From 349486d2c7573b2132d0481d7673cd774568198e Mon Sep 17 00:00:00 2001 From: James Dawson Date: Wed, 10 Apr 2024 14:37:10 +0100 Subject: [PATCH 01/16] Update build composite action Enable support for cross-os caching --- actions/run-scripted-build/action.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/actions/run-scripted-build/action.yml b/actions/run-scripted-build/action.yml index 6d294ff..02bc5d5 100644 --- a/actions/run-scripted-build/action.yml +++ b/actions/run-scripted-build/action.yml @@ -46,6 +46,10 @@ inputs: description: The path to the build script to run. required: false default: './build.ps1' + enableCrossOsCaching: + description: "When true the enables the 'enableCrossOsArchive' property on the GitHub Actions cache task. ref: https://github.com/actions/cache/blob/main/tips-and-workarounds.md#cross-os-cache" + required: false + default: 'false' outputs: @@ -96,6 +100,7 @@ runs: with: path: ${{ inputs.inputCachePaths }} key: build-state-${{ github.sha }} + enableCrossOsArchive: ${{ inputs.enableCrossOsCaching }} - id: cache_debug run: | @@ -120,6 +125,7 @@ runs: with: path: ${{ inputs.outputCachePaths }} key: build-state-${{ github.sha }} + enableCrossOsArchive: ${{ inputs.enableCrossOsCaching }} - name: Upload Artifact uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0 From 37a7866efac4b9fa36444109f04d0cec504b7e95 Mon Sep 17 00:00:00 2001 From: James Dawson Date: Wed, 8 May 2024 15:31:29 +0100 Subject: [PATCH 02/16] Add new workflow to support matrix test scenarios Initially focussed on .NET solutions --- .../scripted-build-matrix-pipeline.yml | 408 ++++++++++++++++++ 1 file changed, 408 insertions(+) create mode 100644 .github/workflows/scripted-build-matrix-pipeline.yml diff --git a/.github/workflows/scripted-build-matrix-pipeline.yml b/.github/workflows/scripted-build-matrix-pipeline.yml new file mode 100644 index 0000000..404a597 --- /dev/null +++ b/.github/workflows/scripted-build-matrix-pipeline.yml @@ -0,0 +1,408 @@ +on: + workflow_call: + inputs: + netSdkVersion: + description: The primary .NET SDK version required for the build process, as per the syntax required by the 'setup-dotnet' action. + required: true + type: string + default: '8.0.x' + additionalNetSdkVersion: + description: An additional .NET SDK version required for the build process, as per the syntax required by the 'setup-dotnet' action. + required: false + type: string + pythonVersion: + description: Specify an additional Python version required for the build process + required: false + type: string + additionalCachePaths: + description: Custom paths that need to be included in the multi-stage pipeline caching. + required: false + default: '' + type: string + configuration: + description: The target build configuration. + required: false + default: 'Release' + type: string + compilePhaseEnv: + description: A JSON object representing the environment variables required when running the 'compile' stage of this workflow. + required: false + type: string + testPhaseEnv: + description: A JSON object representing the environment variables required when running the 'test' stage of this workflow. + required: false + type: string + testArtifactName: + description: If set, during the test phase, uploads a GitHub artifact with the provided name (path must be specified in `artifactPath`) + required: false + type: string + testArtifactPath: + description: If set, during the test phase, uploads a GitHub artifact with the provided path (name must be specified in `artifactName`). The path can be a file, directory or wildcard pattern; multiple paths can be specified using newline demiliter. + required: false + type: string + packagePhaseEnv: + description: A JSON object representing the environment variables required when running the 'package' stage of this workflow. + required: false + type: string + publishPhaseEnv: + description: A JSON object representing the environment variables required when running the 'publish' stage of this workflow. + required: false + type: string + publishArtifactName: + description: If set, during the publish phase, uploads a GitHub artifact with the provided name (path must be specified in `artifactPath`) + required: false + type: string + publishArtifactPath: + description: If set, during the publish phase, uploads a GitHub artifact with the provided path (name must be specified in `artifactName`). The path can be a file, directory or wildcard pattern; multiple paths can be specified using newline demiliter. + required: false + type: string + forcePublish: + description: When true, the Publish stage will be run regardless of the current branch or tag. + required: false + default: false + type: boolean + skipCleanup: + description: When true the pipeline clean-up stage will not be run. For example, the cache used between pipeline stages will be retained. + required: false + default: false + type: boolean + buildScriptPath: + description: The path to the build script to run. + required: false + default: ./build.ps1 + type: string + enableCrossOsCaching: + description: "When true the enables the 'enableCrossOsArchive' property on the GitHub Actions cache task. ref: https://github.com/actions/cache/blob/main/tips-and-workarounds.md#cross-os-cache" + required: false + default: true + type: boolean + compilePhaseRunnerOs: + description: The operating system to run the 'compile' stage of this workflow on. + required: false + default: windows-latest + type: string + testPhaseMatrixJson: + description: The OS and .NET Framework matrix configuration to be used for running the 'test' stage of this workflow. + required: false + default: | + { + "os": ["ubuntu-latest", "windows-latest"], + "dotnetFramework": ["net8.0", "net481"], + "exclude": [ + { + "os": "ubuntu-latest", + "dotnetFramework": "net481" + } + ] + } + type: string + packagePhaseRunnerOs: + description: The operating system to run the 'package' stage of this workflow on. + required: false + default: windows-latest + type: string + + secrets: + compilePhaseAzureCredentials: + required: false + compilePhaseSecrets: + description: A YAML string representing a dictionary of secrets required when running the 'compile' stage of this workflow. + required: false + testPhaseAzureCredentials: + required: false + testPhaseSecrets: + description: A YAML string representing a dictionary of secrets required when running the 'test' stage of this workflow. + required: false + packagePhaseAzureCredentials: + required: false + packagePhaseSecrets: + description: A YAML string representing a dictionary of secrets required when running the 'package' stage of this workflow. + required: false + publishPhaseAzureCredentials: + required: false + publishPhaseSecrets: + description: A YAML string representing a dictionary of secrets required when running the 'publish' stage of this workflow. + required: false + +env: + CODE_COVERAGE_SUMMARY_DIR: ${{ vars.CODE_COVERAGE_SUMMARY_DIR || '.' }} + CODE_COVERAGE_SUMMARY_FILE: ${{ vars.CODE_COVERAGE_SUMMARY_FILE || 'code-coverage-results.md' }} + CODE_COVERAGE_LOWER_THRESHOLD: ${{ vars.BUILD_CODE_COVERAGE_LOWER_THRESHOLD || 60 }} + CODE_COVERAGE_UPPER_THRESHOLD: ${{ vars.BUILD_CODE_COVERAGE_UPPER_THRESHOLD || 80 }} + +jobs: + compile: + name: Compile & Analyse + runs-on: ${{ inputs.compilePhaseRunnerOs }} + outputs: + semver: ${{ steps.run_compile.outputs.semver }} + major: ${{ steps.run_compile.outputs.major }} + majorMinor: ${{ steps.run_compile.outputs.majorMinor }} + preReleaseTag: ${{ steps.run_compile.outputs.preReleaseTag }} + + steps: + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 #v4.1.1 + with: + fetch-depth: 0 + submodules: true + - uses: endjin/Endjin.RecommendedPractices.GitHubActions/actions/set-env-vars-and-secrets@main + with: + environmentVariablesYamlBase64: ${{ inputs.compilePhaseEnv}} + secretsYamlBase64: ${{ secrets.compilePhaseSecrets}} + - name: Debug Variables + if: env.ACTIONS_RUNNER_DEBUG == 'true' + run: | + gci env:/ | fl | out-string | Write-Host + shell: pwsh + - name: Check if compilePhaseAzureCredentials secret is set + id: compilePhaseAzureCredentials_secret_check + shell: bash + run: | + if [ "${{ secrets.compilePhaseAzureCredentials }}" != '' ]; then + echo "available=true" >> $GITHUB_OUTPUT; + else + echo "available=false" >> $GITHUB_OUTPUT; + fi + - name: Azure CLI login + if: ${{ steps.compilePhaseAzureCredentials_secret_check.outputs.available == 'true' }} + uses: azure/login@8c334a195cbb38e46038007b304988d888bf676a # v2.0.0 + with: + creds: ${{ secrets.compilePhaseAzureCredentials }} + enable-AzPSSession: true + - uses: endjin/Endjin.RecommendedPractices.GitHubActions/actions/run-scripted-build@feature/add-matrix-build + id: run_compile + with: + displayName: Compile & Analyse + buildScriptPath: ${{ inputs.buildScriptPath }} + netSdkVersion: ${{ inputs.netSdkVersion }} + additionalNetSdkVersion: ${{ inputs.additionalNetSdkVersion }} + pythonVersion: ${{ inputs.pythonVersion }} + tasks: 'Build,Analysis' + configuration: ${{ inputs.configuration }} + outputCachePaths: | + .nuget-packages + Solutions + solutions + ${{ inputs.additionalCachePaths }} + enableCrossOsCaching: ${{ inputs.enableCrossOsCaching}} + env: + BUILDVAR_AnalysisOutputStorageAccountName: ${{ vars.SBOM_OUTPUT_STORAGE_ACCOUNT_NAME}} + BUILDVAR_AnalysisOutputContainerName: ${{ vars.SBOM_OUTPUT_STORAGE_CONTAINER_NAME}} + BUILDVAR_AnalysisOutputBlobPath: ${{ vars.SBOM_OUTPUT_STORAGE_BLOB_BASE_PATH }}/src_platform=github/org=${{ github.repository_owner }}/repo=${{ github.event.repository.name }} + BUILDVAR_PublishCovenantOutputToStorage: true + BUILDVAR_CovenantMetadata: > + { + "git_provider": "github", + "git_org": "${{ github.repository_owner }}", + "git_repo": "${{ github.event.repository.name }}", + "git_branch": "${{ github.ref_name }}", + "git_sha": "${{ github.sha }}" + } + + test: + needs: + - compile + name: Test + strategy: + fail-fast: false + matrix: ${{ fromJson(inputs.testPhaseMatrixJson) }} + runs-on: ${{ matrix.os }} + steps: + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 #v4.1.1 + with: + fetch-depth: 0 + - uses: endjin/Endjin.RecommendedPractices.GitHubActions/actions/set-env-vars-and-secrets@main + with: + environmentVariablesYamlBase64: ${{ inputs.testPhaseEnv}} + secretsYamlBase64: ${{ secrets.testPhaseSecrets}} + - name: Debug Variables + if: env.ACTIONS_RUNNER_DEBUG == 'true' + run: | + gci env:/ | fl | out-string | Write-Host + shell: pwsh + - name: Check if testPhaseAzureCredentials secret is set + id: testPhaseAzureCredentials_secret_check + shell: bash + run: | + if [ "${{ secrets.testPhaseAzureCredentials }}" != '' ]; then + echo "available=true" >> $GITHUB_OUTPUT; + else + echo "available=false" >> $GITHUB_OUTPUT; + fi + - name: Azure CLI login + if: ${{ steps.testPhaseAzureCredentials_secret_check.outputs.available == 'true' }} + uses: azure/login@8c334a195cbb38e46038007b304988d888bf676a # v2.0.0 + with: + creds: ${{ secrets.testPhaseAzureCredentials }} + enable-AzPSSession: true + - uses: endjin/Endjin.RecommendedPractices.GitHubActions/actions/run-scripted-build@feature/add-matrix-build + with: + displayName: Run Tests + buildScriptPath: ${{ inputs.buildScriptPath }} + netSdkVersion: ${{ inputs.netSdkVersion }} + additionalNetSdkVersion: ${{ inputs.additionalNetSdkVersion }} + tasks: 'Test,TestReport' + configuration: ${{ inputs.configuration }} + inputCachePaths: | + .nuget-packages + Solutions + solutions + ${{ inputs.additionalCachePaths }} + enableCrossOsCaching: ${{ inputs.enableCrossOsCaching}} + artifactName: ${{ inputs.testArtifactName }} + artifactPath: ${{ inputs.testArtifactPath }} + env: + BUILDVAR_TestReportTypes: HtmlInline;Cobertura + # testing new multiple test logger support - will only affect repos using latest version of build module + BUILDVAR_DotNetTestLoggers: > + [ + "trx;LogFilePrefix=test-results_" + ] + BUILDVAR_TargetFrameworkMoniker: ${{ matrix.dotnetFramework }} + - id: check_coverage_summary + name: Check Code Coverage Summary Output + if: always() + run: | + # check if the code coverage summary file exists, but ensure the build doesn't fail if it can't be found + try { + $coverageFile = Join-Path $env:CODE_COVERAGE_SUMMARY_DIR $env:CODE_COVERAGE_SUMMARY_FILE + Write-Host "Checking for code coverage file: $coverageFile" + if (Test-Path $coverageFile) { + Write-Host "Code coverage summary file exists" + echo "EXISTS=true" >> $env:GITHUB_OUTPUT + } + } + catch {} + shell: pwsh + - name: Add Code Coverage PR comment + # TODO: Test whether this works when running from a fork? + if: always() && steps.check_coverage_summary.outputs.EXISTS == 'true' && github.event_name == 'pull_request' + uses: marocchino/sticky-pull-request-comment@331f8f5b4215f0445d3c07b4967662a32a2d3e31 # v2.9.0 + with: + recreate: true + path: ${{ env.CODE_COVERAGE_SUMMARY_DIR }}/${{ env.CODE_COVERAGE_SUMMARY_FILE }} + header: ${{ matrix.os }}-${{ matrix.dotnetFramework }} + message: | + Code coverage report for ${{ matrix.os }}-${{ matrix.dotnetFramework }}: + # Conditional test result publishing as we can't use the docker version of the action on Windows + - name: Publish Test Results (Linux) + uses: EnricoMi/publish-unit-test-result-action/linux@30eadd5010312f995f0d3b3cff7fe2984f69409e # v2.16.1 + if: always() && matrix.os == 'ubuntu-latest' + with: + nunit_files: "*TestResults.xml" # produced by Pester + trx_files: "**/test-results_*.trx" # produced by dotnet test + junit_files: "**/*-test-results.xml" # produced by PyTest & Behave + - name: Publish Test Results (Windows) + uses: EnricoMi/publish-unit-test-result-action/windows@30eadd5010312f995f0d3b3cff7fe2984f69409e # v2.16.1 + if: always() && matrix.os == 'windows-latest' + with: + nunit_files: "*TestResults.xml" # produced by Pester + trx_files: "**/test-results_*.trx" # produced by dotnet test + junit_files: "**/*-test-results.xml" # produced by PyTest & Behave + + package: + needs: + - compile + name: Package + runs-on: ${{ inputs.packagePhaseRunnerOs }} + steps: + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 #v4.1.1 + with: + fetch-depth: 0 + - uses: endjin/Endjin.RecommendedPractices.GitHubActions/actions/set-env-vars-and-secrets@main + with: + environmentVariablesYamlBase64: ${{ inputs.packagePhaseEnv}} + secretsYamlBase64: ${{ secrets.packagePhaseSecrets}} + - name: Debug Variables + if: env.ACTIONS_RUNNER_DEBUG == 'true' + run: | + gci env:/ | fl | out-string | Write-Host + shell: pwsh + - name: Check if packagePhaseAzureCredentials secret is set + id: packagePhaseAzureCredentials_secret_check + shell: bash + run: | + if [ "${{ secrets.packagePhaseAzureCredentials }}" != '' ]; then + echo "available=true" >> $GITHUB_OUTPUT; + else + echo "available=false" >> $GITHUB_OUTPUT; + fi + - name: Azure CLI login + if: ${{ steps.packagePhaseAzureCredentials_secret_check.outputs.available == 'true' }} + uses: azure/login@8c334a195cbb38e46038007b304988d888bf676a # v2.0.0 + with: + creds: ${{ secrets.packagePhaseAzureCredentials }} + enable-AzPSSession: true + - uses: endjin/Endjin.RecommendedPractices.GitHubActions/actions/run-scripted-build@feature/add-matrix-build + with: + displayName: Build Packages + buildScriptPath: ${{ inputs.buildScriptPath }} + netSdkVersion: ${{ inputs.netSdkVersion }} + additionalNetSdkVersion: ${{ inputs.additionalNetSdkVersion }} + tasks: 'Package' + configuration: ${{ inputs.configuration }} + inputCachePaths: | + .nuget-packages + Solutions + solutions + ${{ inputs.additionalCachePaths }} + enableCrossOsCaching: ${{ inputs.enableCrossOsCaching}} + outputCachePaths: | + _packages + ${{ inputs.additionalCachePaths }} + + publish: + needs: + - compile + - test + - package + name: Publish + if: inputs.forcePublish || startsWith(github.ref, 'refs/tags/') + runs-on: ubuntu-latest + permissions: + contents: write + packages: write + steps: + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 #v4.1.1 + with: + fetch-depth: 0 + - uses: endjin/Endjin.RecommendedPractices.GitHubActions/actions/set-env-vars-and-secrets@main + with: + environmentVariablesYamlBase64: ${{ inputs.publishPhaseEnv}} + secretsYamlBase64: ${{ secrets.publishPhaseSecrets}} + - name: Debug Variables + if: env.ACTIONS_RUNNER_DEBUG == 'true' + run: | + gci env:/ | fl | out-string | Write-Host + shell: pwsh + - name: Check if publishPhaseAzureCredentials secret is set + id: publishPhaseAzureCredentials_secret_check + shell: bash + run: | + if [ "${{ secrets.publishPhaseAzureCredentials }}" != '' ]; then + echo "available=true" >> $GITHUB_OUTPUT; + else + echo "available=false" >> $GITHUB_OUTPUT; + fi + - name: Azure CLI login + if: ${{ steps.publishPhaseAzureCredentials_secret_check.outputs.available == 'true' }} + uses: azure/login@8c334a195cbb38e46038007b304988d888bf676a # v2.0.0 + with: + creds: ${{ secrets.publishPhaseAzureCredentials }} + enable-AzPSSession: true + - uses: endjin/Endjin.RecommendedPractices.GitHubActions/actions/run-scripted-build@feature/add-matrix-build + with: + displayName: Publish Packages + buildScriptPath: ${{ inputs.buildScriptPath }} + netSdkVersion: ${{ inputs.netSdkVersion }} + additionalNetSdkVersion: ${{ inputs.additionalNetSdkVersion }} + tasks: 'Publish' + inputCachePaths: | + _packages + ${{ inputs.additionalCachePaths }} + enableCrossOsCaching: ${{ inputs.enableCrossOsCaching}} + artifactName: ${{ inputs.publishArtifactName }} + artifactPath: ${{ inputs.publishArtifactPath }} + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + NUGET_API_KEY: ${{ env.NUGET_API_KEY }} From 9e20f074f0191ddd02ccad3337f0d8beb0bc7b42 Mon Sep 17 00:00:00 2001 From: Lmooney25 Date: Thu, 16 May 2024 16:01:33 +0100 Subject: [PATCH 03/16] Updated scripted build pipeline in line with scripted build functional changes --- .github/workflows/scripted-build-pipeline.yml | 92 +++++++++---------- 1 file changed, 41 insertions(+), 51 deletions(-) diff --git a/.github/workflows/scripted-build-pipeline.yml b/.github/workflows/scripted-build-pipeline.yml index 0085cb9..88a8d68 100644 --- a/.github/workflows/scripted-build-pipeline.yml +++ b/.github/workflows/scripted-build-pipeline.yml @@ -67,10 +67,15 @@ on: default: false type: boolean buildScriptPath: - description: The path to the build script to run. - required: false - default: ./build.ps1 - type: string + description: The path to the build script to run. + required: false + default: ./build.ps1 + type: string + runnerOs: + description: The operating system to run all stages of this workflow. + required: false + default: ubuntu-latest + type: string secrets: compilePhaseAzureCredentials: @@ -95,15 +100,15 @@ on: required: false env: - CODE_COVERAGE_RESULTS_DIR: ${{ vars.BUILD_CODE_COVERAGE_RESULTS_DIR || '_codeCoverage' }} - CODE_COVERAGE_RESULTS_FILE: ${{ vars.BUILD_CODE_COVERAGE_RESULTS_FILE || 'Cobertura.xml' }} + CODE_COVERAGE_SUMMARY_DIR: ${{ vars.CODE_COVERAGE_SUMMARY_DIR || '.' }} + CODE_COVERAGE_SUMMARY_FILE: ${{ vars.CODE_COVERAGE_SUMMARY_FILE || 'code-coverage-results.md' }} CODE_COVERAGE_LOWER_THRESHOLD: ${{ vars.BUILD_CODE_COVERAGE_LOWER_THRESHOLD || 60 }} CODE_COVERAGE_UPPER_THRESHOLD: ${{ vars.BUILD_CODE_COVERAGE_UPPER_THRESHOLD || 80 }} jobs: compile: name: Compile & Analyse - runs-on: ubuntu-latest + runs-on: ${{ inputs.runnerOs }} outputs: semver: ${{ steps.run_compile.outputs.semver }} major: ${{ steps.run_compile.outputs.major }} @@ -114,6 +119,7 @@ jobs: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 #v4.1.1 with: fetch-depth: 0 + submodules: true - uses: endjin/Endjin.RecommendedPractices.GitHubActions/actions/set-env-vars-and-secrets@main with: environmentVariablesYamlBase64: ${{ inputs.compilePhaseEnv}} @@ -138,7 +144,7 @@ jobs: with: creds: ${{ secrets.compilePhaseAzureCredentials }} enable-AzPSSession: true - - uses: endjin/Endjin.RecommendedPractices.GitHubActions/actions/run-scripted-build@main + - uses: endjin/Endjin.RecommendedPractices.GitHubActions/actions/run-scripted-build@feature/add-matrix-build id: run_compile with: displayName: Compile & Analyse @@ -171,7 +177,7 @@ jobs: needs: - compile name: Test - runs-on: ubuntu-latest + runs-on: ${{ inputs.runnerOs }} steps: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 #v4.1.1 with: @@ -200,7 +206,7 @@ jobs: with: creds: ${{ secrets.testPhaseAzureCredentials }} enable-AzPSSession: true - - uses: endjin/Endjin.RecommendedPractices.GitHubActions/actions/run-scripted-build@main + - uses: endjin/Endjin.RecommendedPractices.GitHubActions/actions/run-scripted-build@feature/add-matrix-build with: displayName: Run Tests buildScriptPath: ${{ inputs.buildScriptPath }} @@ -220,60 +226,44 @@ jobs: # testing new multiple test logger support - will only affect repos using latest version of build module BUILDVAR_DotNetTestLoggers: > [ - "GitHubActions", "trx;LogFilePrefix=test-results_" ] - - id: check_coverage - name: Check Code Coverage Output + - id: check_coverage_summary + name: Check Code Coverage Summary Output if: always() run: | - # check if the code coverage file exists, but ensure the build doesn't fail if it can't be found + # check if the code coverage summary file exists, but ensure the build doesn't fail if it can't be found try { - $coverageFile = Join-Path $env:CODE_COVERAGE_RESULTS_DIR $env:CODE_COVERAGE_RESULTS_FILE + $coverageFile = Join-Path $env:CODE_COVERAGE_SUMMARY_DIR $env:CODE_COVERAGE_SUMMARY_FILE Write-Host "Checking for code coverage file: $coverageFile" if (Test-Path $coverageFile) { - Write-Host "Code coverage file exists" + Write-Host "Code coverage summary file exists" echo "EXISTS=true" >> $env:GITHUB_OUTPUT } } catch {} shell: pwsh - - name: Store Code Coverage Artefacts - if: always() && steps.check_coverage.outputs.EXISTS == 'true' - uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0 - with: - name: CoverageReport - path: _codeCoverage - - name: Generate Code Coverage Summary Report - if: always() && steps.check_coverage.outputs.EXISTS == 'true' - uses: irongut/CodeCoverageSummary@51cc3a756ddcd398d447c044c02cb6aa83fdae95 # v1.3.0 - with: - filename: ${{ env.CODE_COVERAGE_RESULTS_DIR }}/${{ env.CODE_COVERAGE_RESULTS_FILE }} - badge: true - fail_below_min: false - format: markdown - hide_branch_rate: false - hide_complexity: false - indicators: true - output: both - thresholds: '${{ env.CODE_COVERAGE_LOWER_THRESHOLD }} ${{ env.CODE_COVERAGE_UPPER_THRESHOLD }}' - - name: Publish Code Coverage Summary Report - # NOTE: Skip this is we're running from a fork, as we won't have permissions to annotate the check run - if: always() && steps.check_coverage.outputs.EXISTS == 'true' && github.event.pull_request.head.repo.full_name == github.repository - uses: dtinth/markdown-report-action@af8143d37cced4c514fd67539a2e58c2f432da09 # v1.0.0 - with: - name: Code Coverage - title: Code Coverage Report - body-file: code-coverage-results.md - name: Add Code Coverage PR comment - if: always() && steps.check_coverage.outputs.EXISTS == 'true' && github.event_name == 'pull_request' + # TODO: Test whether this works when running from a fork? + if: always() && steps.check_coverage_summary.outputs.EXISTS == 'true' && github.event_name == 'pull_request' uses: marocchino/sticky-pull-request-comment@331f8f5b4215f0445d3c07b4967662a32a2d3e31 # v2.9.0 with: recreate: true - path: code-coverage-results.md - - name: Publish Test Results - uses: EnricoMi/publish-unit-test-result-action@e780361cd1fc1b1a170624547b3ffda64787d365 # v2.12.0 - if: always() + path: ${{ env.CODE_COVERAGE_SUMMARY_DIR }}/${{ env.CODE_COVERAGE_SUMMARY_FILE }} + header: ${{ matrix.os }}-${{ matrix.dotnetFramework }} + message: | + Code coverage report for ${{ matrix.os }}-${{ matrix.dotnetFramework }}: + # Conditional test result publishing as we can't use the docker version of the action on Windows + - name: Publish Test Results (Linux) + uses: EnricoMi/publish-unit-test-result-action/linux@30eadd5010312f995f0d3b3cff7fe2984f69409e # v2.16.1 + if: always() && matrix.os == 'ubuntu-latest' + with: + nunit_files: "*TestResults.xml" # produced by Pester + trx_files: "**/test-results_*.trx" # produced by dotnet test + junit_files: "**/*-test-results.xml" # produced by PyTest & Behave + - name: Publish Test Results (Windows) + uses: EnricoMi/publish-unit-test-result-action/windows@30eadd5010312f995f0d3b3cff7fe2984f69409e # v2.16.1 + if: always() && matrix.os == 'windows-latest' with: nunit_files: "*TestResults.xml" # produced by Pester trx_files: "**/test-results_*.trx" # produced by dotnet test @@ -283,7 +273,7 @@ jobs: needs: - compile name: Package - runs-on: ubuntu-latest + runs-on: ${{ inputs.runnerOs }} steps: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 #v4.1.1 with: @@ -312,7 +302,7 @@ jobs: with: creds: ${{ secrets.packagePhaseAzureCredentials }} enable-AzPSSession: true - - uses: endjin/Endjin.RecommendedPractices.GitHubActions/actions/run-scripted-build@main + - uses: endjin/Endjin.RecommendedPractices.GitHubActions/actions/run-scripted-build@feature/add-matrix-build with: displayName: Build Packages buildScriptPath: ${{ inputs.buildScriptPath }} @@ -368,7 +358,7 @@ jobs: with: creds: ${{ secrets.publishPhaseAzureCredentials }} enable-AzPSSession: true - - uses: endjin/Endjin.RecommendedPractices.GitHubActions/actions/run-scripted-build@main + - uses: endjin/Endjin.RecommendedPractices.GitHubActions/actions/run-scripted-build@feature/add-matrix-build with: displayName: Publish Packages buildScriptPath: ${{ inputs.buildScriptPath }} From a7fb2e808775ce5ba535eddce5d343764c611a0a Mon Sep 17 00:00:00 2001 From: Lmooney25 Date: Thu, 23 May 2024 15:32:08 +0100 Subject: [PATCH 04/16] Use PowerShell step to determine runner OS. Use runsOn instead of runnerOS. --- .../scripted-build-matrix-pipeline.yml | 2 -- .github/workflows/scripted-build-pipeline.yml | 36 ++++++++++++++----- 2 files changed, 27 insertions(+), 11 deletions(-) diff --git a/.github/workflows/scripted-build-matrix-pipeline.yml