diff --git a/.gitea/workflows/server.yaml b/.gitea/workflows/server.yaml index f658be4..f82903b 100644 --- a/.gitea/workflows/server.yaml +++ b/.gitea/workflows/server.yaml @@ -3,8 +3,8 @@ run-name: ${{ gitea.actor }} is building the Server application on: push: branches: - - develop - - master + - develop + - master paths-ignore: - Wiki/** - Benchmarks/** @@ -183,24 +183,24 @@ jobs: runs-on: ubuntu-latest container: catthehacker/ubuntu:act-latest@sha256:5f2ff408985b10de9da4a8ea735b7f07d4f98c61608180ebb8964deb37f7580a steps: - - uses: actions/checkout@v4 - - name: Setup dotnet - uses: https://github.com/actions/setup-dotnet@v3 - with: - dotnet-version: | - 7.0 - 8.0 - - name: Install dependencies - run: | - dotnet restore - echo "::add-path::$HOME/.dotnet/tools" - - name: Install nuget-license - run: dotnet tool install --global dotnet-project-licenses - - name: Export licenses - run: dotnet-project-licenses -i . -u --projects-filter projects_ignore_licenses.json -m -j -e -f licenses - - name: Upload licenses - uses: actions/upload-artifact@v3 - with: - name: licenses - path: licenses - retention-days: 31 + - uses: actions/checkout@v4 + - name: Setup dotnet + uses: https://github.com/actions/setup-dotnet@v3 + with: + dotnet-version: | + 9.0 + dotnet-quality: preview + - name: Install dependencies + run: | + dotnet restore + echo "::add-path::$HOME/.dotnet/tools" + - name: Install nuget-license + run: dotnet tool install --global dotnet-project-licenses + - name: Export licenses + run: dotnet-project-licenses -i . -u --projects-filter projects_ignore_licenses.json -m -j -e -f licenses + - name: Upload licenses + uses: actions/upload-artifact@v3 + with: + name: licenses + path: licenses + retention-days: 31 diff --git a/.gitea/workflows/server_pr.yaml b/.gitea/workflows/server_pr.yaml index fcf4217..bf7718e 100644 --- a/.gitea/workflows/server_pr.yaml +++ b/.gitea/workflows/server_pr.yaml @@ -1,11 +1,11 @@ -name: PR Workflow +name: PR Workflow run-name: ${{ gitea.actor }} PR related workflow on: pull_request: paths-ignore: - - Wiki/** - - Benchmarks/** - - .run/** + - Wiki/** + - Benchmarks/** + - .run/** jobs: preprocess: @@ -13,158 +13,158 @@ jobs: outputs: sanitized_branch_name: ${{ steps.sanitize.outputs.sanitized_branch_name }} steps: - - name: Sanitize branch name - id: sanitize - run: echo "::set-output name=sanitized_branch_name::$(echo ${{ github.ref_name }} | sed 's/\//-/g')" + - name: Sanitize branch name + id: sanitize + run: echo "::set-output name=sanitized_branch_name::$(echo ${{ github.ref_name }} | sed 's/\//-/g')" build: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 - - name: Setup dotnet - uses: https://github.com/actions/setup-dotnet@v3 - with: - global-json-file: global.json - - name: Install dependencies - run: dotnet restore - - name: Build - run: | - dotnet build Continuity.AuthServer -c Release + - uses: actions/checkout@v4 + - name: Setup dotnet + uses: https://github.com/actions/setup-dotnet@v3 + with: + global-json-file: global.json + - name: Install dependencies + run: dotnet restore + - name: Build + run: | + dotnet build Continuity.AuthServer -c Release sbom-scan: needs: build runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 - - name: Setup dotnet - uses: https://github.com/actions/setup-dotnet@v3 - with: - global-json-file: global.json - - name: Install dependencies - run: | - dotnet restore - echo "::add-path::$HOME/.dotnet/tools" - - name: Setup Dependency Track Dependencies - run: | - dotnet tool install --global CycloneDX - - name: Generate SBOM - run: | - dotnet CycloneDX Continuity.AuthServer/Continuity.AuthServer.csproj -o . -dgl - - name: Upload SBOM - uses: https://github.com/DependencyTrack/gh-upload-sbom@v2.0.1 - with: - apiKey: ${{ secrets.DEPENDENCY_TRACK_API_KEY }} - serverHostname: ${{ secrets.DEPENDENCY_TRACK_URL }} - projectName: ${{ secrets.DEPENDENCY_TRACK_PROJECT_NAME }} - autoCreate: true + - uses: actions/checkout@v4 + - name: Setup dotnet + uses: https://github.com/actions/setup-dotnet@v3 + with: + global-json-file: global.json + - name: Install dependencies + run: | + dotnet restore + echo "::add-path::$HOME/.dotnet/tools" + - name: Setup Dependency Track Dependencies + run: | + dotnet tool install --global CycloneDX + - name: Generate SBOM + run: | + dotnet CycloneDX Continuity.AuthServer/Continuity.AuthServer.csproj -o . -dgl + - name: Upload SBOM + uses: https://github.com/DependencyTrack/gh-upload-sbom@v2.0.1 + with: + apiKey: ${{ secrets.DEPENDENCY_TRACK_API_KEY }} + serverHostname: ${{ secrets.DEPENDENCY_TRACK_URL }} + projectName: ${{ secrets.DEPENDENCY_TRACK_PROJECT_NAME }} + autoCreate: true # set projectversion to be the branch name - projectVersion: ${{ github.ref_name }} - bomFilename: ${{ github.workspace }}/bom.xml + projectVersion: ${{ github.ref_name }} + bomFilename: ${{ github.workspace }}/bom.xml container-build: runs-on: ubuntu-latest container: catthehacker/ubuntu:act-latest@sha256:5f2ff408985b10de9da4a8ea735b7f07d4f98c61608180ebb8964deb37f7580a - needs: [ build, preprocess ] + needs: [build, preprocess] steps: - - uses: actions/checkout@v4 - - name: Setup dotnet - uses: https://github.com/actions/setup-dotnet@v3 - with: - global-json-file: global.json + - uses: actions/checkout@v4 + - name: Setup dotnet + uses: https://github.com/actions/setup-dotnet@v3 + with: + global-json-file: global.json # Add support for more platforms with QEMU (optional) # https://github.com/docker/setup-qemu-action - - name: Set up QEMU - uses: docker/setup-qemu-action@v3 - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - - name: Login to Docker Hub - uses: docker/login-action@v3 - with: - registry: ${{ github.server_url }} - username: ${{ github.actor }} - password: ${{ secrets.REGISTRY_TOKEN }} - - name: Build and push - uses: docker/build-push-action@v5 - with: - context: . - file: Continuity.AuthServer/Dockerfile - push: true - tags: forge.rainote.dev/${{ github.repository }}:${{ needs.preprocess.outputs.sanitized_branch_name }} - platforms: linux/amd64,linux/arm64 - - name: Build and push to latest - if: github.ref_name == 'master' - uses: docker/build-push-action@v5 - with: - context: . - file: Continuity.AuthServer/Dockerfile - push: true - tags: forge.rainote.dev/${{ github.repository }}:latest - platforms: linux/amd64, linux/arm64 + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - name: Login to Docker Hub + uses: docker/login-action@v3 + with: + registry: ${{ github.server_url }} + username: ${{ github.actor }} + password: ${{ secrets.REGISTRY_TOKEN }} + - name: Build and push + uses: docker/build-push-action@v5 + with: + context: . + file: Continuity.AuthServer/Dockerfile + push: true + tags: forge.rainote.dev/${{ github.repository }}:${{ needs.preprocess.outputs.sanitized_branch_name }} + platforms: linux/amd64,linux/arm64 + - name: Build and push to latest + if: github.ref_name == 'master' + uses: docker/build-push-action@v5 + with: + context: . + file: Continuity.AuthServer/Dockerfile + push: true + tags: forge.rainote.dev/${{ github.repository }}:latest + platforms: linux/amd64, linux/arm64 container-sbom-scan: - needs: [ container-build, preprocess ] + needs: [container-build, preprocess] runs-on: ubuntu-latest container: catthehacker/ubuntu:act-latest@sha256:5f2ff408985b10de9da4a8ea735b7f07d4f98c61608180ebb8964deb37f7580a steps: - - uses: actions/checkout@v4 - - name: Setup dotnet - uses: https://github.com/actions/setup-dotnet@v3 - with: - global-json-file: global.json - - name: Install dependencies - run: | - dotnet restore - echo "::add-path::$HOME/.dotnet/tools" - - name: Setup Dependency Track Dependencies - run: | - mkdir ~/.docker - curl -sSfL https://raw.githubusercontent.com/docker/sbom-cli-plugin/main/install.sh | sh -s -- - - name: Login to Docker Hub - uses: