Skip to content

[ReviewEntries] Refactor sort-by handling #6424

[ReviewEntries] Refactor sort-by handling

[ReviewEntries] Refactor sort-by handling #6424

Workflow file for this run

name: backend
on:
push:
branches: [master]
pull_request:
branches: [master]
permissions: # added using https://github.com/step-security/secure-workflows
contents: read
jobs:
test_build:
runs-on: ubuntu-20.04
strategy:
matrix:
dotnet: ["6.0.x"]
steps:
# See https://docs.stepsecurity.io/harden-runner/getting-started/ for instructions on
# configuring harden-runner and identifying allowed endpoints.
- name: Harden Runner
uses: step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423 # v2.6.0
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
*.actions.githubusercontent.com:443
aka.ms:443
api.github.com:443
api.nuget.org:443
dc.services.visualstudio.com:443
deb.debian.org:80
dotnetbuilds.azureedge.net:443
dotnetcli.azureedge.net:443
github.com:443
md-hdd-t032zjxllntc.z26.blob.storage.azure.net:443
objects.githubusercontent.com:443
- uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
- name: Setup dotnet
uses: actions/setup-dotnet@3447fd6a9f9e57506b15f895c5b76d3b197dc7c2 # v3.2.0
with:
dotnet-version: ${{ matrix.dotnet }}
- name: Install ffmpeg
uses: FedericoCarboni/setup-ffmpeg@v2 # v2.0.0
# Coverage.
- name: Run coverage tests
run: dotnet test Backend.Tests/Backend.Tests.csproj
shell: bash
- name: Upload coverage artifact
uses: actions/upload-artifact@v3
with:
if-no-files-found: error
name: coverage
path: Backend.Tests/coverage.cobertura.xml
retention-days: 7
# Development build.
- run: dotnet build BackendFramework.sln
# Release build.
- run: dotnet publish BackendFramework.sln
# Fmt.
- run: dotnet tool install -g dotnet-format
- run: dotnet-format --check
upload_coverage:
needs: test_build
runs-on: ubuntu-latest
steps:
# See https://docs.stepsecurity.io/harden-runner/getting-started/ for instructions on
# configuring harden-runner and identifying allowed endpoints.
- name: Harden Runner
uses: step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423 # v2.6.0
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
api.github.com:443
codecov.io:443
github.com:443
storage.googleapis.com:443
uploader.codecov.io:443
- name: Checkout repository
uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
- name: Download coverage artifact
uses: actions/download-artifact@v3
with:
name: coverage
- name: Upload coverage report
uses: codecov/codecov-action@eaaf4bedf32dbdc6b720b63067d99c4d77d6047d # v3.1.4
with:
fail_ci_if_error: true
files: coverage.cobertura.xml
flags: backend
name: Backend
CodeQL_build:
permissions:
actions: read # for github/codeql-action/init to get workflow details
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/autobuild to send a status report
runs-on: ubuntu-20.04
steps:
# See https://docs.stepsecurity.io/harden-runner/getting-started/ for instructions on
# configuring harden-runner and identifying allowed endpoints.
- name: Harden Runner
uses: step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423 # v2.6.0
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
*.actions.githubusercontent.com:443
aka.ms:443
api.github.com:443
api.nuget.org:443
dc.services.visualstudio.com:443
dotnetcli.azureedge.net:443
github.com:443
objects.githubusercontent.com:443
- name: Checkout repository
uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
# Manually install .NET to work around:
# https://github.com/github/codeql-action/issues/757
- name: Setup .NET
uses: actions/setup-dotnet@3447fd6a9f9e57506b15f895c5b76d3b197dc7c2 # v3.2.0
with:
dotnet-version: "6.0.x"
- name: Initialize CodeQL
uses: github/codeql-action/init@fdcae64e1484d349b3366718cdfef3d404390e85 # v2.22.1
with:
languages: csharp
- name: Autobuild
uses: github/codeql-action/autobuild@fdcae64e1484d349b3366718cdfef3d404390e85 # v2.22.1
- name: Upload artifacts if build failed
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
if: ${{ failure() }}
with:
name: tracer-logs
path: ${{ runner.temp }}/*.log
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@fdcae64e1484d349b3366718cdfef3d404390e85 # v2.22.1
docker_build:
runs-on: ubuntu-22.04
# if: ${{ github.event.type }} == "PullRequest"
steps:
# See https://docs.stepsecurity.io/harden-runner/getting-started/ for instructions on
# configuring harden-runner and identifying allowed endpoints.
- name: Harden Runner
uses: step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423 # v2.6.0
with:
disable-sudo: true
disable-file-monitoring: true
egress-policy: block
allowed-endpoints: >
*.actions.githubusercontent.com:443
*.data.mcr.microsoft.com:443
api.nuget.org:443
archive.ubuntu.com:80
dc.services.visualstudio.com:443
deb.debian.org:80
github.com:443
mcr.microsoft.com:443
security.ubuntu.com:80
# For subfolders, currently a full checkout is required.
# See: https://github.com/marketplace/actions/build-and-push-docker-images#path-context
- uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
with:
fetch-depth: 0
- name: Build backend
run: |
deploy/scripts/build.py --components backend
shell: bash
- name: Image digest
run: |
docker image inspect combine_backend:latest -f '{{json .Id}}'
shell: bash