From 5815fe3eba801cf8781204b50cb2b2f36ca07193 Mon Sep 17 00:00:00 2001 From: Frans van Dorsselaer <17404029+dorssel@users.noreply.github.com> Date: Sat, 3 Feb 2024 19:45:05 +0100 Subject: [PATCH] Update GitHub actions - also bump dependencies --- .github/dependabot.yml | 6 ++ .../{codeql-analysis.yml => codeql.yml} | 0 .github/workflows/devskim.yml | 45 +++++++++ .github/workflows/dotnet.yml | 2 +- .github/workflows/lint.yml | 25 +++++ .github/workflows/mega-linter.yml | 94 ------------------- .github/workflows/reuse.yml | 24 ----- .github/workflows/update-dotnet-sdk.yml | 21 +++++ Directory.Packages.props | 4 +- global.json | 2 +- 10 files changed, 101 insertions(+), 122 deletions(-) rename .github/workflows/{codeql-analysis.yml => codeql.yml} (100%) create mode 100644 .github/workflows/devskim.yml create mode 100644 .github/workflows/lint.yml delete mode 100644 .github/workflows/mega-linter.yml delete mode 100644 .github/workflows/reuse.yml create mode 100644 .github/workflows/update-dotnet-sdk.yml diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 2da8223..e94bd83 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -3,6 +3,8 @@ # SPDX-License-Identifier: MIT --- +# yaml-language-server: $schema=https://json.schemastore.org/dependabot-2.0.json + # To get started with Dependabot version updates, you'll need to specify which # package ecosystems to update and where the package manifests are located. # Please see the documentation for all configuration options: @@ -18,3 +20,7 @@ updates: directory: '/' schedule: interval: 'daily' + groups: + mstest: + patterns: + - 'MSTest.*' diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql.yml similarity index 100% rename from .github/workflows/codeql-analysis.yml rename to .github/workflows/codeql.yml diff --git a/.github/workflows/devskim.yml b/.github/workflows/devskim.yml new file mode 100644 index 0000000..5e58044 --- /dev/null +++ b/.github/workflows/devskim.yml @@ -0,0 +1,45 @@ +# SPDX-FileCopyrightText: 2024 Frans van Dorsselaer +# +# SPDX-License-Identifier: MIT + +--- +# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json + +# This workflow uses actions that are not certified by GitHub. +# They are provided by a third-party and are governed by +# separate terms of service, privacy policy, and support +# documentation. + +name: DevSkim + +on: + push: + branches: [master] + pull_request: + branches: [master] + schedule: + - cron: '22 14 * * 6' + +permissions: read-all + +jobs: + lint: + name: DevSkim + runs-on: ubuntu-latest + + permissions: + actions: read + contents: read + security-events: write + + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Run DevSkim scanner + uses: microsoft/DevSkim-Action@v1 + + - name: Upload DevSkim scan results to GitHub Security tab + uses: github/codeql-action/upload-sarif@v3 + with: + sarif_file: devskim-results.sarif diff --git a/.github/workflows/dotnet.yml b/.github/workflows/dotnet.yml index c725e05..d2ef2c8 100644 --- a/.github/workflows/dotnet.yml +++ b/.github/workflows/dotnet.yml @@ -49,6 +49,6 @@ jobs: **/*.snupkg - name: Codecov - uses: codecov/codecov-action@v3 + uses: codecov/codecov-action@v4 env: CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml new file mode 100644 index 0000000..a4fce57 --- /dev/null +++ b/.github/workflows/lint.yml @@ -0,0 +1,25 @@ +# SPDX-FileCopyrightText: 2023 Frans van Dorsselaer +# +# SPDX-License-Identifier: MIT + +--- +# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json + +name: Lint + +on: + push: + branches: [master] + pull_request: + branches: [master] + +permissions: + contents: read + pull-requests: write + +jobs: + REUSE: + uses: dorssel/workflows/.github/workflows/REUSE.yml@main + + MegaLinterNET: + uses: dorssel/workflows/.github/workflows/mega-linter-dotnet.yml@main diff --git a/.github/workflows/mega-linter.yml b/.github/workflows/mega-linter.yml deleted file mode 100644 index 6c54008..0000000 --- a/.github/workflows/mega-linter.yml +++ /dev/null @@ -1,94 +0,0 @@ -# SPDX-FileCopyrightText: 2022 Frans van Dorsselaer -# -# SPDX-License-Identifier: MIT - ---- -# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json -# yamllint disable rule:line-length - -# MegaLinter GitHub Action configuration file -# More info at https://megalinter.github.io -name: MegaLinter - -on: - push: - branches: [master] - pull_request: - branches: [master] - -permissions: - contents: read - pull-requests: write - -# env: # Comment env block if you do not want to apply fixes -# Apply linter fixes configuration -# APPLY_FIXES: all # When active, APPLY_FIXES must also be defined as environment variable (in github/workflows/mega-linter.yml or other CI tool) -# APPLY_FIXES_EVENT: pull_request # Decide which event triggers application of fixes in a commit or a PR (pull_request, push, all) -# APPLY_FIXES_MODE: commit # If APPLY_FIXES is used, defines if the fixes are directly committed (commit) or posted in a PR (pull_request) - -concurrency: - group: ${{ github.ref }}-${{ github.workflow }} - cancel-in-progress: true - -jobs: - build: - name: MegaLinter - runs-on: ubuntu-latest - steps: - # Git Checkout - - name: