Skip to content
Build & Test Suite

security: harden config, argon2 defaults, and non-blocking incident l… #40

Sign in to view logs

security: harden config, argon2 defaults, and non-blocking incident l…

security: harden config, argon2 defaults, and non-blocking incident l… #40

Workflow file for this run

.github/workflows/build.yml at 9c8f89a
name: Build & Test Suite
on:
push:
branches: [ master, development ]
paths:
- 'SecurityHelperLibrary/**'
- 'SecurityHelperLibrary.Tests/**'
- 'SecurityHelperLibrary.Sample/**'
- '*.csproj'
- '.github/workflows/build.yml'
pull_request:
branches: [ master, development ]
paths:
- 'SecurityHelperLibrary/**'
- 'SecurityHelperLibrary.Tests/**'
- 'SecurityHelperLibrary.Sample/**'
- '*.csproj'
jobs:
build:
name: Build & Unit Tests
runs-on: ubuntu-latest
strategy:
matrix:
dotnet-version: ['8.0.x']
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Setup .NET
uses: actions/setup-dotnet@v4
with:
dotnet-version: ${{ matrix.dotnet-version }}
- name: Restore dependencies
run: dotnet restore
- name: Build Release
run: dotnet build -c Release --no-restore /p:TreatWarningsAsErrors=true
- name: Run Unit Tests
run: |
mkdir -p TestResults
dotnet test SecurityHelperLibrary.Tests/SecurityHelperLibrary.Tests.csproj \
-c Release \
--no-restore \
-f ${{ matrix.dotnet-version == '6.0.x' && 'net6.0' || 'net8.0' }} \
--results-directory TestResults \
--logger "console;verbosity=normal" \
--logger "trx;LogFileName=unit-test-results.trx" \
--filter "Category!=Pentest" \
/p:CollectCoverage=true \
/p:CoverageFormat=opencover
- name: Upload Coverage to Codecov
uses: codecov/codecov-action@v4
with:
file: ./SecurityHelperLibrary.Tests/coverage.opencover.xml
flags: unittests
name: net-${{ matrix.dotnet-version }}
fail_ci_if_error: false
- name: Upload Test Results
uses: actions/upload-artifact@v4
if: always()
with:
name: unit-test-results-${{ matrix.dotnet-version }}
path: "TestResults/unit-test-results.trx"
quality:
name: Code Quality Checks
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Setup .NET
uses: actions/setup-dotnet@v4
with:
dotnet-version: '8.0.x'
- name: Restore dependencies
run: dotnet restore
- name: Check for compiler warnings
run: |
dotnet build -c Release --no-restore /p:TreatWarningsAsErrors=true
- name: Run StyleCop analyzers
run: |
dotnet build -c Release --no-restore
- name: Verify CHANGELOG.md updated
if: github.event_name == 'pull_request'
run: |
if git diff origin/${{ github.base_ref }}... | grep -q "^+.*## \["; then
echo "✓ CHANGELOG.md appears to be updated"
else
echo "⚠ CHANGELOG.md may need updating"
exit 0
fi
package:
name: Package & Version Check
runs-on: windows-latest
defaults:
run:
shell: bash
if: github.event_name == 'push'
steps:
- uses: actions/checkout@v4
- name: Setup .NET
uses: actions/setup-dotnet@v4
with:
dotnet-version: '8.0.x'
- name: Build target frameworks
run: |
dotnet build SecurityHelperLibrary/SecurityHelperLibrary.csproj -c Release -f net481
dotnet build SecurityHelperLibrary/SecurityHelperLibrary.csproj -c Release -f net8.0
- name: Pack NuGet Package
run: |
dotnet pack SecurityHelperLibrary/SecurityHelperLibrary.csproj \
-c Release \
--no-build \
-o ./nupkg
- name: Upload NuGet Package
uses: actions/upload-artifact@v4
with:
name: nuget-package
path: ./nupkg/
build-summary:
name: Build Summary
runs-on: ubuntu-latest
if: always()
needs: [build, quality]
steps:
- name: Check Build Status
run: |
echo "## Build Results 🔨" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "- **Build**: ${{ needs.build.result }}" >> $GITHUB_STEP_SUMMARY
echo "- **Quality**: ${{ needs.quality.result }}" >> $GITHUB_STEP_SUMMARY
if [ "${{ needs.build.result }}" != "success" ] || [ "${{ needs.quality.result }}" != "success" ]; then
exit 1
fi