Feature/use composite actions (#9)

* use composite actions for sonarcloud and nuget * add code of conduct file to sln * add codeql analysis workflow Co-authored-by: Omar Amalfi Camacho <[email protected]>
ERNI-Academy · May 3, 2022 · 9a6442a · 9a6442a
1 parent 63afd81
commit 9a6442a
Show file tree

Hide file tree

Showing 4 changed files with 70 additions and 26 deletions.
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
@@ -0,0 +1,51 @@
+name: "CodeQL"
+
+on:
+  push:
+    branches: [ main ]
+    paths: 
+    - 'src/**'
+  pull_request:
+    branches: [ main ]
+    paths:
+    - 'src/**'
+  schedule:
+    - cron: '18 22 * * 3'
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ 'csharp' ]       
+        # https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#changing-the-languages-that-are-analyzed
+
+    steps:
+    - name: Checkout
+      uses: actions/checkout@v3
+      with:
+          submodules: 'true'
+          fetch-depth: 0
+
+    - name: Setup .NET 6.0.* SDK
+      uses: actions/[email protected]
+      with:
+        dotnet-version: '6.0.*'
+
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v2
+      with:
+        languages: ${{ matrix.language }}
+
+    - name: Autobuild
+      uses: github/codeql-action/autobuild@v2
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v2
diff --git a/.github/workflows/nugetpush.yml b/.github/workflows/nugetpush.yml
@@ -4,16 +4,21 @@ on:
   push:
     branches:
       - main
-
+  workflow_call:
+    secrets:
+        PACKAGESTOKEN:
+          required: true
 jobs:
   build:
     runs-on: ubuntu-latest
     steps:
     - name: Checkout repository
       uses: actions/checkout@v3
-    - name: Pack
-      run: dotnet pack --configuration Release -o nuget
-      shell: bash
-    - name: Push
-      run: dotnet nuget push "nuget/*.nupkg" --source "https://nuget.pkg.github.com/ERNI-Academy/index.json" --api-key ${{ secrets.PACKAGESTOKEN }} --skip-duplicate
-      shell: bash
+      with:
+          submodules: 'true'
+          fetch-depth: 0
+
+    - id: nuget-push
+      uses: ERNI-Academy/assets-github-actions-dotnet-nugetpush@v1
+      with:
+         pakages_token: ${{ secrets.PACKAGESTOKEN }}
diff --git a/.github/workflows/sonarcloud.yml b/.github/workflows/sonarcloud.yml
@@ -20,23 +20,9 @@ jobs:
         with:
           fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of analysis
 
-      - name: Set up JDK 11
-        uses: actions/setup-java@v1
+      - id: sonarcloud
+        uses: ERNI-Academy/assets-github-actions-dotnet-sonarcloud@v1
         with:
-          java-version: 1.11
-
-      - name: Install dotnet SonarCloud scanner
-        run: |
-             dotnet tool install --global dotnet-sonarscanner
-        shell: powershell
-
-      - name: Build and analyze
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}  # Needed to get PR information, if any
-          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
-        shell: powershell
-        run: |
-            dotnet sonarscanner begin /k:"ERNI-Academy_assets-serializers-abstraction" /o:"erni-academy" /d:sonar.login="${{ secrets.SONAR_TOKEN }}" /d:sonar.host.url="https://sonarcloud.io" /d:sonar.cs.opencover.reportsPaths="**/coverage.opencover.xml"
-            dotnet build ./Serializers.sln --configuration Release
-            dotnet test "tests/ErniAcademy.Serializers.UnitTests/ErniAcademy.Serializers.UnitTests.csproj" --no-restore --verbosity normal /p:CollectCoverage=true /p:CoverletOutputFormat=opencover
-            dotnet sonarscanner end /d:sonar.login="${{ secrets.SONAR_TOKEN }}"
+            sonar_project_key: 'ERNI-Academy_assets-serializers-abstraction'
+            sonar_token: ${{ secrets.SONAR_TOKEN }}
+            github_token: ${{ secrets.GITHUB_TOKEN }}
diff --git a/Serializers.sln b/Serializers.sln
@@ -13,13 +13,15 @@ Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = ".sln", ".sln", "{475630B7-4
 	ProjectSection(SolutionItems) = preProject
 		.gitignore = .gitignore
 		AUTHORS.md = AUTHORS.md
+		CODE_OF_CONDUCT.md = CODE_OF_CONDUCT.md
 		CONTRIBUTING.md = CONTRIBUTING.md
 		LICENSE = LICENSE
 		README.md = README.md
 	EndProjectSection
 EndProject
 Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "workflows", "workflows", "{888B4522-2ACA-4DAA-8CA1-DA43B0FFA043}"
 	ProjectSection(SolutionItems) = preProject
+		.github\workflows\codeql-analysis.yml = .github\workflows\codeql-analysis.yml
 		.github\workflows\nugetpush.yml = .github\workflows\nugetpush.yml
 		.github\workflows\sonarcloud.yml = .github\workflows\sonarcloud.yml
 	EndProjectSection