Skip to content

Create script to install The Combine on a standalone system #7414

Create script to install The Combine on a standalone system

Create script to install The Combine on a standalone system #7414

Workflow file for this run

name: backend
on:
push:
branches: [master]
pull_request:
branches: [master]
permissions: # added using https://github.com/step-security/secure-workflows
contents: read
jobs:
test_build:
runs-on: ubuntu-20.04
strategy:
matrix:
dotnet: ["6.0.x"]
steps:
# See https://docs.stepsecurity.io/harden-runner/getting-started/ for instructions on
# configuring harden-runner and identifying allowed endpoints.
- name: Harden Runner
uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
*.actions.githubusercontent.com:443
aka.ms:443
api.github.com:443
api.nuget.org:443
dc.services.visualstudio.com:443
deb.debian.org:80
dotnetbuilds.azureedge.net:443
dotnetcli.azureedge.net:443
github.com:443
md-hdd-t032zjxllntc.z26.blob.storage.azure.net:443
objects.githubusercontent.com:443
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Setup dotnet
uses: actions/setup-dotnet@4d6c8fcf3c8f7a60068d26b594648e99df24cee3 # v4.0.0
with:
dotnet-version: ${{ matrix.dotnet }}
- name: Install ffmpeg
uses: FedericoCarboni/setup-ffmpeg@36c6454b5a2348e7794ba2d82a21506605921e3d # v3
# Coverage.
- name: Run coverage tests
run: dotnet test Backend.Tests/Backend.Tests.csproj
shell: bash
- name: Upload coverage artifact
uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0
with:
if-no-files-found: error
name: coverage
path: Backend.Tests/coverage.cobertura.xml
retention-days: 7
# Development build.
- run: dotnet build BackendFramework.sln
# Release build.
- run: dotnet publish BackendFramework.sln
# Fmt.
- run: dotnet tool install -g dotnet-format
- run: dotnet-format --check
upload_coverage:
needs: test_build
runs-on: ubuntu-latest
steps:
# See https://docs.stepsecurity.io/harden-runner/getting-started/ for instructions on
# configuring harden-runner and identifying allowed endpoints.
- name: Harden Runner
uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
api.github.com:443
codecov.io:443
github.com:443
storage.googleapis.com:443
uploader.codecov.io:443
- name: Checkout repository
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Download coverage artifact
uses: actions/download-artifact@87c55149d96e628cc2ef7e6fc2aab372015aec85 # v4.1.3
with:
name: coverage
- name: Upload coverage report
uses: codecov/codecov-action@eaaf4bedf32dbdc6b720b63067d99c4d77d6047d # v3.1.4
with:
fail_ci_if_error: true
files: coverage.cobertura.xml
flags: backend
name: Backend
CodeQL_build:
permissions:
actions: read # for github/codeql-action/init to get workflow details
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/autobuild to send a status report
runs-on: ubuntu-20.04
steps:
# See https://docs.stepsecurity.io/harden-runner/getting-started/ for instructions on
# configuring harden-runner and identifying allowed endpoints.
- name: Harden Runner
uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
*.actions.githubusercontent.com:443
aka.ms:443
api.github.com:443
api.nuget.org:443
dc.services.visualstudio.com:443
dotnetcli.azureedge.net:443
github.com:443
objects.githubusercontent.com:443
- name: Checkout repository
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
# Manually install .NET to work around:
# https://github.com/github/codeql-action/issues/757
- name: Setup .NET
uses: actions/setup-dotnet@4d6c8fcf3c8f7a60068d26b594648e99df24cee3 # v4.0.0
with:
dotnet-version: "6.0.x"
- name: Initialize CodeQL
uses: github/codeql-action/init@8a470fddafa5cbb6266ee11b37ef4d8aae19c571 # v3.24.6
with:
languages: csharp
- name: Autobuild
uses: github/codeql-action/autobuild@8a470fddafa5cbb6266ee11b37ef4d8aae19c571 # v3.24.6
- name: Upload artifacts if build failed
uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0
if: ${{ failure() }}
with:
name: tracer-logs
path: ${{ runner.temp }}/*.log
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@8a470fddafa5cbb6266ee11b37ef4d8aae19c571 # v3.24.6
docker_build:
runs-on: ubuntu-22.04
# if: ${{ github.event.type }} == "PullRequest"
steps:
# See https://docs.stepsecurity.io/harden-runner/getting-started/ for instructions on
# configuring harden-runner and identifying allowed endpoints.
- name: Harden Runner
uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
with:
disable-sudo: true
disable-file-monitoring: true
egress-policy: block
allowed-endpoints: >
*.actions.githubusercontent.com:443
*.data.mcr.microsoft.com:443
api.nuget.org:443
archive.ubuntu.com:80
dc.services.visualstudio.com:443
deb.debian.org:80
github.com:443
mcr.microsoft.com:443
security.ubuntu.com:80
# For subfolders, currently a full checkout is required.
# See: https://github.com/marketplace/actions/build-and-push-docker-images#path-context
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:
fetch-depth: 0
- name: Build backend
run: |
deploy/scripts/build.py --components backend
shell: bash
- name: Image digest
run: |
docker image inspect combine_backend:latest -f '{{json .Id}}'
shell: bash