b/.github/workflows/scripted-build-matrix-pipeline.yml index 404a597..be90124 100644 --- a/.github/workflows/scripted-build-matrix-pipeline.yml +++ b/.github/workflows/scripted-build-matrix-pipeline.yml @@ -282,8 +282,6 @@ jobs: recreate: true path: ${{ env.CODE_COVERAGE_SUMMARY_DIR }}/${{ env.CODE_COVERAGE_SUMMARY_FILE }} header: ${{ matrix.os }}-${{ matrix.dotnetFramework }} - message: | - Code coverage report for ${{ matrix.os }}-${{ matrix.dotnetFramework }}: # Conditional test result publishing as we can't use the docker version of the action on Windows - name: Publish Test Results (Linux) uses: EnricoMi/publish-unit-test-result-action/linux@30eadd5010312f995f0d3b3cff7fe2984f69409e # v2.16.1 diff --git a/.github/workflows/scripted-build-pipeline.yml b/.github/workflows/scripted-build-pipeline.yml index 88a8d68..5ade75c 100644 --- a/.github/workflows/scripted-build-pipeline.yml +++ b/.github/workflows/scripted-build-pipeline.yml @@ -71,7 +71,7 @@ on: required: false default: ./build.ps1 type: string - runnerOs: + runsOn: description: The operating system to run all stages of this workflow. required: false default: ubuntu-latest @@ -108,7 +108,7 @@ env: jobs: compile: name: Compile & Analyse - runs-on: ${{ inputs.runnerOs }} + runs-on: ${{ inputs.runsOn }} outputs: semver: ${{ steps.run_compile.outputs.semver }} major: ${{ steps.run_compile.outputs.major }} @@ -177,7 +177,7 @@ jobs: needs: - compile name: Test - runs-on: ${{ inputs.runnerOs }} + runs-on: ${{ inputs.runsOn }} steps: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 #v4.1.1 with: @@ -243,6 +243,26 @@ jobs: } catch {} shell: pwsh + - id: check_os + name: Check Runner OS + if: always() + run: | + # check if the code coverage summary file exists, but ensure the build doesn't fail if it can't be found + if ($IsWindows) { + $RunnerOs = "windows" + } + elseif ($IsLinux) { + $RunnerOs = "linux" + } + elseif ($IsMacOS) { + $RunnerOs = "macos" + } + else { + $RunnerOs = "Unknown" + } + Write-Host "Runner OS: $RunnerOs" + echo "RUNNEROS=$RunnerOs" >> $env:GITHUB_OUTPUT + shell: pwsh - name: Add Code Coverage PR comment # TODO: Test whether this works when running from a fork? if: always() && steps.check_coverage_summary.outputs.EXISTS == 'true' && github.event_name == 'pull_request' @@ -250,20 +270,18 @@ jobs: with: recreate: true path: ${{ env.CODE_COVERAGE_SUMMARY_DIR }}/${{ env.CODE_COVERAGE_SUMMARY_FILE }} - header: ${{ matrix.os }}-${{ matrix.dotnetFramework }} - message: | - Code coverage report for ${{ matrix.os }}-${{ matrix.dotnetFramework }}: + header: ${{ inputs.runsOn }} # Conditional test result publishing as we can't use the docker version of the action on Windows - name: Publish Test Results (Linux) uses: EnricoMi/publish-unit-test-result-action/linux@30eadd5010312f995f0d3b3cff7fe2984f69409e # v2.16.1 - if: always() && matrix.os == 'ubuntu-latest' + if: always() && steps.check_os.outputs.RUNNEROS == 'linux' with: nunit_files: "*TestResults.xml" # produced by Pester trx_files: "**/test-results_*.trx" # produced by dotnet test junit_files: "**/*-test-results.xml" # produced by PyTest & Behave - name: Publish Test Results (Windows) uses: EnricoMi/publish-unit-test-result-action/windows@30eadd5010312f995f0d3b3cff7fe2984f69409e # v2.16.1 - if: always() && matrix.os == 'windows-latest' + if: always() && steps.check_os.outputs.RUNNEROS == 'windows' with: nunit_files: "*TestResults.xml" # produced by Pester trx_files: "**/test-results_*.trx" # produced by dotnet test @@ -273,7 +291,7 @@ jobs: needs: - compile name: Package - runs-on: ${{ inputs.runnerOs }} + runs-on: ${{ inputs.runsOn }} steps: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 #v4.1.1 with: From c0dbf5828d78854e897af5351cb13b3e8b3d873d Mon Sep 17 00:00:00 2001 From: James Dawson Date: Mon, 24 Jun 2024 13:55:18 +0100 Subject: [PATCH 05/16] Bump `azure/login` action in matrix build workflow --- .github/workflows/scripted-build-matrix-pipeline.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/scripted-build-matrix-pipeline.yml b/.github/workflows/scripted-build-matrix-pipeline.yml index be90124..7a0be35 100644 --- a/.github/workflows/scripted-build-matrix-pipeline.yml +++ b/.github/workflows/scripted-build-matrix-pipeline.yml @@ -165,7 +165,7 @@ jobs: fi - name: Azure CLI login if: ${{ steps.compilePhaseAzureCredentials_secret_check.outputs.available == 'true' }} - uses: azure/login@8c334a195cbb38e46038007b304988d888bf676a # v2.0.0 + uses: azure/login@6c251865b4e6290e7b78be643ea2d005bc51f69a # v2.1.1 with: creds: ${{ secrets.compilePhaseAzureCredentials }} enable-AzPSSession: true @@ -231,7 +231,7 @@ jobs: fi - name: Azure CLI login if: ${{ steps.testPhaseAzureCredentials_secret_check.outputs.available == 'true' }} - uses: azure/login@8c334a195cbb38e46038007b304988d888bf676a # v2.0.0 + uses: azure/login@6c251865b4e6290e7b78be643ea2d005bc51f69a # v2.1.1 with: creds: ${{ secrets.testPhaseAzureCredentials }} enable-AzPSSession: true @@ -327,7 +327,7 @@ jobs: fi - name: Azure CLI login if: ${{ steps.packagePhaseAzureCredentials_secret_check.outputs.available == 'true' }} - uses: azure/login@8c334a195cbb38e46038007b304988d888bf676a # v2.0.0 + uses: azure/login@6c251865b4e6290e7b78be643ea2d005bc51f69a # v2.1.1 with: creds: ${{ secrets.packagePhaseAzureCredentials }} enable-AzPSSession: true @@ -384,7 +384,7 @@ jobs: fi - name: Azure CLI login if: ${{ steps.publishPhaseAzureCredentials_secret_check.outputs.available == 'true' }} - uses: azure/login@8c334a195cbb38e46038007b304988d888bf676a # v2.0.0 + uses: azure/login@6c251865b4e6290e7b78be643ea2d005bc51f69a # v2.1.1 with: creds: ${{ secrets.publishPhaseAzureCredentials }} enable-AzPSSession: true From 934e3004c180b7415155059a550c4b6fe43664d9 Mon Sep 17 00:00:00 2001 From: James Dawson Date: Sat, 24 Aug 2024 22:25:52 +0100 Subject: [PATCH 06/16] Fix spacing OCD --- .github/workflows/ci.yml | 2 +- .github/workflows/scripted-build-matrix-pipeline.yml | 2 +- .github/workflows/scripted-build-pipeline.