFiles('**/packages.lock.json') }} @@ -33,7 +37,7 @@ jobs: nuget- - name: Cache SonarCloud packages - uses: actions/cache@v1 + uses: actions/cache@v4 with: path: ~/sonar/cache key: ${{ runner.os }}-sonar @@ -41,25 +45,25 @@ jobs: - name: Cache SonarCloud scanner id: cache-sonar-scanner - uses: actions/cache@v1 + uses: actions/cache@v4 with: path: ./.sonar/scanner key: ${{ runner.os }}-sonar-scanner restore-keys: ${{ runner.os }}-sonar-scanner - name: Setup .NET Core - uses: actions/setup-dotnet@v2 + uses: actions/setup-dotnet@v4 with: dotnet-version: '6.0.x' - name: Install GitVersion - uses: gittools/actions/gitversion/setup@v0.9.11 + uses: gittools/actions/gitversion/setup@v1.1.1 with: versionSpec: '5.x' - name: Check GitVersion id: gitversion # step id used as reference for output values - uses: gittools/actions/gitversion/execute@v0.9.11 + uses: gittools/actions/gitversion/execute@v1.1.1 - name: Install SonarCloud scanner if: steps.cache-sonar-scanner.outputs.cache-hit != 'true'