docker/login-action@v3 - with: - registry: ${{ github.server_url }} - username: ${{ github.actor }} - password: ${{ secrets.REGISTRY_TOKEN }} - - name: Generate SBOM - run: | - echo forge.rainote.dev/${{ github.repository }} - echo forge.rainote.dev/${{ github.repository }}:${{ needs.preprocess.outputs.sanitized_branch_name }} - docker pull forge.rainote.dev/${{ github.repository }}:${{ needs.preprocess.outputs.sanitized_branch_name }} - docker sbom -D forge.rainote.dev/${{ github.repository }}:${{ needs.preprocess.outputs.sanitized_branch_name }} --format cyclonedx-json --output container-bom.json - - name: Upload SBOM - uses: https://github.com/DependencyTrack/gh-upload-sbom@v2.0.1 - with: - apiKey: ${{ secrets.DEPENDENCY_TRACK_API_KEY }} - serverHostname: ${{ secrets.DEPENDENCY_TRACK_URL }} - projectName: ${{ secrets.DEPENDENCY_TRACK_PROJECT_NAME }}-container - autoCreate: true + - uses: actions/checkout@v4 + - name: Setup dotnet + uses: https://github.com/actions/setup-dotnet@v3 + with: + global-json-file: global.json + - name: Install dependencies + run: | + dotnet restore + echo "::add-path::$HOME/.dotnet/tools" + - name: Setup Dependency Track Dependencies + run: | + mkdir ~/.docker + curl -sSfL https://raw.githubusercontent.com/docker/sbom-cli-plugin/main/install.sh | sh -s -- + - name: Login to Docker Hub + uses: docker/login-action@v3 + with: + registry: ${{ github.server_url }} + username: ${{ github.actor }} + password: ${{ secrets.REGISTRY_TOKEN }} + - name: Generate SBOM + run: | + echo forge.rainote.dev/${{ github.repository }} + echo forge.rainote.dev/${{ github.repository }}:${{ needs.preprocess.outputs.sanitized_branch_name }} + docker pull forge.rainote.dev/${{ github.repository }}:${{ needs.preprocess.outputs.sanitized_branch_name }} + docker sbom -D forge.rainote.dev/${{ github.repository }}:${{ needs.preprocess.outputs.sanitized_branch_name }} --format cyclonedx-json --output container-bom.json + - name: Upload SBOM + uses: https://github.com/DependencyTrack/gh-upload-sbom@v2.0.1 + with: + apiKey: ${{ secrets.DEPENDENCY_TRACK_API_KEY }} + serverHostname: ${{ secrets.DEPENDENCY_TRACK_URL }} + projectName: ${{ secrets.DEPENDENCY_TRACK_PROJECT_NAME }}-container + autoCreate: true # set projectversion to be the branch name - projectVersion: ${{ github.ref_name }} - bomFilename: ${{ github.workspace }}/container-bom.json + projectVersion: ${{ github.ref_name }} + bomFilename: ${{ github.workspace }}/container-bom.json generate-licences: - needs: [ build, preprocess ] + needs: [build, preprocess] runs-on: ubuntu-latest container: catthehacker/ubuntu:act-latest@sha256:5f2ff408985b10de9da4a8ea735b7f07d4f98c61608180ebb8964deb37f7580a steps: - - uses: actions/checkout@v4 - - name: Setup dotnet - uses: https://github.com/actions/setup-dotnet@v3 - with: - dotnet-version: | - 7.0 - 8.0 - - name: Install dependencies - run: | - dotnet restore - echo "::add-path::$HOME/.dotnet/tools" - - name: Install nuget-license - run: dotnet tool install --global dotnet-project-licenses - - name: Export licenses - run: dotnet-project-licenses -i . -u --projects-filter projects_ignore_licenses.json -m -j -e -f licenses - - name: Upload licenses - uses: actions/upload-artifact@v3 - with: - name: licenses - path: licenses - retention-days: 31 + - uses: actions/checkout@v4 + - name: Setup dotnet + uses: https://github.com/actions/setup-dotnet@v3 + with: + dotnet-version: | + 9.0 + dotnet-quality: preview + - name: Install dependencies + run: | + dotnet restore + echo "::add-path::$HOME/.dotnet/tools" + - name: Install nuget-license + run: dotnet tool install --global dotnet-project-licenses + - name: Export licenses + run: dotnet-project-licenses -i . -u --projects-filter projects_ignore_licenses.json -m -j -e -f licenses + - name: Upload licenses + uses: actions/upload-artifact@v3 + with: + name: licenses + path: licenses + retention-days: 31