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 6c03ade..ee51068 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -36,7 +36,7 @@ jobs: RESOLVED_ENV_VARS: ${{ steps.prepareEnvVarsAndSecrets.outputs.environmentVariablesYamlBase64 }} RESOLVED_SECRETS: ${{ steps.prepareEnvVarsAndSecrets.outputs.secretsYamlBase64 }} steps: - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 #v4.1.1 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 with: fetch-depth: 0 diff --git a/.github/workflows/scripted-build-matrix-pipeline.yml b/.github/workflows/scripted-build-matrix-pipeline.yml index 7a0be35..d40a132 100644 --- a/.github/workflows/scripted-build-matrix-pipeline.yml +++ b/.github/workflows/scripted-build-matrix-pipeline.yml @@ -141,7 +141,7 @@ jobs: preReleaseTag: ${{ steps.run_compile.outputs.preReleaseTag }} steps: - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 #v4.1.1 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 with: fetch-depth: 0 submodules: true diff --git a/.github/workflows/scripted-build-pipeline.yml b/.github/workflows/scripted-build-pipeline.yml index 4c4adb6..7fedef1 100644 --- a/.github/workflows/scripted-build-pipeline.yml +++ b/.github/workflows/scripted-build-pipeline.yml @@ -179,7 +179,7 @@ jobs: name: Test runs-on: ${{ inputs.runsOn }} steps: - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 #v4.1.1 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 with: fetch-depth: 0 - uses: endjin/Endjin.RecommendedPractices.GitHubActions/actions/set-env-vars-and-secrets@main From b2854695c95ac3e35de7c4fa66f0ba7223519baa Mon Sep 17 00:00:00 2001 From: James Dawson Date: Sat, 24 Aug 2024 22:27:39 +0100 Subject: [PATCH 07/16] Add CI build to exercise the matrix build workflow --- .github/workflows/ci-matrix.yml | 74 +++++++++++++++++++++++++++++++++ 1 file changed, 74 insertions(+) create mode 100644 .github/workflows/ci-matrix.yml diff --git a/.github/workflows/ci-matrix.yml b/.github/workflows/ci-matrix.yml new file mode 100644 index 0000000..9c3ec3e --- /dev/null +++ b/.github/workflows/ci-matrix.yml @@ -0,0 +1,74 @@ +name: ci-matrix +on: + pull_request: + branches: + - main + workflow_dispatch: + inputs: + forcePublish: + description: When true the Publish stage will always be run, otherwise it only runs for tagged versions. + required: false + default: false + type: boolean + skipCleanup: + description: When true the pipeline clean-up stage will not be run. For example, the cache used between pipeline stages will be retained. + required: false + default: false + type: boolean + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +permissions: + actions: write # enable cache clean-up + checks: write # enable test result annotations + contents: write # enable creating releases + issues: read + packages: write # enable publishing packages + pull-requests: write # enable test result annotations + +jobs: + prepareConfig: + name: Prepare Configuration + runs-on: ubuntu-latest + outputs: + RESOLVED_ENV_VARS: ${{ steps.prepareEnvVarsAndSecrets.outputs.environmentVariablesYamlBase64 }} + RESOLVED_SECRETS: ${{ steps.prepareEnvVarsAndSecrets.outputs.secretsYamlBase64 }} + steps: + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + with: + fetch-depth: 0 + + # Declare any environment variables and/or secrets that need to be available inside the build process + - uses: ./actions/prepare-env-vars-and-secrets + id: prepareEnvVarsAndSecrets + with: + environmentVariablesYaml: | + BUILDVAR_NuGetPublishSource: "${{ startsWith(github.ref, 'refs/tags/') && 'https://api.nuget.org/v3/index.json' || 'https://nuget.pkg.github.com/endjin/index.json' }}" + secretsYaml: | + NUGET_API_KEY: "${{ startsWith(github.ref, 'refs/tags/') && secrets.ENDJIN_NUGET_APIKEY || secrets.ENDJIN_GITHUB_PUBLISHER_PAT }}" + SBOM_ANALYSIS_RELEASE_READER_PAT: "${{ secrets.ENDJIN_GITHUB_READER_PAT }}" + + build: + needs: prepareConfig + uses: ./.github/workflows/scripted-build-matrix-pipeline.yml + with: + netSdkVersion: '8.x' + # workflow_dispatch inputs are always strings, the type property is just for the UI + forcePublish: ${{ github.event.inputs.forcePublish == 'true' }} + skipCleanup: ${{ github.event.inputs.skipCleanup == 'true' }} + publishPhaseEnv: ${{ needs.prepareConfig.outputs.RESOLVED_ENV_VARS }} + additionalCachePaths: | + tests + enableCrossOsCaching: true + testPhaseMatrixJson: | + { + "os": ["ubuntu-latest", "windows-latest"], + "dotnetFramework": ["net8.0"], + "exclude": [] + } + secrets: + compilePhaseAzureCredentials: ${{ secrets.ENDJIN_PROD_ACR_READER_CREDENTIALS }} + compilePhaseSecrets: ${{ needs.prepareConfig.outputs.RESOLVED_SECRETS }} + publishPhaseSecrets: ${{ needs.prepareConfig.outputs.RESOLVED_SECRETS }} From 02653c590aedce9bd18f44e295707204aa824009 Mon Sep 17 00:00:00 2001 From: James Dawson Date: Sat, 24 Aug 2024 22:59:28 +0100 Subject: [PATCH 08/16] Updates to work with latest scripted build version's code coverage changes --- .github/workflows/scripted-build-matrix-pipeline.yml | 6 ++---- .github/workflows/scripted-build-pipeline.yml | 6 ++---- build.ps1 | 2 +- 3 files changed, 5 insertions(+), 9 deletions(-) diff --git a/.github/workflows/scripted-build-matrix-pipeline.yml b/.github/workflows/scripted-build-matrix-pipeline.yml index d40a132..fd70c87 100644 --- a/.github/workflows/scripted-build-matrix-pipeline.yml +++ b/.github/workflows/scripted-build-matrix-pipeline.yml @@ -125,10 +125,8 @@ on: required: false env: - CODE_COVERAGE_SUMMARY_DIR: ${{ vars.CODE_COVERAGE_SUMMARY_DIR || '.' }} - CODE_COVERAGE_SUMMARY_FILE: ${{ vars.CODE_COVERAGE_SUMMARY_FILE || 'code-coverage-results.md' }} - CODE_COVERAGE_LOWER_THRESHOLD: ${{ vars.BUILD_CODE_COVERAGE_LOWER_THRESHOLD || 60 }} - CODE_COVERAGE_UPPER_THRESHOLD: ${{ vars.BUILD_CODE_COVERAGE_UPPER_THRESHOLD || 80 }} + CODE_COVERAGE_SUMMARY_DIR: ${{ vars.CODE_COVERAGE_SUMMARY_DIR || '_codeCoverage' }} + CODE_COVERAGE_SUMMARY_FILE: ${{ vars.CODE_COVERAGE_SUMMARY_FILE || 'SummaryGithub.md' }} jobs: compile: diff --git a/.github/workflows/scripted-build-pipeline.yml b/.github/workflows/scripted-build-pipeline.yml index 7fedef1..ddae507 100644 --- a/.github/workflows/scripted-build-pipeline.yml +++ b/.github/workflows/scripted-build-pipeline.yml @@ -100,10 +100,8 @@ on: required: false env: - CODE_COVERAGE_SUMMARY_DIR: ${{ vars.CODE_COVERAGE_SUMMARY_DIR || '.' }} - CODE_COVERAGE_SUMMARY_FILE: ${{ vars.CODE_COVERAGE_SUMMARY_FILE || 'code-coverage-results.md' }} - CODE_COVERAGE_LOWER_THRESHOLD: ${{ vars.BUILD_CODE_COVERAGE_LOWER_THRESHOLD || 60 }} - CODE_COVERAGE_UPPER_THRESHOLD: ${{ vars.BUILD_CODE_COVERAGE_UPPER_THRESHOLD || 80 }} + CODE_COVERAGE_SUMMARY_DIR: ${{ vars.CODE_COVERAGE_SUMMARY_DIR || '_codeCoverage' }} + CODE_COVERAGE_SUMMARY_FILE: ${{ vars.CODE_COVERAGE_SUMMARY_FILE || 'SummaryGithub.md' }} jobs: compile: diff --git a/build.ps1 b/build.ps1 index 5a4b85c..903ffc4 100644 --- a/build.ps1 +++ b/build.ps1 @@ -72,7 +72,7 @@ param ( [string] $BuildModulePath, [Parameter()] - [string] $BuildModuleVersion = "1.5.6", + [string] $BuildModuleVersion = "1.5.8", [Parameter()] [switch] $BuildModulePreReleaseVersion, From ee5ee1aba9d319dff7a5fd0b0519975bc03bb3c6 Mon Sep 17 00:00:00 2001 From: James Dawson Date: Sat, 24 Aug 2024 23:52:36 +0100 Subject: [PATCH 09/16] Use the Docker-based version of 'EnricoMi/publish-unit-test-result-action' when running on Linux --- .github/workflows/scripted-build-matrix-pipeline.yml | 2 +- .github/workflows/scripted-build-pipeline.