Checkout Code - uses: actions/checkout@v4 - with: - token: ${{ secrets.PAT || secrets.GITHUB_TOKEN }} - fetch-depth: 0 - - # MegaLinter - - name: MegaLinter - id: ml - # You can override MegaLinter flavor used to have faster performances - # More info at https://megalinter.github.io/flavors/ - uses: oxsecurity/megalinter/flavors/dotnet@v7 - env: - # All available variables are described in documentation - # https://megalinter.github.io/configuration/ - VALIDATE_ALL_CODEBASE: true # ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }} # Validates all source when push on main, else just the git diff with main. Override with true if you always want to lint all sources - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - # ADD YOUR CUSTOM ENV VARIABLES HERE OR DEFINE THEM IN A FILE .mega-linter.yml AT THE ROOT OF YOUR REPOSITORY - # DISABLE: COPYPASTE,SPELL # Uncomment to disable copy-paste and spell checks - - # Upload MegaLinter artifacts - - name: Archive production artifacts - if: always() - uses: actions/upload-artifact@v4 - with: - name: MegaLinter reports - path: | - megalinter-reports - mega-linter.log - - # Create pull request if applicable (for now works only on PR from same repository, not from forks) - - name: Create Pull Request with applied fixes - id: cpr - if: steps.ml.outputs.has_updated_sources == 1 && (env.APPLY_FIXES_EVENT == 'all' || env.APPLY_FIXES_EVENT == github.event_name) && env.APPLY_FIXES_MODE == 'pull_request' && (github.event_name == 'push' || github.event.pull_request.head.repo.full_name == github.repository) && !contains(github.event.head_commit.message, 'skip fix') - uses: peter-evans/create-pull-request@v5 - with: - token: ${{ secrets.PAT || secrets.GITHUB_TOKEN }} - commit-message: '[MegaLinter] Apply linters automatic fixes' - title: '[MegaLinter] Apply linters automatic fixes' - labels: bot - - name: Create PR output - if: steps.ml.outputs.has_updated_sources == 1 && (env.APPLY_FIXES_EVENT == 'all' || env.APPLY_FIXES_EVENT == github.event_name) && env.APPLY_FIXES_MODE == 'pull_request' && (github.event_name == 'push' || github.event.pull_request.head.repo.full_name == github.repository) && !contains(github.event.head_commit.message, 'skip fix') - run: | - echo "Pull Request Number - ${{ steps.cpr.outputs.pull-request-number }}" - echo "Pull Request URL - ${{ steps.cpr.outputs.pull-request-url }}" - - # Push new commit if applicable (for now works only on PR from same repository, not from forks) - - name: Prepare commit - if: steps.ml.outputs.has_updated_sources == 1 && (env.APPLY_FIXES_EVENT == 'all' || env.APPLY_FIXES_EVENT == github.event_name) && env.APPLY_FIXES_MODE == 'commit' && github.ref != 'refs/heads/main' && (github.event_name == 'push' || github.event.pull_request.head.repo.full_name == github.repository) && !contains(github.event.head_commit.message, 'skip fix') - run: sudo chown -Rc $UID .git/ - - name: Commit and push applied linter fixes - if: steps.ml.outputs.has_updated_sources == 1 && (env.APPLY_FIXES_EVENT == 'all' || env.APPLY_FIXES_EVENT == github.event_name) && env.APPLY_FIXES_MODE == 'commit' && github.ref != 'refs/heads/main' && (github.event_name == 'push' || github.event.pull_request.head.repo.full_name == github.repository) && !contains(github.event.head_commit.message, 'skip fix') - uses: stefanzweifel/git-auto-commit-action@v5 - with: - branch: ${{ github.event.pull_request.head.ref || github.head_ref || github.ref }} - commit_message: '[MegaLinter] Apply linters fixes' diff --git a/.github/workflows/reuse.yml b/.github/workflows/reuse.yml deleted file mode 100644 index f9c576e..0000000 --- a/.github/workflows/reuse.yml +++ /dev/null @@ -1,24 +0,0 @@ -# SPDX-FileCopyrightText: 2022 Frans van Dorsselaer -# -# SPDX-License-Identifier: MIT - ---- -# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json - -name: REUSE - -on: - push: - branches: [master] - pull_request: - branches: [master] - -permissions: read-all - -jobs: - test: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - name: REUSE Compliance Check - uses: fsfe/reuse-action@v2 diff --git a/.github/workflows/update-dotnet-sdk.yml b/.github/workflows/update-dotnet-sdk.yml new file mode 100644 index 0000000..f542541 --- /dev/null +++ b/.github/workflows/update-dotnet-sdk.yml @@ -0,0 +1,21 @@ +# SPDX-FileCopyrightText: 2024 Frans van Dorsselaer +# +# SPDX-License-Identifier: MIT + +--- +# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json + +name: UpdateSDK + +on: + workflow_dispatch: + schedule: + - cron: '12 11 * * *' + +permissions: + contents: write + pull-requests: write + +jobs: + UpdateSDK: + uses: dorssel/workflows/.github/workflows/update-dotnet-sdk.yml@main diff --git a/Directory.Packages.props b/Directory.Packages.props index 354d30d..2ae81f6 100644 --- a/Directory.Packages.props +++ b/Directory.Packages.props @@ -13,8 +13,8 @@ SPDX-License-Identifier: MIT - - + + diff --git a/global.json b/global.json index b7e3357..894707a 100644 --- a/global.json +++ b/global.json @@ -1,6 +1,6 @@ { "sdk": { - "version": "8.0.100", + "version": "8.0.101", "allowPrerelease": false, "rollForward": "latestFeature" }