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/scripted-build-matrix-pipeline.yml b/.github/workflows/scripted-build-matrix-pipeline.yml index fd70c87..585823e 100644 --- a/.github/workflows/scripted-build-matrix-pipeline.yml +++ b/.github/workflows/scripted-build-matrix-pipeline.yml @@ -282,7 +282,7 @@ jobs: header: ${{ matrix.os }}-${{ matrix.dotnetFramework }} # Conditional test result publishing as we can't use the docker version of the action on Windows - name: Publish Test Results (Linux) - uses: EnricoMi/publish-unit-test-result-action/linux@30eadd5010312f995f0d3b3cff7fe2984f69409e # v2.16.1 + uses: EnricoMi/publish-unit-test-result-action@30eadd5010312f995f0d3b3cff7fe2984f69409e # v2.16.1 if: always() && matrix.os == 'ubuntu-latest' with: nunit_files: "*TestResults.xml" # produced by Pester diff --git a/.github/workflows/scripted-build-pipeline.yml b/.github/workflows/scripted-build-pipeline.yml index ddae507..c91d23c 100644 --- a/.github/workflows/scripted-build-pipeline.yml +++ b/.github/workflows/scripted-build-pipeline.yml @@ -271,7 +271,7 @@ jobs: header: ${{ inputs.runsOn }} # Conditional test result publishing as we can't use the docker version of the action on Windows - name: Publish Test Results (Linux) - uses: EnricoMi/publish-unit-test-result-action/linux@30eadd5010312f995f0d3b3cff7fe2984f69409e # v2.16.1 + uses: EnricoMi/publish-unit-test-result-action@30eadd5010312f995f0d3b3cff7fe2984f69409e # v2.16.1 if: always() && steps.check_os.outputs.RUNNEROS == 'linux' with: nunit_files: "*TestResults.xml" # produced by Pester From b2a48e53ba48433386afa254f777ed4baa1b9415 Mon Sep 17 00:00:00 2001 From: James Dawson Date: Sat, 24 Aug 2024 23:58:48 +0100 Subject: [PATCH 10/16] Tidy-up test job env vars --- .github/workflows/scripted-build-matrix-pipeline.yml | 3 +-- .github/workflows/scripted-build-pipeline.yml | 3 +-- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/.github/workflows/scripted-build-matrix-pipeline.yml b/.github/workflows/scripted-build-matrix-pipeline.yml index 585823e..7cdd520 100644 --- a/.github/workflows/scripted-build-matrix-pipeline.yml +++ b/.github/workflows/scripted-build-matrix-pipeline.yml @@ -250,8 +250,7 @@ jobs: artifactName: ${{ inputs.testArtifactName }} artifactPath: ${{ inputs.testArtifactPath }} env: - BUILDVAR_TestReportTypes: HtmlInline;Cobertura - # testing new multiple test logger support - will only affect repos using latest version of build module + # Set build to produce .trx test results file which will be picked-up when publishing test results BUILDVAR_DotNetTestLoggers: > [ "trx;LogFilePrefix=test-results_" diff --git a/.github/workflows/scripted-build-pipeline.yml b/.github/workflows/scripted-build-pipeline.yml index c91d23c..9e69c76 100644 --- a/.github/workflows/scripted-build-pipeline.yml +++ b/.github/workflows/scripted-build-pipeline.yml @@ -220,8 +220,7 @@ jobs: artifactName: ${{ inputs.testArtifactName }} artifactPath: ${{ inputs.testArtifactPath }} env: - BUILDVAR_TestReportTypes: HtmlInline;Cobertura - # testing new multiple test logger support - will only affect repos using latest version of build module + # Set build to produce .trx test results file which will be picked-up when publishing test results BUILDVAR_DotNetTestLoggers: > [ "trx;LogFilePrefix=test-results_" From 39e8585401d13e90ea68760c320c9772e188475c Mon Sep 17 00:00:00 2001 From: James Dawson Date: Sat, 24 Aug 2024 23:59:14 +0100 Subject: [PATCH 11/16] Test pre-release scripted build with code coverage fix --- build.ps1 | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/build.ps1 b/build.ps1 index 903ffc4..38c9189 100644 --- a/build.ps1 +++ b/build.ps1 @@ -56,7 +56,7 @@ param ( [string] $CoverageDir = "_codeCoverage", [Parameter()] - [string] $TestReportTypes = "Cobertura", + [string] $TestReportTypes = "HtmlInline", [Parameter()] [string] $PackagesDir = "_packages", @@ -72,10 +72,10 @@ param ( [string] $BuildModulePath, [Parameter()] - [string] $BuildModuleVersion = "1.5.8", + [string] $BuildModuleVersion = "1.5.9", [Parameter()] - [switch] $BuildModulePreReleaseVersion, + [bool] $BuildModulePreReleaseVersion = $true, [Parameter()] [string] $InvokeBuildModuleVersion = "5.10.3" From 762fbe46d3d0cc11afecf677de48b01a7c2b3737 Mon Sep 17 00:00:00 2001 From: James Dawson Date: Sun, 25 Aug 2024 00:07:52 +0100 Subject: [PATCH 12/16] Update scripted build pre-release version reference --- build.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build.ps1 b/build.ps1 index 38c9189..9f5ad13 100644 --- a/build.ps1 +++ b/build.ps1 @@ -72,7 +72,7 @@ param ( [string] $BuildModulePath, [Parameter()] - [string] $BuildModuleVersion = "1.5.9", + [string] $BuildModuleVersion = "1.5.9-beta0001", [Parameter()] [bool] $BuildModulePreReleaseVersion = $true, From 82c557817bbce64b7f8a8645ead3a45759ce5276 Mon Sep 17 00:00:00 2001 From: James Dawson Date: Sun, 25 Aug 2024 00:13:05 +0100 Subject: [PATCH 13/16] Hack to further coax use of a pre-release scripted build module version --- build.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build.ps1 b/build.ps1 index 9f5ad13..fcce235 100644 --- a/build.ps1 +++ b/build.ps1 @@ -110,7 +110,7 @@ if (!($BuildModulePath)) { else { Write-Information "BuildModulePath: $BuildModulePath" } -Import-Module $BuildModulePath -RequiredVersion $BuildModuleVersion -Force +Import-Module $BuildModulePath -RequiredVersion ($BuildModuleVersion -split '-')[0] -Force # Load the build process & tasks . Endjin.RecommendedPractices.Build.tasks From e5c151fee7eb5474d2786a99a9a55da197059ffb Mon Sep 17 00:00:00 2001 From: James Dawson Date: Sun, 25 Aug 2024 00:26:11 +0100 Subject: [PATCH 14/16] Add the OS detection to the matrix workflow. Relying on the runner image to identify the OS is fragile and would break when using non-default images or private agents. --- .../scripted-build-matrix-pipeline.yml | 24 +++++++++++++++++-- .github/workflows/scripted-build-pipeline.yml | 2 +- 2 files changed, 23 insertions(+), 3 deletions(-) diff --git a/.github/workflows/scripted-build-matrix-pipeline.yml b/.github/workflows/scripted-build-matrix-pipeline.yml index 7cdd520..c979757 100644 --- a/.github/workflows/scripted-build-matrix-pipeline.yml +++ b/.github/workflows/scripted-build-matrix-pipeline.yml @@ -271,6 +271,26 @@ jobs: } catch {} shell: pwsh + - id: check_os + name: Check Runner OS + if: always() + run: | + # store the runner's operating system (i.e. distinct from the OS version info available via runner image) + if ($IsWindows) { + $RunnerOs = "windows" + } + elseif ($IsLinux) { + $RunnerOs = "linux" + } + elseif ($IsMacOS) { + $RunnerOs = "macos" + } + else { + $RunnerOs = "Unknown" + } + Write-Host "Runner OS: $RunnerOs" + echo "RUNNEROS=$RunnerOs" >> $env:GITHUB_OUTPUT + shell: pwsh - name: Add Code Coverage PR comment # TODO: Test whether this works when running from a fork? if: always() && steps.check_coverage_summary.outputs.EXISTS == 'true' && github.event_name == 'pull_request' @@ -282,14 +302,14 @@ jobs: # Conditional test result publishing as we can't use the docker version of the action on Windows - name: Publish Test Results (Linux) uses: EnricoMi/publish-unit-test-result-action@30eadd5010312f995f0d3b3cff7fe2984f69409e # v2.16.1 - if: always() && matrix.os == 'ubuntu-latest' + if: always() && steps.check_os.outputs.RUNNEROS == 'linux' with: nunit_files: "*TestResults.xml" # produced by Pester trx_files: "**/test-results_*.trx" # produced by dotnet test junit_files: "**/*-test-results.xml" # produced by PyTest & Behave - name: Publish Test Results (Windows) uses: EnricoMi/publish-unit-test-result-action/windows@30eadd5010312f995f0d3b3cff7fe2984f69409e # v2.16.1 - if: always() && matrix.os == 'windows-latest' + if: always() && steps.check_os.outputs.RUNNEROS == 'windows' with: nunit_files: "*TestResults.xml" # produced by Pester trx_files: "**/test-results_*.trx" # produced by dotnet test diff --git a/.github/workflows/scripted-build-pipeline.yml b/.github/workflows/scripted-build-pipeline.yml index 9e69c76..722e305 100644 --- a/.github/workflows/scripted-build-pipeline.yml +++ b/.github/workflows/scripted-build-pipeline.yml @@ -244,7 +244,7 @@ jobs: name: Check Runner OS if: always() run: | - # check if the code coverage summary file exists, but ensure the build doesn't fail if it can't be found + # store the runner's operating system (i.e. distinct from the OS version info available via runner image) if ($IsWindows) { $RunnerOs = "windows" } From 39b6c9d28e2602cba8a77b5c3f66d48a96e64951 Mon Sep 17 00:00:00 2001 From: James Dawson Date: Sun, 25 Aug 2024 11:50:55 +0100 Subject: [PATCH 15/16] Update build.ps1 to use released build module version --- build.ps1 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/build.ps1 b/build.ps1 index fcce235..47f1005 100644 --- a/build.ps1 +++ b/build.ps1 @@ -72,10 +72,10 @@ param ( [string] $BuildModulePath, [Parameter()] - [string] $BuildModuleVersion = "1.5.9-beta0001", + [string] $BuildModuleVersion = "1.5.9", [Parameter()] - [bool] $BuildModulePreReleaseVersion = $true, + [bool] $BuildModulePreReleaseVersion = $false, [Parameter()] [string] $InvokeBuildModuleVersion = "5.10.3" From 7d9cefe6fab62da2e0a12f5fbf53ea6e4e3a4b55 Mon Sep 17 00:00:00 2001 From: James Dawson Date: Sun, 25 Aug 2024 12:54:03 +0100 Subject: [PATCH 16/16] Update README --- README.md | 45 +++++++++++++++++++++++++++++++++------------ 1 file changed, 33 insertions(+), 12 deletions(-) diff --git a/README.md b/README.md index c270bd3..0342b60 100644 --- a/README.md +++ b/README.md @@ -1,12 +1,33 @@ -# Endjin.RecommendedPractices.GitHubActions - -This repository contains [re-usable GitHub Action workflows](https://docs.github.com/en/actions/using-workflows/reusing-workflows) and [composite actions](https://docs.github.com/en/actions/creating-actions/creating-a-composite-action) for our standardised CI processes. - -## Index - -Workflows: -* `run-scripted-build` - encapsulates our standard CI build process - -Composite Actions: -* `scripted-build-pipeline` - encapsulates the steps for executing our [PowerShell-based build tooling](https://www.powershellgallery.com/packages/Endjin.RecommendedPractices.Build) - +# Endjin.RecommendedPractices.GitHubActions + +This repository contains [re-usable GitHub Action workflows](https://docs.github.com/en/actions/using-workflows/reusing-workflows) and [composite actions](https://docs.github.com/en/actions/creating-actions/creating-a-composite-action) for our standardised CI processes. + +## Reusable Workflows +- `scripted-build-pipeline` - encapsulates our standard CI build process, using separate jobs for Compile, Test, Package & Publish phases +- `scripted-build-matrix-pipeline` - as above, except the Test phase includes [matrix](https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/running-variations-of-jobs-in-a-workflow) support + +## Composite Actions +- `prepare-env-vars-and-secrets` - provides a workaround for not natively being able to pass arbitrary environment variables and secrets to a reusable workflow. Based on assembling the required values into 2 well-known variables that act as containers for the variables and secrets that need to be passed. +- `run-scripted-build` - encapsulates the steps for executing our [PowerShell-based build tooling](https://www.powershellgallery.com/packages/Endjin.RecommendedPractices.Build) - typically used via one of the above reusable workflows. +- `set-env-vars-and-secrets` - the consuming side of the workaround for passing arbitrary environment variables and secrets. Unwraps the bundled environment variables and secrets so they are available to the running workflow. + +## Examples + +The following serve as examples of using the reusable workflows found in this repo: + +- [ci.yml](.github/workflows/ci.yml) - used for validating changes to the `scripted-build-pipeline` reusable workflow +- [ci-matrix.yml](.github/workflows/ci-matrix.yml) - used for validating changes to the `scripted-build-matrix-pipeline` reusable workflow + +## CI Build Process Overview + +The diagram below illustrates the high-level process that workflows implementing our standard CI build use: + +```mermaid +graph LR + compile["Compile"]-->analyse["Code Analysis"] + analyse-->test["Run Tests"] + test-->pubtests["Publish Test Results"] + analyse-->package["Build Packages"] + pubtests-->publish["Publish Packages"] + package-->publish +``` \ No newline at end of file